Entries tagged as ‘Google App Engine’
Google App Engine supports HTTPS if you access your application through https://abc.appspot.com but not through https://www.abc.com. Google is working on a solution but there is currently no ETA. From a technology point of view, it comes down to the question of where your SSL is terminated. To have https, the certificate must reside on the server that fields the call. If it does not, your browser gives you a certificate error. Google has a generic *.appspot.com certificate at every app engine server but they don’t want to put a yourdomain.com certificate on servers in their infrastructure.
We blogged about it last year, envisioning a service to do this for other businesses. In this post, we take it a step further and describe the implementation.
The implementation uses an Amazon EC2 instance as a proxy server. There are three parts to setting up the proxy:
- The foundation. A couple of years ago, Brad Larson described the process of setting up an EC2 server. His purpose was different but the first steps of our process are the same as what he described. Following his lead, bring up an instance of a CentOS AMI. A couple of AMIs we have used are ami-0193f760 in US-East and ami-e32273a6 in US-West (both from RightScale). Snap a 1GB EBS volume to it and attach an IP address. See Brad’s article for details.
- The components. Squid requires just two components:
mod_ssl and squid. Install them both using yum (or apt-get if you are using a different version of Linux).
- Integration. A few steps to this:
- Make sure to update /etc/hosts and add the line
01.23.45.67 www.abc.com www_abc.
- Optional: for speed, add Google nameservers (or others good ones for your locale) to
/etc/resolv.conf. To accomplish this, add the lines nameserver 8.8.8.8 and nameserver 8.8.4.4 to that file.
- Finally, Squid Wiki Configuring SSL Reverse Proxy does a great job of walking through the steps of configuring the reverse proxy. We won’t reproduce the steps for creating a certificate. Here is the config file we use. Not much to it, declaring the SSL connection to the browser and to App Engine and tightening the security parameters.
acl all src 0.0.0.0/0.0.0.0
acl Safe_ports port 443
acl gae dstdomain abc.appspot.com
visible_hostname www.abc.com
https_port 443 cert=/path/to/cert key=/path/to/key defaultsite=abc.appspot.com
cache_peer abc.appspot.com parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=appspot
cache_peer_access appspot allow gae
always_direct allow gae
http_access allow gae Safe_ports
http_access deny all
debug_options ALL,1
- Debugging. For the novice, Squid can be a little cryptic. It was built for speed, not programming ease. Here are a few hints on what to do when things don’t work according to plan:
- If squid won’t even start,
squid –N –d l -D can be useful in figuring out why.
- If it starts but does not behave as you would expect, that last line (
debug_options command) can be used to control the level of detail that is logged. Reading those logs can be a bit of a black art. Use your favorite search engine and the Squid book for help.
- Operation. Once you have a basic configuration running, tighten up the security and optimize it for performance. We will be adding to this section in the future but here is a good starting point: Six Things First Time Administrators Should Know.
Categories: Requirements
Tagged: Google App Engine, Amazon AWS, Cloud Computing, Security
As we near the completion of a major web application for a startup, it’s time to reflect on the factors responsible for the success.
- Cloud Computing. The hardware cost for development was less than $750. That figure included the cost of a laptop. In an economic climate where startups have to do more with less, how can you beat that?
- We used Google App Engine for the most part but not exclusively.
- For confidential documents, we used Amazon S3, preferring to go directly between the browser and Amazon, bypassing Google. Any doubts about whether Google will mine those documents were neutralized.
- Staying conceptual with the implementation.
- Google App Engine was great for helping us stay conceptual. They take care of scalability, backups, OS versions, patches. All the stuff that drags you down.
- Amazon EC2 is too low level. One has to worry about scalability, backups, OS versions, patches. So we go up a level with Rightscale and BitNami.
- For the same reason, we would consider Amazon RDS over doing our own database management.
- Open Source Software. Most notably, jQuery. Their slogan is “write less, do more”. The reality matches the slogan. A rich milieu of available software allowed us to assemble components rather than write code. A couple of times we were bitten by it too. A month after we had integrated a component, the developer decided not to support it any more. We switched away. So one has to stay agile but that’s the name of the game anyway.
- Staying conceptual with the requirements. This was the second-biggest factor: working with a team that trusts you, things don’t need to be written down to an excruciating level of detail. You hear the requirement in vague terms, you implement it, and if you had misunderstood, well, change quickly. Keeping the Agile Manifesto in mind.
- Tracking shifts in business strategy. This was the biggest factor. The business strategy changed at least a couple of times during the project. The development was continuous, however. We were surprised to discover that the changes forced us to re-factor the code as it was re-purposed to fit the changing strategy — but very little of the code was thrown away. The re-factoring may have made it more modular, actually. By the time the business strategy had settled, we had software components that were well-tested already. Only the final integration was left to do.
Your mileage will vary, of course, but these are the factors that made us successful for this project.
Categories: Customer Relationship · Requirements · Technology Strategy
Tagged: Google App Engine, Building Web Applications, Entrepreneurship, Agile Development, Cloud Computing
When it comes to building services using the cloud, one often comes across the need to weave different cloud-based offerings together. One example is OpenID. I blogged about it last year. In this post, I would like to take it to the next level and offer a programming pattern for using it with specific examples for Google App Engine. JanRain’s RPX API makes it easy to incorporate.
Ingredients
When you sign up with RPX and register your application, you get:
- A application ID,
- An iFrame widget and
- An API token.
When signing up, the domain names need to be provided. These are domain names from which an authentication request may originate. In our case, that includes localhost and www.example.com.
Recipe
Create a login page and place the iFrame widget on it. The iFrame will point to something like
src="https://example.rpxnow.com/openid/embed?token_url=appRpxURL"
where appRpxURL is a URL served by the application. When a user interacts with the login page, RPX calls the application at this URL with a token and the application is expected to turn around and request information about the user. This Google App Engine code fragment illustrates the interaction (to access it, you will need to use an OpenID login). At this point, the application knows the user id. This part is documented in a number of places on the web.
Integration
In a number of the applications we develop at Early Stage IT, the user id is stored in a session variable using GAE Utilities for the remainder of the session. The above-cited code fragment shows this also. The application is still responsible for determining what the user is entitled to do. The first thing to do in handling a user request is to verify that the user has the requisite application capability. This is illustrated in the last part of the sample code.
When the user logs out, clear the cookies by calling theSession.terminate()
If you use it…
…please cite this blog post. Feedback — positive or negative — gratefully accepted.
Categories: Techniques
Tagged: Google App Engine, OpenID, Tips and Techniques
Google App Engine
This talk will introduce software engineers to Google App Engine.
Event Details:
- Google App Engine — Mass GTUG Meeting
- Location: MIT Campus, Building W92 at 304 Vassar St, Cambridge MA.
- Date: Tue, January 12, 2010
- Time: 6pm – 8pm
- To register, click here
It is not an introduction to web programming or a Google Apps session. It is assumed you know server-side web development — perhaps ASP, JSP or PHP. Please note, this session will be based on Python. Still, it is not a programming language session — the emphasis will be on learning the available APIs which are common between Java and Python on GAE. The idea is to familiarize everyone with the basic App Engine APIs.
We will create a toy bank and be able to transfer “money” between accounts.
Agenda:
- Getting Started – What is App Engine
- Structure of an App Engine Application
- Data Store — the data store is common between Python and Java.
- Template Engine — the Template Engine is unique to the Python environment.
- Transactions — the transaction model is common between Python and Java.
Prep Work: To get more out of the meeting, you may want to
If you do some of the prep work outlined above, you may be able to ask more pointed questions. I will make sure to allocate plenty of time for questions.
Categories: Requirements
Tagged: Building Web Applications, Cloud Computing, Google App Engine
Google App Engine
This Hackathon will introduce software engineers to Google App Engine. It will be free of charge, first-come-first-served but preference will be given to software engineers in the web development area.
Event Details:
- Location: Aprigo, 460 Totten Pond Rd suite 660, Waltham, MA. I would like to thank Aprigo for their sponsorship of this event.
- Date: November 6, 2009
- Time: 9:00 am to 4:00 pm
- Meeting capacity: 10 people
- Food/drink: bring your own / buy in the building.
- Sign up: Eventbrite.
It is not an introduction to web programming or a Google Apps session. It is assumed you know server-side web development — perhaps ASP, JSP or PHP. Please note, this session will be based on Python. Still, it is not a programming language class — the emphasis will be on learning the available APIs which are common between Java and Python on GAE. If you have any questions about whether you will get much out of the hackathon, please contact us.
Agenda
The idea is to familiarize everyone with the basic App Engine APIs.
1 hr – Getting Started – What is App Engine
1.5 hrs – Coding
15 mins – Introduction to Users API
1.5 hrs – Coding/lunch
15 mins – Introduction to UrlFetch and Mail APIs
1.5 hrs – Coding
15 mins – Introduction to Images and Memcache
1 hr – Coding
45 mins – Let attendees present the apps they worked on/wrap up
Prep Work
Attendees should plan to bring their own laptop.
Prior to the session, it would be helpful to have walked through the Hello World example:
http://code.google.com/appengine/docs/python/gettingstarted/
The Development Environment section of the above link suggests downloading Python 2.5 and the App Engine SDK. Please download these ahead of time.
The Download App Engine SDK page also has instructions on downloading and
Agenda The main goal is to familiarize everyone with the App Engine and how you can use it to build your web application “in the cloud”.
- 1 hr – Getting Started – What is App Engine
- 1.5 hrs – Coding
- 15 mins – Introduction to Users API
- 1.5 hrs – Coding/lunch
- 15 mins – Introduction to UrlFetch and Mail APIs
- 1.5 hrs – Coding
- 15 mins – Introduction to Images and Memcache
- 1 hr – Coding
- 45 mins – Let attendees present the apps they worked on/wrap up
Prep Work
- Attendees should plan to bring their own laptop.
- The Development Environment section of the above link suggests downloading Python 2.5 and the App Engine SDK. Please download these ahead of time.
- The Download App Engine SDK page also has instructions on downloading and setting up a development environment such as Eclipse. This is not mandatory.
- It is helpful to have walked through the Hello World example ahead of time. We will be going over it again in the first couple of hours of the session so it is optional, not mandatory, to have done this.
Example Applications. Attendees are welcome to bring their own application ideas to work on during the Hackathon. For the main example, we will work on an application in the spirit of Cafe Survey. Another possibility is to create a wiki or a blog application.
Categories: Techniques · Training
Tagged: Google App Engine, Training
September 17, 2009 · 4 Comments
Google App Engine supports HTTPS if you access your application through https://abc.appspot.com but not through https://www.abc.com. Google is working on a solution but there is currently no ETA. From a technology point of view, it comes down to the question of where your SSL is terminated. To have https, the certificate must reside on the server that fields the call. If it does not, your browser gives you a certificate error. Google has a generic *.appspot.com certificate at every app engine server but they don’t want to put a yourdomain.com certificate on servers in their infrastructure.
For some companies HTTPS access through their own domain is essential.
We at Early Stage IT use an interim solution — a proxy server. The pricing and reliability parameters are not fully set but we think it might cost about $35/month plus $0.30/GB for 3-nines availability. It would also add about 125 msec to each access request. We measured the delay at 75 msec but it may have been on a particularly calm day, internet-traffic-wise. Proxy servers terminate the SSL connection at the proxy with a yourdomain.com certificate, decrypt the message, re-encrypt it with a *.appspot.com certificate and send it along. The message can theoretically be snooped on while it is being transformed on that proxy server.
With these parameters, is this a service that would be of interest to your company?
Categories: Requirements
Tagged: Google App Engine, https support, SSL support
What are some of the hurdles we have encountered with Cloud Development? What mechanisms have we used to overcome them? The problems posed by the different cloud platforms are different. I will be writing on this topic in a series blog posts. I expect to blog on these topics. If you know of others, please let me know. These list items will get hyperlinked over time.
- Cloud Development for Google App Engine
- Cloud Development for Amazon EC2
- Managing software delivery from outsourcers
- Managing evolution of database configurations
- Performance and Stress Testing
- Security Testing
In this introductory post, I want to cover activities that cross all platforms. The premise of Cloud Development is that the company does not own any hardware. Under these circumstances, how does software development get done? (more…)
Categories: Requirements · Techniques · Technology Strategy
Tagged: Agile Development, Amazon AWS, Cloud Computing, Cloud Development, Entrepreneurship, Google App Engine, Issue Tracking, SaaS, Source Control
Amazon.com has put together a set of services (AWS) that allow you to rent, not buy, your infrastructure. They are extremely competitive and competent. Despite the use of the word simple in the naming of these services, simple they are not. Echoing Einstein perhaps: things should be as simple as possible but no simpler.
A gem: Amazon knows a thing or two about payments and money transfer; no surprise that Amazon FPS (flexible payment system) should be a unique part of the offering.
When it comes to writing applications, Google App Engine (GAE) is more constrained but ramp-up is easier and more amenable to agile development — a necessity for Early Stage companies.
How can we leverage the robustness of AWS from the simple (but constrained) environment of GAE? We tried to call FPS services from GAE to see. The remainder of this post is about tips and tricks for doing so. Fair warning, it’s a bit technical. (more…)
Categories: Requirements · Techniques
Tagged: Amazon FPS, Google App Engine
Do you want to build a web site or a web application?
Alternative Methods for Building Web Sites
If all you want is a web site displaying information about your company, consider these alternatives for building and hosting your web site yourself:
- Google Sites. Some folks consider it “simplistic” but it is sure to grow in scope and sophistication.
- Microsoft Small Business.
- Yahoo Small Business.
- A comprehensive list of other services available. These provide the “iron” & the tools and you can build the services using standard web technologies.
There are also a number of firms that will do it for you for a fee. Search for the words “website creation service”. Among the more interesting ones we found:
- IRCUSA. Prices vary from $250 (1 page) to $3000 (~12 pages).
- Register.com. $12.95/month. Cheap but ugly.
- Richard Waller. About $1000 for a 6-page web site.
- GoDaddy. About $65/month.
(If you research any of the options further, or find an interesting new one, please post a comment and let us know. Thanks in advance.) In any case, you will need to come up with what the web site will say, unless you want to hire a marketing company to do it with you.
Categories: Techniques
Tagged: Building Web Applications, Google App Engine
Follow on Twitter
