This document discusses identity management solutions for AFS including AFS Manager and PtServer NG. AFS Manager is a graphical user interface for administering AFS that allows monitoring and provisioning users, groups and volumes. PtServer NG allows integrating AFS identity management with external user directories like Active Directory using Winbind for authentication and ID mapping. It aims to provide a pluggable user storage and flexible user and group mapping. The document demonstrates these tools and discusses open points around licensing, performance and storage options.
Сергей Радзыняк ".NET Microservices in Real Life"Fwdays
На доповіді ми розглянемо на прикладі діючої фінансової системи наступні моменти:
- поточну архітектуру системи. Як і чому ми перейшли з моноліта на мікросервіси
- компоненти системи (MsSQL, MongoDB, RabbitMQ, Redis, Hangfire, AWS S3 Bucket, і деякі інші), критерії їх вибору і -
- труднощі, які виникли при роботі з ними
міжкомпонентну взаємодію
- бібліотеки і практики, які використовуються для побудови мікросервісів системи
- розглянемо декілька функціональних ланцюжків системи. -- Розповім про труднощі, які виникли при їх дизайні і впровадженні
Microservices architecture has many benefits. But it comes at a cost. Running microservices and monitoring what’s going on is tedious. That’s why MicroProfile adopts monitoring as a first-class concept. In this session, learn how MicroProfile runtimes collect metrics and how to seamlessly collect them with tools like Prometheus and Grafana. Learn how MicroProfile makes it easy to connect information about interrelated service calls, how to gather the information and analyze system bottlenecks, how to deploy and scale MicroProfile applications with Kubernetes and how to react to their health status to detect and automatically recover from failures.
Сергей Радзыняк ".NET Microservices in Real Life"Fwdays
На доповіді ми розглянемо на прикладі діючої фінансової системи наступні моменти:
- поточну архітектуру системи. Як і чому ми перейшли з моноліта на мікросервіси
- компоненти системи (MsSQL, MongoDB, RabbitMQ, Redis, Hangfire, AWS S3 Bucket, і деякі інші), критерії їх вибору і -
- труднощі, які виникли при роботі з ними
міжкомпонентну взаємодію
- бібліотеки і практики, які використовуються для побудови мікросервісів системи
- розглянемо декілька функціональних ланцюжків системи. -- Розповім про труднощі, які виникли при їх дизайні і впровадженні
Microservices architecture has many benefits. But it comes at a cost. Running microservices and monitoring what’s going on is tedious. That’s why MicroProfile adopts monitoring as a first-class concept. In this session, learn how MicroProfile runtimes collect metrics and how to seamlessly collect them with tools like Prometheus and Grafana. Learn how MicroProfile makes it easy to connect information about interrelated service calls, how to gather the information and analyze system bottlenecks, how to deploy and scale MicroProfile applications with Kubernetes and how to react to their health status to detect and automatically recover from failures.
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...Gilad Garon
VMware’s Common SaaS Platform (CSP) is a brand new offering designed to enhance the productivity of developers and cloud providers by equipping them with a set of common and configurable capabilities (such as Identity, Telemetry, Account Management, Billing etc.), thus enabling them to focus on their core businesses.
But enough with the product pitch.
CSP is distributed to numerous cloud providers around the globe, used by developers and IT alike to empower their services and better answer the business need of their customers.
Please join us and witness how we take continuous delivery to the next step where sometimes the target environment is not on our control and still seamlessly manage and deliver our unique collection of capabilities, packaged as platform for ease of use, using the best and shiniest tools the frogs can provide.
RightScale Conference Santa Clara 2011: Looking for configurations that work across clouds? Want to pull configurations from Git? Learn how RightScriptsTM and Chef power ServerTemplates. We will present best practices for modular, agile configuration management.
Евгений Напрягло ".NET Framework Hosting API Overview"Fwdays
In this presentation we`ll consider some non-trivial options used for .NET runtime dynamic loading and customization. This information could be useful in case of CLR internals customization, complex debugging scenarios, multi-version managed runtimes integration.
In addition to that, I`ll tell you a story about my own experience with this API in complex enterprise integration solution.
Денис Резник "Зачем мне знать SQL и Базы Данных, ведь у меня есть ORM?"Fwdays
Начинаем новый проект. Платформа - .Net, язык программирования - C#, база данных - SQL Server. Как будем работать с базой данных? ORM. Скорее всего Entity Framework. Можно начинать.
К сожалению, этого набора уже достаточно для старта проекта :) но недостаточно для безболезненного его запуска и развития. В этом докладе мы поговорим об опасностях, которые скрываются в недрах ORM и о том, как можно попробовать уберечь себя и свой проект от них.
Nagios Conference 2011 - Nicholas Scott - Nagios Performance TuningNagios
Nicholas Scott's presentation on tuning Nagios performance. The presentation was given during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
This is the presentation at Percona Live 2015 on MySQL, MariaDB and Percona Orchestration on bare metal, virtualised environments and clouds (AWS and OpenStack).
Messaging For the Cloud and MicroservicesRob Davies
Utilising messaging in cloud deployments isn't straightforward, particularly if you want to take advantage of auto scaling. This talk covers the general problems of scaling for cloud deployments, and messaging for faster inter-service communication for Microservices
Slidedeck presented at http://devternity.com/ around MongoDB internals. We review the usage patterns of MongoDB, the different storage engines and persistency models as well has the definition of documents and general data structures.
Best Practices? That’s like asking how long is a piece of string! While every environment is different, there are however a number of configurations, tweaks and methods that can be of great benefit for your Nagios XI environment. This talk will cover a variety of Best Practice topics for Nagios XI ranging from flexible object configurations through to back end performance enhancements.
The RestFS is an experimental project to develop an open-source distributed filesystem for large environments. It is designed to scale up from a single server to thousand of nodes and delivering a high availability storage system with special features for high i/o performance and network optimization for work better in WAN environment.
Continuous Deployment into the Unknown with Artifactory, Bintray, Docker and ...Gilad Garon
VMware’s Common SaaS Platform (CSP) is a brand new offering designed to enhance the productivity of developers and cloud providers by equipping them with a set of common and configurable capabilities (such as Identity, Telemetry, Account Management, Billing etc.), thus enabling them to focus on their core businesses.
But enough with the product pitch.
CSP is distributed to numerous cloud providers around the globe, used by developers and IT alike to empower their services and better answer the business need of their customers.
Please join us and witness how we take continuous delivery to the next step where sometimes the target environment is not on our control and still seamlessly manage and deliver our unique collection of capabilities, packaged as platform for ease of use, using the best and shiniest tools the frogs can provide.
RightScale Conference Santa Clara 2011: Looking for configurations that work across clouds? Want to pull configurations from Git? Learn how RightScriptsTM and Chef power ServerTemplates. We will present best practices for modular, agile configuration management.
Евгений Напрягло ".NET Framework Hosting API Overview"Fwdays
In this presentation we`ll consider some non-trivial options used for .NET runtime dynamic loading and customization. This information could be useful in case of CLR internals customization, complex debugging scenarios, multi-version managed runtimes integration.
In addition to that, I`ll tell you a story about my own experience with this API in complex enterprise integration solution.
Денис Резник "Зачем мне знать SQL и Базы Данных, ведь у меня есть ORM?"Fwdays
Начинаем новый проект. Платформа - .Net, язык программирования - C#, база данных - SQL Server. Как будем работать с базой данных? ORM. Скорее всего Entity Framework. Можно начинать.
К сожалению, этого набора уже достаточно для старта проекта :) но недостаточно для безболезненного его запуска и развития. В этом докладе мы поговорим об опасностях, которые скрываются в недрах ORM и о том, как можно попробовать уберечь себя и свой проект от них.
Nagios Conference 2011 - Nicholas Scott - Nagios Performance TuningNagios
Nicholas Scott's presentation on tuning Nagios performance. The presentation was given during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
This is the presentation at Percona Live 2015 on MySQL, MariaDB and Percona Orchestration on bare metal, virtualised environments and clouds (AWS and OpenStack).
Messaging For the Cloud and MicroservicesRob Davies
Utilising messaging in cloud deployments isn't straightforward, particularly if you want to take advantage of auto scaling. This talk covers the general problems of scaling for cloud deployments, and messaging for faster inter-service communication for Microservices
Slidedeck presented at http://devternity.com/ around MongoDB internals. We review the usage patterns of MongoDB, the different storage engines and persistency models as well has the definition of documents and general data structures.
Best Practices? That’s like asking how long is a piece of string! While every environment is different, there are however a number of configurations, tweaks and methods that can be of great benefit for your Nagios XI environment. This talk will cover a variety of Best Practice topics for Nagios XI ranging from flexible object configurations through to back end performance enhancements.
The RestFS is an experimental project to develop an open-source distributed filesystem for large environments. It is designed to scale up from a single server to thousand of nodes and delivering a high availability storage system with special features for high i/o performance and network optimization for work better in WAN environment.
The RestFS is an experimental project to develop an open-source distributed filesystem for large environments. It is designed to scale up from a single server to thousand of nodes and delivering a high availability storage system with special features for high i/o performance and network optimization for work better in WAN environment. The Restfs is pure-python, but several of the libraries that it depends upon use C extensions (sometimes for speed, sometimes to interface to pre-existing C libraries). The Project is on the beginning stage, with some technology previews released.
Pisa is a decentralized block storage distribution and replication framework with the specific goal of simplifying the development of storage back-end services in a distributed environment. Main chararistics of the project are the message security, self-organization cluster and simple setup. Pisa is a subproject of RestFS project and the talk will explain our experience acquired with the development of this subcomponent and the decisions taken in the design of the framework.
One of the new challenges of IT today is the "Big Data", to solve this problem many solutions are available on the market and some new paradigms have appeared.
In most of these new paradigms the Message Queue covers an important part, more than the past.
This is a small introduction to the use of Messaging Middleware and an overview of the main open source products available.
s the culmination of ten years' work, the Samba Team has created the first compatible Free Software implementation of Microsoft’s Active Directory protocols.
LDAP, Kerberos, DNS, and all other essential services that are required for Active Directory are natively supported by Samba4.
Samba4 doesn't have only Active Directory functions, but it has also many other incredible features like smb3 protocol implementation, ctdb (cluster) functionality and much more.
The presentation will describe the supported scenarios of Samba 4 as an Active Directory DC and also, discusses the developments in the File Server, in particular the components of SMB2, SMB3 and CTDB.
An Azure of Things, a developer’s perspectiveBizTalk360
The world of integration is changing very quickly and we have the opportunity to use a lot of different technologies. There are many ways to solve the same problem and new technologies being introduced all of the time. Azure is now full of very interesting features and the real challenge is understanding how to use and combine all of these together in an effective way to create a good solution. In this session Nino will talk about his experiences and thoughts from the last year around areas such as BizTalk, Hybrid Integration, Microservices, Event Hubs, Stream Analytics and more.
AWS re:Invent 2016: Netflix: Container Scheduling, Execution, and Integration...Amazon Web Services
Customers from over all over the world streamed forty-two billion hours of Netflix content last year. Various Netflix batch jobs and an increasing number of service applications use containers for their processing. In this session, Netflix presents a deep dive on the motivations and the technology powering container deployment on top of Amazon Web Services. The session covers our approach to resource management and scheduling with the open source Fenzo library, along with details of how we integrate Docker and Netflix container scheduling running on AWS. We cover the approach we have taken to deliver AWS platform features to containers such as IAM roles, VPCs, security groups, metadata proxies, and user data. We want to take advantage of native AWS container resource management using Amazon ECS to reduce operational responsibilities. We are delivering these integrations in collaboration with the Amazon ECS engineering team. The session also shares some of the results so far, and lessons learned throughout our implementation and operations.
Migrating Enterprise Microservices From Cloud Foundry to KubernetesTony Erwin
Slides originally presented in Shanghai at KubeCon + CloudNativeCon China 2018. Content developed by Tony Erwin and Jonathan Schweikhart.
Abstract: Historically, the forty microservices making up the IBM Cloud UI have been deployed as apps on Cloud Foundry (CF), an open source PaaS. But, recently, this enterprise microservice system has been migrated to run on Kubernetes to take advantage of improved orchestration, higher availability, and better performance. Tony Erwin & Jonathan Schweikhart will discuss their journey and provide insights into the advantages of Kube over CF. Even more importantly, they will describe approaches to solving new problems that took the place of old ones, such as: 1) adapting PaaS apps to run as containers on Kube, 2) enabling geo load balancing between the different platforms (to vet Kube before entirely replacing CF), 3) integrating tools like Prometheus into existing monitoring systems, and more! Their team's experiences will help you avoid pitfalls as you look to perform your own migrations to Kube!
NOTE: CF is always evolving and the limitations on private networking and private host names mentioned in the slides are no longer current. If you have access to CF API 2.115.0 or higher (released on June 25, 2018), you can leverage CF's service discovery feature (see https://docs.cloudfoundry.org/devguide/deploy-apps/cf-networking.html#discovery ).
We are working on building Hybrid Cloud for research and development purpose. Our project goal is to realize managing not only Public Cloud but also Private Cloud by making operations even easier. We are managing Amazon EC2, and our Private Cloud by making our own Cloud management tool by Drupal, which we call Clanavi beyond Drupal as a Content Management System. --- Drupal as a fundamental of PaaS (Platform as a Service).
We are happy to introduce our Clanavi including its requirements, architecture design and business value. We would like to show how Drupal can define to manage multiple Cloud infrastructures and why Drupal can be used as Web Application Framework.
Key Points Covered:
- Cloud Computing Overview (Definition)
- Private Cloud Requiremetns
- Goal, Design and Architecture
- Operation Problems in-the-Cloud
- Business Value by Clanavi
- Future Direction
- Q & A
DV03 Smooth Migration to Windows AzureRonald Widha
Migrating applications to Windows Azure has the potential to lower costs, reduce management overhead and dramatically improve scalability. This session gave some insight into choosing which applications are suitable for migration, how to map existing technologies to cloud equivalents, and how to overcome common migration challenges based on lesson learned from a successful SaaS migration to Windows Azure Platform.
Storage Requirements and Options for Running Spark on KubernetesDataWorks Summit
In a world of serverless computing users tend to be frugal when it comes to expenditure on compute, storage and other resources. Paying for the same when they aren’t in use becomes a significant factor. Offering Spark as service on cloud presents very unique challenges. Running Spark on Kubernetes presents a lot of challenges especially around storage and persistence. Spark workloads have very unique requirements of Storage for intermediate data, long time persistence, Share file system and requirements become very tight when it same need to be offered as a service for enterprise to mange GDPR and other compliance like ISO 27001 and HIPAA certifications.
This talk covers challenges involved in providing Serverless Spark Clusters share the specific issues one can encounter when running large Kubernetes clusters in production especially covering the scenarios related to persistence.
This talk will help people using Kubernetes or docker runtime in production and help them understand various storage options available and which is more suitable for running Spark workloads on Kubernetes and what more can be done
Centralizing Kubernetes and Container OperationsKublr
While developers see and realize the benefits of Kubernetes, how it improves efficiencies, saves time, and enables focus on the unique business requirements of each project; InfoSec, infrastructure, and software operations teams still face challenges when managing a new set of tools and technologies, and integrating them into an existing enterprise infrastructure.
These meetup slides go over what’s needed for a general architecture of a centralized Kubernetes operations layer based on open source components such as Prometheus, Grafana, ELK Stack, Keycloak, etc., and how to set up reliable clusters and multi-master configuration without a load balancer. It also outlines how these components should be combined into an operations-friendly enterprise Kubernetes management platform with centralized monitoring and log collection, identity and access management, backup and disaster recovery, and infrastructure management capabilities. This presentation will show real-world open source projects use cases to implement an ops-friendly environment.
Check out this and more webinars in our BrightTalk channel: https://goo.gl/QPE5rZ
Re:invent 2016 Container Scheduling, Execution and AWS Integrationaspyker
Members from over all over the world streamed over forty-two billion hours of Netflix content last year. Various Netflix batch jobs and an increasing number of service applications use containers for their processing. In this session, Netflix presents a deep dive on the motivations and the technology powering container deployment on top of Amazon Web Services. The session covers our approach to resource management and scheduling with the open source Fenzo library, along with details of how we integrate Docker and Netflix container scheduling running on AWS. We cover the approach we have taken to deliver AWS platform features to containers such as IAM roles, VPCs, security groups, metadata proxies, and user data. We want to take advantage of native AWS container resource management using Amazon ECS to reduce operational responsibilities. We are delivering these integrations in collaboration with the Amazon ECS engineering team. The session also shares some of the results so far, and lessons learned throughout our implementation and operations.
Storage is one of the most important part of a data center, the complexity to design, build and delivering 24/forever availability service continues to increase every year. For these problems one of the best solution is a distributed filesystem (DFS) This talk describes the basic architectures of DFS and comparison among different free software solutions in order to show what makes DFS suitable for large-scale distributed environments. We explain how to use, to deploy, advantages and disadvantages, performance and layout on each solutions. We also introduce some Case Studies on implementations based on openAFS, GlusterFS and Hadoop finalized to build your own Cloud Storage.
High performance for a Web server that receive a large numbers of requests is critical success factor for a web site, but in many cases the Web server is only “tip of the iceberg” of a very large heterogeneous systems, with lots of components and technologies. This talk present best practices to design an high availability and high performance web site. The presentation will cover load balancing, Web server acceleration, and efficient management of dynamic data, that can be adopted by any sites to improve performance and availability. We also describe common mistake implemented in the web application framework that create performance limitations and bottleneck. The presentation will describe how to define monitors metrics of the service , that are the “eyes” of operation departments, and the implementation of the “red button”
Using automation you can make your home easier and cheaper to run and more secure. In the session we will see hardware options, architectural layouts, softwares, examples on customizations and extensions. The presentation will also cover specific problems on multimedia (UPNP AV) and integrations with existing home devices, mobile and internet services. At the end of the session you will be able to design your home and customize the software for your specific needs, in this way you can lie on your sofa and keep everything under control.
Disaster recovery and business continuity planning are processes which help organizations prepare for disruptive events. The talk explains the basic concepts of business continuity, giving a brief overview on the business continuity plan and more detail informations (technical) on how to setup a Disaster Recovery site . We show two different approaches for creating a disaster recovery (DR) site, one the based on operating system layer and one based on the right design of the applications . The common elements on the two approaches are network design, data replication, monitoring system and system/configuration management. All these elements can be implemented with open source software, we explain advantages and disadvantages, performances and layouts on each solutions.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
5. PtServer BeoLink.org
Introduction
Distributed Centralized
• You don’t need change apps • Real-time
• Low problem on HA • Consistency View
• IDM with RBAC • Reuse existing Architecture
6. PtServer BeoLink.org
Introduction
AFS Manager
• Graphical User Interface
• Provisioning Interface ( multi mode)
• Administration Task
PtServer NG
• Active Directory Integration
• Directory Integration
8. AFS Manager BeoLink.org
Goals
GUI
• Interface for Windows Administrators
• Simple to use
• Complete overview of the Cell
• Standard object for php scripting (CLI)
Monitoring
• Volume Access Monitoring
• Volume Space Usage
• System Statistics
WebService Interface
• Provisioning Interface for Volume, User, Group
• Automatic volume layout
• Re-Balance (replications, move volumes ..)
14. PtServer BeoLink.org
Overview
Ptserver keeps user/group information
• Ptserver contains entries for every user and group in the cell
• Ptserver allocates AFS IDs for new user, machine and group
entries and maps each ID to the corresponding name.
• Ptserver generates a current protection subgroup (CPS) at the
File Server's request. The CPS lists all groups to which a user
or machine belongs
Ubik is the openAFS database
• Ubik is a single linear database
• Ubik is automatically replicated across a number of servers.
• Ubik is a ‘transactional’ database (supports fully distributed
changes as long as a majority of the servers are up and are
synchronized together in a write quorum)
15. PtServer BeoLink.org
Goals
Create Pluggable user storage
• Ubik
• Ldap
• Windows
Create flexible user mapping
• Mapping user id on existing system
• Mapping group id on existing system
16. PtServer BeoLink.org
Winbind
Winbind unifies UNIX and Windows NT account management by
allowing a UNIX box to become a full member of an NT domain
Authentication
• NTLM
• ADS (Kerberos)
Users Information
• Account info
• ID mapping
Groups Information
• Group info
• ID Mapping
18. Overview BeoLink.org
Demo
Demo … high probability of crash ..
19. PtServer BeoLink.org
Advantages
• Single identity (single storage)
• id mapping
• gid mapping
• Real time update
• Pluggable in existing infrastructure
Disvantages
• Reliability
• Performance
20. PtServer BeoLink.org
Open points ..
Licences
• Load GPL 3 library, compatibility ?
Performance
• How many request per second ?
Where to Store ..
• Flags
• Quota Group
21. BeoLink.org
Reference
• For Further Questions:
• Fabrizio Manfredi
• fabrizio.manfredi@gmail.com
manfred.furuholmen@gmail.com
• http://www.beolink.org
Too
Long
The End
22. AD as IDM BeoLink.org
IdMapping
IDMAP SID<->UID/GID
• LDAP
• Internal (TDB)
• ADS (SFU/RFC)
