ColdFusion Keynote: Building the Agile Web Since 1995
-
Upload
coldfusionconference -
Category
Technology
-
view
77 -
download
1
Transcript of ColdFusion Keynote: Building the Agile Web Since 1995
ColdFusion: Building the agile web since 1995Tridib Roy Chowdhury
Senior Director of Products and General Manager, Adobe Systems
ColdFusion Summit 2016Know Yourselves
2
500+ attendees
212 companies
39% managers
61% developers
15 countries
Our Sponsors
PLATINUM
GOLD
SILVER
Know ColdFusion
Double-digit growthLaunch/Launch
2000 new customers added over the last year
21 years youngand still going strong
ColdFusion Usage Survey 2016
SYSTEM ADMIN
CONSULTANT
WEB DEVELOPER
WEB ARCHITECT
3%
5%
51%
20%
MANAGEMENT
OTHER
14%
7%
435 people surveyed
New Application Development
6
70%build new applications with ColdFusion
Nature of COLDFUSION Applications
7
86%External-facing applications using ColdFusion
Server-side technologies used
8
26% Customers using ONLY ColdFusion
PHP, .NET popular in the stack
Key To ColdFusion’s Enduring Popularity
9
SPEED OF DEVELOPMENT
EASE OF USE
PERFORMANCE
SUPPORTED PLATFORM
BUILT-IN SOLUTIONS
OTHERS
SECURITY
75%
76%
33%
29%
29%
22%
20%
Cloud: gaining traction
10
RACKSPACE
AWS
MICROSOFT AZURE
19%
55%
13%30%
deploy ColdFusion on Cloud
Exposing services as APIs
11
COST REDUCTION
MOBILE
NEW CHANNEL
REVENUE
25%
28%
14%
10%
Role of ColdFusion
12
76% Rate ColdFusion as critical in their technology stack
Why ColdFusion matters?
Why ColdFusion matters
14
Performance
Security
Partnerships
Community
Why ColdFusion matters
15
Performance
Security
Partnerships
Community
Boosting performance
16
30%Improvement over ColdFusion 11
Performance
Cached Queries 822%
File Functions 67%
List Functions 66%
Whitespace management 25%
Argument Validation 25%
CFLoop 22%
API Manager
17
Performance
Only product to publish a detailed performance white paper
PERFORMANCE WHITE PAPER
30msLow Latency
1BHigh Thru’put
1.8xThru’putScalable
2xUser Scalable
A D D I N G O F A N O D E
B A S E P E R F O R M A N C E
Support for Nginx
Performance
Michael Brady, Chief Information Officer
Performance
Stay on the wave, or be Crushed by it
About US
2013 Torch Award WinnerTrust • Performance • Integrity
BBB of Central NC
marketamerica | SHOP•COM2015: Online Sales $791,081,690
2014: Online Sales $724,292,9072013: Online Sales $649,917,345
e-tailer | Marketing Company | Product Brokerage
Company Size:
• e-Commerce Employees: 802
• Technology Employees: 267
SHOP•COM
Sites and Languages
9 Countries 5 languages
Different experiences, localizations for every country & language.
Stay on the wave, or be Crushed by it
Getting crushed by the wave
<?xml version="1.0" encoding="UTF-8" ?><data><struct><key name="mailLast"><value>sc</value></key><key name="orderDirective"><value>SHPOE</value></key><key name="ipaddress"><value>127.0.0.1</value></key><key name="city"><value>sc</value></key><key name="mailAddr3"><value>sc</value></key><key name="mailAddr2"><value>sc</value></key><key name="mailCity"><value>sc</value></key><key name="mailAddr1"><value>sc</value></key><key name="mailAddr7"><value></value></key><key name="mailAddr6"><value></value></key><key name="prodTaxPct"><value> </value></key><key name="mailAddr5"><value></value></key><key name="mailAddr4"><value>sc</value></key><key name="specProcFormulaID"><value> </value></key><key name="prodIBV"><value> </value></key><key name="prodCost"><value> </value></key><key name="lastName"><value>sc</value></key><key name="mailState"><value>NC</value></key><key name="prodCommAmt"><value> </value></key><key name="personalMsg"><value> </value></key><key name="addr6"><value></value></key><key name="addr7"><value></value></key><key name="addr1"><value>sc</value></key><key name="email"><value>[email protected]</value></key><key name="addr2"><value>sc</value></key><key name="addr3"><value>sc</value></key><key name="addr4"><value>sc</value></key><key name="merchCountry"><value>USA</value></key><key name="vendorCode"><value>00USA</value></key><key name="priceActualUnit"><value> </value></key><key name="prodList"><value>13007</value></key><key name="mailFirst"><value>sc</value></key><key name="serviceLoc"><value>cart</value></key><key name="prodSiteType"><value>SHP</value></key><key name="state"><value>NC</value></key><key name="mailZip"><value>27410</value></key><key name="mailCtry"><value>USA</value></key><key name="langCode"><value>ENG</value></key><key name="msrp"><value> </value></key><key name="prodDesc"><value> </value></key><key name="shipCtry"><value>USA</value></key><key name="firstName"><value>sc</value></key><key name="zip"><value>27410</value></key><key name="siteType"><value>SHP</value></key><key name="siteCountry"><value>USA</value></key><key name="prodCashbackPct"><value> </value></key><key name="templateid"><value> </value></key><key name="prodIBVPct"><value> </value></key><key name="prodQty"><value>1</value></key><key name="personalCons"><value>0</value></key><key name="cashBackAmt"><value> </value></key><key name="prodTaxAmt"><value> </value></key></struct></data>
Request
Getting crushed by the wave
Response
Getting crushed by the wave
DO YOU WANT
Error HandlingBy Obfuscation
Do you know what a rm-4 is?
This received a 200 OKNot very intuitive
People – Great people, talent, bridge the skills gap. Read: James C. Collins – Good to Great
Process – Address the growing need for agility speed to market (Agile) Improved Coding Standards Release Process – Feature Based Break free from technical debt
Technology – ColdFusion Enterprise & Adopt Latest Versions of CF Server Linux/Apache – 20 GB RAM, 6-CPUs Each Built Middle Tier in ColdFusion Web Services/API architecture (and mindset) ColdFusion – Communication with multiple data sources UV,
CouchBase, SQL and MySQL Session management via SQL and MySQL
ResetPeople, Process, Technology
Technology Stack
Programming Languages:Front End & Middle Tiers: ColdFusion, Java, PHP
Databases: UniVerse, SQL, MySQLNoSQL: CouchBase, Hadoop, Lucene, Elastic
Web Services tie it together…
1523
292
PHP Web sitesJAVA Web sitesColdFusion Web sites
Websites WorldwideColdFusion is Scalable
ColdFusion websites systems support:• 46,324,075 monthly page views• 2.93 million visitors monthly
marketamerica public websites support:• 51,108,874 monthly page views• 3.87 million visitors monthly
This does not include the traffic to our ColdFusion Web Services middle tier
Page Views and UsersColdFusion is Scalable
35
• Scales our Technology• Grows our Business
Web Services (APIs)are not just a Technical Nicety
they are a Business Strategy@ marketamerica
Technical Necessity
Web ServicesColdFusion is Scalable
UnFranchise.comThe back office for
our direct sales distributors
Web Servicesenables our App Store
Affiliates: Small Businesses, Bloggers – earn money ($) when a customer buys from SHOP.COM
Can earn 15% Commission
38
• SHOP.COM Product Data• Build Consumer Apps • Build Business Tools• Compete in a Hackathon
developer.shop.com
LinuxApache Tomcat
cfusion
We add 4 instances of ColdFusion from cfusion sever
rinse and repeat…
ColdFusion Scales
LinuxApache Tomcat
ColdFusion Scales
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
• We divide instances by function• Scale horizontally
Cache is king! How do we accomplish sharing cache across all servers?
ColdFusion Scales
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
Enterprise EhcacheTerracotta
BigMemory BigMemory BigMemory BigMemory
Scale beyond standard local to each server for
Fortunately CF is plug/play with Enterprise Ehcache
ColdFusion Scales
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
Enterprise EhcacheTerracotta
BigMemory BigMemory BigMemory BigMemory
SQL mySQL
UniVerse CouchBase
ColdFusion Scales
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
LinuxApache Tomcat
Enterprise EhcacheTerracotta
BigMemory BigMemory BigMemory BigMemory
SQL mySQL
UniVerse CouchBase
ColdFusion Scales
Networks, Load Balancers, Firewalls
Michael [email protected]
@ marketamericaColdFusion is key as an enabler and technology strategy to grow our business and build the next generation of systems and software.
Why ColdFusion matters
47
Performance
Security
Partnerships
Community
Unbelievable, but true
Source: Symantec security threat report
Security
New zero day vulnerability discovered
every week in 2015! Vulnerabilities still found in 75% of websites
https://www.symantec.com/content/dam/symantec/docs/infographics/istr-zero-day-en.pdf
Security audit process
49
Security
Ongoing Security Check
ColdFusion Security TeamDedicated Security CzarDedicated Security Quality Engineer100% - Secure Software Engineering certified
ColdFusion ProductSecure by defaultSecurity issue backlog to zeroRegular quarterly security updates
During Product Development
Adobe Secure Software Engineering Team (ASSET)Team of industry leading security experts
ColdFusion Product Team
Ensure right security
architecture
Security incident response process
When a security incident occurs
Product Security Incident Response Team (PSIRT)Team involved with security incidents
ColdFusion Product Team• Zero-day incidents immediately
resolved• Quarterly Security UpdatesIdentify, Mitigate,
Resolve
Security
Customers applying security updates
Duration post update release Percentage - 2014 Percentage - 2016As soon as it is available 16% 16%Less than a week 21% 25%Less than a month 28% 34%More than a month 12% 8%No regular interval 19% 14%Do not update 4% 2%
51
Security
Brian Peterson, Chief Information Officer
Security
• Leading Payments Processor• ~60M payments processed last
year• Linux, CF, MySQL• ~120 CF servers• CF/Java transaction processing
platform
ColdFusion Platform
ColdFusion extensibility – take advantage
• Event Gateways front-end Java socket listeners
• APIs used for modularity• IVR• Client data submission• Payment validation• External partner integration• Two-way SMS
Monitoring and logging• Standard resource utilization• FusionReactor• Custom Application logs• Error Tracker
Configuration management
Performance Tuning• JVM• Query tuning• DB schema
Operating at Scale
Infrastructure• Restrict ~CFIDE• Change the admin username!• CF patching• WAF• Custom application logs• Log monitoring and alerting
Code• Secure Coding Standards• Peer review• Infosec review• Manual code review• Runtime security testing
Security
“Fear cripples developers”
“The best developers spend disproportionately more time helping other developers”
“Automate tests for every feature and every bug fix”
“Before you build, plan to grow”
“Developers must be self-motivated”
“Modularity is the single most important technical factor in your ability to test and change your product quickly”
Secret Sauce: Development Team
https://medium.com/javascript-scene/how-to-build-a-high-velocity-development-team-4b2360d34021#.godpd0f76 by Eric Elliott
Why ColdFusion matters
59
Performance
Security
Partnerships
Community
Partnerships with Independent Software Vendors (ISVs)
Partnerships
A large percentage of new customers come in through ISVs
VSR SystemsEric Kratz, Chief Executive OfficerWitt Schenck, West Coast WMS Project Leader
Partnerships
Who We Are…
• VSR / VSRWest
• Boutique Software Company located in Westchester, NY and Southern CA.
• Provide 2 Cold Fusion Business Solutions which work seamlessly together or independently of each other;
• ERP - Enterprise Resource Planning
• WMS - Warehouse Management System
Who We Are…
• VSR / VSRWest
• ERP – Mature / Tested Application (~15+ years)
• Over 120 Unique Brands across multiple Industries• Garment• Accessories• Home Textiles
• ~$650 Million of Sales flows through the ERP Annually
• ~450 Million Transactions Processed Monthly
Our Markets…
• ERP is focused on Manufacturers and Distributors
• WMS also includes Logistical Companies (3PL, 4PL (FF))
• Clients in NY, CA, Chicago, Montreal – all have active offices/users in Asia and Europe.
Our Products/Services…
• ERP – Designed for SKU based clients to track:• Product Design > Production > Inventory > Sales > Profitability > Financial
Reporting.
• WMS – Receiving, Inventory Management by Location, Shipping of Outbound Inventory, EDI
• Both Products support custom configuration by Client.
• Both Products give total visibility using data gathering and easy to use multi-filtering reporting
Highlights…
• WMS• Configurable Workflow Tasking Engine• Scan/Pack/Ship Features• Architecture: ColdBox / CacheBox / Wirebox / Logbox• Propriety EDI Engine supporting Industry Standard Communications w/ XML translator
• ERP • Next Release will utilize Coldbox Architecture and Workflow Tasking Engine• eCommerce Integrations
• Future • Mobilizing WMS• API’s - ERP WMS
Why CF?…
• The reduced development time of ColdFusion’s tag based language allows us to focus on code design over development
• ColdFusion is able to integrate with other languages. Want to use an existing JAVA object.. it’s as easy as dropping the library and calling createObject()
• Continued growth, support and evolution of the product itself.
• Superior development turn time compared to our competitors
Product Life Cycle…
Why ColdFusion matters
69
Performance
Security
Partnerships
Community
Community
ColdFusion Community
Looking Ahead…
CFfiddle
A common watering hole for all things ColdFusionMerging Forums, Blogs, FAQs, Q&A, Slack etc.
CF developers can now create, try, share CF applications – all from within the comfort of the browser.
Road ahead – ColdFusion Aether
Accelerate digital
transformation
Containarize
Modernize Platform
Embrace devsecops
Provision micro-services
Scale your business with API Management Platform
Built-in containerized deployments(dockers etc.) helping continuous deployment and testing
Distribute security decisions at speed
and scale – building on Security Analyser
Modularize and independently
manage and scale microservices
Thank you!Engage – Learn - Share!