Monthly notes 16

February in monthly notes looks into what you should think about when using Facebook, suggests you to read “Nineteen Eighty-Four (1984)” by George Orwell and tells you 13 things you should give up if you want to be successful. Also it’s worth checking out Vue.js, use Git standup for daily Scrums and enhance your application accessibility.

Issue 16, 13.2.2017

JavaScript

Introduction to Vue.js
Vue.js is gaining traction more and more each week. If you need an introduction this post by Sarah Dranser is tops. (css-tricks.com) (from https://web-design-weekly.com/)

A Guide to Webpack 2 and Module Bundling
This article is aimed at those who are new to webpack and will cover initial setup and configuration, modules, loaders, plugins, code splitting and hot module replacement. (from Web Design Weekly)

Tools

Git standup
What did I code yesterday? git standup looks crafty tool to remember what you’ve done and works with multiple repos.

Using tmux properly
You may know terminal multiplexers like Screen which was released 1987 but there’s also newer options like tmux (2007). It’s similar to Screen, but has some additional features and is easier to configure. The article tells you how to use tmux properly.

Introducing Docker Secrets Management
The latest Docker release offers a great solution to store your secrets securely in containers. The Docker Secrets Management is a solid approach to do so. (from WDRL #169)

Software development

Five Keys to Boost your Speed and Quality in Software Teams
“Software quality and the speed of the team is a commitment issue”. Focus, communication, conventions, confidence, isolation. Well said.

The Outrageous Cost of Skipping TDD & Code Reviews
Writing tests is one of the crucial parts of software development and the benefits of Test Driven Development has proven itself to be very useful to increase the quality of software. The article shows some numbers why you should do TDD and shares advice about how to implement a more productive quality process.

ARIA Examples
Some practical ARIA examples to enhance your application accessibility. And accessibility isn’t as easy as you thought like Soueidan explains with Accessible tooltips https://sarasoueidan.com/blog/accessible-tooltips/

GitLab’s postmortem of database outage of January 31
On January 31st 2017 GitLab experienced a major service outage for their online service GitLab.com. The outage was caused by an accidental removal of data from our primary database server. They also lost some production data that they were eventually unable to recover. The postmortem of the issue is good to read. GitLab also had live Google Doc while resolving the issue. Hacker News comments also has some good points.

Security

What should you think about when using Facebook?
Facebook collects data about you in hundreds of ways, across numerous channels. It’s very hard to opt out, but reading this article by Vicki Boykis on what they collect, you’ll learn to better understand the risks of the platform so you can choose to be more restrictive with your Facebook usage. (from WDRL #169)

Something different

13 Things You Should Give Up If You Want To Be Successful
Intuitively obvious things but harder to follow.

Sketchcase
Whiteboard Sticker simply turns any laptop lid into a portable whiteboard.

George Orwell: 1984, pdf and audio
If you haven’t read “Nineteen Eighty-Four (1984)” by George Orwell yet, here’s your chance: The entire book is available for free as PDF and Audio versions. I personally recommend it to everyone who is only slightly interested in just one of these topics: social change, politics, technology. (from WDRL #169)

Monthly notes 15

This time in monthly notes we cover design trends for interfaces, Apple steps up to iOS user interface templates game, learn Flexbox and Redux, something about microservices with Docker and see what GitHub has learned about CSP.

Issue 15, 28.1.2017

User Interfaces

Review of Popular Design Trends for Interfaces in 2016
What should apps look like in 2017? Let’s start with looking at what happened in 2016 with Marina Yalanska. (from iOS Dev Weekly Issue 284)

Apple iOS UI templates
Apple joined the party of iOS UI templates with their own comprehensive set. Would be nice if they would expand this to tvOS, watchOS and macOS. (from iOS Dev Weekly Issue 284)

Crash Course: UI Design
A pretty epic article by Jeff Wang that revisits the design process he took on a recent project from the UI angle. (from Web Design Weekly)

Microservices

Containers and microservices and Node.js! Oh, my!
Learn microservices, Node.js, and containers by example using the provided application. This post walks through an example application that is split out into Node.js microservices running in Docker containers. (from Microservice Weekly 64)

Building Efficient Dockerfiles – Node.js
Old but good to know. Many Dockerfiles are written inefficiently, especially if you’re using npm. You should use caching to improve the performance of your Docker container. tl;dr; add package.json to tmp before running npm install in there. (from WDRL 166)

Making microservices more resilient with circuit breaking
‘Circuit breaking’ is the idea of shutting off traffic to an instance if requests to it fail too frequently. Good article of how linkerd can help you with it. (from Web Operations Weekly 99)

On the front end

Understanding Flexbox: Everything you need to know
A very thorough attempt to cover all the fundamental concepts you need to get comfortable with the CSS Flexbox model. (from Front-end focus 273)

React or Vue: Which Javascript UI Library Should You Be Using?
If you’re not sure which to pick, start here. (from Weekend Reading)

Thinking in Redux (when all you’ve known is MVC)
Good explanation of Redux with React although the article uses it with React Native. Redux is quite simple in concept but you’ve to think differently how things work. Another option to Redux would be to use Mobx.

Accessibility testing with Intern
Covering unit tests and functional tests, The Intern is a nice testing tool for JavaScript. But you can also use it for accessibility testing. (from WDRL 163)

Security

GitHub’s post-CSP journey
Previously Github shared their learnings from using the Content Security Policy at github.com. Now they share more learnings in and the focus lies on i.a. img-src, form nonces, same-site cookies. (from WDRL 166)

Something different

Finnish mountain biking expertise was awarded a couple of Design and Innovation Awards this year: Pole Evolink 140 and Huck Norris. The super long and slack Pole Evolink 140 bike throws up questions about geometry standards. And although not a new innovation with protecting your rims and tyres, the Huck Norris anti-pinch-flat insert is a plastic foam ring effectively protects your rims from dents and reduces the risk of burping. You can ride tubeless with an even lower tire pressure or even a lighter carcass, plus glean more grip.

2016 Retrospective

A year has again come to its end and it’s time to look back what I’ve managed to write about and do some planning for the new year of 2017. In 2016 my writing schedule was as leisurely as usual and I managed to put together of 20 articles which nine of them are about weekly notes. On average I managed to keep my pace of at least one post per month. Yay but it should be better. Things have gone quite well, I’ve learned new things and got things done :)

Keeping up with Weekly/Monthly notes

Last year I started writing Weekly notes series about interesting articles I come across from several software development related newsletters and while reading Twitter, Reddit and Hacker News. I planned to write them weekly but as practice showed it turned out to be monthly.

Learning from others at meetups

One way of learning new things is to hear how others do things and get do ideas how to make things better. I’ve found that attending meetups and conferences are nice way to both freshen your thinking and get to know people working in the same field.

Some of the meetups I went was about container orchestration with CoreOS which provided introduction, nice lessons learned and Kontena, CoreOS war stories.

More interesting meetup in DevOps field was DevOps Finland Meetup goes Mobile where we heard how continuous delivery works for mobile applications at Zalando, learned mobile testing with Appium and what’s Qvik’s efficient mobile development cycle.

Software development as usual

At work I’m developing web applications mainly with React and Java but looking for better tools is always good. Modern Java is nice but using Kotlin is better although I didn’t get the opportunity to push it into production. Kotlin felt nice and somewhat similar to Swift.

Doing microservices has last year gained more momentum and one good way to keep your docker containers small is to build them with Alpine Linux. Using minimal base image for you container is efficient both on size and having smaller footprint thus making the attack surface smaller. Alpine doesn’t use glibc but musl libc which may limit it use cases but e.g. Java and Node.js applications are running fine on top of it.

In software field I deployed Piwik web analytics as we couldn’t use Google Analytics. Piwik seems to be nice and open source alternative for analytics and has this far worked nicely.

HTTPS has become more affordable and even free with Let’s Encrypt SSL certificates. Setting up Lets Encrypt is relatively easy but using them needs also some automation with simple scripts.

One thing I didn’t have time to write was about JavaScript development with React and TypeScript which certainly would be worth writing. Can’t say I like using TypeScript where plain ES6 would work better. Although TypeScript has become better with version 2.

Other things

As much as I love software development I like mountain biking and last year some interesting technology was presented to protect your tires and rims: Huck Norris and Procore. Whereas Huck Norris is lightweight solution to puncture prevention Procore provides better protection and they both have their use cases.

Schwalbe Procore parts

Huck Norris

I’ve used Irssi for communicating with friends in IRC but I also tried to switch to using Weechat. Didn’t quite make the cut and nowadays IRC has almost lost to Telegram and Slack.

New year, interesting things ahead

What the year 2017 brings can’t be predicted but at least my personal goals will be learning React Native and doing some development also for Android. Mountain biking will have a big part in the Summer when the Enduro racing season starts and there’s couple of trips already planned.

So, stay tuned by subscribing to the RSS feed or follow me on Twitter. Check also my other blog in Finnish.

Monthly notes 14

Before opening the Christmas presents it’s time to check what’s in the monthly notes in December. This year there’s not much extra holidays so use them wisely :) Merry Christmas!

Issue 14, 23.12.2016

JavaScript

Angular 2 is terrible
I haven’t used Angular 2 enough to have strong opinions about it but looks like the Internet has. “Shaky Foundation, Not Invented Here, Premature Abstraction, HTML Minus, Unnecessary Verbosity, Poor Performance and Bloat, Putting the Java back in JavaScript, Terrible Documentation.” “Please for goodness sake don’t use Angular. For less than one-tenth of its size, Vue.js delivers a much better development experience.” (from Reddit)

TypeScript: the missing introduction
Introduction to how we can think about TypeScript, and its role in “supercharging” our JavaScript development. (from Hacking UI #155)

Getting Started with Webpack 2 and Migrating to Webpack 2
Keeping your tools up to date is part of development. (from JavaScript Weekly Issue 315)

5 Tips To Improve Your JS with ES6 – Crater Conf Talk
Virtual conference about ES6 features such as Arrow Functions, Object Literal Shorthand, Spread, Destructuring Assignment and Modules which helps you improve your JavaScript and browser code. You’ll see what it takes to run ES6 code today, and the tools you need to support the features you want in browsers that aren’t yet up to date. Slides

Java

Feeding Spring Boot metrics to Elasticsearch
“After low level system data, the next family of metrics you want to start tracking and monitoring are JVM level metrics. Here’s a good way to go it with the ELK stack.” (from Java Web Weekly, Issue 154)

Making Spring Boot application run serverless with AWS
“Very interesting writeup showing how to transition a Boot application to run servlerless on AWS. I definitely need to give that a try to get a better understanding of what it can do.” (from Java Web Weekly, Issue 154)

Building Microservices application on AWS
Good article summarizing the common characteristics of Microservices, the main challenges of building Microservices, and how to leverage AWS to overcome those challenges.

Infrastructure as code: running microservices on AWS using Docker, Terraform, and ECS
Slides of a talk about managing your software and infrastructure-as-code that walks through a real-world example of deploying microservices on AWS using Docker, Terraform, and ECS. (from Microservices Weekly #61)

Security

SQL Injection Cheat Sheet
A detailed resource to find technical information about the many different variants of SQL injection vulnerabilities. A good reference for both seasoned penetration testers and those just getting started in web app security. (from DB Weekly 135)

Tools of the trade

Fabulous macOS Tips & Tricks
Some useful productivity tricks with macOS. Like move a file by pressing Cmd+C and then Cmd+Option+V in the destination directory. (from Weekend Reading)

Something different

99 good news stories that we probably didn’t hear about in 2016
“Don’t let you be fooled by the all negative news and instead embrace the good things that happened as well. Despite some bad news, 2016 was quite a good year. Enjoy its last days.” (from WDRL)

Low-background steel
Did you know that after the first atomic bombs in the 1940s and 1950s the background radiation levels increased across the world and thus modern steel is contaminated with radionuclides because its production used atmospheric air. Low background steel is so called because it does not suffer from such nuclear contamination. This steel is used in devices that require the highest sensitivity for detecting radionuclides.

Monthly notes 13

Looks like it’s again the end of another month and it’s time for weekly notes, now with the title of “Monthly notes” as it suits better for my writing activity :) This time it’s about resources of JavaOne 2016, stories from the field of outsourcing and SSL gone wrong, Type Systems for JavaScript, pushing React.js app to production, learning Docker antipatterns and how to track your time.

Monthly notes, issue 13, 28.11.2016

Java

JavaOne 2016 Observations by Proxy
Good collection of resources if you didn’t attend to JavaOne 2016 but like to stay on top what’s happening in the world of Java.

Securing JAX-RS Endpoints with JWT
JWT is becoming the de facto standard in web security yesterday. And JJWT is certainly a good way to go for an implementation as Baeldung shows. (from
from Java Web Weekly, Issue 146)

Frontend

Flow vs TypeScript: Type Systems for JavaScript
“Flowtype vs. TypeScript Type Systems for JavaScript – from the perspective of a practitioner” is good overview to what and why.

CSS classes don’t work the way you think they work
CSS classes apply in the order in which they are defined, not the order in which they are invoked. This is not intuitive. It hits you when common components have default styling, and you want to override it in a specific instance.

Generating Documentation for TypeScript Projects
“Documentation for JavaScript projects has traditionally been generated via annotations inserted as code comments. While this gets the job done, it seems far from ideal. The post explores how to use TypeScript to generate documentation from source code alone.”

How to push a ReactJS application in production and sleep better – React.js Day 2016
“‘Everything fails all the time’. In this session we are gonna explore testing and monitoring techniques to deliver and maintain a ReactJS + Redux application, and at the same time being able to go back to sleep without the fear that everything is gonna explode during the night.”

Stories from the field

Offshoring roulette
Troy Hunt tells lessons of outsourcing to India, China and the Philippines. “If you’re looking at hourly rate as metric for outsourcing success, you’re doing it very, very wrong!” The essence of software development.

Docker Container Anti Patterns
After reading about Docker in production being a failure, it’s good to revise how it should be used.

Be Afraid Of HTTP Public Key Pinning (HPKP) and
How To Issue A New SSL Certificate With An Old SSL Key
Good lessons learned of Smashing Magazine’s renewing of an expiring SSL certificate and problems with HTTP Public Key Pinning. (from WDRL 156)

Tools of the trade

Netfox
Netfox exposes details of all network requests so you can investigate problems without additional configuration. Somewhat similar but simpler than Charles for debugging network requests (from iOS Dev Weekly Issue 226)

Tracking your time with Toggl
I finally started using Toggl, to track my time at work. Best decision ever. If I just remember to track and switch tasks :)

Git: diffing binary files
Git ProTip: Adjust your .gitattributes to make `git diff` more useful for images and other binary formats! (from @DasSurma)

Learning

Google Interview University
A complete daily plan for studying to become a Google software engineer. (from @Autiomaa)

Something different

My strategy for increased privacy
You pay for many services with your data and although you would pay with money instead, you can’t. Honkonen wants to introduce a third option. To keep privacy, but to use the awesome services available, so he’s devised a strategy for increased privacy. Something to think about.

The Unsatisfying Challenge
“Everyday life can be annoying, but now you can share your pain in this challenge”

Weekly notes 12

Late Autumn and rain has arrived to Finland and now we have good reason to stay at home and read about new ideas and what happens in technology.

Weekly notes, issue 12, 30.10.2016

Learning new things

Cyber Security Base with F‑Secure
Free and open course to learn about tools used to analyse flaws in software systems, necessary knowledge to build secure software systems, the skills needed to perform risk and threat analysis on existing systems and the relevant legislation within EU. It’s a course series by University of Helsinki in collaboration with F‑Secure Cyber Security Academy that focuses on building core knowledge and abilities related to the work of a cyber security professional.

Google Style Guides
Thinking about how to format your code? Luckily Google Style Guides has solved it for you. And with explanations like for Java.

Free programming books by O’Reilly
O’Reilly is known for their programming books and they’ve compiled the latest insights of what’s happening in the world of software engineering, architecture, and open source. Lot’s of topics regarding microservices from different aspects.

Open Guides: Amazon Web Services
“AWS’s own documentation is a great but sprawling resource few have time to read fully, and it doesn’t include anything but official facts, so omits experiences of engineers.” Open Guides: AWS is by and for engineers who use AWS. It aims to be a useful, living reference that consolidates links, tips, gotchas, and best practices. It arose from discussion and editing over beers by several engineers who have used AWS extensively.

The world of JavaScript

Progressive Web Apps with React.js: Part I  –  Introduction
Progressive Web Apps (PWA) take advantage of new technologies to bring the best of mobile sites & native apps to users. In the series of posts Addy Osmani shares his experience turning React-based web apps into PWAs.

Yarn – new JavaScript package manager
Yarn – fast, reliable, and secure JavaScript package manager. Alternative to npm client. Looks promising.

NPM vs. Yarn cheat sheet
Good survival guide to Yarn JavaScript package manager. Yarn has some goodies which npm doesn’t, like licenses generation.

Something different

11-hour struggle to make tea using Wi-Fi kettle
Making a cup of tea should be simple enough but if you’re using a Wi-Fi kettle it doesn’t always go according to plan.

Total Nightmare: USB-C and Thunderbolt 3
“Simple-looking port hides a world of complexity, and the (thankful) backward-compatibility uses different kinds of cables for different tasks. Shoppers have to be very careful to buy exactly the right cable for their devices!”

DevOps Finland Meetup goes Mobile at Zalando

Development and operations, DevOps, is in my opinion essential for getting things done with timely manner and it’s always good to hear how others are doing it by attending meetups. This time DevOps Finland went Mobile and we heard nice presentations about continuous delivery for mobile applications, mobile testing with Appium and the Robot Framework and efficient mobile development cycle. Compared to developing Web applications mobile brings some extra hurdles to jump but nothing that’s not solvable. Here are my short notes about the meetup.

The meetup was hosted by Zalando Technology at their new office here in Helsinki. Zalando is known to many as that online store that sells shoes, clothing and other fashion items but things don’t sell themselves and behind the scenes they have lots of technologies to keep things running. For the record I think they said that the meetup had 65 attendees of the 100.

Also if mobile is your thing there’s a new Meetup group for mobile developers in Finland which was announced at the meetup. They’re also on Twitter and Facebook.

Continuous Delivery for Mobile Applications

Rami Rantala from Zalando talked about “Continuous Delivery for Mobile Applications” and how they’re managing releases of their Fleek app which is available for Android and iOS in German markets.

They didn’t arrive to the final setup straightforward and it was iterative approach with how Git is used, code merged and releases done. Using Fastlane for all tedious tasks, like generating screenshots, dealing with code signing, and releasing your application made automating things easier. Interesting note was that their build server slaves are ansible managed Mac Minis on Rami’s desk. They had solved the problems nicely but testing is still difficult.

DevOps and rollbacks don’t work together, you roll forward.

Mobile testing with Appium and the Robot Framework

Mobile testing can be done with different tools and one option is to use Robot Framework just like for Web applications. Elmeri Poikolainen from Eficode demoed how to use Appium and run Robot Framework tests on real device. It has some limitations and I think with native applications it could be better to use native test tools like what Xcode has to offer.

Efficient Mobile Development Cycle

The last and most fast-paced talk was by Jerry Jalava from Qvik about “Efficient Mobile Development Cycle“. He talked about different practices and tools in the development cycle and it was nice overview to the complexity of the process from design to done. You can for example run remote preview with 27 devices.

Weekly notes 11

This time weekly notes provides pointers to last weeks JavaOne, teaches you to design better forms, tells about 171 words every programmer should understand and how to learn something about psychology which might help to understand yourself and maybe also users. And last but not least the documentary of last year’s Transcontinental 2015 tells a story of awesome cyclist who ride across Europe to Istanbul.

Weekly notes, issue 11, 27.9.2016

Development

JavaOne 2016: 85 recorded sessions
JavaOne was held las week and if you couldn’t attend it, like me, then you should have a look at the JavaOne 2016 Youtube playlist with 85 recorded sessions.

You need to be this tall to use [micro] services
Good hacker news comment on Microservices. “Thing is – these are all generally good engineering practices. But with monoliths, you can get away without having to do them. But with microservices, your average engineering standards have to be really high. Its not enough if you have good developers. You need great engineers.” (from @jaykreps)

Real world #kanban board

Good to know

The MIT License, Line by Line
171 words every programmer should understand. The MIT License is the most popular open-source software license. Here’s one read of it, line by line. Hacker News comments has also some wisdom. (from Hacker Newsletter #319)

re:publica 2015 – Mikko Hypponen: Is our online future worth sacrificing our privacy and security?
Video from year ago but still relevant as Mikko Hypponen explains why Facebook wants to get your phone number from Whatsapp. Watch from 12 minutes onward.

Emoji from iOS beta 4
What does that emoji mean? Here’s a list of emoji as JSON, extracted from iOS 10 beta 4.

Keeping up with development

The 10 Best iOS Development Blogs
A list of the the ten best iOS development blogs in no particular order. If you’ve ventured to iOS development then most of these are propably familiar, like raywenderlich.com with great tutorials.

How to keep your NPM dependencies up-to-date
“Tools for helping you keep your npm dependencies up-to-date. See the comments for more tools.” Uptr worked nicely for my use case. (from @jpaakko)

User experience is essential

Developer Experience Matters
“Developer Experience is one of the biggest key factors for developers to decide if they use certain technologies to use. Developer Experience (DX) is a type of User Experience (UX)!” (from @girlie_mac)

Curated list of online Psychology courses
It’s good to understand what drives and affects us and one way to do that is to learn something about Psychology. This curated list of online courses covers topics like Introduction to Psychology, Introduction To Social Psychology, The Psychology Of Persuasion, Psychology of Popularity, Positive Psychology, Logical and Critical Thinking, The Science of Stress Management and Introduction to Consumer Behavior. (from Userfocus Newsletter September 2016)

SXSW Keynote – You Know What? Fuck Dropdowns
35 reasons not to use a dropdown menu. (from Userfocus Newsletter September 2016)

Design Better Forms
Common mistakes designers make with forms and how to fix them. (from Userfocus Newsletter September 2016)

Something different

Transcontinental 2015: Race to Istanbul
The Transcontinental is a race like no other. On the 24th of July 2015, 172 riders arrived in Garaardsbergen, Belgium and raced to Istanbul, Turkey. Much like the early days of bicycle racing cyclist ride with no team cars or soigneurs to look after them. It is each for their own taking on Europe’s toughest terrain. The documentary follows the highs and lows of the race from the view of the Race Directors.

Protecting mountain bike tire and rim with Huck Norris and Procore

Technology is everywhere and even in as simple sport as cycling as its core is full of technology from wireless shifting systems to smart suspension systems and electronic motors. I’ve been riding enduro mountain biking and with going downhill in rocky trails it’s good to have some protection for your tires and rims. Puncture prevention systems like Schwalbe Procore and Deaneasy Tube+ helps you to avoid Snake Bites and protect your rim from dents with two air chambers but you can also do it simpler with foamlike solution such as Huck Norris.

The challenger: Huck Norris

“With Huck Norris the rocks gets the punctures when you ride!” – Huck Norris

Huck Norris is a relatively simple technique inside your tubeless tire to protect from Snake Bites and dents to the rim. It looks like it’s made from normal foam sleeping pad but the material (chemically crosslinked polyethylene) is specially developed for MTB use with actual scientists. It has “three times the impact energy damping than anything commercially available”. The installation is as easy as it looks, you just put it inside your tubeless tire and there’s no need for modifications or glue. Huck Norris also makes it easier to mount the tubeless tire without compressor as it gives the tire a shape which helps the bead to set.

Huck Norris
Huck Norris

Huck Norris installed
Huck Norris installed

There’s not much more to said about Huck Norris. Just set it up, inflate the tire and you’re done. It weights 70g on 27.5″ size and 77g on 29″ size, is suitable for 21-30 mm internal rim width and you can use it with alloy or carbon rims. Also Plus size and Fatbike versions are coming soon. Huck Norris is made in Finland and you can get it from Vuoripyörä’s webshop for 50 euros for a pair packaged with a mud guard. For more information check out their webpage or Facebook.

Riding with Huck Norris

Huck Norris was just recently released for general availability and I’ve used it for about month. As you could figure, it makes the tire a bit more stiff than without but the extra protection and especially the possibility to race on mountain bike enduro style tracks with the air pressures you want makes it great. No need to over inflate.

But as usual, even Huck Norris can’t protect your rims when the going gets tough although it still might save your race like it did mine on Santa Cruz Enduro Series race at Levi. The special stages were fast with hidden rocks and hits were unavoidable. As you can see from the picture I dented my rim but Huck Norris absorbed the impact so that the rear tire was saved from flat and I got to finish the race. I think I broke it on stage 5 and still drove the 7 stages left. For the curious I had Maxxis Minion DHR II 29×2,3 (3C MAXX TERRA) with about 1,5 bar air pressure on Roval Fattie 29 rim with 29 mm inner width.

Some hits were too tough
Some hits were too tough

The dual-champer system: Schwalbe Procore

After the Enduro MTB race at Levi where I had broken my 29″ rear wheel I had to switch to my 650b+ wheels for the next race. Not what I would’ve wanted as I don’t like racing with 2,8″ tires. As the Huck Norris is not yet available for Plus sized tires I had to get something to protect the rear rim from the rocks at Santa Cruz Enduro Series race on Tahko. Luckily my local bike shop had Schwalbe Procore system and sold me one separately. A bit more weight to the rear but also less punctures.

Schwalbe Procore is a dual-chamber system, tire-within-a-tire anti-pinch-flat system. It consists of a small-diameter tube and tire that is inserted inside of a conventional tubeless tire and pressurized to over 80 psi. The insert acts as a secondary impact cushion that allows you to ride with lower, or at least the optimal, tire pressures without being concerned with pinch flatting and protects the rim. It also helps to prevent the tire from ‘burping,’ which is when the tire bead is pushed inboard of the edge of the rim and allows air to escape from a tubeless tire.

Schwalbe Procore in short
Schwalbe Procore in short

Procore is available for 26″, 27.5″ or 29″ rims with minimum of 23mm internal rim width and for minimum of 2,2″ tire. Compared to Huck Norris the weight is considerably more, 220 grams per wheel and it also adds it to the place you don’t want it: to the wheel, increasing rolling mass. Procore system (one pair) costs about 200 euros.

Schwalbe’s Procore kit consists of a pair of tubes and inner tires, a roll of high-pressure rim tape, tubeless sealant, air sleeves, tire installation lubricant, dedicated tire levers, and decals to outfit two wheelsets. I used my existing rim tape as kit’s rim tape (for 25 mm) was useless for my 29 mm rims.

Half of the Schwalbe Procore kit
Half of the Schwalbe Procore kit

Although the Procore looks complicated and I had heard rumors of installing it, in practice it was fairly easy as the installation instruction show. Pinkbike’s review of Schwalbe’s Procore has also good explanation of the installation but the review otherwise is somewhat a mess. The only hassles I had was with keeping the tire sealant inside while getting the bead to set as I was too lazy to empty it. And one thing I forgot to put in place was the small clear patch over the valve hole as an additional seal but it worked anyways. I was in a bit hurry to install the Procore so I don’t have any pictures of it. Why test your new equipment beforehand when you can test it at the race.

Riding with Procore

I have only rode with Procore couple of days, practice and race at Tahko enduro MTB event and some local trails and it does what it promises. Although Tahko race had serious rock gardens my plus sized tire and rim survived without flats or dents whereas other riders had problems. Or maybe I just drove too slow (finished 32th) as I wasn’t exactly comfortable with 2,8″ Nobby Nic tires with 1,2 bar pressure on slippery rocks and grass. Without Procore I would’ve inflated it to at least 1,5 bar. Anyways the extra protection was welcome and money saver.

Procore seems to be good system as it doesn’t affect the tire behavior and adds protection but they say in the Internet that the high-pressure inner tube adds strain to the rim, loosens spokes’ tension and there has been a notable number of documented issues with carbon rims. With aluminum rims the issue not so clear and very few aluminium or carbon rim manufacturers have officially approved it but they haven’t recommended against it either. As I didn’t have a spoke tension meter when I installed Procore I can’t say whether or not the Internet is right. Time will tell.

Huck Norris or Procore: use both

Schwalbe’s Procore, in my opinion, is a good solution for protecting your tires and rims while allowing you to ride with lower tire pressures. Compared to much simpler Huck Norris, the more technical dual-chamber systems adds extra protection when needed but also additional weight which isn’t an issue when going downhill but makes a big difference when it comes to accelerating, and for long days on the pedals. But I would think twice before using Procore with carbon rims whereas Huck Norris is suitable for any rim.

When I get my 29″ wheels running again I will put Procore to the rear and Huck Norris in the front. Best of both worlds.

Using Apache for proxying connections to Crucible

Atlassian’s web applications are great tools for software development and they are relatively easy to setup because they come with Jetty servlet container and HQSQL database. You only have to install Java. Some of the applications can be also run like any normal deployable WAR-packaged web application for example with Apache Tomcat which gives you more control and administration options. But unfortunately code review tool Crucible isn’t one of those applications and maybe will never be.

Proxying connections to Crucible

By default Crucible runs in port 8060 which isn’t nicely looking for users. It’s way better to use ports 80 or 443 which are normal HTTP and HTTPS ports and are omitted from browser’s address bar. Of course you can configure that in the Administration screens, or by editing Crucible’s config.xml and restarting Crucible but if you run Crucible as a non root or also have other software running on the same server that isn’t an option.

One solution is to use Apache HTTP server to proxy connections from port 443 to Crucible’s listening port. I did it for Crucible and FishEye on CentOS x86_64 but things are mostly the same also on other Linuxes. I also disabled the HTTP port and used just the SSL enabled HTTPS with self generated certificates.

First we setup Apache for proxying connections to Crucible and then we generate some SSL certificates for HTTPS. If you haven’t Apache installed you can do it with yum like: yum install httpd.x86_64 mod_ssl openssl

1. Set HTTPS proxying in /etc/httpd/conf.d/ssl.conf

...

SSLProxyEngine on
ProxyRequests Off
ProxyPreserveHost On
ProxyPassReverse /crucible ajp://127.0.0.1:8060/crucible
proxyPass /crucible ajp://127.0.0.1:8060/crucible

RewriteEngine On
...

2. Generating SSL Certificate for Apache

# openssl genrsa -out localhost.key 1024
# openssl req -new -key localhost.key -out localhost.csr
# openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt
# mv localhost.csr localhost.key /etc/pki/tls/private/
# mv localhost.crt /etc/pki/tls/certs/

3. Start httpd

# service httpd start

Configuring Crucible

4. Configure Crucible (http://hostname:8060/admin)

Edit Web Settings:
-----------------
Web context: crucible
Http Bind: (none)
Ajp13 Bind Address: ajp://127.0.0.1:8060/crucible

And you’re ready.