AEM Architecture slides for Sydney Adobe Meetup 16/9/2015
Discusses architectural components, considerations and philosophies to consider when designing for an AEM implementation
How the Adobe on Adobe team used AngularJS and AEM to build out a single page application site. Main goal with this proof of concept project was that the pattern had to be super simple to develop in. It had to be JSP free. It had to function smoothly on everything from a mobile device to a desktop and everything in between. The site also needed to be SEO friendly. Follow along to see the process and the challenges with building a site like this.
This was presented at Adobe's 'Ask the AEM Expert' Session. This session covered
Introduction to the core components
How to use and when to use the core components
AEM (CQ) Dispatcher Security and CDN+Browser CachingAndrew Khoury
This presentation cover Adobe AEM Dispatcher security and CDN and browser caching.
This presentation is the second part of a webinar on AEM Dispatcher:
http://dev.day.com/content/ddc/en/gems/dispatcher-caching---new-features-and-optimizations.html
Visit url above to view the whole presentation. Domique Pfister the primary engineer developing AEM Dispatcher covers the first part on new features.
How can we harness AEM6 and Sling to integrate backed layers to the CMS and expose them as a unified framework. creation of these integrations is vital for a coherent, personalize-able and track-able sites.
How the Adobe on Adobe team used AngularJS and AEM to build out a single page application site. Main goal with this proof of concept project was that the pattern had to be super simple to develop in. It had to be JSP free. It had to function smoothly on everything from a mobile device to a desktop and everything in between. The site also needed to be SEO friendly. Follow along to see the process and the challenges with building a site like this.
This was presented at Adobe's 'Ask the AEM Expert' Session. This session covered
Introduction to the core components
How to use and when to use the core components
AEM (CQ) Dispatcher Security and CDN+Browser CachingAndrew Khoury
This presentation cover Adobe AEM Dispatcher security and CDN and browser caching.
This presentation is the second part of a webinar on AEM Dispatcher:
http://dev.day.com/content/ddc/en/gems/dispatcher-caching---new-features-and-optimizations.html
Visit url above to view the whole presentation. Domique Pfister the primary engineer developing AEM Dispatcher covers the first part on new features.
How can we harness AEM6 and Sling to integrate backed layers to the CMS and expose them as a unified framework. creation of these integrations is vital for a coherent, personalize-able and track-able sites.
A presentation given at the adaptTo() 2014 tech meetup on the topic of developing dynamic AEM components using concepts borrowed from the SPA philosophy.
AEM Best Practices for Component DevelopmentGabriel Walt
This presentation describes how to easily get started with an efficient development workflow with Adobe Experience Manager 6.1.
The tools and technologies presented are:
* Project Archetype – https://github.com/Adobe-Marketing-Cloud/aem-project-archetype
* AEM Eclipse Extension – https://docs.adobe.com/docs/en/dev-tools/aem-eclipse.html
* AEM Brackets Extension – https://docs.adobe.com/docs/en/dev-tools/aem-brackets.html
* Sightly Template Language – http://www.slideshare.net/GabrielWalt/component-development
* Sightly REPL Tool – https://github.com/Adobe-Marketing-Cloud/aem-sightly-repl
* Sightly TodoMVC Example – https://github.com/Adobe-Marketing-Cloud/aem-sightly-sample-todomvc
Caching is a technique to save frequently used data into into temporary location. Improves application performance. Reduce a lot of server resources at peak times.
Last updated on Dec 12, 2014
The Sightly template language, shipped with Adobe Experience Manager 6.0, simplifies a lot the component development workflow by allowing front-end developers to edit components themselves directly.
Learn about the main features of that template language, and about the tools available to make project development work more efficient.
In this talk, Jamie will demonstrate some core principles of a minimalist React framework called Next.js - We’ll also learn why SEO isn’t the only benefit of Server Side Rendering in React.
In this session you will learn:
Understand Spring framework overview & its salient features
Spring concepts (IoC container / DI)
Spring-AOP basics
Spring ORM / Spring DAO overview
Spring Web / MVC overview
For more information, visit: https://www.mindsmapped.com/courses/software-development/java-developer-training-for-beginners/
Managing Omnichannel Experiences with Adobe Experience Manager (AEM)Gabriel Walt
Managing and delivering content for different applications can be a challenge. With your investment in Experience Manager, you have one unified solution for all your content needs across any channel.
The presentation covers a microservices architecture used for AEM-based system.
If we think of highly-scalable enterprise systems it’s worth considering moving from AEM-based design to microservices architecture. In this approach, some bigger logical parts are deployed separately, outside of AEM – all of these parts are called services. Of course, AEM is still there (it’s another service) and plays one of the most important roles - it delivers the user experience, i.e. websites, pages, their layout and static content. Most of the dynamic content though, is provided by other services deployed e.g. as a stand-alone applications on Tomcat or Node.js servers. The assembly of pages served by AEM and the dynamic content from other services is done with use of… another service. Sounds complicated? Although from deployment point of view it’s more complex than simple AEM-based approach, it brings a couple of significant advantages:
* Improved scalability – each service can be scaled separately. If you expect a lot of traffic and the majority of processing is related e.g. to search, then you can add another instance of search service only. You don’t need to replicate the whole system.
* Easier deployment – since the services are independent you can upgrade each of them easily whereas other services remain untouched.
* Faster development – you are not limited to OSGi technology, so you can develop each service with solutions which best suit the service needs.
* Reduced cost and time-to-market – thanks to above, the overall cost of change implementation and time needed to deploy it to production is reduced significantly
RichText Editor (RTE) is an integral component of AEM and it provides AEM authors a WYSIWYG text-editing experience on the web pages. RTE offers diverse configurations to developers.
This presentation provides an in-depth understanding of this component and shows various concepts, use-cases, modes, configurations, best practices, limitations and troubleshooting that surround it.
E-Seminar recording published here -
https://helpx.adobe.com/experience-manager/kt/eseminars/gems/AEM-Rich-Text-Editor-RTE-Deep-Dive1.html
Mikhail Egorov - Hunting for bugs in Adobe Experience Manager webappshacktivity
Adobe Experience Manager (AEM) is an enterprise-grade CMS. It’s used by high-profile companies like Linkedin, Apple, Mastercard, Western Union, Cisco, General Motors, and others. AEM is built on top of the Apache Sling, Apache Felix and Apache Jackrabbit Oak projects. In the talk, the author will share unique methodology on how to approach AEM weabpps in pentests or bug bounty programs. Misconfiguration issues, as well as product vulnerabilities, will be covered in the talk, including newly discovered vulnerabilities for which Adobe PSIRT assigned CVE ids. The author will share automation tool for discovering vulnerabilities and misconfigurations discussed in the talk.
Server Side Rendering, caching and performanceAteev Chopra
Talk given on 18th feb at React Meetup, Bangalore. For more details checkout the blog post about the same: https://ateev.in/react-js-achieving-20ms-server-response-time-with-server-side-rendering-1ea80e420d88
Adobe Experience Manager Core ComponentsGabriel Walt
Components for AEM Sites that cover the most common web content needs.
Discover which components exist, what features they offer, how they work technically and how they can be extended by a developer.
Dynamic Components using Single-Page-Application Concepts in AEM/CQNetcetera
Dynamic components display content dependable on context, hence they cannot be cached.
Out of the box, Adobe Experience Manager doesn't give us many options for granular caching on a component level.
When faced with this problem, we usually resort to developing components that are leveraging Server-Side Includes or AJAX to get the HTML with dynamic data.
As an alternative solution, we have also developed dynamic components that use Single Page Application concepts, by using templates and JSON-responses, to provide the same dynamic behavior.
In this presentation we will cover all of the dynamic components types, compare the benefits and drawbacks of each, and state the use-cases where each can be effectively applied.
We will take a deeper look at the dynamic components done with SPA concepts, as they are rarity in the AEM world, and also provide a walk-through of the technologies used, how some common problems were solved, as well as the benefits that have been gained by their usage.
Version 6 of Adobe Experience Manager (AEM 6) is a major release that introduces significant innovations. Sightly is a new template system to be used in place of (or together with) JSP. Along with Sling Models, SIghtly strongly improves the separation between the logic and presentation. The development effort is reduced because a Sightly template is an HTML 5 document, easily maintainable even by front-end developers.
The presentation provides an overview of the basic features of Sightly and introduces the fundamentals of the new development model with the support of tools released release together with AEM 6.
A presentation given at the adaptTo() 2014 tech meetup on the topic of developing dynamic AEM components using concepts borrowed from the SPA philosophy.
AEM Best Practices for Component DevelopmentGabriel Walt
This presentation describes how to easily get started with an efficient development workflow with Adobe Experience Manager 6.1.
The tools and technologies presented are:
* Project Archetype – https://github.com/Adobe-Marketing-Cloud/aem-project-archetype
* AEM Eclipse Extension – https://docs.adobe.com/docs/en/dev-tools/aem-eclipse.html
* AEM Brackets Extension – https://docs.adobe.com/docs/en/dev-tools/aem-brackets.html
* Sightly Template Language – http://www.slideshare.net/GabrielWalt/component-development
* Sightly REPL Tool – https://github.com/Adobe-Marketing-Cloud/aem-sightly-repl
* Sightly TodoMVC Example – https://github.com/Adobe-Marketing-Cloud/aem-sightly-sample-todomvc
Caching is a technique to save frequently used data into into temporary location. Improves application performance. Reduce a lot of server resources at peak times.
Last updated on Dec 12, 2014
The Sightly template language, shipped with Adobe Experience Manager 6.0, simplifies a lot the component development workflow by allowing front-end developers to edit components themselves directly.
Learn about the main features of that template language, and about the tools available to make project development work more efficient.
In this talk, Jamie will demonstrate some core principles of a minimalist React framework called Next.js - We’ll also learn why SEO isn’t the only benefit of Server Side Rendering in React.
In this session you will learn:
Understand Spring framework overview & its salient features
Spring concepts (IoC container / DI)
Spring-AOP basics
Spring ORM / Spring DAO overview
Spring Web / MVC overview
For more information, visit: https://www.mindsmapped.com/courses/software-development/java-developer-training-for-beginners/
Managing Omnichannel Experiences with Adobe Experience Manager (AEM)Gabriel Walt
Managing and delivering content for different applications can be a challenge. With your investment in Experience Manager, you have one unified solution for all your content needs across any channel.
The presentation covers a microservices architecture used for AEM-based system.
If we think of highly-scalable enterprise systems it’s worth considering moving from AEM-based design to microservices architecture. In this approach, some bigger logical parts are deployed separately, outside of AEM – all of these parts are called services. Of course, AEM is still there (it’s another service) and plays one of the most important roles - it delivers the user experience, i.e. websites, pages, their layout and static content. Most of the dynamic content though, is provided by other services deployed e.g. as a stand-alone applications on Tomcat or Node.js servers. The assembly of pages served by AEM and the dynamic content from other services is done with use of… another service. Sounds complicated? Although from deployment point of view it’s more complex than simple AEM-based approach, it brings a couple of significant advantages:
* Improved scalability – each service can be scaled separately. If you expect a lot of traffic and the majority of processing is related e.g. to search, then you can add another instance of search service only. You don’t need to replicate the whole system.
* Easier deployment – since the services are independent you can upgrade each of them easily whereas other services remain untouched.
* Faster development – you are not limited to OSGi technology, so you can develop each service with solutions which best suit the service needs.
* Reduced cost and time-to-market – thanks to above, the overall cost of change implementation and time needed to deploy it to production is reduced significantly
RichText Editor (RTE) is an integral component of AEM and it provides AEM authors a WYSIWYG text-editing experience on the web pages. RTE offers diverse configurations to developers.
This presentation provides an in-depth understanding of this component and shows various concepts, use-cases, modes, configurations, best practices, limitations and troubleshooting that surround it.
E-Seminar recording published here -
https://helpx.adobe.com/experience-manager/kt/eseminars/gems/AEM-Rich-Text-Editor-RTE-Deep-Dive1.html
Mikhail Egorov - Hunting for bugs in Adobe Experience Manager webappshacktivity
Adobe Experience Manager (AEM) is an enterprise-grade CMS. It’s used by high-profile companies like Linkedin, Apple, Mastercard, Western Union, Cisco, General Motors, and others. AEM is built on top of the Apache Sling, Apache Felix and Apache Jackrabbit Oak projects. In the talk, the author will share unique methodology on how to approach AEM weabpps in pentests or bug bounty programs. Misconfiguration issues, as well as product vulnerabilities, will be covered in the talk, including newly discovered vulnerabilities for which Adobe PSIRT assigned CVE ids. The author will share automation tool for discovering vulnerabilities and misconfigurations discussed in the talk.
Server Side Rendering, caching and performanceAteev Chopra
Talk given on 18th feb at React Meetup, Bangalore. For more details checkout the blog post about the same: https://ateev.in/react-js-achieving-20ms-server-response-time-with-server-side-rendering-1ea80e420d88
Adobe Experience Manager Core ComponentsGabriel Walt
Components for AEM Sites that cover the most common web content needs.
Discover which components exist, what features they offer, how they work technically and how they can be extended by a developer.
Dynamic Components using Single-Page-Application Concepts in AEM/CQNetcetera
Dynamic components display content dependable on context, hence they cannot be cached.
Out of the box, Adobe Experience Manager doesn't give us many options for granular caching on a component level.
When faced with this problem, we usually resort to developing components that are leveraging Server-Side Includes or AJAX to get the HTML with dynamic data.
As an alternative solution, we have also developed dynamic components that use Single Page Application concepts, by using templates and JSON-responses, to provide the same dynamic behavior.
In this presentation we will cover all of the dynamic components types, compare the benefits and drawbacks of each, and state the use-cases where each can be effectively applied.
We will take a deeper look at the dynamic components done with SPA concepts, as they are rarity in the AEM world, and also provide a walk-through of the technologies used, how some common problems were solved, as well as the benefits that have been gained by their usage.
Version 6 of Adobe Experience Manager (AEM 6) is a major release that introduces significant innovations. Sightly is a new template system to be used in place of (or together with) JSP. Along with Sling Models, SIghtly strongly improves the separation between the logic and presentation. The development effort is reduced because a Sightly template is an HTML 5 document, easily maintainable even by front-end developers.
The presentation provides an overview of the basic features of Sightly and introduces the fundamentals of the new development model with the support of tools released release together with AEM 6.
This is AEM development best practices. These practices do not cover standard like jsp, js & java development practices. This is an effort to consolidate our learning in CMS domain.
Oak, the architecture of Apache Jackrabbit 3Jukka Zitting
Apache Jackrabbit is just about to reach the 3.0 milestone based on a new architecture called Oak. Based on concepts like eventual consistency and multi-version concurrency control, and borrowing ideas from distributed version control systems and cloud-scale databases, the Oak architecture is a major leap ahead for Jackrabbit. This presentation describes the Oak architecture and shows what it means for the scalability and performance of modern content applications. Changes to existing Jackrabbit functionality are described and the migration process is explained.
Presentation for the Montreal chapter of the Adobe AEM User group on Bombardier's implementation of Adobe Experience Manager (AEM) multi-site manager (MSM). The MSM was used to deliver consistently formatted country web sites.
Oak, the Architecture of the new RepositoryMichael Dürig
Apache Jackrabbit Oak is a new JCR implementation with a completely new architecture. Based on concepts like eventual consistency and multi-version concurrency control, and borrowing ideas from distributed version control systems and cloud-scale databases, the Oak architecture is a major leap ahead for Jackrabbit. This presentation describes the Oak architecture and shows what it means for the scalability and performance of modern content applications. Changes to existing Jackrabbit functionality are described and the migration process is explained.
This session will share large scale architectures from the author's experiences with various companies like Cisco, Symantec, and EMC and compare and contrast the architecture across : Infrastructure Architecture Scaling, Ecommerce integrations and migration approach from legacy into AEM, Digital Marketing Cloud Integrations such as personalization, analytics, and DMP.
AEM6 comes with a fresh new repository backend designed for improved performance and scalability. This session introduces the new repository architecture and describes the key differences and improvements for developers and operations teams. Topics covered include content migration, backwards compatibility, key deployment scenarios and configuration options, and custom search indexes.
OSGi-friendly bytecode weaving – enhance your classes, not your dependency gr...mfrancis
Presentation by Tim Ward (IBM) at OSGi DevCon/EclipseCon 2011.
For many years bytecode weaving in OSGi has been a cumbersome process. Using it's internal hooks Equinox has supported basic transformation since version 3.2, but there has still been no simple, standard way to enhance classes or add new dependencies to the bundle that contains them. The Equinox 3.7 release includes support for the new OSGi WeavingHook whiteboard pattern, which allows any OSGi bundle, not just an Equinox framework extension, to weave classes from, and add dependencies to, other OSGi bundles.
Also new in OSGi is the opportunity to scan the classpath of an OSGi bundle. Whilst the isolated, modular classpath of an OSGi bundle provides an excellent system for building Java applications, many extenders and libraries need to be able to search for classes or resources within the bundle. This function further aids weaving implementations by allowing them to search for resources, class and package name patterns, and other configuration without requiring specific metadata to be present.
As the lead author for the Bytecode Weaving design within the OSGi Alliance, and a committer in the Apache Aries project, Tim will use his expertise to demonstrate the power and flexibility of WeavingHooks, particularly in conjunction with the latest OSGi updates for classpath scanning. Drawing on real-world examples from the Apache Aries project Tim will use real-world examples and Equinox 3.7 to prove that first-class weaving support is now available in OSGi
8 ways to accelerate Adobe CQ5 / AEM site deployments following an initial AEM site launch. Focused on multi-site strategy, AEM component reuse, and team alignment for increasing speed and reducing risk when migrating subsequent domains to AEM.
Voldemort & Hadoop @ Linkedin, Hadoop User Group Jan 2010Bhupesh Bansal
Jan 22nd, 2010 Hadoop meetup presentation on project voldemort and how it plays well with Hadoop at linkedin. The talk focus on Linkedin Hadoop ecosystem. How linkedin manage complex workflows, data ETL , data storage and online serving of 100GB to TB of data.
Presentation around several tips & trick to improve SharePoint (on premise) performance, mainly by tweaking the SQL databases.
Download the ppt for fun animations !
Ingesting Over Four Million Rows Per Second With QuestDB Timeseries Database ...javier ramirez
How would you build a database to support sustained ingestion of several hundreds of thousands rows per second while running near real-time queries on top?
In this session I will go over some of the technical decisions and trade-offs we applied when building QuestDB, an open source time-series database developed mainly in JAVA, and how we can achieve over four million row writes per second on a single instance without blocking or slowing down the reads. There will be code and demos, of course.
We will also review a history of some of the changes we have gone over the past two years to deal with late and unordered data, non-blocking writes, read-replicas, or faster batch ingestion.
Unity Connect - Getting SQL Spinning with SharePoint - Best Practices for the...Knut Relbe-Moe [MVP, MCT]
Performance problems in SharePoint are most commonly caused by a poorly configured or ineffectively optimized SQL Server back end. More often than not, the SQL Server is not installed following Best Practice guidelines. In this fast-paced session, Chief Technical Architect and International speaker Knut Relbe-Moe will walk you through his top 13 tips for ensuring your SQL back end is perfectly configured and performing well for SharePoint. If you want to ensure that your SharePoint environment is great whether it's in Azure or on premises, this is the session for you to join.
Presentation from June 2013, Surrey, BC, Drupal Group meetup.
- Some tips how to improve Drupal 7 performance.
- Get Drupal 7 working faster
- Optimize code in order to get proper responses
- Use cache (memcache, APC cache, entity cache, varnish)
- Scale Drupal horizontally in order to balance load
The presentation of the Drupal frontend optimizations from Drupal Camp LA 2011. The slides go over optimizations you do in the backend to serve files in the frontend faster and optimizations in the front end to css and javascript to make that aspect run faster.
Building the Perfect SharePoint 2010 Farm - SPS Brisbane 2011Michael Noel
SharePoint 2010 has matured over the past year, with improvements in scalability, enterprise search, and administration. Best practices from SharePoint 2007 are no longer relevant, and new guidance has emerged from the last year worth of SharePoint deployments. In addition, new features such as SharePoint FAST Search capabilities can have a significant effect on how an environment is architected. In addition, the popularity of server virtualization technologies have created new design options for SharePoint administrators, allowing for new and unique high availability and provisioning options. This session goes right to the heart of the matter, providing for physical and virtual architecture guidelines and specific configuration settings that can immediately be used to construct SharePoint 2010 environments that can be used to replace existing SharePoint 2007 farms. Architectural specifics are based on best practices obtained from existing SharePoint 2010 environments of multiple sizes and performance metrics gathered from both physical and virtual SQL Server and SharePoint environments will help you to build the ‘perfect’ SharePoint 2010 farm for your organization.
Drupal Perfomance. Talk given at DrupalCamp North, 25th July 2015.
This session looked at tools you can use to analyse the performance and benchmark a Drupal site. It then looked at tools and techniques that can be used to improve the site performance. The session also included a case study about the Drupal based BAFTA website that was built by Access. Focusing on the recent Film and TV awards, which saw a large amount of traffic in a short amount of time.
An overview of the cloud technologies that I've used and the nuances between them.
This presentation was talking primarily about:
https://github.com/riptano/ComboAMI/tree/2.2
node.js 실무 - node js in practice by Jesang YoonJesang Yoon
Sharing 4 years of experience about node.js - A google chrome V8 engine javascript based web server technology. This slide covers about wide range of knowledge about node.js learned from 4 years of production, experiment, test & failures
4년 동안 node.js 서버 프로그래밍을 경험한 내용을 간략하게 정리해 보았습니다. node.js 를 접하시는 분들에게 도움이 되었으면 합니다.
Introduction to running Oracle on AWS. Focuses on Oracle partnership, time line of partnership, licensing, pricing, use cases, common architectures, customer successes, and what is new.
The DrupalCampLA 2011 presentation on backend performance. The slides go over optimizations that can be done through the LAMP (or now VAN LAMMP stack for even more performance) to get everything up and running.
From frustration to fascination: dissecting ReplicationBenedek Menesi
Recorded Webinar: https://www.youtube.com/watch?v=9dML83jd5SE
This session has been presented at the Benelux Lotus User Group in Leuven, March 2013
--
Replication is one of the most important pillars of the IBM Notes and Domino Architecture. Whether you're an administrator or developer, replications plays an integral role in your life, and let’s face it, this relationship has its ups and downs.
This session will reveal how its underpinnings work, what can go wrong, how to setup and manage selective replication and why, how to best consolidate cluster and standard replication, what traps to look for and how to get out of them once you’re caught. Join us to learn about tips, tricks and code that will help you debug and tackle the toughest replication problems (conflicts, ghosts, inconsistencies etc…) like a pro.
At the end of this session, you will walk away with a clearer understanding of how the replication engine works, and you'll be ready to turn this sometimes tumultuous relationship into a harmonious and happy one.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
1. AEM Architecture
Adobe Meet-up : Sydney : 16th September 2015
Purpose of these slides:
To describe common AEM architecture options, outline
the various pros and cons, provide some best practise
recommendations for new and existing implementations.
Michael Henderson BAS, BSc(Hons)
Technical Director, NSW
BizTECH Enterprise Solutions
Mobile: +61 430 758 026
Email: mhenderson@btes.com.au
Website: www.btes.com.au
2. Agenda
Part 1: What to do when setting up Author (1 or more), Author-
Dispatcher (1 or more), Publish (1 or more), Dispatcher (1 or
more), CDN (there or not), Clustering/DB (there or not).
Part 2: Connectivity between the components; pointing out
different configurations, advantages/disadvantages, things to
consider, things to think about.
Part 3: Architectural philosophies like KISS, HA, Performance,
Scalability, etc.
3. Part 1 – Architecture Elements
Basic Architecture
What is an AEM instance?
AEM Repositories
Performance: Oak vs MongoDB
Author: Configuration Options
Publish: Configuration Options
Dispatcher: Configuration Options
CDN: Configuration Options
Recommended HA Architecture
4. Basic Architecture (1)
Author
Where all the authoring goodness happens
Publish
Where all the public goodness gets formulated
Dispatcher
Where public goodness gets secured and cached
Author-dispatcher
Where some authoring security takes place
CDN
Where you gain some localised caching and/or security
6. OSGi
What is an AEM instance?
JCR
Sling
AEM
The architecture layers that make up AEM:
7. AEM Repositories
AEM 5.x and older
JCR2, but who really cares anymore. If you do? Let it go.
AEM 6.0
AEM supports JCR2, JCR3, MongoDB
MongoDB introduced as clustering repository
AEM 6.1
AEM supports JCR3, DB2, MongoDB, Oracle
Clustering repository options expanded
Experimental
Support for MySQL, MariaDB and MS SQL Server
Coming in next release?
10. Performance: Oak vs MongoDB (1)
0
2
4
6
8
10
12
14
Oak
MongoMK
(Lower is better)
11. Performance: Oak vs MongoDB (2)
0
2
4
6
8
10
12
14
16
18
Oak
MongoDB
(Lower is better)
12. Performance: Oak vs MongoDB (3)
Summary:
Oak is by far the best performer
Use Oak unless you NEED to go DB-backed
Notes:
Oak = TarMK = JCR3 = JackRabbit3
I haven’t seen any performance stats for the other DB’s
Performance Reference:
http://www.slideshare.net/mmarth/aem-hub-oak-02-full
13. Author: Configuration Options (1)
1. Single Author: JCR (1x) : Not recommended
Where you have only one Author instance
No redundancy. If Author fails, go to backup (lose data)
2. Active/Standby: JCR (2x) : Recommended
Where one Author instance deals with all traffic
The standby Author instance stays synchronised
Referred to as “Cold Standby” (although not cold)
If Author fails, can start “standby” as master instance (no data loss)
3. Active/Active: DB (2+)
Where any Author instance deals with traffic
The Author instances are synchronised via a shared DB
Cannot run on JCR; must run on DB (DB2, Mongo, Oracle)
If one Author fails, can create new instance (or recover) and add to
the “cluster” (no author outage)
Ensure DB is clustered, so it’s not a single point of failure
Can run DataStore on shared disk or S3 (Amazon) for better
performance
14. Author: Configuration Options (2)
What configuration option should you use?
Really simple question to ask yourself:
“Can a single Author instance sustain all the required
author traffic?”
Answers:
Yes = Recommend: Active/Standby (JCR)
No = Recommend: Active/Active (DB)
15. Author: Configuration Options (3)
What can you do to help the Author instance load?
Ensure the project code is efficient
Ensure the Author is running on disk with high IOPS (I.e. a
SSD or striped high IO)
Are there tasks or processes running on the Author that
could be offloaded to another server?
Is the Author server as big as it can be?
16. Publish: Configuration Options (1)
1. Single Publish: JCR (1x) : Not recommended
Where you have only one Publish instance
No redundancy. Failure: Go to backup or rebuild, re-publish (outage)
2. TarMK Farm: JCR (2+) : Recommended
Active/Active configuration
Where any Publish instance deals with traffic
The Publish instance are synchronised via separate replication queues
on Author
If one Publish fails, can “rebuild” from existing Publish instance or Gold
instance; or go to backup or rebuild, re-publish
3. Cluster: DB (2+)
Active/Active configuration
Where any Publish instance deals with traffic
The Publish instances are synchronised via a shared DB
If one Publish fails, can create new instance (or recover) and add to the
“cluster” (no re-publish required)
Ensure DB is clustered, so it’s not a single point of failure
Note: Cannot do rolling deployments
17. Publish: Configuration Options (2)
What configuration option should you use?
One or Two questions to ask yourself:
1. “Do you require the public to submit something and have
it displayed on the website? (I.e. Social Communities)”
Answers:
No = Recommend: TarMK Farm (JCR)
Yes = Ask yourself the 2nd Question
2. “Is there a business requirement for very fast display of
the submitted content with no moderation?”
Answers:
No = Recommend: TarMK Farm (JCR)
Yes = Recommend: Cluster (DB)
18. Publish: Configuration Options (3)
Why are these questions important? I.e. Why should you care?
When your implementation requires public submitted content to appear on your
website, you need the information synchronised (somehow) across all of your
Publish instances.
These questions seek to determine what architecture you’re going to implement
for synchronising across the Publish instances, namely:
1. Reverse replicate to Author and then replicate to all Publish instances
2. Store in shared DB and trigger invalidation across all Dispatchers
If you need to moderate the social posts, then this is best placed to occur on the
Author. Even automated moderation should occur on the Author as it’s highly
likely that an Author will want to deal with the failures like false positives or
false negatives
Consider all the pros and cons of your architecture: I.e:
Don’t run a slower DB architecture unless you have good reasons
Ask yourself whether you’re ok to give up rolling (canary) deployments
Design a way to invalidate the pages on the dispatchers when you need to
19. Dispatcher: Configuration Options (1)
Web server plugin that caches files to aid in website
performance and with some security rules
Runs on: Apache httpd, Microsoft IIS, Oracle iPlanet
Goal is to cache everything for as long as possible
Operates on a publish/unpublish trigger, so cached objects
only get invalidated when they need to (as opposed to a TTL,
which expires content whether they need to or not)
Doesn’t cache everything, so design your implementation so it
will cache everything or at least as much as possible
20. Dispatcher: Configuration Options (2)
How can you cache as much as possible, for as long as possible?
Avoid use of querystrings or ignore irrelevant ones
http://domain/path/to/page.html?name=value
Make use of selectors instead (so long as the variants are not infinite)
http://domain/path/to/page.value.html
http://domain/path/to/page.name-value.html
Do work in Apache before sending to the dispatcher mod
Apply rewrite rules prior
Apply redirects prior & allowed vanity’s with new Dispatcher feature
Apply SSI, ESI or SDI directives prior
Spilt pages into different paths if caching policies are different
Use SSI, ESI or SDI directives, so all fragments can be cached
independently or at least minimising the dynamic activity
Avoid use of “Dispatcher: no-cache” directives (for obvious reasons)
Ignore the authorisation header if you can
21. CDN: Configuration Options
Caches the files closer to where the users are
Can also provide additional protection layers (DDOS, WAF, etc)
Great for (tagged) website assets like: images, CSS, JS, etc.
Ensure you utilise an etag, checksum or equivalent on the filename. This
ensures that if the file is updated, it generates a new filename and is
therefore distinguishable from the old version
Not so useful for HTML pages or fragments
Not all CDNs have a detailed API to flush selected objects or when they
do, the flushes can take a while to take effect, so you might have to rely
on TTLs instead
If you do want to use a CDN API for invalidation, then you need to write a
custom replicator for this. If so, where will it fire? (Author or Publish?)
Ensure you don’t introduce a race condition
Caution: CDNs can be used as a Band-Aid to poor implementation design
and/or utilisation of the Dispatcher layer, so know why you’re going to
use it
22. Recommended HA Architecture
Ensure you don’t have any single point of failure and
potential data loss if anything fails
Avoid using a DB (especially in Publish)
Avoid using a CDN for page (HTML) caching
23. Part 2 - Connectivity
Connection: Dispatcher to Author or Publish
Connection: Author to Publish
Connection: Publish to Author
Connection: Publish to Dispatcher
Connection: AEM to CDN
24. Connection: Dispatcher to
Author or Publish (1)
Dispatcher defines what server it talks to via the
/renders section in the dispatcher.any configuration file
/renders {
/0001 {
/hostname ”<publish1-name-or-ip>"
/port ”<publish1-port>"
}
# optional from here on...
/0002 {
/hostname ”<publish2-name-or-ip>"
/port ”<publish2-port>"
}
}
25. Connection: Dispatcher to
Author or Publish (2)
When you specify multiple renders the page build request will
be sent equally or will send them to the best performing
renderer based on any categories defined in the /statistics
section of the dispatcher.any file
/statistics
{
/categories
{
/search { /glob "*search.html" }
/html { /glob "*.html" }
/others { /glob "*" }
}
}
Tip: If you don’t have multiple renderers, don’t collect stats
26. Connection: Author to Publish (1)
Author to Publish is for publishing or unpublishing content.
Messages are sent via a standard connection called “replicator”
Replicators operate over a point-to-point architecture and
maintain a single queue per replicator
On the Author, create a replicator per Publish instance when
using a single Publish or a TarMK Farm
When using a DB, consider how you are going to replicate the
information without creating a dependency on one Publish node
or issuing duplicate replication messages (load balancer?)
Queues may get processed at different times, which can be a
good thing. I.e. When Publish is down or busy.
Note the potential affect on the Dispatcher when this happens!
27. Connection: Author to Publish (2)
Replicator
Settings
Transport
Proxy
Extra
Options
28. Connection: Publish to Author (1)
Publish to Author is for content that is submitted by the
public and chosen to be stored within Author and then
possibly later to be presented out within the website on each
Publish instance.
Messages are sent via a connection called “reverse replicator”
Reverse replicators operate over a point-to-point architecture
and maintain a single queue per replicator
Content is pulled from Author, so the connection is initiated
(typically) from a more secure zone to a less secure zone.
This is network best practise.
Polling frequency is set to 30s by default
29. Connection: Publish to Author (2)
Two Parts:
1. Publish:
(outbox)
Reverse
Replicator
Settings
Transport
Proxy
Extra
Options
30. Connection: Publish to Author (3)
Two Parts:
2. Author:
(Pull)
Reverse
Replicator
Settings
Transport
Proxy
Extra
Options
31. Connection: Publish to Dispatcher (1)
Publish to Dispatcher is to tell the Dispatcher what
items have changed, so it can follow its rules to
invalidate what it needs to.
Messages are sent via a connection called “dispatcher
flush”
Dispatcher Flushes operate over a point-to-point
architecture and maintain a single queue per replicator
Any dispatcher that can send traffic to this Publish
instance should have a dispatcher flush connection
established
32. Connection: Publish to Dispatcher (2)
Dispatcher
Flush:
Settings
Transport
Proxy
Extra
Options
33. Load Balancer
M:N Dispatcher to Publish
Requests go nicely through a load balancer
Invalidations can’t go through a load balancer
Needs point-to-point connection from each Publish to each
Dispatcher
Publish Tier
Dispatcher Tier
P2P1 P3 P4
D2D1 D3 D4
LBRequest
s
Invalidation
34. Paired Dispatcher to Publish
Each Dispatcher has an assigned Publish instance
Requests go only to the assigned Publish instance
Invalidations go only to the assigned Dispatcher instance
If one instance fails, they both need to be inaccessible
Benefit for easier auto-scaling (independent module)
Publish Tier
Dispatcher Tier
P2P1 P3 P4
D2D1 D3 D4
Request
s
Invalidation
35. Connection: AEM to CDN
AEM to CDN is for when you want to use a CDN API or flush
objects that have been cached there and you don’t want to
wait for a TTL
Although the CDN may have a single entry point, the message
will need to be configured as a replicator on one (or more) of
your AEM instances (Author or Publish)
Flush from Author and run the risk of a race condition (caused
by a Publish instance that was slow to process the message)
Flush from Publish and you will have to choose:
1. Send from just one Publish instance, introducing a possible single
point of failure
2. Send from all your Publish instances, introducing a duplication of
flush messages for the same action
Flush from a custom controller app, but unless you check the
processing queue of all your Publish instances, you may still
run the risk of a race condition
36. Part 3 – Architecture Principles
KISS
HA
Performance
Scalability
Code Debt
37. KISS – Keep it simple, stupid
Design principle coined by the US Navy in 1960
Key philosophy of this principle being:
“Most systems work best if they are kept simple rather than made
complicated”
Often as architects and developers we can get led astray from
“keeping it simple” by cool tech or trends in the market
When adopting “cool tech” or “trendy tech” into an
implementation, which may seem like a great idea at the
time, if not aligned to the core product architecture and its
future roadmap, it can make the implementation unstable or
not able to be upgraded later on
I.e. It’s generally not a good idea to put “frameworks” within
“frameworks”
38. HA – Highly Available
Fact: Hardware and software fails from time to time
This principle is ensuring that the architecture is not prone to
becoming unavailable if one component fails
This generally is aimed at the public delivery side, but is also
important internally as if systems are down, people can’t do
their job
Ensure that every part of the core systems can continue to
operate if one host/application/tool fails
Think about all core (and dependent) areas: Author-
Dispatcher, Author, Publish, Dispatcher, Load Balancers,
Firewalls, LDAP, Databases, Email servers, Networks,
Switches, Cables, Internet Providers, Backend applications or
systems, etc.
39. Performance
Fact: People don’t like slow websites
One of the funniest architect statements I’ve ever heard is:
“You don’t need to cache anything if the servers are fast enough to handle it”
Performance should be a core design consideration from Day 1
and beyond the implementation going live
Websites get more popular, more websites get added to the
system, traffic has peaks and troughs, there are press releases,
product releases, social or environmental events, and seasonal
activity. Servers fail or need patching and sometimes people
hack or attack your environment
Having your site perform as well as it can, (although important)
is not about saving hardware or license costs, it’s about making
your implementation more resilient and pleasant to end users
40. Scalability
The ability to react to market demand and scale the
environment to keep meeting it
One of the beautiful aspects of the AEM architecture is the
modularity of the components. This feature provides a
fantastic platform to support elastic architecture; one that
can automatically scale up or down
With the introduction of virtual servers many years ago and
now with cloud infrastructure, we can tap into available
resources and scale to meet demand if/when required
By creating pigeon-pairs of Dispatcher & Publish, you have a
modular, self-contained architecture that can be easily scaled
up or down.
41. Code Debt
The art of creating unnecessary or convoluted code that you or
someone else needs to look after
Don’t create code that has already been implemented for you:
Examples: sling or acs-commons
Sling: http://sling.apache.org/index.html
ACS Commons: http://adobe-consulting-services.github.io/acs-aem-
commons/
Don’t over engineer your solution
Build what is required now, not what might be needed in the future
Don’t over complicate something that can be implemented more
simply
Consider that someone may need to look after your code
Provide useful comments and appropriate debug statements
43. Summary
We’ve talked about the various components that
typically make up an AEM implementation architecture
We’ve talked about how each of these components
connect to each other and what to think about
We’ve talked about key architecture principles to
consider