This presentation was prepared for a Webcast where John Yerhot, Engine Yard US Support Lead, and Chris Kelly, Technical Evangelist at New Relic discussed how you can scale and improve the performance of your Ruby web apps. They shared detailed guidance on issues like:
Caching strategies
Slow database queries
Background processing
Profiling Ruby applications
Picking the right Ruby web server
Sharding data
Attendees will learn how to:
Gain visibility on site performance
Improve scalability and uptime
Find and fix key bottlenecks
See the on-demand replay:
http://pages.engineyard.com/6TipsforImprovingRubyApplicationPerformance.html
Slow Database in your PHP stack? Don't blame the DBA!Harald Zeitlhofer
Your users complain about the bad performance of your app or website? Developers blame the database? How can we find the cause for the performance hotspot?
Far too often the database is held responsible for performance or scalability problems. It seems to be main contributor to the overall web request response time. However, in many cases it’s not the database itself, but the way, how the application is using the database! Too many database statements, inefficient queries and poor index selection are among the common problem patterns.
Based on real life examples, you will learn how to approach performance problems, how to figure out if the database is really to blame and how to end the finger pointing between developers and DBAs.
Slides from my talk at PHP conference Asia 2016 in Singapore
Apache Hive Hook
I couldn't find enough info about Hive hooks.
So, I made this.
I hope this presentation will be useful when you want to use hooks.
This included some infomation about metastore event listeners.
This was written based on release-0.11 tag.
Slow Database in your PHP stack? Don't blame the DBA!Harald Zeitlhofer
Your users complain about the bad performance of your app or website? Developers blame the database? How can we find the cause for the performance hotspot?
Far too often the database is held responsible for performance or scalability problems. It seems to be main contributor to the overall web request response time. However, in many cases it’s not the database itself, but the way, how the application is using the database! Too many database statements, inefficient queries and poor index selection are among the common problem patterns.
Based on real life examples, you will learn how to approach performance problems, how to figure out if the database is really to blame and how to end the finger pointing between developers and DBAs.
Slides from my talk at PHP conference Asia 2016 in Singapore
Apache Hive Hook
I couldn't find enough info about Hive hooks.
So, I made this.
I hope this presentation will be useful when you want to use hooks.
This included some infomation about metastore event listeners.
This was written based on release-0.11 tag.
SenchaCon 2016: Upgrading an Ext JS 4.x Application to Ext JS 6.x - Mark Linc...Sencha
In this session we'll demonstrate the optimal way to upgrade an Ext JS 4.x application to Ext JS 6.x. Detailed examples, recommended best practices, and a completely upgraded Ext JS application will be demonstrated showing the techniques used to perform the upgrade.
Sherlock Homepage - A detective story about running large web services - WebN...Maarten Balliauw
The site was slow. CPU and memory usage everywhere! Some dead objects in the corner. Something terrible must have happened! We have some IIS logs. Some traces from a witness. But not enough to find out what was wrong. In this session, we’ll see how effective telemetry, a profiler or two as well as a refresher of how IIS runs our ASP.NET web applications can help solve this server murder mystery.
Get more than a cache back! The Microsoft Azure Redis Cache (NDC Oslo)Maarten Balliauw
Serving up content on the Internet is something our web sites do daily. But are we doing this in the fastest way possible? How are users in faraway countries experiencing our apps? Why do we have three webservers serving the same content over and over again? In this session, we’ll explore the Azure Content Delivery Network or CDN, a service which makes it easy to serve up blobs, videos and other content from servers close to our users. We’ll explore simple file serving as well as some more advanced, dynamic edge caching scenarios.
Apache Ambari at the Apache Big Data Conference in Miami on May 18, 2017
presented by Alejandro Fernandez
Using Apache Ambari for enterprises with Blueprints, Custom Services, Stack Advisor, Kerberos, Large Scale, Rolling/Express Upgrades, Alerts, Metrics, and Log Search.
We’re excited to announce that we are evolving our cloud application architecture to be more flexible and modular, giving you greater control of your environment and more choices for components, deployment options and infrastructure.
During this webcast we'll provide more information on Engine Yard Cloud's new cluster model, infrastructure abstraction layer and monitoring and alerting agent, share what's coming and have an open Q&A to answer your questions.
SenchaCon 2016: Upgrading an Ext JS 4.x Application to Ext JS 6.x - Mark Linc...Sencha
In this session we'll demonstrate the optimal way to upgrade an Ext JS 4.x application to Ext JS 6.x. Detailed examples, recommended best practices, and a completely upgraded Ext JS application will be demonstrated showing the techniques used to perform the upgrade.
Sherlock Homepage - A detective story about running large web services - WebN...Maarten Balliauw
The site was slow. CPU and memory usage everywhere! Some dead objects in the corner. Something terrible must have happened! We have some IIS logs. Some traces from a witness. But not enough to find out what was wrong. In this session, we’ll see how effective telemetry, a profiler or two as well as a refresher of how IIS runs our ASP.NET web applications can help solve this server murder mystery.
Get more than a cache back! The Microsoft Azure Redis Cache (NDC Oslo)Maarten Balliauw
Serving up content on the Internet is something our web sites do daily. But are we doing this in the fastest way possible? How are users in faraway countries experiencing our apps? Why do we have three webservers serving the same content over and over again? In this session, we’ll explore the Azure Content Delivery Network or CDN, a service which makes it easy to serve up blobs, videos and other content from servers close to our users. We’ll explore simple file serving as well as some more advanced, dynamic edge caching scenarios.
Apache Ambari at the Apache Big Data Conference in Miami on May 18, 2017
presented by Alejandro Fernandez
Using Apache Ambari for enterprises with Blueprints, Custom Services, Stack Advisor, Kerberos, Large Scale, Rolling/Express Upgrades, Alerts, Metrics, and Log Search.
We’re excited to announce that we are evolving our cloud application architecture to be more flexible and modular, giving you greater control of your environment and more choices for components, deployment options and infrastructure.
During this webcast we'll provide more information on Engine Yard Cloud's new cluster model, infrastructure abstraction layer and monitoring and alerting agent, share what's coming and have an open Q&A to answer your questions.
Achieving PCI compliance can be a complex, time-consuming, and expensive undertaking. However, with the right approach it can be substantially less burdensome. In this webcast, we will provide background and recommendations to help you make the best possible decisions regarding PCI for your PaaS-based application. If you currently accept, or are contemplating accepting a payment card on your web application, this webcast is for you.
In this presentation you will learn about:
-An overview of PCI
-How to scope your environment for PCI compliance
-Ways to make compliance more manageable, and
-Things to consider when approaching PCI compliance on a PaaS provider.
To view the full webcast on-demand: http://pages.engineyard.com/an-introduction-to-pci-compliance-on-a-paas.html
Everyday, emails arrive and clutter your inbox. Communications are easily lost or forgotten as mail piles up. Slack was conceived by Tiny Speck Company, who was searching for a truly efficient method of professional communication. Unlike email, Slack allows team members to share ideas in real time. Chat rooms are “hash-tagged” to specific topics, where everyone can share files and links relevant to the topic. Slack can also host non-employees for collaboration on dedicated projects. Larger corporations will probably shy away from Slack because communication is naturally more relaxed and open. Slack is not a traditional chat room. It’s a multi-platform app, featuring real-time communication, topic search, and file sharing history. Your team can assign unique notifications to any slack room, such as twitter updates or new bug warnings. Direct messaging removes the need for email or instant messaging. 8ninths uses Slack, and we love it. Slack us!
IRCE 2016 Speaking Session – The Small Things That Add Up: How to Find What D...SOASTA
In this session at IRCE 2016, Joseph Paulling from Fanatics.com and Senior Researcher at SOASTA, Tammy Everts, talked about how Fanatics made their median page load 2 seconds faster and almost doubled mobile conversions.
Using JMeter in CloudTest for Continuous TestingSOASTA
JMeter is popular with developers for creating tests that can be run easily during development. With the SOASTA CloudTest Spring release, it's easy to run JMeter tests in CloudTest from low-levels during development all the way to full scale load in production, with all of the great CloudTest features. Come learn how easy it is to shift-left and shift-right and make testing continuous.
How Digital Performance Management helps increase conversion rates, lower bounce rates, manage third party performance and conversion impact, user experience, and overall web performance.
Reinventing the Modern Information Pipeline: Paxata and MapRLilia Gutnik
(Presented at MapR's Big Data Everywhere event in Redwood City, CA in December 2016)
The relationship between business teams and IT has changed as the complexity of data has increased. A traditional data pipeline designed for an IT-centered approach to information management is not designed for the data demands of today's business decisions. Designing a big data strategy requires modernizing previous approaches. Self-service data preparation in a collaborative, intuitive, governed, and secure environment is the key to a nimble and decisive business unit.
Amazon Web Service and Microsoft Azure are dominating the enterprise public cloud market, but how are they different? Here’s what you need to know.
There are plenty of differences between AWS and Azure, probably too many to mention in a single webinar. AWS and Azure take generally different approaches and offer some unique services. From our experience with enterprise customers, we found that the commoditized services are often the most important ones. Everybody has a solution for security, access and storage, but how are those solutions different? Will mastering one Cloud platform give me the knowledge I need to operate the other?
Join us in our upcoming webinar, all about the differences in some of the public cloud’s most basic (and vital) services. Watch this webinar to learn about:
The major players in today’s enterprise public cloud market
5 important differences between Azure and AWS
How a single pane of glass can compensate for these differences
www.scalr.com
http://www.scalr.com/lp/webinars/register/aws-vs-azure-5-differences-you-need-to-know-when-chosing-a-public-cloud-vendor
These slides use concepts from my (Jeff Funk) course entitled Biz Models for Hi-Tech Products to analyze the business model for Slack, a supplier of collaborative tools for teams. These tools offer a new form of mail service that is very different from that of traditional e-mail programs such as Microsoft Outlook, G-Mail, and Yahoo-Mail. Slack designed its mail service for the cloud computing environment, as opposed to the traditional in-house computing environment. Accessing documents from the cloud is easier with Slack’s service than with Microsoft Outlook as is enabling apps for Slack’s service and reading messages. Reading messages is easier because they are organized by person (like instant messaging on smart phones) as opposed to time. By measuring usage, Slack can charge by active user thus reducing the risk of trying Slack, particularly for individuals, who are the main market for Slack. These slides describe the value proposition, customers, method of value capture, scope of activities and the method of strategic control for Slack.
I'm talking about how Ansible helps Backbase establish testing pipeline to ensure the quality of Customer Experience Platform - the leading horizontal portal software. This is done by utilizing the concept of immutable infrastructure to provision on-demand infrastructure use it and the dispose.
This session introduces tools that can help you analyze and troubleshoot performance with SharePoint 2013. This sessions presents tools like perfmon, Fiddler, Visual Round Trip Analyzer, IIS LogParser, Developer Dashboard and of course we create Web and Load Tests in Visual Studio 2013.
At the end we also take a look at some of the tips and best practices to improve performance on SharePoint 2013.
Andreas Grabner maintains that most performance and scalability problems don’t need a large or long running performance test or the expertise of a performance engineering guru. Don’t let anybody tell you that performance is too hard to practice because it actually is not. You can take the initiative and find these often serious defects. Andreas analyzed and spotted the performance and scalability issues in more than 200 applications last year. He shares his performance testing approaches and explores the top problem patterns that you can learn to spot in your apps. By looking at key metrics found in log files and performance monitoring data, you will learn to identify most problems with a single functional test and a simple five-user load test. The problem patterns Andreas explains are applicable to any type of technology and platform. Try out your new skills in your current testing project and take the first step toward becoming a performance diagnostic hero.
Optimize DR and Cloning with Logical Hostnames in Oracle E-Business Suite (OA...Andrejs Prokopjevs
This presentation covers the idea of logical hostname feature and its possible use case with E-Business Suite, why it is a must-have configuration for DR, how it can improve your test/dev instance cloning and lifecycle processes, especially in a cloud deployment, support overview by 11i/R12.0/R12.1, and why it is a very hot topic right now for R12.2. Additionally, we will describe possible advanced configuration scenarios like container based virtualization. The content is based on real client environment implementation experience.
Monitoring in Motion: Monitoring Containers and Amazon ECSAmazon Web Services
Containers and other forms of dynamic infrastructure can prove challenging to monitor. How do you define normal, when your infrastructure is intentionally in motion and change from minute to minute? Join us as we discuss proven strategies for monitoring your containerized infrastructure on AWS and ECS.
AWS re:Invent 2016: Amazon CloudFront Flash Talks: Best Practices on Configur...Amazon Web Services
In this series of 15-minute technical flash talks you will learn directly from Amazon CloudFront engineers and their best practices on debugging caching issues, measuring performance using Real User Monitoring (RUM), and stopping malicious viewers using CloudFront and AWS WAF.
These slides show how to reduce latency on websites and reduce bandwidth for improved user experience.
Covering network, compression, caching, etags, application optimisation, sphinxsearch, memcache, db optimisation
This presentation touch the basics of MongoMK, Jackrabbit Oak MongoDB persistency layer implementation and how to deploy, operate, manage and size your MongoDB cluster on AEM environments
Application Performance Troubleshooting 1x1 - Part 2 - Noch mehr Schweine und...rschuppe
Application Performance doesn't come easy. How to find the root cause of performance issues in modern and complex applications? All you have is a complaining user to start with?
In this presentation (mainly in German, but understandable for english speakers) I'd reprised the fundamentals of trouble shooting and have some new examples on how to tackle issues.
Follow up presentation to "Performance Trouble Shooting 101 - Schweine, Schlangen und Papierschnitte"
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014Amazon Web Services
Log data contains some of the most valuable raw information you can gather and analyze about your infrastructure and applications. Amid the mess of confusing lines of seemingly random text can be hints about performance, security, flaws in code, user access patterns, and other operational data. Without the proper tools, finding insights in these logs can be like searching for a hay-colored needle in a haystack. In this session you learn what practices and patterns you can easily implement that can help you better understand your log files. You see how you can customize web logs to add more information to them, how to digest logs from around your infrastructure, and how to analyze your log files in near real time.
Similar to 6 tips for improving ruby performance (20)
Getting Started with PHP on Engine Yard CloudEngine Yard
Topics Covered:
• How to deploy a PHP application to Engine Yard
• How to use Composer to automate dependency management
• The key differences between Orchestra and Engine Yard Cloud
Presenter: Danish Khan
Presentation from: RubyConf Uruguay
Date: November 12, 2011
Description:
Most developers hate having to write documentation, yet complain about how tools and libraries we use lack documentation. How do you get developers to write good documentation without feeling like they're wasting their time? There are plenty of good documentation tools out there such as TomDoc, YarDoc, and RDoc. These tools are useful for creating documentation for tools, gems and varies open source projects and each one has it's unique way of making documentation easier for developers. However, how do you manage documentation for a product? At Engine Yard we have our Engine Yard Cloud platform. Good external documentation for our customers is very important to us. We want to make sure they can easily understand how to use our platform and be able to accomplish what they need. However, it has been difficult to get good documentation out quickly.
Check out the audio from Danish's talk here:
http://www.eventials.com/rubyconfuy/recorded/M2UzZTJkMzY2MzdiNTg2NTUxNWM1MzI3NWY1YjRhMzYjIzQ1Ng_3D_3D
Innovate Faster in the Cloud with a Platform as a ServiceEngine Yard
Presentaion: "Innovate Faster in the Cloud with a PaaS" webinar
Presenter: Jacob Lehrbaum
Date: November 18, 2011
Recorded presentation:
http://pages.engineyard.com/InnovateFasterwithPaaS.html
If you are building a new application today you are likely considering a move to the cloud. If so, you should take a careful look at Platform as a Service (PaaS). Using a PaaS makes it fast and easy to deploy and run high-impact applications by relieving the developer from having to integrate, configure, test, and maintain the platform-level software necessary to run applications. It will also improve your uptime, help you scale with your business and can even save you money.
Hiro Asari's Devoxx 2011 presentation
Presentation description:
Java developers wear many hats: they manage builds, develop applications, write command-line scripts, and must master all tiers. If only there were a way to make these tasks simple and fun.
Enter JRuby.
Build engineers can write or enhance builds with Ruby, never losing a thing they depend on from Ant or Maven. Ruby offers several elegant testing options that work great with JRuby. Web developers can create Rails applications in minutes, effortlessly incorporating the latest Web technologies while taking advantage of the existing Java libraries. JRuby supports binding native libraries with FFI (foreign function interface). Command-line scripts? They're easy with JRuby's system-level features.
Come to this session to learn how JRuby makes you a happy developer.
High Performance Ruby: Evented vs. ThreadedEngine Yard
Dr Nic Williams' Ruby Midwest 2011 presentation
Presentation description:
I wanted to know, "Do I need to learn about EventMachine or node.js? Can I use threads? What is so good or bad about threading in Ruby 1.8, Ruby 1.9, JRuby and Rubinius 2.0?"
What was important to me was that the choice was abstracted away. I wanted to write normal, step-by-step Ruby code. Yet I wanted it to be performant.
I've asked a lot of people. I even hosted EventMachine RubyConf (http://emrubyconf.com) during RailsConf 2011 in order to gather the brightest minds in the Ruby community. "What choices do I need to make, how different does my code look, and how do I do testing?" These are the questions I searched for answers to. I'd like to now share the answers.
Release Early & Release Often: Reducing Deployment FrictionEngine Yard
Andy Delcambre's RubyConf 2011 presentation
Presentation Description:
At Engine Yard, we release the main Engine Yard Cloud code base at least once a day, many times more often than that. Yet we still have a fairly rigorous testing and release process. We have simply automated and connected as much of the process as possible. This talk covers how we handle deployments, how it ties in with our continuous integration service, and how we automate and tie it all together.
Recorded presentation:
http://confreaks.net/videos/667-rubyconf2011-release-early-and-release-often-reducing-deployment-friction
Access webinar playback with audio here: http://www.engineyard.com/video/29346522
Who Should Attend: All Ruby Developers at every level of expertise
What You Will Learn
Details on how JRuby differs from other Rubies
Monitor and profile your applications
Deploy into Java-centric environments
Configure and tune JRuby and the JVM
What’s coming in JRuby 1.7 + Java 7
Afterwards You Will Want To
Try JRuby with your applications
Tell us what doesn’t exceed your expectations!
Presented by Nick Sieger and Charles Nutter on September 15, 2011
Rails Antipatterns | Open Session with Chad Pytel Engine Yard
As developers worldwide have adopted the Ruby on Rails web framework, many have fallen victim to common mistakes that reduce code quality, performance, reliability, stability, scalability, and maintainability. Even experienced developers will find that they can reevaluate the work they've done and make it better.
In this session, Chad Pytel will provide an overview of some of these common mistakes as well as take questions from the audience and provide real-world advice. Bring your issues and get expert advice on how to bring your code in line with today's best practices.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
6. Database Performance
Lazy loading associated data can quickly
lead to an N+1 query problem.
ORMs (ActiveRecord, DataMapper, etc.) make it easy to
get our data but also make it easy to forget to optimize and
refactor.
N+1 problems are hard to spot in development since you
are working with limited data sets.
7. N+1 Query Creep
# app/models/customer.rb
class Customer < ActiveRecord::Base
has_many :addresses
end
# app/models/address.rb
class Address < ActiveRecord::Base
belongs_to :customer
end
# app/controllers/customers_controller.rb
class CustomersController < ApplicationController
def index
@customers = Customer.all
end
end
# app/views/customers/index.html.erb
<% @customers.each do |customer| %>
<%= content_tag :h1, customer.name %>
<% end %>
8. N+1 Query Creep
# app/views/customers/index.html.erb
<% @customers.each do |customer| %>
<%= content_tag :h1, customer.name %>
<%= content_tag :h2, customer.addresses.first.city %>
<% end %>
If @customers has 100 records, you'll have 101 queries:
SELECT "customers".* FROM "customers"
SELECT "addresses".* FROM "addresses" WHERE "addresses"."customer_id" = 1
AND "addresses"."primary" = 't' LIMIT 1
SELECT "addresses".* FROM "addresses" WHERE "addresses"."customer_id" = 2
AND "addresses"."primary" = 't' LIMIT 1
SELECT "addresses".* FROM "addresses" WHERE "addresses"."customer_id" = 3
AND "addresses"."primary" = 't' LIMIT 1
...
...
SELECT "addresses".* FROM "addresses" WHERE "addresses"."customer_id" = 100
AND "addresses"."primary" = 't' LIMIT 1
9. Eager Loading with .includes
# app/controllers/customers_controller.rb
class CustomersController < ApplicationController
def index
@customers = Customer.includes(:addresses).all
end
end
If @customers has 100 records, now we only have 2 queries:
SELECT "customers".* FROM "customers"
SELECT "addresses".* FROM "addresses" WHERE "addresses"."customer_id" IN
(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59,
60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78,
79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97,
98, 99, 100)
10. Finding N+1 in New Relic
New Relic > App Server > Web Transactions > Performance Breakdown
12. Adding an Index is Simple
# db/migrate/20120201040247_add_index_for_shop_id_on_orders.rb
class AddIndexForShopIdOnOrders < ActiveRecord::Migration
def change
add_index :orders, :shop_id
end
end
Index Protips:
• Searching an index on a table with 1,000 rows is 100x faster than searching a
table without an index.
• Put an index on any columns you will likely query against, it's better to have too
many than too few indexes.
• Adding an index to a table will lock the table!
14. Passenger 3
• Simple to operate
• Simple configuration
• Handles worker management
• Great for multi-application environments
• Great for low resource environments
• Attached to Nginx/Apache HTTPD
15. Passenger Request Queue
solo i-c3f2d8a2 ~ # passenger-status
----------- General information -----------
max = 3
count = 3
active = 0
inactive = 3
Waiting on global queue: 0
----------- Application groups -----------
/data/john_yerhot_org/current:
App root: /data/john_yerhot_org/current
* PID: 19802 Sessions: 0 Processed: 3 Uptime: 3h 10m 13s
/data/scalingrails/current:
App root: /data/scalingrails/current
* PID: 28726 Sessions: 0 Processed: 3 Uptime: 59m 22s
/data/sites/clmeisinger/current:
App root: /data/sites/clmeisinger/current
* PID: 22147 Sessions: 0 Processed: 70 Uptime: 10h 45m 57s
16. Unicorn
• Independent of front end web server
• More configuration options
• Master process will reap children on timeout
• Great for single application environments
• Allows for zero downtime deploys
17. Unicorn Request Queue?
Raindrops
solo i-5b74313d ~ # gem install raindrops
Fetching: raindrops-0.10.0.gem (100%)
Building native extensions. This could take a while...
Successfully installed raindrops-0.10.0
1 gem installed
solo i-5b74313d ~ # ruby -rubygems -e "require 'raindrops'; puts
Raindrops::Linux.unix_listener_stats(['/var/run/engineyard/
unicorn_appname.sock']).inspect"
{"/var/run/engineyard/unicorn_appname.sock"=>#<struct Raindrops::ListenStats
active=0, queued=0>}
20. Request Queuing in New Relic
• Time between first ActionContoller hit - X-Queue-Start = Time spent in queuing.
Internet => LB inserts X-Queue-Start => Nginx => Ruby Webserver => Rack =>
Application
Track Rack Middleware as well
def call(env)
env["HTTP_X_MIDDLEWARE_START"] = "t=#{(Time.now.to_f * 1000000).to_i}"
@app.call(env)
end
22. Cache Everything
Rails makes it
stupid easy to
cache everything.
Do it.
23. Static Files & Nginx
The best cache is a static file served by
Nginx.
# create it on #index, #show, etc..
caches_page :index
# expire it on #creates, #updates, #destory, etc...
expire_page :action => :index
24. A Note About Static Files:
Use the front end server.
upstream upstream_enki {
server unix:/var/run/engineyard/unicorn_enki.sock fail_timeout=0;
}
location ~ ^/(images|assets|javascripts|stylesheets)/ {
try_files $uri $uri/index.html /last_assets/$uri /last_assets/$uri.html
@app_enki;
expires 10y;
}
location / {
if (-f $document_root/system/maintenance.html) { return 503; }
try_files $uri $uri/index.html $uri.html @app_enki;
}
25. Memcached: The Standard
# config/initializers/memcached.rb
config.cache_store =:mem_cache_store,
"server-1:11211",
"server-2:11211",
"server-3:11211",
"server-4:11211"
26. Next Best: ActionCaching
Will still go through Rack/Rails, but the action gets
cached.
before_filter :make_sure_youre_ok
caches_action :all_the_things
def all_the_things
@all_things = Thing.all_in_a_complex_way
end
def expire
expire_action :action => :all_the_things
end
27. Fragment Caching
<% cache('my_cache_key') do %>
<%= render_large_tag_cloud %>
<% end %>
...
def update_large_tag_cloud
TagCloud.update
expire_fragment('my_cache_key')
end
28. Baremetal
Rails.cache.write("john", "yerhot")
Rails.cache.read("john")# => "yerhot"
# execute a block on miss and cache it.
Rails.cache.fetch("miss") do
"yerhot"
end
Rails.fetch("miss")# => "yerhot"
Rails.cache.exists("john") # => true
Rails.cache.delete("john") # => true
Rails.cache.exists("john") # => false
35. Rails 4
Background Processing baked in.
• Allow an application to switch job systems with minimal
code change due to common API
• Very basic queuing system built in
• Roll your own wrapper class that responds to push & pop
# application.rb
config.queue = QueueName
Rails.queue.push(Job.new)
36. Review
• You need to be monitoring your application.
• Performance has to be reviewed on a regular basis.
• Database indexes are cheap, make lots of them.
• Every application can take advantage of some level
of caching: page, action or fragment.
• Background any work that you can.
• Don't neglect front-end performance.
37. How to Install New Relic
New Relic Standard is Free at Engine Yard
1. If you’re an Engine Yard Customer, select your
plan in your Engine Yard Account Settings
2. Add newrelic_rpm to your Gemfile
3. Enable monitoring in the Engine Yard
Dashboard
Full Installation Details: http://ey.io/install-newrelic