AJAX stands for Asynchronous JavaScript And XML. AJAX is a web development technique used for creating interactive web applications. AJAX is the logical next step in the services-oriented architecture revolution. With AJAX, user interfaces from within the browser can use web services as their data source to store and retrieve information. Asynchronous JavaScript and XML is not a technology in itself, but is a term that describes a "new" approach to using a number of existing technologies together, including: HTML or XHTML, Cascading Style Sheets, JavaScript, The Document Object Model, XML, XSLT, and the XMLHttpRequest object. When these technologies are combined in the AJAX model, web applications are able to make quick, incremental updates to the user interface without reloading the entire browser page. This makes the application faster and more responsive to user actions. AJAX is said to be quicker at Internet use. AJAX technology allows a web page to request data from a server without refreshing the whole page, making it possible to update only parts of a web page. This should
generally result in smother, faster page loading.
ASP.NET AJAX.
(Microsoft®), ASP.NET AJAX is a set of technologies to add AJAX (Asynchronous
JavaScript And XML) support to ASP.NET. It consists of a client-side script framework, server controls, and
more. More ASP links.
How To Use AJAX Patterns. Design patterns make development more efficient by speeding up common programming processes and eliminating the need to write redundant code across multiple projects. AJAX design patterns are emerging with the increased popularity of its use in Web application development. In this article, I'll focus on a few patterns that are specific to AJAX development.
Doloto is an
AJAX application optimization tool, especially useful for large and complex
Web 2.0
applications that contain a lot of code, such as Bing Maps, Hotmail, etc. Doloto
analyzes AJAX application workloads and automatically performs code splitting of
existing large Web 2.0 applications. After being processed by Doloto, an
application will initially transfer only the portion of code necessary for
application initialization.
Adobe AIR lets developers use their existing web development skills in HTML, AJAX, Flash
and Flex to build and deploy rich Internet applications to the desktop.
TurboGears Features: easy-to-use, database-driven, easy Ajax and designer- and programmer-friendly.
jQuery is a fast, concise, JavaScript Library that simplifies how you traverse HTML documents, handle events, perform animations, and add Ajax interactions to your web pages.
Sun, 14 Mar 2010 11:00:00 EDT - In West Texas, we have wind gust that match no other; we love our football; sunsets are at their best with no trees to block your view; oil means a lot to us and Tuesday is for Mexican Food tacos! Kent Dean, Director of Field Marketing, with Rosa’s Café recently spoke to our local chapter of the American Advertising Federation. They are so well known for their Taco Tuesdays that when he throws out the statement, “It’s Tuesday” on their Facebook pages hundreds of responses come in immediately with fans chiming in that it’s “Taco Tuesday”. His topic focused on social media – does it really work for business?
Tue, 02 Mar 2010 08:30:00 EST - If you’re a small business owner, you’ll identify with the following numbers and be heartened by the following forecast.
First the numbers: There’s anywhere from 14 million to 22 million small businesses online in the U.S., and they spend about 83% of their online marketing budget on advertising – compared to 26% for all sizes of businesses.
Yet, while all businesses spend 67% of their online dollars on advertising support, small businesses spend just 9.3%. Why such a small ratio? Because they can’t afford an agency (and its rates) to provide a listings product, PPC campaign, site development, email auto-responder, call tracking, and a significant amount of consulting (client education). Typically, the full solution needed costs $2,000 per month, but the typical small business is willing to plunk down only $500.
Mon, 01 Mar 2010 02:00:00 EST - Version 9.0 of pdf-Office Professional now includes a JavaScript Interpreter that supports every Standard JavaScript function and most of Adobe’s own proprietary JavaScript functions, allowing users to develop and test forms with JavaScript right in pdf-Office Professional. A host of new features to make creating new PDF forms and editing existing ones even easier round of the package, enhancing the product’s position as a cost-effective alternative to Adobe Acrobat.
The pdf-Office Professional package is an intuitive and innovative software solution for creating and designing PDF data forms tgo be filled out by users. From simple text fields to calculations to complex programming in PDF forms, pdf-Office Professional has everything you could ask for in walking you through you from your first steps to designing professional PDF forms – not least with its simple graphical form editor for designing forms with fields and text from scratch, much like working in MS Word. Once created, you can edit and enhance templates at any time using pdf-Office Professional.
Fri, 19 Feb 2010 13:13:00 EST - If Phillips had moved from Oracle to CA, he might have been richer - although that's hard to believe - but not necessarily happier considering McCracken reportedly wanted him to execute on McCracken's strategy, which is reportedly focused on the cloud.
In that case, note that CA Thursday joined the Cloud Security Alliance as a corporate member to help establish and promote best practices for security in cloud computing, meaning to kick in its identity and access management expertise. It said it is "working with enterprise customers and cloud service providers to securely adopt and deliver cloud services." SAP could sure use a bit of that.
Fri, 19 Feb 2010 13:04:00 EST - In the past I have written articles about M2M and mobile applications. These have been in the context of machines sending wireless data to other machines. I believe the value of these applications have not been fully realized, and am excited about seeing more of them. If readers of this blog have interesting M2M solutions please share them with me.
My wife sent me an article on one of the most interesting (read disturbing) examples of M2M. Seems there is a home scale, for $159, that is wirelessly enabled and sends Twitter messages with your weight to anyone following you. Let me ask by a show of hands how many of you want to see my daily weight tweeted to you? All of you with hands up will be deleted.
Thu, 18 Feb 2010 15:30:00 EST - CA, Inc. on Thursday announced it has joined the Cloud Security Alliance as a corporate member to help establish and promote best practices for security in cloud computing.
CA will support the Cloud Security Alliance's initiatives and working groups with identity and access management knowledge and expertise, and provide input into the next release of the group'sSecurity Guidance for Critical Areas of Focus in Cloud Computing.
"CA is working with enterprise customers and cloud service providers to securely adopt and deliver cloud services. We look forward to collaborating with the CSA members to deliver guidance for meeting security concerns that challenge cloud adoption," said Dave Hansen, corporate senior vice president and general manager of CA's Security and Compliance business unit.
CA demonstrated a portion of its cloud security capabilities at the Burton Catalyst conference last July. By incorporating identity and access management technologies, CA is helping its customers securely use the cloud. This includesCA SiteMinder, CA Federation Manager, and CA SOA Security Manager for various access management scenarios, and CA Identity Lifecycle Management products for provisioning, role management , and other identity management capabilities. CA also provides protection at the heart of a cloud infrastructure by controlling access to virtualization servers (hypervisors) withCA Access Control, and Internet-scalable log and event reporting with CA Enterprise Log Manager.
Thu, 18 Feb 2010 08:00:00 EST - Qwest Communications on Tuesday announced the opening of its 17 data center nationwide and third center in the Washington, D.C., metro area, in response to continued customer demand for hosting and cloud-based infrastructure services. The new Qwest-owned and operated CyberCenter currently is supporting one federal government customer. The new 129,000 square foot facility will be equipped with redundant state-of-the-art network and hosting capabilities.
Today's businesses struggle to support growing IT needs in the face of capital-constrained markets. IT leaders are turning to outsourced data centers, managed services and cloud computing to more efficiently meet their needs. The new Qwest facility is uniquely positioned to provide Qwest customers access to highly secure, reliable and scalable infrastructure services, and a cloud-computing infrastructure.
Fri, 12 Feb 2010 07:15:00 EST - To answer this question we first need to look at what way it is different from HTML4. Here are the salient features of HTML5 arranged in the order of importance (my opinion). Like Google Gears it allows mechanism for ensuring Web applications are available even when the user is not connected to their network.
Offline working: Like Google Gears it allows mechanism for ensuring Web applications are available even when the user is not connected to their network.
Local [...]
Scaling applications that include AJAX and non-AJAX components may require more than just tuning your web server
A common problem after deploying a Web 2.0 AJAX-based application shows itself through poor performance or lower capacity on the server, often both. Web serving tuning is almost always the first step in improving performance and capacity, but the inherently competing behavior of AJAX-requests and “normal” HTTP requests quickly becomes problematic as well. Tune for the AJAX requests and performance of regular old HTTP requests suffers. Tune for regular old HTTP requests, and performance of AJAX-requests suffer.
This is primarily because of the way in which the client-side application, the browser, interacts with the server. “Regular old HTTP requests” are typically those that GET a piece of content, static or dynamic, and that’s it. There may be many of these requests whenever a page (URI) is requested – all the images, client-side scripting files, style sheets, etc… – but they are not interactive. The browser requests them, receives them, and that’s it. AJAX-based requests, however, are inherently interactive. They are often automatically refreshed on an ongoing basis, on a prescheduled interval, or invoked by the user as they interact with the application. These requests are not “load and forget” like their traditional staticesque counterparts, but rather they are expected to be made often.
The overhead associated with opening and closing connections is well understood, and it is often the case that the web server configuration will be adjusted to meet the more demanding nature of the AJAX-based requests in an application. This is often accomplished by ensuring the KeepAlive setting (in Apache) is “on” and that the KeepAliveTimeout (in Apache) is high enough that AJAX-based requests occur before the timeout closes the connection. This allows the continued reuse of an existing connection between the browser and the server and improves performance. But it also ties up resources on the server keeping that connection open, which reduces the overall capacity of the server in terms of its ability to serve users. Optimally a short KeepAliveTimeout, if any, is best for non-interactive requests and often disabling KeepAlive actually improves performance for non-interactive applications.
Obviously these two behaviors are completely at odds with one another.
SOLUTIONS
There are a number of ways in which the competing needs and interests of the interactive (AJAX) and non-interactive portions of your web application can be addressed.
1. Configure two different servers: one to serve interactive content, i.e. AJAX-based requests, and one to serve non-interactive requests, i.e. everything else. This way, each server can be specifically tuned (and sized) according to the application behavior. This is beneficial for several reasons, including the ability to “scale out/up” only the interactive-serving functions when or if it becomes necessary. This can be achieved simply by using specific host names for specific requests. If you do not have a public IP address that can be assigned to each host, however, you’ll need a proxy, like a Load balancer, to sit in front of the servers and handle the direction of requests appropriately or you could use mod_rewrite to achieve a similar architecture. When a mediating solution like a load balancer is used to implement this solution, there are a several ways to achieve the behavior. One method is to rewrite requests directed at a specific URI, for example: http://www.example.com/ajax/request1.php would be redirected to the server designated as the “interactive” server while other requests would be forwarded to the non-interactive server. An application aware load balancer, i.e. application delivery controller, can examine the request itself and base the same decision on the actual data being exchanged. For example, many AJAX frameworks (XAJAX, SAJAX, Prototype, etc…) often use the HTTP POST method to send a request and use specific parameters such as “xjxfun” to indicate which function is being invoked on the server side. By examining the data being exchanged an application aware proxy (load balancer) can use that information to send the request to the appropriate server.
2. A second means of addressing the problem of resource depletion and performance with AJAX-based applications is to use a load balancing solution to mediate for the clients and employ the use of TCP multiplexing on the server-side to optimize resources. Because a load balancer is almost certainly capable of simultaneously handling a significantly higher volume of connections than a single web server, the competing behavior of interactive and non-interactive HTTP requests in a web application do not impede performance or impact its capacity. By allowing a load balancer to mediate for those requests, it can better manage the resources on the server and ensure that both capacity and performance are maintained. For every X client connections, the load balancer maintains only a fraction of X connections to the server and reuses them as the means to optimizing the server-side resources. This method is actually likely to increase overall capacity because it will reduce the number of connections required to be in use at any given time on the server(s) and eliminates the performance overhead associated with opening and closing TCP connections.
3. A third solution might be found in scaling up (beefier hardware) and leveraging virtualization. For web applications, specifically, it may be the case that virtualization of the application will actually improve performance. This is particularly true of I/O intensive web applications, but is also likely true of high-connection oriented applications as well. This is because as a web server begins to reach its capacity in terms of connections it requires more processing to “find” a given connection. Nearly all TCP-based applications exhibit similar performance characteristics and, upon reaching a certain threshold of connections, performance degrades. By finding the “sweet spot” ,i.e. the highest number of connections that retains acceptable user response time, and deploying multiple instances of that application, each tuned for that upper bound, it may be possible to squeeze out better performance and higher capacity of your web applications. Multiple instances will require a proxy, i.e. load balancing, solution as well, but this would allow for a “scale up” solution that takes advantage of a single, beefy physical server that eliminates the IT management and maintenance overhead of additional hardware in the data center.
IT’S THE ARCHITECTURE
In all three cases the solution to the problem of competing resource utilization between interactive and non-interactive components of a web application involve architecture. Some might believe that simply moving the application to “the cloud” would address the problems and, in some ways, it will. Cloud computing environments can indeed be managed such that applications are automatically scaled out to maintain performance and increase capacity, but the interesting thing about that is the environments are essentially implementing a combination of the three solutions heretofore presented. The bad news is that such a solution does not optimize resource utilization, and thus the costs associated with a cloud computing solution to the problem may be surprising and even prohibitive depending on your IT budget. And the cloud computing solution, of course, is ultimately also about architecture, as it is the architecture that allows for automated scalability.
In most cases involving web applications the answer to scalability challenges is going to end up being architecture, and that architecture is increasingly requiring the use of application network components such as load balancers to implement. This is why it is often advised that applications are architected to take advantage of application networking components from the beginning, even if such solutions will not be necessary to address capacity and optimization on day one. By architecting a solution that includes application networking as part of its design and deployment model, there is far less disruption later when such a solution does become necessary.
Sun, 07 Feb 2010 07:35:00 EST - Progressive Enhancement is a philosophy of web design - start with simple pages, and build them up based on the capabilities of the browser viewing the page. It’s related to (and in some ways, the opposite of) the idea of Graceful Degradation, starting with a nice, fancy page, and dealing with any browser faults in an elegant manner.
Perhaps the simplest example to see this in action is the case of JavaScript being disabled in the browser - this is occasionally true for certain corporate clients concerned about security, and sometimes the case for very old browsers.
JSF handles this usecase pretty well - consider the following code:
This creates a checkbox input with an onclick event handler registered. If there’s no JavaScript enabled, it will continue to function as thought the ajax tag wasn’t there at all. But the user will need to submit the form with a button press...
There is another way to handle this: we could instead create a link, which uses view parameters:
That works, but isn’t as clean looking as the first, ajax method. Combining these approachs should provide a better user experience - and doing so isn’t especially difficult:
First, create two divs, one with the link and the other with the checkbox, which is hidden by default. If JavaScript is enabled, then hide the link and show the checkbox. This is the basic idea behind Progressive Enhancement - first, create something that you’ll be happy with in any browser, then add features (in this case, an Ajaxified checkbox) as needed.
That’s all for today. One personal note: Today is my last day officially employed by Sun Microsystems - I wasn’t offered a position at Oracle, and I’m currently actively looking for something. Please feel free to checkout my resume, and let me know if you know of any openings that you think might be a fit for me.
Sat, 06 Feb 2010 14:30:00 EST - Here's yet another well written blog by Rachel Luxemburg that looks like a petition to Steve Jobs. So?
Such write-ups won't have any effect on Apple's decision about Flash Player.
It's a cold blooded decision, and if the real reason for not letting FP on iPhone OS is to keep control of the applications and have a cut from the iStore, writing blogs and I'm also a big fan of Adobe software typing this comment on MBP and want Flash Player to be on iPhone and iPad. So?
Open letters won't help.
Fri, 05 Feb 2010 11:00:00 EST - Of course, there are the cynics along with skeptics (not to be confused with being one and the same). Some are cynics and discount anything from Apple like their counter parts who discount anything from Microsoft or others that are not part of their preference. However there also seems to be some skepticism among traditional Apple or iSomething fans regarding the iPad, needless to say, they are not doing iCartwheels over the announcement.
I think there is an even larger audience out there waiting to see, hear and learn if there is a play for the iPad, or, if new markets and opportunities will evolve around it for example as an alternative to Kindle, as an alternative to PCs for schools, or as a cloud content on-ramp. In other words, for markets where a PC is not needed. I think that there will be custom applications written for it, similar to those seen on custom platforms used by FedEx, UPS and many others.
There is also going to be the giveaway market where vendors will use iPad as a GUI display for their systems to be more hip that the PC or alternative to giving away Kindles.
Thu, 04 Feb 2010 20:15:00 EST - Orchestra is excited at the possibility of having DrupalCon 2010 in San Francisco, CA.
If you think it would be a good idea to have DrupalCon here on the West Coast, sign up for the site updates and check out the proposal.
Leave the team feedback and let them know your thoughts on the City by the Bay.
To check out the proposal, go here: DrupalConSF 2010
Tue, 02 Feb 2010 22:15:00 EST - I look out of my high rise condo window, and see around 100 rooftops scattered around the neighborhood below. An unscientific count of the area gives me a tally of about 65% of Waikiki/Honolulu rooftops within my line of sight have black, tarred, asphalt, or dark colored tiling.
Wed, 27 Jan 2010 22:30:00 EST - To borrow a line from Scrooge, “I’m as giddy as a drunken man.” With today’s Apple iPad intro, it feels like Christmas.
I was glued to Engadget’s live blogfeed of the announcement. Apple is leveraging its iPhone technology in a new tablet format, adding bells and whistles like unlocked, no contract, and cheap 3G data plans, a keyboard dock and the iBookstore.
But once again, as we’ve seen in the past with Apple, the whole is larger than the sum of the parts.
Wed, 27 Jan 2010 22:00:00 EST - Our pals over at TiPb are rocking all sorts of iPad coverage today, as you might expect. Our quick take from a webOS perspective: it looks like a pretty cool device, but not the revolution much of the pre-release hype made it out to be.
The one thought we can’t get out of our heads: the iPad combined with Mobile Hotspot on webOS sounds like a match made in heaven, doesn’t it?
Actually, the thought that’s really in our head mirrors some of the twitter responses we’re seeing, namely: the iPad doesn’t look like it handles multitasking, which means a door has been left open for a webOS tablet that can do multiple apps, have non-annoying notifications, and generally fit the “next generation of user interface” that we know some people have been hoping for in a device of this kind. Heck, a webOS Tablet would even be able to do Flash someday – just saying.
Tue, 19 Jan 2010 14:08:00 EST - Washington Business Services needed a solution to automate the secure transfer of files between its own internal companies and global partners via secure FTP. GoAnywhere Director was selected for its multiple security protocols, including OpenPGP and XML translation capabilities. When WBS started finding other uses for GoAnywhere Director, it just made sense.
Mon, 18 Jan 2010 11:00:00 EST - Troubleshooting of performance problems is very often - if not almost always - viewed as a reactive activity. Frankly, I have often seen it done in such a reactive fashion as a firefight; however, effective troubleshooting should build upon a solid diagnostic process. If you handle troubleshooting as if firefighting rather than based on solid diagnosis, this inevitably is a sign you have failed to take the right proactive measures.
Sun, 17 Jan 2010 12:30:00 EST - Security and data protection are key concerns for any cloud solution. I truly believe that this is also one aspect that you cannot just improve over time. No matter how agile you are security needs to be there by design.
Unfortunately most cloud vendors/SaaS-providers still don’t tell enough about the way they protect customer data – [...]
Thu, 14 Jan 2010 13:45:00 EST - "The ease of designing a web page in Visual WebGui is unmatched to any other web solution I have evaluated… Visual WebGui was easy to get acquainted and got me started with building an architectural plan within few working days." ISG always looks to update and upgrade its ERP solutions to the latest technologies available. Dhruv is a tour costing system that was designed for a tour operator which provides custom-designed holidays to their clients. The product has been developed using Visual WebGui and uses MS SQL 2005 as the database. The solution integrates into the client's CRM that was developed by another vendor and uses PHP and MySQL. Most of the application is in 3-tier and uses NHibernate.
Mon, 04 Jan 2010 18:09:00 EST - As the enterprise is increasingly taking notice of WOA (Web Oriented Architecture) these days, the need for security guidelines and standards for RESTful Web services is becoming more pressing. Sure, RESTful Web services are meant to borrow existing security mechanisms from the web and HTTP Basic over SSL, when done right, is a great way [...]
Fri, 01 Jan 2010 23:15:00 EST - 2010 will undoubtedly be a year of technology innovation. In 2009, Twitter revolutionized the way we get news, it brought us closer to those who were a part of the news, almost making traditional media irrelevant. I don’t know who (or what) will be the Twitter of 2010, but below are a few predictions.
Wed, 30 Dec 2009 14:15:00 EST - If you’re seeking wealth and fame, journalism might not be your best choice. No one enters the field to get rich, and only a few ever become famous.
An entry-level journalist will barely earn enough to survive if a job is even available in today’s shrinking journalism job market. Even experienced beat reporters don’t live in the rich part of town. The only people receiving truly handsome wages in the news media today are celebrity journalists seen on network and cable television news stations.
Mon, 21 Dec 2009 13:15:00 EST - Elastra Corporation, the leading provider of application infrastructure automation software, today announced support for Sun Microsystems GlassFish application server in Elastra Cloud Server Enterprise Edition and Elastra for Amazon Web Services. In this release, ECS lets customers compose, orchestrate and deploy application infrastructure consisting of the GlassFish application server. ECS already supports popular application servers like JBoss from RedHat and WebLogic from Oracle as well as servlet containers like Apache Tomcat.
Fri, 18 Dec 2009 07:00:00 EST - Your company’s online popularity, reputation and ultimately success is derived from two core things – what you say, and what others say about you. Let’s address these communication elements as “attributed source information” (ASI). “Attributed” from the perspective that there is in fact a known source (though it may be an anonymous ID), “source” from the perspective that it’s the very first sincere representation of the communication or concept actually published online, and “information” in that it’s not just some data or graphic fragments, it’s actually a message or concept with enough context to drive interest.
Wed, 16 Dec 2009 09:45:00 EST - SAP has announced this week that one of their strategic focuses for the next 5 years is mobile computing and mobile software applications according to SAP chief technology officer Vishal Sikka said. The pervasiveness of mobile computing and social networking also have SAP developing applications and extensions, which will allow wireless users to collaborate and utilize SAP and non-SAP related data for on the fly computing.
When you’re dealing with conditional formatting of objects based on enumerated values you can eliminate conditional assignments by directly mapping your ENUMs to CSS classes.
There are many cases where enumerated values are used to describe values, especially in the world of infrastructure 2.0. Availability status, for example, is a commonly used enumeration to indicate whether a load balancing related object – a virtual server, a pool, a node (server) – is available, unavailable, or in some unknown state. When building web-based dashboards or management interfaces for such solutions, the server-side code often ends up with a lot of conditional formatting statements as developers map enumerated status codes to HTML to make it look, well, a lot more attractive. I’m using iControl and infrastructure as an example – any application that requires formatting based on enumerated values may find this technique useful in reducing the amount of code (and time) spent on conditional formatting.
By directly mapping enumerated values to CSS classes, you can eliminate the conditional formatting statements in the code which reduces the overall footprint and execution time but also has the added benefit of making it easier to hand off the styling and CSS chores to a web designer without having to worry about CSS class names and documentation around formatting. This also eliminates the need for a mapping via an associative array or other dictionary-style structures in which statuses are mapped to classes.
A QUICK EXAMPLE
As an example I’ve grabbed the availability status values possible for various objects on a BIG-IP as defined in the iControl WSDL:
AVAILABILITY_STATUS_GREEN
AVAILABILITY_STATUS_RED
AVAILABILITY_STATUS_BLUE
AVAILABILITY_STATUS_YELLOW
AVAILABILITY_STATUS_GRAY
AVAILABILITY_STATUS_NONE
I’ve defined a couple of classes to differentiate between a virtual server status (highest level) and component (pools, nodes) statuses, and then further defined a style for each availability status that sets the background color of the HTML element to the corresponding status “color”. I’ve made these specifically DIV classes rather than global classes, but that’s just me – you could just define a global CSS class for each availability status if you want. Flexibility is fun!
div.statusbar {
width: 350px;
margin-bottom: 20px;
padding: 5px;
}
div.poolstatusbar {
width: 250px;
border: thin solid white;
margin-left: 50px;
margin-top: 10px;
}
div.AVAILABILITY_STATUS_GREEN {
background: green;
}
div.AVAILABILITY_STATUS_RED {
background: red;
}
div.AVAILABILITY_STATUS_BLUE {
background: blue;
}
You can see that the style class names map directly to the enumerated values used by iControl (not all options are shown in sample code). In the past the PHP code to retrieve the status of virtual servers and their associated pools relied upon conditional statements to format each component based on the value of the availability_status property.
I’ve now removed all that code and replaced it by simply assigning the enumerated value to the class on each DIV containing the components.
1:foreach ($member as $item) {
2: $status = $member->availability_status;
3:echo"<div class=\"poolstatusbar $status\">";
4:echo"<b>$item->address:$item->port</b><br/>";
5:echo"</div>";
6: }
The result is what you’d expect: each component is properly formatted based on its availability status. Much cleaner. Even using a switch statement wouldn’t have cleaned up as nicely as directly mapping the enumerations to CSS classes. The resulting HTML is not very exciting but then I’m not a GUI design specialist and it just turns out that all the component statuses match up with the virtual server statuses at the moment.
What this does is remove the need to code specifically for special formatting and style and lets me (and you) focus on meaty coding rather than on the more tedious formatting code. It’s obviously very easy to do this with enumerated values but any property whose values are constrained could be used in the same way to map directly to CSS classes for formatting. I chose enums because in general they’re (1) static, (2) have a very constrained set of values, and (3) used in just about every language there is, which makes this technique very portable.
Mon, 14 Dec 2009 11:00:00 EST - Actuate Corporation has announced BIRT Performance Scorecard 9, the latest iteration of its Performance Management solution. BIRT Performance Scorecard 9 is a Rich Information Application (RIA) that fully integrates BIRT to bring the simplicity and collaboration of consumer internet applications to the Performance Management process. With Version 9 comes BIRT Scorecard Exchange, a pioneering business to business site that grants BIRT Performance Management practitioners no cost access to best practices, frameworks, prebuilt measurement criteria and community links. BIRT Performance Scorecard 9 offers customers a completely new user interface, flash-based dashboard charts and an expanding number of newly designed out-of-the-box BIRT reports.
Thu, 10 Dec 2009 13:30:00 EST - JSF 2.0 makes AJAX pretty easy - but it can't hide everything from you... It's tempting to just add a few AJAX tags into your page, and not worry too much about interactions - here's one example of a problem you may run into.
Mon, 07 Dec 2009 13:00:00 EST - A look at several different cloud computing solutions will reveal a technological enabler present in almost each one. The enabler I'm talking about is the use of virtual images. I cannot think of many, if any, cloud computing solutions that provide software elements (i.e. more than just servers, storage, memory, etc.) that do not use virtual images in some form or fashion. Of course, one of the reasons virtual images form the backbone of many cloud solutions is obvious. Virtual images provide the benefits of server virtualization. We can activate many virtual images on the same physical machine, thus allowing us to achieve multi-tenancy (multiple operating systems and software stacks installed on the same physical machine). Besides driving higher hardware utilization rates, it also provides us the capability to run heterogeneous software environments on the same piece of hardware. This both enables and encourages the creation of a shared pool of compute resources which is a key characteristic of cloud computing environments.
Mon, 07 Dec 2009 09:45:00 EST - A few weeks back, I participated in the net.works case study competition of IIMA’s Confluence along with 3 of my classmates in SJMSOM, IIT Bombay. As a part of the competition, we were asked to prepare a report on what a social network with 500 million users in India would look like. To this end, [...]
Wed, 02 Dec 2009 12:15:00 EST - We stand at a transition point in business. As the global economy starts to work its way out of recession CEOs and management teams around the world are beginning to plan for growth. But they won’t do that by simply taking back into their businesses the bottom line costs they just spent 18 painful months getting rid of. The enlightened are looking for a new ways of working, how to unlock the people power in their organization in a secure and focused manner, to accelerate speed of decision making, reduce costs, and drive productivity.
Wed, 02 Dec 2009 09:39:00 EST - Harold Feld has a great post on movement at the FCC to make more spectrum available. According to Harold, the FCC has requested proposals for databases to manage access to the "white spaces" between the frequencies assigned to TV stations. Those frequencies were left unused because analog TV originally needed ...
Mon, 30 Nov 2009 13:09:00 EST - I wrote an article for the Missouri Venture Forum’s monthly newsletter with this subject, mentioning some of the useful things that new business owners can do with Twitter. Given that many retailers are now calling this year the “Twitter Christmas” it is worth reading. You can download the entire PDF, my article is towards the end of the issue.
Fri, 27 Nov 2009 14:45:00 EST - Operates in over 170 countries and is one of the world’s leading providers of communications solutions and services. Richard Tarboton talks for MeettheBoss.TV on his role as Head of Energy & Carbon for BT and what they are doing towards reducing carbon emissions.
Fri, 27 Nov 2009 13:30:00 EST - Standards, tools and techniques for competency and skills based learning content personalisation are beginning to emerge – which is just as well because they can help organisations perform better in the increasingly competitive global labour marketplace and world economy.
Four or five years ago if you said to your web guru, "let's make a site map!" You'd probably end up with a quaint-looking single web page that had a list of links and categories indexing your site. You can still find these from time to time. As it turns out, Apple still has one, go figure. As you may recall, this was yet another alternative to a search engine, to help visitors find your content. Not your grandfather's web code, the "site map" of the 21st century, however, is something a bit different but with the same goal of helping visitors find your content, albeit in a bit more "high tech" fashion.
It's XML not HTML
So we are talking XML sitemaps. These sitemaps are somewhat similar to the old-fashioned kind, they are a list of links and web pages, but in a special structured format, one that Yahoo! and Google know how to scoop right up. It takes search engines time to spider through your regular site menu, and you've just given them an easy shortcut, and they like you for that. Also, these files include time stamps and change frequency, this meta data also tells search bots how frequently they should revisit your site to check for updates. Pardon me while I sample a bit for you:
You are probably thinking, "yikes, does my techie guru have to keep that stuff updated?" The answer is yes, but the good news is really that no one need keep up your entire sitemap manually. There are many tools out there to generate these for you. Really -- don't ever even think about coding it manually!
Creating Sitemaps
If you are using blog software like Typepad or Wordpress, it's typically a built-in feature or an easy plug-in. Many hosted services like Hubspot provide this automatically, but if not, there is software that will generate the XML tags for you. After which, just upload the "sitemap.xml" to the root of your site. That's right, search engines are looking for "sitemap.xml" in the root of your web site. So when you are done, you should see: www.yourdomain.com/sitemap.xml which will yield a file that looks somewhat like the paste-in above. Google has a fabulous listing of sitemap resources, something I've returned to again and again. If you do have access to a web guru, he or she may want to look at programmatically automating using any of those items list in the "Server side programs" grouping. However, most running a small static site, without the benefit of automatic generation of sitemap.xml, may find any of the "Downloadable Tools" or "Online Generators" useful. In the past, I've had pretty good luck with GsiteCrawler, but don't take my word for it, try others and see what works for you. Also don't forget: if you are managing a static site, you'll want to submit your sitemap to Google via "Web Master Tools," a service that is a MUST for marketing and web professionals alike.
Sitemaps and SEO
It can take many days for a search engine to locate all the pages in a large site. Especially if your site employs Flash or fancy javascript drop-down menus. By creating a sitemap you can do quite a lot to address this challenge. But, having the sitemap in hand is also a chance to analyze your site in terms of Search Engine Optimization and your marketing keywords. So, once your site map has been generated, take a good look at it. Do you see any of your keywords as part of the URL's? Your marketing keywords should be part of your web link schema, and if not you are missing an opportunity. Think of it this way, if you've never seen that web page before, does the URL at least give a hint of what the web page is about? So the quick lesson here is that site maps should be presenting the search engine with your most important marketing keywords, as they will also contribute to your ranking and to the goal of helping visitors find your content.
Wed, 25 Nov 2009 11:00:00 EST - I like LinkedIn. I am spending more of my time using it to promote myself, to connect to people that I know, and to build up value for my community and myself. With the help of the local chamber of commerce, I now manage a group called the St. Louis Job Angels, where we have listed more than 80 different jobs over the past couple of months and more than 500 job seekers and recruiters have signed up to share tips and support each other’s efforts. So as a long-time frequent user, I offer some advice of where they should be going in 2010 – not that anyone will listen to my humble suggestions.
Ever wonder why requests coming through proxy-based solutions, particularly load balancers, end up with an IP address other than the real client? It’s not just a network administrator having fun at your expense. SNAT is the question – and the answer.
SNAT is the common abbreviation for Secure NAT, so-called because the configured address will not accept inbound connections and is, therefore, supposed to be secure. It is also sometimes (more accurately in the opinion of many) referred to as Source NAT, however, because it acts on source IP address instead of the destination IP address as is the case for NAT usage.
In load balancing scenarios SNAT is used to change the source IP of incoming requests to that of the Load balancer. Now you’re probably thinking this is the reason we end up having to jump through hoops like X-FORWARDED-FOR to get the real client IP address and you’d be right. But the use of SNAT for this purpose isn’t intentionally malevolent. Really. In most cases it’s used to force the return path for responses through the load balancer, which is important when network routing from the server (virtual or physical) to the client would bypass the load balancer. This is often true because servers need a way to access the Internet for various reasons including automated updates and when the application hosted on the server needs to call out to a third-party application, such as integrating with a Web 2.0 site via an API call. In these situations it is desirable for the server to bypass the load balancer because the traffic is initiated by the server, and is not usually being managed by the load balancer.
In the case of a request coming from a client the response needs to return through the load balancer because incoming requests are usually destination NAT’d in most load balancing configurations, so the traffic has to traverse the same path, in reverse, in order to undo that translation and ensure the response is delivered to the client.
Most land balancing solutions offer the ability to specify, on a per-IP address basis, the SNAT mappings as well as providing an “auto map” feature which uses the IP addresses assigned to load balancer (often called “self-ip” addresses) to perform the SNAT mappings. Advanced load balancers have additional methods of assigning SNAT mappings including assigning a “pool” of addresses to a virtual (network) server to be used automatically as well as intelligent SNAT capabilities that allow the use of network-side scripting to manipulate on a case-by-case basis the SNAT mappings. Most configurations can comfortably use the auto map feature to manage SNAT, by far the least complex of the available configurations.
WILS: Write It Like Seth. Seth Godin always gets his point across with brevity and wit. WILS is an ATTEMPT TO BE concise about application delivery TOPICS AND just get straight to the point. NO DILLY DALLYING AROUND.
The long, lost application delivery spell compendium has been found! Its once hidden, arcane knowledge is slowly being translated for the good of all web applications. Luckily, you don’t have to be Elminster or Gandalf or <insert powerful wizard you know here> to cast this spell over your infrastructure
Detect Invisible (Application) Stalkers
School of Magic: Abjuration (Protective Spells)
Components: Somatic (requires gestures), Material (requires physical component)
Casting Time: special
Range: Layers 3-7
Area: global
Duration: Until discharged
Saving Throw: Special
Spell Resistance: No
Invisible (application) stalkers are creatures native to the Internet. They sometimes serve miscreants, corporate spies, and script kiddies, who summon them to perform attacks against specific targets. A summoned invisible stalker undertakes the form of a legitimate application request, pretending to be a real user, and will tirelessly undertake whatever task the caster commands, even if the task sends packets hundreds or thousands of miles away. The creature follows a command until the task is completed and obeys only the caster.
Invisible (application) stalkers operate only at layer 7 and eschew the use of forms commonly recognized as being of evil intent. Thus an invoke firewall log spell will show only multiple requests over time from similar agents, and intrusion detection spells have no effect on the creatures. Only a detect invisible (application) stalker spell can recognize and subsequently dismiss these agents of evil.
This spell inserts into the path of the invisible (application) stalker a wall which cannot be avoided, blocking them or reporting to the caster their proximity, as determined by the caster. The material component for this spell is a web application firewall, which must be placed between the invisible (application) stalker and its intended target. The somatic component requires the caster to complete a series of mouse clicks and keyboard strokes that deploy an application security policy including the ability to prevent web scraping. The casting time for this spell varies based on the complexity of the existing environment, and how many victims are being targeted by the invisible (application) stalkers.
Once completed, the spell will last until the caster discharges it by disabling the policy created by the somatic gestures.
The invisible (application) stalker may attempt a saving throw (Will) to realize it is being blocked. If it makes the save, it may attempt to figure out how the wall is blocking it. It must then make a second Will save or discorporate immediately. If the spell is cast as a reporting only mechanism, there is no saving throw allowed and the invisible (application) stalker will never be aware it has been detected.
THE FIRST STEP IN ANY SOLUTION IS ALWAYS RECOGNIZING THERE IS A PROBLEM
There are a few attacks today that just can’t be detected by applications. Layer 7 DoS can’t be detected from within an application because the code that executes does so in the context of a single request and a DoS implies many requests from many sources. The only way for a developer to detect this attack is to be able to view the single request that is typical of an application in the context of all requests across all instances of the application – even across machines – and that’s simply not possible from within the application.
Similarly, web scraping attacks are nearly impossible for a developer to detect because there is nothing in the request that would indicate anything is out of the ordinary. Nothing. No special code, no special characters, no odd manifestations within the headers or network data. In order for the developer to detect such an attack s/he would need to be able to determine whether the client is manned by a human being or is a script/bot. And no, using User-Agent headers isn’t going to work on this one because miscreants have figured out that too many security devices are able to block their attacks based on that value and thus have learned to circumvent it by scripting real browsers or manipulating the HTTP headers such that their bots/scripts appear to be valid user-driven browsers.
But that’s what a web application firewall (WAF) was designed to do: to watch, to evaluate requests in context, across all instances and all requests. It has the visibility, it has the capability, and it can detect attacks that are not easily if at all detected from within the application. Even if the WAF isn’t blocking the attacks, it can at least tell you they are happening, which is something the developers need to know if they’re going to put in place solutions to prevent them.
“Security manager, ‘J.F. Rice,’ whose name and employer have been disguised for obvious reasons” explains his need to “see” inside connections and understand what is happening in his environment.
Web application security requires visibility as well as the expected defensive capabilities. A web application firewall can provide both capabilities even though you may not leverage both at the same time or at all. Using a WAF as a mechanism to determine what kind of attacks are being directed at your web applications is just as valuable a proposition as enabling its preventative capabilities.
Either way, knowing is the first step to moving forward on a strategy to address it.
Tue, 24 Nov 2009 11:00:00 EST - Aside from not blogging recently, I have been spending alot of time speaking with folks in the online marketing space as I work on building the go-to-market strategy and machinery for VMTurbo. One area which I knew little about when I started having these discussions (although now I do know a little bit [...]
Tue, 24 Nov 2009 09:35:00 EST - Having a strong, consistent personal brand will help you land an entry-level job and build the foundation for your career. Gen Y has mastered the cheap and effective Internet medium to network with peers and share ideas through social networking platforms such as Facebook and blogs. But when it comes time to search for a job, personal branding becomes much more important and mistakes can be costly. The most obvious mistake Gen Y makes is a lack of professionalism on their social networking profiles. It is no secret that employers check candidates’ social networking profiles and are apt to make decisions based on what they find. Inappropriate photographs and conversations are the most commonly cited blunders Gen Yers make that hurt their personal brands.
Mon, 23 Nov 2009 13:00:00 EST - In my previous article I talked about the impact of jQuery Selectors on a page that I analyzed. The page took 4.8 seconds in the onLoad event handler. 2 seconds were mainly caused by the selectors as described in the blog. The other 2.8 seconds were caused by a dynamic JavaScript menu – in that particular case it was the superfish jQuery plugin. A closer analysis showed why it takes so long and this also got me to do some research on these menus.
Wed, 18 Nov 2009 13:15:00 EST - Gizmox, the developer of Visual WebGui, today announced that it will reveal its application platform atop Windows Azure and its development framework, VWG platforms offers a push-button .NET desktop legacy application migration path to Windows Azure. With VWG enterprises will be able to migrate to Windows Azure, by reusing their existing Windows software code on Windows Azure without re-write or re-engineering.
Wed, 18 Nov 2009 12:45:00 EST - Today, at the Microsoft Professional Developer Conference (PDC) here Los Angeles, Microsoft announced not only the release of version 4.0 of the.NET Micro Framework, but also that they are open sourcing the product and making it available under the Apache 2.0 license, which is already being used by the community within the embedded space.
The .NET Micro Framework, [...]
Related posts:
SPDY uses a single SSL-encrypted session between a browser and a client, and then compresses all the request/response overhead. The requests, responses, and data are all put into frames that are multiplexed over the one connection. This makes it possible to send a higher-priority small file without waiting for the transfer of a large file that's already in progress to terminate. Compressing the requests is helpful in typical ADSL/cable setups, where uplink speed is limited. For good measure, unnecessary and duplicated headers in requests and responses are done away with. SPDY also includes real server push and a "server hint" feature.
Having recently emerged from a trip into the world of service-providers and its associated protocols, the description of SPDY immediately brought to mind other asynchronous, message-oriented protocols such as SIP and DIAMETER. It therefore made me seriously consider the kind of massive changes that would be required to support such a protocol across all data center components: security, load balancing, acceleration, web servers, application servers, caches. Basically any network intermediary based on the premise of a strict request-reply, synchronous behavior would likely need radical changes to its core protocol handling systems.
MAJOR DIFFERENCES BETWEEN SPDY and HTTP
SPDY, as described, is asynchronous and message-oriented. Like DIAMETER, SPDY would allow multiple requests per connection, effectively turning a single connection designed to be used and then closed into a long-lived connection. This is more along the lines of a SIP connection which is initiated and held open until the session is terminated.This is very different from the HTTP model in which connections are opened and closed within fairly short time intervals and are not expected to be held open for exceedingly long periods of time. SPDY thus eliminates the overhead associated with opening and closing many connections and the negative impact that has on application performance.
The current draft of the SPDY protocol states that “from the perspective of the server business logic or application API, nothing has changed”. But from the perspective of the infrastructure that needs to process the protocol, everything changes.
KEY CHANGES TO HTTP HEADERS
The following are directly from the draft of the SPDY protocol and document the changes from HTTP to SPDY
REQUEST CHANGES
The first line of the request is unfolded into name/value pairs like other HTTP headers. The names of the first line fields are method, url, and version. These keys are required to be present. The 'url' is the fully-qualified URL, containing protocol, host, port, and path.
HTTP request headers are compressed. This is accomplished by compressing all data sent by the client with gzip encoding.
Content-length is not a valid header.
Chunked encoding is no longer valid.
RESPONSE CHANGES
The response status line is unfolded into name/value pairs like other HTTP headers. The names of the status line are status and version. These keys are required to be present
Content-length is no longer valid.
Chunked encoding is no longer valid.
These changes would have a huge impact on infrastructure solutions, many of which rely on URI or HTTP headers (custom and standardized) to perform specific actions such as blocking, scanning, persistence (server affinity), or routing. The requirement that SPDY be transported via SSL has its own, well understood impact on infrastructure and is already dealt with by most devices, but SPDY also requires that headers are compressed via gzip. This means every intermediary requiring to perform some action based on the headers will need to decompress, process, and then likely recompress the headers before sending it on to the next hop. Coupling required compression with SSL would not only require support on all relevant infrastructure but will also likely reintroduce latency that could offset some of the performance gains claimed by testing of SPDY thus far.
SINGLE-CONNECTION: LONG LIVED SESSIONS
That all communication would essentially flow between the client and server over a single connection also poses a challenge for intermediaries that perform any kind of analysis or are required to act on the data exchanged. Load balancers, for example, are not generally designed to handle switching of messages in what becomes a 1:N connection:server scenario. The protocol could likely be supported as is by most load balancing solutions on a strictly layer 4 load balancing basis but advanced features that take advantage of application-aware capabilities such as message header and payload value routing (content-based routing) as well as egress functionality like Data Leak Prevention (DLP) would be much more difficult to implement, if not impossible for some solutions. This capability actually sounds a lot like HTTP pipelining on the request side.
The single, long-lived connection would have more of an impact on the overall architecture and capacity planning. In some respects it would be easier, as there would be an easy 1:1 ratio between users and connections. But because each user is effectively being handed dedicated compute resources, this would actually change the resource consumption model on servers and make it more difficult to support high volumes of users without building out a scalable infrastructure.
ASYNCHRONOUS EXCHANGE OF MESSAGES
Further complicating the ability of infrastructure solutions to handle SPDY is its definition as asynchronous. Essentially asynchronous protocols do not enforce order of replies. That means a client could send three requests in a row without waiting for a response and the server could send back the response in a completely different order. Again, from the draft SPDY protocol:
Because TCP provides a single stream of data on which SPDY multiplexes multiple logical streams, it is important for clients and servers to interleave data messages for concurrent sessions.
This may not sound like a problem, but for infrastructure that is optimized to handle HTTP and has been built around its implicit behavior this would require changes to the core networking stacks on most devices. In a typical HTTP scenario a request is received, the infrastructure solution processes any applicable ingress policies, and then initiates a connection to the appropriate server and waits for a response. It appears that with SPDY, like DIAMETER, the infrastructure still processes any applicable ingress policies and initiates a connection but does not necessarily wait for a reply as it might need to act upon the next incoming message.
This means a single network “session” would need to carefully track multiple incoming requests and outgoing responses at the same time on a per connection basis. This is not something most infrastructure is typically prepared to handle. Combined with the possibility that different requests may need to be routed to different servers within the infrastructure, this complicates the nature of application delivery and load balancing and could have a huge impact on the costs associated with cloud computing. Long lived sessions/connections initiated on secondary or tertiary servers launched to handle temporary capacity increases could hold open those connections long enough to incur excess charges that are unnecessary.
Also similar to DIAMETER is the inclusion of a “real server push” feature. The ability of a server to act like a client and vice-versa is inherent in DIAMETER and this reverse flow of traffic is not something most infrastructure is prepared to process.
THE IMPACT ON INFRASTRUCTURE
Any infrastructure solution that is heavily focused on application layer (HTTP) processing for any purpose would likely need to make radical changes to its core networking and processing engines. Some solutions, particularly those tasked with load balancing and scaling existing message-based protocols may already be capable of supporting a protocol like SPDY. Whether the solutions that support DIAMETER and SIP load balancing and scalability could support SPDY without modification is highly dependent on whether support for the service-provider focused protocols is based on an underlying generic message-based implementation [PDF] or a protocol-specific implementation. The latter would be difficult to adapt to a new protocol while the former would be more easily extended to specifically support the requirements of new message-oriented protocols.
But that’s only load balancing and scalability. There are many other infrastructure devices that are used to secure, monitor, accelerate, and otherwise manage HTTP that would need to be updated to handle such a new protocol. The upheaval across data centers would likely be on par with the anticipated challenges associated with mass migration from IPv4 to IPv6. Like that migration, however, support for both SPDY and HTTP could be achieved through the use of translating gateways; infrastructure capable of supporting both SPDY and HTTP or able to translate between the two could be utilized to enable a smoother transition.
While it’s a fascinating and exciting notion, the introduction of a completely new protocol to replace HTTP seems more academic than realistic. More realistic would be for gradual implementation through adaptation of SPDY’s core concepts into the next generations of HTTP until HTTP is indistinguishably from a protocol such as SPDY. Making modifications and improvements to HTTP would be an evolutionary step rather than the revolutionary change implied with SPDY that would be almost too disruptive to adopt.
That said, not everything that comes out of Google Labs is adopted as an industry wide solution. It’s an experimental environment and a good one at that. What may come out of the SPDY project may well in fact be changes to HTTP rather than the presentation of a new, radically different protocol. Regardless, SDPY and Google’s efforts have people talking about what’s wrong with HTTP and how it might be fixed and that conversation is one we’ve probably needed to have for quite some time now.
Mon, 16 Nov 2009 08:55:00 EST - Holy cow! The Open Net Initiative, a group that monitors government filtering (= censorship) of the Internet held a book launch at the United Nations-sponsored Internet Governance Forum in Sharm El Sheik. A poster for the book — Access Controlled — contained the sentence: "The first generation of Internet ...
Fri, 13 Nov 2009 15:30:00 EST - Zend has gotten Varien, apparently a hot e-commerce platform, to ship the free Community Edition of Zend Server, the PHP web application server with the free Community Edition of its open source Magento e-commerce software. Varien, in turn, will contribute a number of native e-commerce features such as payment gateways and shipping calculation modules to the open source PHP framework, Zend Framework, which is an integrated part of Zend Server.
These three things have a lot more in common than you might think and all three tend to evoke similar levels of frustration.
A very real problem women face when shopping is this: no two brands define a size the same. If you usually wear a size 8 in “Brand X” you might actually wear a size 10 or 6 in “Brand Y”, depending on how the brand decided to define its sizing. Customers, women in this case, cannot count on consistency in sizes across brands. This makes shopping annoying because every time you change brands you’re never quite sure what you need and if the size increases across brands, well, it becomes obvious that perhaps brand lock-in is in part the reasoning behind these differences in sizing.
Now, consider the differences in the definition of “The Cloud”. We have IaaS (Infrastructure as a Service). We have PaaS (Platform as a Service). We have SaaS (Software as a Service). All three have very different definitions of what makes it “a cloud” and there is very little consistency across those definitions. Oh, there are vague similarities: elasticity, automation, easy provisioning. But those are nebulous terms that are about as useful as slapping a “Size 8” on a pair of jeans and expecting a woman to know what that means. She doesn’t, and neither does the consumer of “cloud.”
Dig into “cloud computing” and “intercloud” and standards efforts and you’ll see this is true at the infrastructure layer, as well. The challenge of defining standards around intercloud computing and cloudbalancing and just collaboration within a single cloud computing environment is made infinitely more challenging because infrastructure Vendor X “size 8” doesn’t match up with Vendor Y “size 8.” Features, naming, resource models, capabilities – all different. Yet all must be able to communicate and collaborate to not only provide the basic foundation for a cloud computing environment, but to be able to migrate from one provider to another.
API versus RESOURCE MODEL
This is what’s going to make defining standards more challenging than ever: we’ve got to not only standardize protocols but common industry and market definitions as well. The former will likely turn out to be much easier than the latter because it’s more abstract; it’s about management and control without regard to implementation. It is the resource model that will be difficult to nail down.
Things become a lot more sensitive when you touch the resource model, which reflects the actual capabilities of the Cloud management infrastructure. How much flexibility in the network setup? What kind of application provisioning? What affinity/anti-affinity control level? Can I get block-level storage? Etc. Having to implement the other guy’s interface in these matters is not just a matter of glue code, it’s a major product feature. As a result, the resource model is a much more strategic control point than the protocol.
William nails the problem with his assessment of the differences between the resource model and protocols. Given his obviously intimate knowledge of web services standards and thus SOA, this is no surprise. One of the core tenets of SOA is the separation of these two very different but very vital components. The interface should be separate from the implementation. In InterCloud, we must separate resource model (data protocol implementation) from interface (command and control protocol) in order to achieve standardization.
Interestingly enough at the last Infrastructure 2.0 Working Group, which is focusing on this problem, Vint Cerf mentioned out of hand that the separation of IP from routing “in the beginning” was actually accidental. If you read the IP RFC you’ll note that it ends up being just a “resource model”; it describes the format of information being exchanged and mentions how packets should flow across internetworks, but it defines no API-style protocol for doing so. It offers only minimal guidance on the higher level interfaces that might be used to transmit and receive Internet Datagrams. That accidental omission turned out to be the best thing since sliced bread. Routing protocols have come and gone since then, but IP remains at the heart of the Internet. Basically we need to duplicate that, but at a higher layer in the stack.
Any InterCloud protocol will almost certainly be easier to develop than the resource model. While there already exists some commonality across components and concepts in the infrastructure, still there are many more resources for which every vendor has their own definition. It is that disparity that needs to be addressed independently and codified in a common set of resource models that at the same time allows for extensibility on a per vendor basis to account for uncommon resources.
This is no easy task. Consider a very simple example – persistence in load balancing solutions. Persistence is a commonly implemented feature in all load balancers that can be achieved in a number of ways. Among the most common are: source IP, destination IP, Cookie, and SSL session ID. Now take a look at the difference in definition of these - from a purely naming standpoint – between Citrix Netscaler and F5 BIG-IP:
Looking at both implementations – and remember this is just naming – you’ll noticethat the most common methods of persistence exist in both solutions, but use very different naming conventions. Netscaler defines source IP-based persistence as “SOURCEIP” while F5 uses “PERSISTENCE_MODE_SOURCE_ADDRESS_AFFINITY”; same concept, different terminology. Once you get beyond the common methods you find even more disparity and it becomes more difficult to map between the two without a firm foundation of knowledge of both systems. For example, is the Citrix “CALLID” the same as the “PERSISTENCE_MODE_SIP” definition? Perhaps they are, perhaps they aren’t. You can imagine that at the operation level, the API, the naming conventions used there are so drastically difference that attempting to map the two would drive even the most experienced integration developer a bit insane.
STANDARDS TAKE TIME
Just as cloud computing providers continue to roll out new services over time, behaving in a manner similar to Web 2.0 applications that never quite come out of beta, so, too, will the standards of InterCloud need to evolve. It’s going to take a lot of comparisons, discussions, and mappings to figure out what is an acceptable common resource model for each infrastructure component and in the process we’re going to have to abstract quite a bit. Less challenging will be the need for a common namespace for this resource model across all infrastructure components. After all, an IP address is the same whether it’s used by a virtual machine, an IPS, a load balancer, or a firewall. But these are easier to discover and define than elements unique to a particular solution space and once we get the ball rolling one can hope that the momentum keeps it rolling.
The Internet wasn’t built in a day – really, it took the ‘founding fathers’ quite a bit of discussion and hard work to get the standards defined that allowed mass interoperability and collaboration. But I am willing to bet that we’ll see InterCloud standards long before the fashion industry decides to standardize its sizing for women.
Xajax Project
Introducing Xajax Ajax-enable your PHP application with a simple toolkit that gets the job done fast. Runs on any PHP 4.3.x/PHP 5.x and Apache/IIS platform. xajax is an open source PHP class library that allows you to easily create powerful, web-based, Ajax applications using HTML, CSS, JavaScript, and PHP. Applications developed with Xajax can asynchronously call server-side PHP functions and update content without reloading the page.
Atlas is a very powerful Ajax framework generally associated with ASP.NET
The ASP.NET AJAX Control Toolkit helps you bring your web sites to life! The ASP.NET AJAX Control Toolkit is a collection of samples and components that makes it easier then ever to build and consume rich client-side ASP.NET AJAX controls and extenders. The toolkit provides both ready to go samples and a powerful SDK to simplify the creation and re-use of your own custom controls and extenders. More ASP, Active Server Page links
AJAX Tutorial AJAX is not a new language, but just a new way to use existing standards. With AJAX you can create better, faster, and more user friendly web applications. AJAX is based on JavaScript and HTTP requests.
Coding in Pardice AJAX Tutorials. This page has various tutorials, articles, and blog posts I've created concerning AJAX and AJAX techniques. Real World AJAX. Blog Tutorials & Projects.
Go Beyond HTML Forms With AJAX implementing features such as auto-saving, just-in-time validation, submission throttling and popup forms.
WPF/E
is the Microsoft solution for delivering rich, cross-platform, interactive
experiences including animation, graphics, audio, and video for the Web and
beyond. Utilizing a subset of XAML (eXtensible Application Markup
Language)-based Windows Presentation Foundation technology, WPF/E will
enable the creation of content and applications that run within multiple
browsers and operating systems (Windows and Macintosh) using Web standards for
programmability. Consistent with Web architecture, the XAML markup is
programmable using JavaScript and works well with ASP.NET AJAX. Broadly
available for customers in the first half of 2007, WPF/E experiences will
require a lightweight browser plug-in made freely available by Microsoft.
WPF/E
(codename) Software Development Kit (SDK) Community Technology Preview (Dec
2006)
TurboGears Features: easy-to-use, database-driven, easy Ajax and designer- and programmer-friendly.
FireBug
lets you explore the far corners of the DOM by keyboard or mouse. All of the
tools you need to poke, prod, and monitor your JavaScript, CSS, HTML and Ajax are brought together into one seamless experience, including
a debugger, error console, command line, and a variety of fun inspectors.
Atlas is a very powerful Ajax framework generally associated with ASP.NET
Ajax Endangers Pageviews As A Metric. Hits eventually yielded to page-views when it came to counting web traffic, but the growing usage of Ajax technologies that refresh content without triggering a new page-view could bury that metric.
Fri, 12 Mar 2010 11:30:20 +0000 - Sergey Chikuyonok gets his Philips Ambilight foo on as he created a HTML5 video + canvas sample that mimics the TV effect.
As the video runs, a snapshot is sent over to JavaScript land where colors are worked out:
PLAIN TEXT
JAVASCRIPT:
function getMidColors(side) {
var w = buffer.width,
[...]
Thu, 11 Mar 2010 15:04:15 +0000 - I just finished doing some talks on geo hacking (slides are available here) and how to use some of the Geo technologies Yahoo and Google provide as part of a University gig in Atlanta.
As a lot of the students liked the idea of APIs like GeoPlanet and Placemaker but had a hard time getting [...]
Thu, 11 Mar 2010 10:35:01 +0000 - Erik Dahlström and Vincent Hardy have put together a cool website, called SVG Wow!, that showcases SVG doing things you didn't expect SVG can do:
There are alot of unique demos on there.
One of my favorites uses SVG, HTML5 Audio, Web Fonts, and YUI to play music accompanied by flying animated lyrics (Chrome and Safari only):
There [...]
Thu, 11 Mar 2010 06:12:05 +0000 - The Ext JS team have announced the 3.2 beta which includes new components and goodness.
Take the animated DataView transitions for example:
On top of that, the release includes:
Multiple sorting and filtering on Ext.data.Store
Composite Fields
Slider improvements
Toolbar plugins: ToolbarReorderer and ToolbarDroppable
New Accessibility Theme: compliant with Section 508 of the Disabilities Act.
Quality Assurance: Unit Testing: over 180 bug [...]
Wed, 10 Mar 2010 13:39:24 +0000 - Paul Irish and Jonathan Neal have created a fun example of various CSS tweaks that you can make, and see the results instantly.
CSS3, Please! lets you play with fancy new rules such as:
border-radius
box shadow
gradients
rgba support in backgrounds
transforms
font-face
Really nice way to make tweaks inline in the page..... nicely done. Hope to see some other examples out [...]
Wed, 10 Mar 2010 11:14:51 +0000 - Good old Kangax has been playing with HTML minification and has shared his new tool in an early stage.
What does it do?
Kangax has forked John Resig's HTML parser which parses the HTML and sends that into the Minifier. This has rules that do things like whitespace optimization, comment removal, and collapsing boolean attributes (e.g. disabled="true" [...]
Wed, 10 Mar 2010 09:50:44 +0000 - Harmony is a new drawing tool, a HTML5/Canvas experiment with great potential. It provides some unique brush styles, and can produce some great-looking charcoal pencil style sketches, among other things. Better to try it out than explain it in words.
Creator Mr. Doob (Richard Cabello) explains how he used Canvas to make it darker the [...]
Tue, 09 Mar 2010 11:20:07 +0000 - The HTML5 specification introduces the and media elements, and with them the opportunity to dramatically change the way we integrate media on the web. The current HTML5 media API provides ways to play and get limited information about audio and video, but gives no way to programatically access or create such media. We [...]
Mon, 08 Mar 2010 11:28:40 +0000 - modulr is a CommonJS module implementation in Ruby for client-side JavaScript
Ruby? what does that have anything to do with it? Ah, its from one of those Prototype guys isn't it.... Yup, Tobie is at it again, this time with modulr:
modulr accepts a singular file as input (the program) on which is does static analysis to [...]
Fri, 05 Mar 2010 13:52:01 +0000 - I just came across this wonderful Gist on gitHub:
PLAIN TEXT
JAVASCRIPT:
var $;
YUI().use('*', function(Y){
$ = Y.get;
for(var p in Y) {
$[p] = Y[p];
}
});
// test
$('body').append("boo!");
In case you want to use YUI3 but really really like jQuery syntax :) OK, it breaks the whole sandboxing idea of YUI3, but that's a small price to [...]
Fri, 05 Mar 2010 11:25:43 +0000 - Bass Schouten is a cool name, and the Mozillan has presented Direct2D hardware acceleration.
You have to grab Firefox nightly, do the about:config / gfx.font_rendering.directwrite.enabled game, but then you get to see it in action.
IE9 showed off how they will support hardware rendering, and I am sure we will see more at MIX, but it is [...]
Thu, 04 Mar 2010 11:02:56 +0000 - Works even in IE6
Love that quote from the color picker over at RaphaelJS land. This plugin by Dmitry Baranovskiy gives you an easy color picker in short order:
PLAIN TEXT
JAVASCRIPT:
var icon = Raphael("picker", 23, 23).colorPickerIcon(11, 11, 10);
icon.attr({cursor: "pointer"}).node.onclick = function () {
document.getElementById("benefits").style.visibility = "visible";
var out = document.getElementById("output");
out.style.visibility = "visible";
[...]
Wed, 03 Mar 2010 11:12:29 +0000 - Andrew Hoyer shows his canvas Fu with Cloth, a great experiment using nice physics.
What makes this simulation special is the speed at which everything is computed. Javascript (the language this is written in) is not exactly the most efficient language for this type of computation. This being said, much time was spent squeezing out every [...]
Tue, 02 Mar 2010 16:35:09 +0000 - Marcus Westin has created a new templating language called fin. It is an interesting beast, and he gave us a run down:
Since this past November I've been working on a realtime templating system I call "fin". I'd love to get some eyes on it, and hope that you'll find it exciting. There is no demo, [...]
Mon, 01 Mar 2010 11:53:06 +0000 - Would we all like Steve to sit down with us on our project and do a performance case study? Well, we may not get that, but we are getting to at least sit in on others.
Steve has kicked off his long awaited series that runs performance case studies on third party content. I have been [...]
Sat, 27 Feb 2010 05:05:58 +0000 - David Anderson: "TraceMonkey has rocket boosters, so it runs really fast when the boosters are on, but the boosters can’t always be turned on."
Opera's new JIT compiler Carakan is doing well as we just posted. What is Mozilla doing with TraceMonkey? A lot.
Mozilla JägerMonkey adds method based JIT (of V8 and Nitro fame) to keep [...]
Fri, 26 Feb 2010 21:27:43 +0000 - The Opera team has released 10.50 for Mac and along with it some impressive performance numbers:
Stabilization Improvements: You will find that this build is much more stable than the pre-alpha build.
More polished user interface: The whole UI is more polished now. We're still not done yet, and expect more polishes and improvements in [...]
Fri, 26 Feb 2010 11:25:12 +0000 - Bastian Allgeier has developed a beautiful, native looking web application called ZooTool.
Zootool is a visual bookmark tool for images, videos, documents and links. It is completely based on Mootools, even though it looks more like a Cappuccino app!
Play with it. Enjoy it.
Thu, 25 Feb 2010 11:42:26 +0000 - EnhanceJS is a new library from the Filament Group, who are serious about progressive enhancement and accessibility.
What is EnhanceJS?
EnhanceJS is a new JavaScript framework (a single 2.5kb JavaScript file once minified/gzipped) that that automates a series of browser tests to ensure that advanced CSS and JavaScript features will render properly before they’re loaded to the [...]
Thu, 25 Feb 2010 10:20:34 +0000 - Reposted from my personal blog where I tinker with the Web. I tweet about this stuff here.
As you move to a new platform, it is interesting to watch your brain morph over time. I remember switching from Windows to Mac. At first the fonts looked blurry and weird. The mouse pointer didn't weight right. The [...]
LAMP is an acronym for a set of free software programs commonly used together to run dynamic Web sites: Linux, the operating system; Apache, the web server; MySQL, the database management system (or database server); Perl, PHP, and/or Python, scripting languages.
Yahoo! Maps AJAX API - Getting Started Guide. Learn the fundamentals of the Yahoo! Maps AJAX API and get started creating your own maps. Yahoo Developer Network Yahoo! Answers API: Now With Filtering and Sorting!
IP Location Lookup This is not an SEO tool, but is very useful in determining the geographic location of an IP address, Check and IP address e.g. 203.113.20.70, (hit Enter after entering your IP address on the page), using a bit of AJAX and Maps.
W3CThe Semantic Web provides a common framework that allows data to be shared and reused across application, enterprise, and community boundaries. It is a collaborative effort led by W3C with participation from a large number of researchers and industrial partners. It is based on the Resource Description Framework (RDF).
AJAXSLT is an implementation
of XSL-T in
JavaScript, intended for use in fat web pages, which are nowadays referred
to as AJAX applications. Because XSL-T uses XPath, it is also an implementation
of XPath that can be used independently of XSL-T.
Web Masters.Click Here Now to start making money. A Great opportunity to make some money. Receive
50% by offering your users Ton's of Keywords on
A Great Portal websites. Our Affiliate Program Pays you 50% on Level 1 of Every Sale of our
Text Link both searchable and static Text Link!
A Computer Portal. Freeware, Shareware. Download software. Computer languages and Programming code. Including PERL Scripts and Java Scripts. Webmaster Tools. Internet Marketing, Website promotion.
Hardware Help from BIOS to Windows and UNIX.
1. Configure two different servers: one to serve interactive content, i.e. AJAX-based requests, and one to serve non-interactive requests, i.e. everything else. This way, each server can be specifically tuned (and sized) according to the application behavior. This is beneficial for several reasons, including the ability to “scale out/up” only the interactive-serving functions when or if it becomes necessary. This can be achieved simply by using specific host names for specific requests. If you do not have a public IP address that can be assigned to each host, however, you’ll need a proxy, like a Load balancer, to sit in front of the servers and handle the direction of requests appropriately or you could use mod_rewrite to achieve a similar architecture. When a mediating solution like a load balancer is used to implement this solution, there are a several ways to achieve the behavior. One method is to rewrite requests directed at a specific URI, for example: http://www.example.com/ajax/request1.php would be redirected to the server designated as the “interactive” server while other requests would be forwarded to the non-interactive server. An application aware load balancer, i.e. application delivery controller, can examine the request itself and base the same decision on the actual data being exchanged. For example, many AJAX frameworks (XAJAX, SAJAX, Prototype, etc…) often use the HTTP POST method to send a request and use specific parameters such as “xjxfun” to indicate which function is being invoked on the server side. By examining the data being exchanged an application aware proxy (load balancer) can use that information to send the request to the appropriate server. 
volume of connections than a single web server, the competing behavior of interactive and non-interactive HTTP requests in a web application do not impede performance or impact its capacity. By allowing a load balancer to mediate for those requests, it can better manage the resources on the server and ensure that both capacity and performance are maintained. For every X client connections, the load balancer maintains only a fraction of X connections to the server and reuses them as the means to optimizing the server-side resources. This method is actually likely to increase overall capacity because it will reduce the number of connections required to be in use at any given time on the server(s) and eliminates the performance overhead associated with opening and closing TCP connections. 
![blockquote_thumb12[2]](file:///C:/Documents and Settings/macvittie/Local Settings/Temp/WindowsLiveWriter-429641856/supfiles10B75249/blockquote[3].gif "blockquote_thumb12[2]"){kind=small}
