5 things developers do that drive me crazy · 2019-02-21 · 5 things developers do that drive me...
TRANSCRIPT
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 1/74
5 Things Developers Do That Drive Me Crazy
And What I Did To Survive
OBUG 2019, AntwerpenOBUG 2019, Antwerpen1
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 2/74
About MeØyvind Isene
Consultant, work for SYSCO AS in Oslo
Oracle ACE
@OyvindIsene on Twitter
DBA, but haven't restored a database for some
time
Don't miss patching, best reason to embrace the cloud
OBUG 2019, AntwerpenOBUG 2019, Antwerpen2
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 3/74
The Last 5 YearsDisplaced among developers as a DBA
Optimization aka tuning
Troubleshooting in general
Looking for trouble, before it goes to production
Trying to explain the mindset of DBAs to developers
(unsuccessfully)
OBUG 2019, AntwerpenOBUG 2019, Antwerpen3
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 4/74
I Actually Like DevelopmentAPEX and PL/SQL is great fun
Python, APIs, ...
Other stuff with focus on the data
Development is not just coding
OBUG 2019, AntwerpenOBUG 2019, Antwerpen4
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 5/74
Agenda And Goal For This PresentationComplain about developers
Justify the complaints
Show you what to do since they don't care
OBUG 2019, AntwerpenOBUG 2019, Antwerpen5
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 6/74
Not That I Try To Start A Flame War... but if they could just try to understand how it is to get the
responsibility for some crap when they are all gone.
OBUG 2019, AntwerpenOBUG 2019, Antwerpen6
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 7/74
Di�erent MindsetToday's development - tomorrow's legacy
Likely to stay there for a long time (∞ ≅ 20 years)
Out of sight, out of mind
OBUG 2019, AntwerpenOBUG 2019, Antwerpen7
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 8/74
ThemCreative
Like shiny things
Impatient - they've already got a new idea
Wonder if ITIL is the work of the Devil
OBUG 2019, AntwerpenOBUG 2019, Antwerpen8
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 9/74
A Persistent Storage?Some developers simply refuse to relate to the database
Rambling around about schema-on-read, persistent storage etc.
Tempting to ask them to swim in a data lake
OBUG 2019, AntwerpenOBUG 2019, Antwerpen9
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 10/74
UsDon't like being called 2 a.m - boring is good
Too many systems and users to please
Little time for manual tasks
Worries about security, scalability, and uptime
OBUG 2019, AntwerpenOBUG 2019, Antwerpen10
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 11/74
Doesn't Have To Be That WayOperations have something to learn from developers
Focus on one tasks once in a while
Do more coding (shell scripts do count!)
Be more creative - automate!
OBUG 2019, AntwerpenOBUG 2019, Antwerpen11
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 12/74
Can Developers Learn Something From DBAs?Part of reality is unknown to them
Devs are usually less exposed to the entire architecture
DBAs know more about the nature of databases - what works and
what doesn't
DevOps can be a good idea
OBUG 2019, AntwerpenOBUG 2019, Antwerpen12
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 13/74
1. No Data Model
Sit Down For A Think First
OBUG 2019, AntwerpenOBUG 2019, Antwerpen13
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 14/74
What Were They Thinking?Probably not at all
A data model proves that you have spent time understanding
your universe
This is the time to meditate over subjects and connections
Abstract expressions need clarifications
OBUG 2019, AntwerpenOBUG 2019, Antwerpen14
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 15/74
A Way To CommunicateUse it to communicate with stakeholders normal people
Especially with those who don't share your daily language
If you can't model it, you might not have understood it
Fail early - discover misconceptions early
An important part of documentation
OBUG 2019, AntwerpenOBUG 2019, Antwerpen15
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 16/74
Love Your DataAvoid crappy data getting in to the database
Less work on data cleansing later
Make sure they are not using the database as a bitbucket
OBUG 2019, AntwerpenOBUG 2019, Antwerpen16
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 17/74
When ORM Is Not The Best OptionSometimes an object to relational mapping (ORM) tool is not the
best option
If the ORM tools decides the data model what do you get?
"Will it scale?"
"May I write you some PL/SQL?"
OBUG 2019, AntwerpenOBUG 2019, Antwerpen17
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 18/74
One Persistent MythConstraints lead to bad performance
Not true - the optimizer use extra information to create a better
plan
OBUG 2019, AntwerpenOBUG 2019, Antwerpen18
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 19/74
SQL Developer Data ModelerNo extra cost
Good investment to make this work
within the team
Templates
Source control
Design rules
OBUG 2019, AntwerpenOBUG 2019, Antwerpen19
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 20/74
What Can You Do?Simply demand a data model before you do system
acceptance
Look for the usual stuff
Primary, unique, and foreign keys
Other constraints
Decent normalization
Help them with SQL Developer Data Modeler
OBUG 2019, AntwerpenOBUG 2019, Antwerpen20
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 21/74
2. Forget About Security
Two Things Can Ruin My Day: Talking About Security And Licenses
OBUG 2019, AntwerpenOBUG 2019, Antwerpen21
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 22/74
SecurityWasn't part of my education either
But has been on the agenda for a
while
Sounds boring to many people
Security is the new HA
OBUG 2019, AntwerpenOBUG 2019, Antwerpen22
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 23/74
Security Is A FeaturePerhaps a boring subject, but necessary
Does the application collect sensitive data?
This can be identified during data modeling
→ Security must be a proper activity in the project
OBUG 2019, AntwerpenOBUG 2019, Antwerpen23
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 24/74
AuthenticationBeing authenticated means the system trust who you are, nothing
more
OBUG 2019, AntwerpenOBUG 2019, Antwerpen24
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 25/74
AuthorizationNow you are allowed to do something...
At minimum agree on a few roles that give access
OBUG 2019, AntwerpenOBUG 2019, Antwerpen25
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 26/74
SSO / One Single Source For AuthenticationSign-On / login with a password or similar only once
If you authenticate several times against the same user base (e.g.
Active Directory), that is not SSO.
OBUG 2019, AntwerpenOBUG 2019, Antwerpen26
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 27/74
Sensitive Data And Personally Identifiable InformationGDPR, anyone?
No, you can't have all production data in dev and test
Data masking is easier if you start out with identifying what needs
to be masked
→ identify sensitive data before you start
OBUG 2019, AntwerpenOBUG 2019, Antwerpen27
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 28/74
Audit LogsVery useful after data theft
Audit only access to the most critical data
→ another reason to identify sensitive data
OBUG 2019, AntwerpenOBUG 2019, Antwerpen28
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 29/74
EncryptionThis is for data at rest or in transit to avoid data being read by
unauthorized part.
You can't show encrypted data to users, so you have to decrypt it at
some point...
OBUG 2019, AntwerpenOBUG 2019, Antwerpen29
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 30/74
SQL InjectionJust because they don't want to know about bind variables.
Bonus: If you do this right the database performs better too!
OBUG 2019, AntwerpenOBUG 2019, Antwerpen30
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 31/74
Sometimes A BurdenYou don't make more friends by denying access
Should not be a burden only for the DBA
Possibly a burden for the proxy aka project manager
But the DBA probably worry more about a security break
OBUG 2019, AntwerpenOBUG 2019, Antwerpen31
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 32/74
Where To Implement SecurityAs close as possible to the data
Doesn't hurt to implement in layers
But an application can get thrown away
→ Don't hide a wide open database behind fire walls only
OBUG 2019, AntwerpenOBUG 2019, Antwerpen32
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 33/74
What Can You Do?Again, ask for a data model
Request an assessment about sensitive data
Repeating review during implementation
Be alert when they ask for elevated privileges
Standard procedure to implement security in different projects
Look into Oracle Database Security Assessment Tool
OBUG 2019, AntwerpenOBUG 2019, Antwerpen33
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 34/74
3. Not Using The Oracle Documentation
RTFM FFS
OBUG 2019, AntwerpenOBUG 2019, Antwerpen34
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 35/74
It Is OK To Google, But...Googling SELECT and ending up in a manual for another database
is not cool
Usually easier to lookup the syntax in a bookmarked manual
It is about studying - not always getting a short answer
OBUG 2019, AntwerpenOBUG 2019, Antwerpen35
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 36/74
Database ConceptsAt least the chapters relevant to design and development (Part I,
II, III and VI)
Discover why certain certain patterns do not scale
Understand better critical parts to making the database consistent
OBUG 2019, AntwerpenOBUG 2019, Antwerpen36
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 37/74
Database Development GuideShould be obvious for developers
Important things in database applications
Correct datatype
Locking
Indexing
PL/SQL
OBUG 2019, AntwerpenOBUG 2019, Antwerpen37
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 38/74
Database New Features GuideYou can't google what you don't know
Discover new cool stuff that simplifies your application
OBUG 2019, AntwerpenOBUG 2019, Antwerpen38
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 39/74
PL/SQL Packages And Types ReferenceShows packages that can replace your code
Gives you ideas for utilizing the database better
OBUG 2019, AntwerpenOBUG 2019, Antwerpen39
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 40/74
SQL Language ReferenceMuch faster then googling and finding the wrong version
Discover all the features in Oracle SQL
A few gems have been around for many years, but not used much
→ using advanced SQL can speed up code by orders of magnitude
OBUG 2019, AntwerpenOBUG 2019, Antwerpen40
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 41/74
PL/SQL Language ReferenceMaybe you prefer a book?
Useful reference for syntax
OBUG 2019, AntwerpenOBUG 2019, Antwerpen41
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 42/74
SQL Tuning GuideWhen you want to figure out performance on your own
Performance as a feature - design for it
There is a chapter Designing and Developing for Performance
OBUG 2019, AntwerpenOBUG 2019, Antwerpen42
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 43/74
Other Specialized GuidesData Warehousing Guide
Data Mining Concepts
JSON Developer's Guide
Spatial and Graph Developer's Guide
OBUG 2019, AntwerpenOBUG 2019, Antwerpen43
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 44/74
Can You Trust What Google Finds You?Of course not
How can you know if you haven't read the documentation or
learned it from a trustworthy source?
OBUG 2019, AntwerpenOBUG 2019, Antwerpen44
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 45/74
What Can You Do?Have links ready to send out to the team and new members
docs.google.com is a must
Give short introductions to the documentation set
Explain the most important manuals
Recommend good books, blogs and online training material
OBUG 2019, AntwerpenOBUG 2019, Antwerpen45
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 46/74
4. Confusing DevOps With Operations
Full Stack Developer?!
OBUG 2019, AntwerpenOBUG 2019, Antwerpen46
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 47/74
It Takes More Than Building A ContainerAdministration is stressful (sometimes)
Availability
Network
N-tier architecture
End users
Patching & upgrades
Backup & Restore
OBUG 2019, AntwerpenOBUG 2019, Antwerpen47
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 48/74
DevOps Is...... a software engineering culture and practice that aims at
unifying software development (Dev) and software operation
(Ops). ... to strongly advocate automation and monitoring at
all steps of software construction, from integration, testing,
releasing to deployment and infrastructure management.
(Wikipedia)
If this is done right I'm 90% happy.
But I suspect not all talking about DevOps go the extra mile.
OBUG 2019, AntwerpenOBUG 2019, Antwerpen48
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 49/74
In Production Usually MeansPeople depend on it - if it's useful
Data being collected - usually has some value, we don't want to
lose it
We discover all the bugs we didn't find by testing before release
OBUG 2019, AntwerpenOBUG 2019, Antwerpen49
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 50/74
Not Enough TestingLots of tests, but it fails in production because...
OBUG 2019, AntwerpenOBUG 2019, Antwerpen50
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 51/74
Can They Run Their Own Applications?Small hiccups accumulate over time and causes big problems
We only ask for
No manual intervention in production
Meaningful error messages
Tested for real world scenarios
OBUG 2019, AntwerpenOBUG 2019, Antwerpen51
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 52/74
Attention Span ReduxA developer can usually forget what is in production
What if he was forced to do a review once a year?
CV-driven development - what is cool this year?
Frameworks
Methods
New buzzwords
Legacy systems usually last for years
OBUG 2019, AntwerpenOBUG 2019, Antwerpen52
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 53/74
OT: Architects
OBUG 2019, AntwerpenOBUG 2019, Antwerpen53
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 54/74
5. Little Understanding Of Basic Concepts
Embarrassing Simple Ideas
OBUG 2019, AntwerpenOBUG 2019, Antwerpen54
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 55/74
LatencyIt starts with late
Simple math
If you repeat a small operation many times it will take a lot of
time
This explains why an index is not always the solution
OBUG 2019, AntwerpenOBUG 2019, Antwerpen55
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 56/74
Classic Beginner's Latency TrapBeginner learns to execute SELECT in database, retrieves N rows.
For each row, generate a new SQL and send N UPDATES to the
database
At least N + 1 roundtrips
When all can be done with a slightly more complex UPDATE once.
OBUG 2019, AntwerpenOBUG 2019, Antwerpen56
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 57/74
Speed Of LightAbout 300 000 km/s
1000 km between you and your server; how many round trips in 5
seconds?
OBUG 2019, AntwerpenOBUG 2019, Antwerpen57
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 58/74
Response TimeThe user wants an answer in 5 seconds or less
How much work can you do in available time?
Sorting 500 GB?
2000 roundtrips between application and database?
OBUG 2019, AntwerpenOBUG 2019, Antwerpen58
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 59/74
No Such Thing As A Best PracticeIf one solution served everybody we will automate it
Plenty of bad practices
Some good practices
OBUG 2019, AntwerpenOBUG 2019, Antwerpen59
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 60/74
No Idea About VolumeSorting small data is very fast
Sorting large data spills to disk - slow
Shuffling lots of data between servers take time
OBUG 2019, AntwerpenOBUG 2019, Antwerpen60
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 61/74
Slightly More Advanced Concepts
But If You Work With Databases...
OBUG 2019, AntwerpenOBUG 2019, Antwerpen61
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 62/74
TransactionsConsistent answers to queries
Vendors implement this differently
Logical sequence of update that belong together
Brings the database from one state to another
Know when to commit...
OBUG 2019, AntwerpenOBUG 2019, Antwerpen62
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 63/74
LockingData are locked on row level
Oracle never locks data to read it
Writers never block readers
A writer is only blocked by another writer, on the same row
OBUG 2019, AntwerpenOBUG 2019, Antwerpen63
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 64/74
Multi-VersioningYour query gets a consistent answer with respect to the time it
started
Queries are never blocked by updates
Oracle can serve many sessions that started at different point in
time
OBUG 2019, AntwerpenOBUG 2019, Antwerpen64
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 65/74
Redo And UndoIs it too much to ask for that developers learn about undo and
redo?
For large applications they need to know about the role they have
OBUG 2019, AntwerpenOBUG 2019, Antwerpen65
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 66/74
What Can You Do?Measure everything
Prove where time is spent: outside the database
Locking problems mean they probably don't understand
transactions
Ask them to read the Oracle Concepts Guide and start a
conversation
OBUG 2019, AntwerpenOBUG 2019, Antwerpen66
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 67/74
An Excellent Book
OBUG 2019, AntwerpenOBUG 2019, Antwerpen67
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 68/74
Bonus Frustration: Releases
Release To Production And Other Stu� You Shouldn't Do On A Friday.
OBUG 2019, AntwerpenOBUG 2019, Antwerpen68
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 69/74
What Goes Wrong?Not enough testing
Production ≠ development / QA
OBUG 2019, AntwerpenOBUG 2019, Antwerpen69
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 70/74
Work TogetherDBA needs to get involved early
...not just wait for scripts to be handed over
Decide on a solution for managing versions and deployment
OBUG 2019, AntwerpenOBUG 2019, Antwerpen70
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 71/74
LiquibaseIntegration is coming to SQL Developer, check this out
Flybase is an alternative, perhaps easier
OBUG 2019, AntwerpenOBUG 2019, Antwerpen71
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 72/74
If You Lose It
Why Not Start Coding?
OBUG 2019, AntwerpenOBUG 2019, Antwerpen72
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 73/74
The World Of Autonomous DatabasesThe database will heal itself
Surely it will deal with developers too
There is a high demand of people who know
Security
Data science / AI / ML
How to brew beer
OBUG 2019, AntwerpenOBUG 2019, Antwerpen73
10.2.2019 Title
http://localhost:8000/5_things_developers_do.html#1 74/74
Cheers
OBUG 2019, AntwerpenOBUG 2019, Antwerpen74