This document provides tips for using the GlassFish application server. It begins with an introduction to GlassFish and outlines the goals of the session. The body contains over 30 tips covering a wide range of GlassFish topics from using the asadmin command to configuring clusters. Each tip is presented concisely in 1-2 paragraphs and includes code examples.
How to create a secured cloudera clusterTiago Simões
This presentation, it’s for everyone that is curious with Big Data and does have the know how to start learning...
With this, you will be able to create quickly a Kerberos secured Cloudera Cluster.
How to configure a hive high availability connection with zeppelinTiago Simões
With this presentation, you not only should be able to configure a Hive Interpreter on Zeppelin but also with a High Availability, Load balancing and Concurrency architecture.
It will be created a JDBC connection with kerberos authentication that will communicate with your Zookeeper on the cluster.
Describes in detail the security architecture of Apache Cassandra. We discuss encryption at rest, encryption on the wire, authentication and authorization and securing JMX and management tools
How to scheduled jobs in a cloudera cluster without oozieTiago Simões
This presentation, it’s for everyone that is looking for an oozie alternative to scheduled jobs in a secured Cloudera Cluster.With this, you will be able to add and configure the Airflow Service an manage it with in Cloudera Manager.
Start to finish overview of tools, tips and techniques for developing software for Apache Cassandra. Includes code and configuration examples, build systems and container support.
(WEB304) Running and Scaling Magento on AWS | AWS re:Invent 2014Amazon Web Services
Magento is a leading open source, eCommerce platform used by many global brands. However, architecting your Magento platform to grow with your business can sometimes be a challenge. This session walks through the steps needed to take an out-of-the-box, single-node Magento implementation and turn it into a highly available, elastic, and robust deployment. This includes an end-to-end caching strategy that provides an efficient front-end cache (including populated shopping carts) using Varnish on Amazon EC2 as well as offloading the Magento caches to separate infrastructure such as Amazon ElastiCache. We also look at strategies to manage the Magento Media library outside of the application instances, including EC2-based shared storage solutions and Amazon S3. At the data layer we look at Magento-specific Amazon RDSandndash;tuning strategies including configuring Magento to use read replicas for horizontal scalability. Finally, we look at proven techniques to manage your Magento implementation at scale, including tips on cache draining, appropriate cache separation, and utilizing AWS CloudFormation to manage your infrastructure and orchestrate predictable deployments.
How to create a secured cloudera clusterTiago Simões
This presentation, it’s for everyone that is curious with Big Data and does have the know how to start learning...
With this, you will be able to create quickly a Kerberos secured Cloudera Cluster.
How to configure a hive high availability connection with zeppelinTiago Simões
With this presentation, you not only should be able to configure a Hive Interpreter on Zeppelin but also with a High Availability, Load balancing and Concurrency architecture.
It will be created a JDBC connection with kerberos authentication that will communicate with your Zookeeper on the cluster.
Describes in detail the security architecture of Apache Cassandra. We discuss encryption at rest, encryption on the wire, authentication and authorization and securing JMX and management tools
How to scheduled jobs in a cloudera cluster without oozieTiago Simões
This presentation, it’s for everyone that is looking for an oozie alternative to scheduled jobs in a secured Cloudera Cluster.With this, you will be able to add and configure the Airflow Service an manage it with in Cloudera Manager.
Start to finish overview of tools, tips and techniques for developing software for Apache Cassandra. Includes code and configuration examples, build systems and container support.
(WEB304) Running and Scaling Magento on AWS | AWS re:Invent 2014Amazon Web Services
Magento is a leading open source, eCommerce platform used by many global brands. However, architecting your Magento platform to grow with your business can sometimes be a challenge. This session walks through the steps needed to take an out-of-the-box, single-node Magento implementation and turn it into a highly available, elastic, and robust deployment. This includes an end-to-end caching strategy that provides an efficient front-end cache (including populated shopping carts) using Varnish on Amazon EC2 as well as offloading the Magento caches to separate infrastructure such as Amazon ElastiCache. We also look at strategies to manage the Magento Media library outside of the application instances, including EC2-based shared storage solutions and Amazon S3. At the data layer we look at Magento-specific Amazon RDSandndash;tuning strategies including configuring Magento to use read replicas for horizontal scalability. Finally, we look at proven techniques to manage your Magento implementation at scale, including tips on cache draining, appropriate cache separation, and utilizing AWS CloudFormation to manage your infrastructure and orchestrate predictable deployments.
Logging is important for troubleshooting a DNS service. Conveniently with BIND 9, almost all problems will show up somewhere in the log output, but only if the logging is enabled and configured correctly.
In this webinar, we’ll discuss the BIND 9 logging configuration and best practices in searching through large log-files to find the entries of interest. In addition, we’ll release log-management tools used by Men & Mice Services.
How to create a multi tenancy for an interactive data analysis with jupyter h...Tiago Simões
With this presentation you should be able to create an architecture for a framework of an interactive data analysis by using a Cloudera Spark Cluster with Kerberos, a Jupyter machine with JupyterHub and authentication via LDAP.
Successful Software Development with Apache Cassandrazznate
Adding a new technology to your development process can be challenging, and the distributed nature of Apache Cassandra can make it daunting. However, recent improvements in drivers, utilities and tooling have simplified the process making it easier than ever before to develop software with Apache Cassandra.
In this presentation, we cover essential knowledge for all developers wanting to efficiently create reliable Apache Cassandra based solutions. Topics include:
- Language and Driver selection
- Optimizing Driver configuration
- Productive Developer environments using ccm, Vagrant and DataStax DevCenter
- Creating appropriate test data
- Unit testing
- Automated integration testing
- Test optimization with profiles
New and existing users will come away from this presentation with the necessary knowledge to make their next Apache Cassandra project a success.
Introduction To Managing VMware With PowerShellHal Rottenberg
Introduction to the VI Toolkit which is available at http://vmware.com/go/powershell. Companion to my book which is at http://sapienpress.com/vmware.asp
With the Varnish caching proxy you can make websites blazingly fast. The basics are quite simple once you understand how cache handling in HTTP works. For starters, we will look into HTTP and Varnish configuration. The main course is going to be test-driven cache invalidation and the cache tagging strategy. For desserts, there will be an introduction to Edge Side Includes (ESI). All of this will be liberally sprinkled with examples from the FOSHttpCache library and some ideas from the FOSHttpCacheBundle for Symfony2.
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012Scott Sutherland
During this presentation attendees will be introduced to lesser known, yet significant vulnerabilities in SQL Server implementations related to common trust relationships, misconfigurations, and weak default settings. The issues that will be covered are often leveraged by attackers to gain unauthorized access to high value systems, applications, and sensitive data. An overview of each issue, common vectors of attack, and manual techniques will be covered. Finally newly created Metasploit modules and TSQL scripts will be demonstrated that help automate the attacks. This presentation will be valuable to penetration testers who are looking for faster ways to gain access to critical data and systems. Additionally, it should be worth while for developers and database administrators who are interested in gaining a better understanding of how to protect their applications and databases from these attacks.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
NGINX Can Do That? Test Drive Your Config File!Jeff Anderson
I have had countless conversations with developers, projects managers, and even executives that end up being about nginx and what it can do. Usually, the phrase "nginx can do that?" comes up. More often than not, the answer is YES. What happens though, is the nginx config file can get unwieldy. How can we assert that it will behave how it needs to over time? How can we avoid introducing inadvertent regressions?
Seattle C* Meetup: Hardening cassandra for compliance or paranoiazznate
Details how to secure Apache Cassandra clusters. Covers client to server and server to server encryption, securing management and tooling, using authentication and authorization, as well as options for encryption at rest.
When it comes to caching, there are two types of web developers - those with phat stacks of cache money and those suffering from cache anxiety. Caching is particularly handy when scaling Rails apps, however we often avoid putting in effort because it can quickly get complicated without effective strategies. Rails provides a host of built-in caching interfaces that are easy to leverage and extend. I’ll talk about how to do this and combine rails with technologies like CDNs and HTTP accelerators like Varnish so that you can more effectively cache everything, everywhere without fear of serving stale content.
Michael May is an API Engineer at Fastly and a former Austinite, now hailing from San Francisco. While in Texas he studied at UT Austin and co-founded CDN Sumo, which was acquired by Fastly. He’s waiting for the day when FaaS (Franklin BBQ as a Service) becomes a thing and dreams about fast websites.
Joined by Rick Nelson, Technical Solutions architect from NGINX Server Density take you though the do's and don'ts of monitoring NGINX. Critical and non critical metrics to monitor, important alerts to configure and the best monitoring tools available.
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015Fastly
Fastly Altitude - June 25, 2015. Joe Williams, Computer Operator at GitHub discusses using a CDN to mitigate security threats.
Video of the talk: http://fastly.us/Altitude2015_Mitigating-Security-Threats-2
Joe's bio: Joe Williams is a Computer Operator at GitHub, and joined their infrastructure team in August 2013. Joe's passion for distributed systems, queuing theory and automation help keep the lights on. When not behind a computer you can generally find him riding a bicycle around Marin, CA.
PostgresOpen 2013 A Comparison of PostgreSQL Encryption OptionsFaisal Akber
Are you looking to encrypt your data within PostgreSQL? We will review the various options available for encrypting data with PostgreSQL. We will also look at various options available to employ encryption and review various configuration and performance for using encryption.
There are a number of options available when encrypting data with PostgreSQL. When determining the mechanisms to use, it is important to understand the data, the application and how it is being used. We will compare different methods of encrypting data in their feature-sets and performance.
We will try to answer the following questions: Where do I enable the encryption? Where is my data safe and where is it exposed? Why should I use the various encryption modules available?
Real world RESTful service development problems and solutionsBhakti Mehta
Learn all you ever wanted to learn about RESTful services development challenges in large scale applications
This session is a deep dive as well as an interactive discussion on design principles, considerations, lessons learned from mistakes that can be taken into account when developing RESTful services. It will cover a variety of topics from Designing of RESTful resources, Versioning, Exception Handling, Caching, Validation, Security, Rate limiting, HATEOAS, Testing and Documentation. This talk will walk through and compare the different REST API provided by companies like Twitter, Paypal, Google, Stripe and more we can learn the good, the bad and ugly. So join me in this talk to build high quality applications that can be highly scalable, available and reliable.
Logging is important for troubleshooting a DNS service. Conveniently with BIND 9, almost all problems will show up somewhere in the log output, but only if the logging is enabled and configured correctly.
In this webinar, we’ll discuss the BIND 9 logging configuration and best practices in searching through large log-files to find the entries of interest. In addition, we’ll release log-management tools used by Men & Mice Services.
How to create a multi tenancy for an interactive data analysis with jupyter h...Tiago Simões
With this presentation you should be able to create an architecture for a framework of an interactive data analysis by using a Cloudera Spark Cluster with Kerberos, a Jupyter machine with JupyterHub and authentication via LDAP.
Successful Software Development with Apache Cassandrazznate
Adding a new technology to your development process can be challenging, and the distributed nature of Apache Cassandra can make it daunting. However, recent improvements in drivers, utilities and tooling have simplified the process making it easier than ever before to develop software with Apache Cassandra.
In this presentation, we cover essential knowledge for all developers wanting to efficiently create reliable Apache Cassandra based solutions. Topics include:
- Language and Driver selection
- Optimizing Driver configuration
- Productive Developer environments using ccm, Vagrant and DataStax DevCenter
- Creating appropriate test data
- Unit testing
- Automated integration testing
- Test optimization with profiles
New and existing users will come away from this presentation with the necessary knowledge to make their next Apache Cassandra project a success.
Introduction To Managing VMware With PowerShellHal Rottenberg
Introduction to the VI Toolkit which is available at http://vmware.com/go/powershell. Companion to my book which is at http://sapienpress.com/vmware.asp
With the Varnish caching proxy you can make websites blazingly fast. The basics are quite simple once you understand how cache handling in HTTP works. For starters, we will look into HTTP and Varnish configuration. The main course is going to be test-driven cache invalidation and the cache tagging strategy. For desserts, there will be an introduction to Edge Side Includes (ESI). All of this will be liberally sprinkled with examples from the FOSHttpCache library and some ideas from the FOSHttpCacheBundle for Symfony2.
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012Scott Sutherland
During this presentation attendees will be introduced to lesser known, yet significant vulnerabilities in SQL Server implementations related to common trust relationships, misconfigurations, and weak default settings. The issues that will be covered are often leveraged by attackers to gain unauthorized access to high value systems, applications, and sensitive data. An overview of each issue, common vectors of attack, and manual techniques will be covered. Finally newly created Metasploit modules and TSQL scripts will be demonstrated that help automate the attacks. This presentation will be valuable to penetration testers who are looking for faster ways to gain access to critical data and systems. Additionally, it should be worth while for developers and database administrators who are interested in gaining a better understanding of how to protect their applications and databases from these attacks.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
NGINX Can Do That? Test Drive Your Config File!Jeff Anderson
I have had countless conversations with developers, projects managers, and even executives that end up being about nginx and what it can do. Usually, the phrase "nginx can do that?" comes up. More often than not, the answer is YES. What happens though, is the nginx config file can get unwieldy. How can we assert that it will behave how it needs to over time? How can we avoid introducing inadvertent regressions?
Seattle C* Meetup: Hardening cassandra for compliance or paranoiazznate
Details how to secure Apache Cassandra clusters. Covers client to server and server to server encryption, securing management and tooling, using authentication and authorization, as well as options for encryption at rest.
When it comes to caching, there are two types of web developers - those with phat stacks of cache money and those suffering from cache anxiety. Caching is particularly handy when scaling Rails apps, however we often avoid putting in effort because it can quickly get complicated without effective strategies. Rails provides a host of built-in caching interfaces that are easy to leverage and extend. I’ll talk about how to do this and combine rails with technologies like CDNs and HTTP accelerators like Varnish so that you can more effectively cache everything, everywhere without fear of serving stale content.
Michael May is an API Engineer at Fastly and a former Austinite, now hailing from San Francisco. While in Texas he studied at UT Austin and co-founded CDN Sumo, which was acquired by Fastly. He’s waiting for the day when FaaS (Franklin BBQ as a Service) becomes a thing and dreams about fast websites.
Joined by Rick Nelson, Technical Solutions architect from NGINX Server Density take you though the do's and don'ts of monitoring NGINX. Critical and non critical metrics to monitor, important alerts to configure and the best monitoring tools available.
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015Fastly
Fastly Altitude - June 25, 2015. Joe Williams, Computer Operator at GitHub discusses using a CDN to mitigate security threats.
Video of the talk: http://fastly.us/Altitude2015_Mitigating-Security-Threats-2
Joe's bio: Joe Williams is a Computer Operator at GitHub, and joined their infrastructure team in August 2013. Joe's passion for distributed systems, queuing theory and automation help keep the lights on. When not behind a computer you can generally find him riding a bicycle around Marin, CA.
PostgresOpen 2013 A Comparison of PostgreSQL Encryption OptionsFaisal Akber
Are you looking to encrypt your data within PostgreSQL? We will review the various options available for encrypting data with PostgreSQL. We will also look at various options available to employ encryption and review various configuration and performance for using encryption.
There are a number of options available when encrypting data with PostgreSQL. When determining the mechanisms to use, it is important to understand the data, the application and how it is being used. We will compare different methods of encrypting data in their feature-sets and performance.
We will try to answer the following questions: Where do I enable the encryption? Where is my data safe and where is it exposed? Why should I use the various encryption modules available?
Real world RESTful service development problems and solutionsBhakti Mehta
Learn all you ever wanted to learn about RESTful services development challenges in large scale applications
This session is a deep dive as well as an interactive discussion on design principles, considerations, lessons learned from mistakes that can be taken into account when developing RESTful services. It will cover a variety of topics from Designing of RESTful resources, Versioning, Exception Handling, Caching, Validation, Security, Rate limiting, HATEOAS, Testing and Documentation. This talk will walk through and compare the different REST API provided by companies like Twitter, Paypal, Google, Stripe and more we can learn the good, the bad and ugly. So join me in this talk to build high quality applications that can be highly scalable, available and reliable.
Based on the Star Wars theme, this session focuses on how Java EE 7 provides an extensive set of new and enhanced features to support standards such as HTML5, WebSocket, and Server-sent events, among others. The session shows how these new features are designed and matched to work together for developing lightweight solutions matching end users’ high expectations for Web application responsiveness. It covers best practices and design patterns associating the technologies with analogies from Star Wars. So join me in this fun filled talk where technology meets science and innovation..
May the force be with you!
Expect the unexpected: Anticipate and prepare for failures in microservices b...Bhakti Mehta
This session covers best practices for building resilient, stable RESTful services that can survive failures in distributed environments, such as transient impulses, random load, stress, or failures from some dependent components. It focuses on various techniques such as circuit breakers, bulkheads, and fail fast to ensure that services stay up and keep running despite failures.
Resilience planning and how the empire strikes backBhakti Mehta
t is well said that "The more you sweat on the field, the less you bleed in war". Failures are an inevitable part of complex systems. Accepting that failures happen, will help you design the system's reactions to specific failures.
This talks on best practices for building resilient, stable and predictable services: preventing cascading failures, timeouts pattern, retry pattern,circuit breakers and other techniques which have been pervasively used at Blue Jeans Network. Join me in this talk which ensures that the show must go on in spite of random load, stress or other failures!
Expect the unexpected: Prepare for failures in microservicesBhakti Mehta
My talk at Confoo 2016 Montreal
It is well said that "The more you sweat on the field, the less you bleed in war". Failures are an inevitable part of complex systems. Accepting that failures happen, will help you design the system's reactions to specific failures.
This talks on best practices for building resilient, stable and predictable services:
preventing Cascading failures, Timeouts pattern, Retry pattern,Circuit breakers
and many more techniques in microservices
With the growing challenges we face with shortage of resources there is a constant need to improve scalability and performance. Fortunately Java EE 7 and Java SE 7 has provided a rich set of APIs which can be used to avoid the conventional request-response paradigm. The session will span across JSRs cover how JAX-RS, Servlets, WebSockets, EJB provide support to submit asynchronous requests and cover topics like callbacks, timeouts, client side asynchrony, API like non blocking IO and lots of good stuff from Java EE 7 and Java SE 7 . Prerequisite: An open mind and be ready to “Think async”
Let if flow: Java 8 Streams puzzles and moreBhakti Mehta
This talk covers Java 8 Streams in details and using programming puzzles will discuss about various techniques with Streams: how to do complex data processing , queries with Streams API, how to use all the goodies like map, flatMap,filter, how to group, and partition data, how to use infinite streams, parallel streams, creating lazy lists.
If you are a beginner or a pro with Java 8 wanting to challenge your knowledge there is something for all!
Caching and tuning fun for high scalabilityWim Godden
Caching has been a 'hot' topic for a few years. But caching takes more than merely taking data and putting it in a cache : the right caching techniques can improve performance and reduce load significantly. But we'll also look at some major pitfalls, showing that caching the wrong way can bring down your site. If you're looking for a clear explanation about various caching techniques and tools like Memcached, Nginx and Varnish, as well as ways to deploy them in an efficient way, this talk is for you.
Caching and tuning fun for high scalabilityWim Godden
Caching has been a 'hot' topic for a few years. But caching takes more than merely taking data and putting it in a cache : the right caching techniques can improve performance and reduce load significantly. But we'll also look at some major pitfalls, showing that caching the wrong way can bring down your site. If you're looking for a clear explanation about various caching techniques and tools like Memcached, Nginx and Varnish, as well as ways to deploy them in an efficient way, this talk is for you.
In addition to authorization policies that control what a user can do, OpenShift Container Platform gives its administrators the ability to manage a set of security context constraints (SCCs) for limiting pods and securing their cluster.
Default security context may be too restrictive for containers pulled down from DockerHub, thorugh this talk we'll explore the various steps to execute for enabling required permissions on selected OpenShift's pods.
Get hands-on with security features and best practices to protect your containerized services. Learn to push and verify signed images with Docker Content Trust, and collaborate with delegation roles. Intermediate to advanced level Docker experience recommended, participants will be building and pushing with Docker during the workshop.
Led By Docker Security Experts:
Riyaz Faizullabhoy
David Lawrence
Viktor Stanchev
Experience Level: Intermediate to advanced level Docker experience recommended
This webcast will show you how to properly configure and deploy Memcached and Solr on Windows, including all the required Drupal integration. The webcast includes also instructions on proper configuration of your Drupal cron tasks for Solr indexing in conjunction with Windows Task Scheduler.
Caching and tuning fun for high scalabilityWim Godden
Caching has been a 'hot' topic for a few years. But caching takes more than merely taking data and putting it in a cache : the right caching techniques can improve performance and reduce load significantly. But we'll also look at some major pitfalls, showing that caching the wrong way can bring down your site.
If you're looking for a clear explanation about various caching techniques and tools like Memcached, Nginx and Varnish, as well as ways to deploy them in an efficient way, this talk is for you.
Slides: Introducing the new ClusterControl 1.2.9 - with live demo Severalnines
Highlights of ClusterControl 1.2.9 include:
Support for PostgreSQL Servers
Advanced HAProxy Configurations and Built-in Stats
Hybrid Replication with Galera Clusters
Galera Replication Traffic Encryption
Encrypted Communication between ClusterControl and MySQL-based systems
Query Deadlock Detection in MySQL-based systems
Bootstrap Galera Cluster
Restore of Backups
New UI theme
RPC interface to ClusterControl
Chef Recipe and Puppet Manifest for ClusterControl
Zabbix Plugin for ClusterControl
CloudStack - Top 5 Technical Issues and TroubleshootingShapeBlue
Cloudstack Top 5 technical issues and troubleshooting. Cloudstack is a mature product in use by companies world-wide. While being associated with CloudStack development for over 5 years, Abhi has come across some technical issues that once in a while affect the CloudStack deployment. This presentation is an effort to put together top 5 such issues, analyze their symptoms, see them from CloudStack architecture perspective and from the distributed nature of cloud orchestration, then look at ways to avoid them and finally be able to troubleshoot if they occur.
These slides show how to reduce latency on websites and reduce bandwidth for improved user experience.
Covering network, compression, caching, etags, application optimisation, sphinxsearch, memcache, db optimisation
OSMC 2019 | Use Cloud services & features in your redundant Icinga2 Environme...NETWAYS
This talk will start with a quick walk through the setup of all required components for a cloud based icinga2, icingaweb2 & icingaweb2-director environment. Focus will be on the configuration and monitoring of keepalived, HAProxy and Galera. Keepalived for example is used to interact with DigitalOcean and manage floating IPs. Examples will show how to use DigitalOcean loadbalancer instead of HAProxy. The talk will end with a summary of experienced limitations and pitfalls.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
3. 3
Introduction
§ About GlassFish
– It is the Java EE reference implementation.
– It is freely available (and commercially supported).
– Go to glassfish.java.net for details.
§ For more information about the tips visit:
http://wikis.oracle.com/display/GlassFish/50+Tips
§ Goals today:
– Fast pace session covering a wide range of topics related to GlassFish.
– Prioritizing quantity of tips over depth of information.
– Tips are interesting to new and seasoned users.
– Your response: “Ah, I didn’t know I can do that.”
15. 15
Tip #8: asadmin Command Help
./bin/asadmin start
Command start not found.
Check the entry of command name. This
command may be provided by a package
that is not installed.
Closest matching local and remote
command(s):
restart-domain
restart-instance
restart-local-instance
start-cluster
start-database
start-domain
start-instance
start-local-instance
Command start failed.
16. 16
Tip #9: Secure Administration
§ Remote administration is disabled by default
– Reduce exposure to network attack
§ Change admin password (non-empty)
– asadmin change-admin-password
§ Enable remote administration (restart DAS & instances)
– asadmin enable-secure-admin
– Also encrypts admin traffic (using self-signed certs and TLS, <3.1.1)
§ Disable secure administration
– asadmin disable-secure-admin
17. 17
Tip #10: Configure Log4J
§ Global
– Copy log4j.jar in glassfish/lib
– Copy log4j.properties in
glassfish/domains/domain1/config
– asadmin create-jvm-options
-Dlog4j.configuration=file://$
{com.sun.aas.instanceRoot}/config/log4j.properties
– asadmin restart-domain
§ Per application: add log4j.xml in WEB-INF/classes or root of
ejb-beans.jar
25. 25
Tip #16: Clustering with DCOM
•
Alternative to SSH-based clustering on Windows machines
•
Minimal configuration, if any, required
•
Windows DAS Windows remote
•
New commands
•
setup-local-dcom: Configure DCOM
•
validate-dcom: Sanity check for DCOM
•
create/delete/install/uninstall-node-dcom
•
Integrated in Admin Console
26. 26
Tip #17: Clusters without SSH
§ May not want to deal with SSH
§ Need JDK 1.6 U24+
§ Start DAS: asadmin start-domain
§ Enable Secure Admin: asadmin enable-secure-admin
§ Create cluster: asadmin create-cluster c1
§ Create instances on each remote machine: asadmin --host dashost
create-local-instance --cluster c1 i1
§ Verify: asadmin list-clusters, list-instances, list-nodes
§ Start local instances: asadmin start-local-instance
27. 27
Tip #18: Lifecycle Modules
§ Modules automatically initiated at server startup
§ Notified at different phases of the server lifecycle
– Implement com.sun.appserv.server.LifecycleListener (in
glassfish/modules/glassfish-api.jar)
@Override
public void handleEvent(LifecycleEvent le) throws ServerLifecycleException {
switch (le.getEventType()) {
case INIT_EVENT:
case READY_EVENT:
case SHUTDOWN_EVENT:
case STARTUP_EVENT:
default:
}
}
28. 28
Tip #19: Application Versioning
§ Allows multiple versions of same module and application
§ At most one version is active
– Enabled using --enabled (default true)
§ Simplifies upgrade and rollbacks
§ Examples
– asadmin deploy --name=myApp:RC1 --enabled=false
myApp.war
– asadmin enable myApp:RC1
– asadmin undeploy myApp:RC*
29. 29
Tip #20: Application Scoped Resources
§ Available only to module/application that define it
§ Created/destroyed/recreated during
deployment/undeployment/redeployment
§ Applies to: JDBC/Connector Connection Pools/Resources, Resource
Adapters, JavaMail Resources, …
§ glassfish-resources.xml in WEB-INF
§ redeploy --properties
preserveAppScopedResources=true myApp.war
<?xml version="1.0" encoding="UTF-8"?>
<resources>
<jdbc-resource enabled="true"
jndi-name="jdbc/myDatasource"
object-type="user"
pool-name="myConnectionPool">
<description/>
</jdbc-resource>
</resources>
43. 43
Tip #26: Inject OSGi Service in Java EE Apps
§ OSGi/Java EE Hybrid Applications can be deployed
§ Typesafe resolution of an OSGi service in a Java EE Application
§ Built as CDI portable extension
§ Intercepts deployment of hybrid applications with components that
have expressed dependencies on OSGi services
@Inject @OSGiService(dynamic=true) Hello hello;
44. 44
Tip #27: Debugging OSGi Bundles using Gogo
§ Enable Apache Felix Gogo
– Change the value of glassfish.osgi.start.level.final in
glassfish/config/osgi.properties to 3
– asadmin create-jvm-options --target server-config
-Dglassfish.osgi.start.level.final=3
45. 45
Tip #27: Debugging OSGi Bundles using Gogo
telnet localhost 6666
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
____________________________
Welcome to Apache Felix Gogo
g! help
felix:bundlelevel
felix:cd
felix:frameworklevel
. . .
46. 46
Tip #27: Debugging OSGi Bundles using Gogo
§ lb: List bundles
§ bundle <##>: Show details about a bundle
§ install <##>: Install a bundle from a URL
§ start/stop/uninstall/update <##>: Start/Stop/Uninstall/Update
a bundle
§ inspect: Inspect capabilities and requirements of a bundle
– inspect p c 1 (Packages exported by bundle 1)
§ which: Determines where a bundle loads a class
47. 47
Tip #28: Run GlassFish inside an OSGi Shell
§ Download GlassFish Full or Web profile
§ Option 1
GlassFish install and directory location are deduced from Activator
BundleContext context = FrameworkUtil.;
Bundle bundle = context
.install(“file:///…/glassfish/modules/glassfish.jar”);
bundle.start();
bundle.stop();
48. 48
Tip #28: Run GlassFish inside an OSGi Shell
§ Option 2
– Start your OSGi shell
– Install the bundle
– Start the bundle
49. 49
Tip #29: What’s in your JVM ? – Troubleshoot
§ Server thread dump
– asadmin generate-jvm-report –type=thread|class|memory|
summary|log
51. 51
Tip #30: Remote Deployment in NetBeans
§ Enable secure administration
§ Require local GlassFish as well for libraries
§ Regular operations work
– Develop, Deploy, Debug
§ Features that don’t work
– Deploy-on-Save
65. 65
Tip #37: Backup and Restore Domain
§ Manual
– backup-domain, restore-domain, list-backups
§ Automatic
– Only in Oracle GlassFish Server
– Create backup configuration (create/delete-backup-config)
– Associate with a cron-based schedule (create/delete-schedule)
– Full or Configuration only
66. 66
Tip #38: Transparent JDBC Pool
Reconfiguration
§ No need to redeploy applications if JDBC connection pool
properties/attributes are changed.
– Host, Port, Username, Password, …
§ New requests are queued till in-flight requests are completed.
§ asadmin set server.resources.jdbc-connection-
pool.<POOL_NAME>.property.dynamic-reconfiguration-
wait-timeout-in-seconds=30
67. 67
Tip #39: Tracing SQL queries
§ Trace SQL statements executed by a JDBC connection pool.
– JPA or non-JPA applications
§ javax.enterpise.resource.sqltrace log level to FINE
(default)
§ One available listener: com.sun.gjc.util.SQLTraceLogger
– asadmin set server.resources.jdbc-connection-
pool.DerbyPool.sql-trace-listeners=MyListener
§ Implement org.glassfish.api.jdbc.SQLTrceListener to
record SQLTraceRecord objects
§ Top ‘n’ most frequently used queries
– number-of-top-queries-to-report (10)
68. 68
Tip #40: Detecting JDBC Statement and
Connection Leaks and Reclaim
} finally {
try {
if (s != null)
s.close();
if (c != null)
c.close();
} catch (SQLException ex) {
//. . .
}
}
asadmin set server.resources.jdbc-connection-pool.DerbyPool.xxx=VALUE
statement-leak-timeout-in-seconds="2”
statement-timeout-in-seconds="6"
connection-leak-timeout-in-seconds="10"
statement-leak-reclaim=“true”
connection-leak-reclaim=“true”
84. 84
Tip #46: Upgrading to a Newer Version
§ Update Tool and pkg: In-place upgrade
– GUI: updatetool, install all Available Updates
– CLI: pkg image-update
– Upgrade the domain
§ asadmin start-domain --upgrade
85. 85
Tip #47: Upgrade from Open Source to
Commercial
§ Use pkg or UpdateTool
§ Remove repositories
– pkg unset-publisher dev.glassfish.org
stable.glassfish.org release.javaeesdk.oracle.com
§ Add repositories for Oracle GlassFish Server
– pkg set-publisher -P -O
http://pkg.oracle.com/glassfish/v3/release
release.glassfish.oracle.com
– pkg set-publisher –O
http://pkg.oracle.com/glassfish/v3/dev/
dev.glassfish.oracle.com
86. 86
Tip #47: Upgrade from Open Source to
Commercial
§ Install add-on components
– pkg install glassfish-enterprise-web-profile
– pkg install glassfish-enterprise-full-profile
87. 87
Tip #48: Extending and Updating Inside a
Closed Network
§ Server without an Internet connection or isolated from other networks
§ How ?
1. Install the pre-installed toolkit image (~4MB) + starter repository
(~20MB) inside closed network
2. Download repository from support.oracle.com
§ Unzip 145095-01.zip
§ Unzip ogs-3.1.1-repo-mac-i386.zip
3. Start local repository daemon
§ ./pkg.depotd –d <DIR> -p <PORT>
88. 88
Tip #48: Extending and Updating Inside a
Closed Network
4. Configure GlassFish Server to use Local Repository
§ pkg -R <GlassFish> set-publisher -Pe -O
http://<repo-host>:<port> <publisher>
89. 89
Tip #49: GlassFish Docs
§ Oracle GlassFish Server 3.1.2.2
– http://docs.oracle.com/cd/E26576_01/index.htm
§ Getting Started (4)
§ Installing and Upgrading (2)
§ Administering and Deploying Applications (5)
§ Troubleshooting (2)
§ Scaling and Tuning the Performance (2)
§ Developing Applications (6)
§ Extending and Embedding (2)
§ Reference (2)
§ glassfish.org/docs
90. 90
Tip #49: GlassFish Docs
§ GlassFish Server Open Source Edition
– http://download.java.net/glassfish/3.1.2/release/glassfish-ose-3.1.2-docs-
pdf.zip
§ glassfish.org/docs
91. 91
Tip #50: How to reach us?
§ GlassFish Forum: http://www.java.net/forums/glassfish/glassfish
§ users@glassfish.java.net
§ @glassfish
§ facebook.com/glassfish
§ youtube.com/GlassFishVideos
§ blogs.oracle.com/theaquarium