Saturday, August 27, 2011

The 9 to 5 work at MobStac

We are preparing for our new product's launch at TechCrunch Disrupt SF2011 (Startup Alley) and to be honest we are fighting with all our might. The last 3 weeks have been really tough. Our product is a full HTML5 app, for a particular platform. What we are working on is honestly a bit of a challenge. The way we are doing stuff is not absolutely new, but at the same time its not easy.

Thus in order to make sure we deliver the best within the timeline, we had to change what it means to be doing a 9 to 5 job. And by "we" I mean the full team including our CTO Ravi and CEO Sharat. We know we are doing something not easy and we are doing it from Bangalore*, we do not have huge funds to hire every tech guru out there. So initially we started working 9AM - 6PM, which is typical, then increased to 9AM - 11PM, then to 9AM - 2AM, and finally on Thursday we did 9AM - 6:30AM. Yeah that gives a new meaning to the 9 to 5 job.

And yeah we loved it, and we are going to do that all over again as needed. Building a good product is tough, and we are not gonna say no.

* If you are wandering that I feel Bangalore is inferior to, say SF, that is not the case. But that said, I know that much of the technology "cloud" is created and bursts as rain in US. We only get the packaged drinking water version of it :) which takes some time to ship.

Monday, August 08, 2011

Basic security setup on AWS

Recently at MobStac we restructured our layout of EC2 on Amazon Web Services so that we are more secure than earlier. We wanted a scheme that would not be painful for our current deployment scheme but would still be as strict when it comes to inward access as possible.

Here is what we settled down for:
Application servers (Django) are all internal security group accessible only. So they can not be accessed from outside our own servers.
RDS (our MySQL storage of choice) is allowed incoming from only the application group.

There is a separate Deployment EC2 that has SSH access allowed from the rest of the world. You login here and do a deploy.
When deployment occurs it fetches extra credentials needed to access the more secure application instances. These credentials are kept in some repositories which almost no one has access too. They credentials include key-pairs, passwords and stuff. They are patched in to the code on the fly and deployed to application instances.

This means deployment can happen only from one instance. And no instance other than this one is accessible from outside.
Also there are background workers instances which has security settings as strict as application instances or even tighter.

S3 storage for Django

Hi there!
Am blogging after a few months now. I have settled in the MobStac team as an all hands engineer. I have shifted to Bangalore with 2 friends from Kolkata.

Anyway, at MobStac we needed an S3 storage backend for our Django app (Django runs our publisher platform, and mobile site serving platform). I figured out there is nice way to write a custom storage backend. But then a bit searching and I came across django-storages by David. It supports for backend than we needed, so I just took out the s3boto code and it was easy as cake.

So now all media uploaded goes to S3, and honestly integrating this in Django was smooth as silk.