systemd as a core component of most of today's Linux distributions comes with built-in support for containers. It may host containers, it may run inside of containers, it integrates well with containers, and even comes with its own minimal container
manager, systemd-nspawn.
In this talk we'll discuss the various integration points systemd provides, and how the various facilities in systemd relate to the more well-known container projects like rkt, LXC or Docker.
Make container without_docker_6-overlay-network_1 Sam Kim
분산환경에서 컨테이너 간의 통신은 어떻게 이루어 지는 것일까요? 3,4편에서는 호스트 안에 가상네트워크를 만들어보았습니다. 6편에서는 이를 바탕으로 분산환경에서 호스트 간에 가상 네트워크로 통신이 가능하도록 만들어 봅니다. 이 방법은 실제 쿠버네티스 flannel 등의 CNI에서 사용하고 있는 vxlan 기반의 오버레이 네트워크 구성을 다룹니다.
전체목차: https://netpple.github.io/docs/make-container-without-docker/
클라우드 위에서 컨테이너에 가상 IP를 부여하고 이러한 가상 IP대역을 기반으로 컨테이너 간에 통신이 어떻게 가능한 것일까요?
동적으로 오버레이 네트워크를 구성해 봅니다.
지난 시간 가상IP 대역을 기반으로 서로 다른 물리노드 간의 통신을 가능하기 위하여 가상 디바이스를 생성하고 ARP cache와 Bridge FDB 정보를 입력해주고, vxlan 기반의 UDP encapsulation과 터널링을 통하여 가상디바이스의 L2정보를 목적지 노드로 전송하여 통신이 되는 것을 확인하였습니다.
이에 대한 내용을 바탕으로 가상네트워크를 추가하고 통신할 때 커널 이벤트(NETLINK)를 캐치하여 동적으로 arp, fdb 갱신처리하여 컨테이너 간에 통신이 가능하도록 구성해 봅니다.
Since the emerging of the OpenStack cloud computing platform in the Ubuntu community, increasing number of public/private cloud service providers choose to deploy it all over the world. Recently, Spectre and Meltdown have caused a panic in the world and the Spectre V2 is the only one which can attack the host system from the guest VM. It's vital to know the detailed process of the attack. Gavin Guo will give a detail explanation and an example of how to attack the host system. Besides, v1/v3/v4 are also introduced in the slide.
Make container without_docker_6-overlay-network_1 Sam Kim
분산환경에서 컨테이너 간의 통신은 어떻게 이루어 지는 것일까요? 3,4편에서는 호스트 안에 가상네트워크를 만들어보았습니다. 6편에서는 이를 바탕으로 분산환경에서 호스트 간에 가상 네트워크로 통신이 가능하도록 만들어 봅니다. 이 방법은 실제 쿠버네티스 flannel 등의 CNI에서 사용하고 있는 vxlan 기반의 오버레이 네트워크 구성을 다룹니다.
전체목차: https://netpple.github.io/docs/make-container-without-docker/
클라우드 위에서 컨테이너에 가상 IP를 부여하고 이러한 가상 IP대역을 기반으로 컨테이너 간에 통신이 어떻게 가능한 것일까요?
동적으로 오버레이 네트워크를 구성해 봅니다.
지난 시간 가상IP 대역을 기반으로 서로 다른 물리노드 간의 통신을 가능하기 위하여 가상 디바이스를 생성하고 ARP cache와 Bridge FDB 정보를 입력해주고, vxlan 기반의 UDP encapsulation과 터널링을 통하여 가상디바이스의 L2정보를 목적지 노드로 전송하여 통신이 되는 것을 확인하였습니다.
이에 대한 내용을 바탕으로 가상네트워크를 추가하고 통신할 때 커널 이벤트(NETLINK)를 캐치하여 동적으로 arp, fdb 갱신처리하여 컨테이너 간에 통신이 가능하도록 구성해 봅니다.
Since the emerging of the OpenStack cloud computing platform in the Ubuntu community, increasing number of public/private cloud service providers choose to deploy it all over the world. Recently, Spectre and Meltdown have caused a panic in the world and the Spectre V2 is the only one which can attack the host system from the guest VM. It's vital to know the detailed process of the attack. Gavin Guo will give a detail explanation and an example of how to attack the host system. Besides, v1/v3/v4 are also introduced in the slide.
1,2편에서 다룬 chroot와 pivot_root를 통해서 root filesystem을 isolation하였습니다. 마운트 네임스페이스는 파일시스템 마운트를 isolation 하는 것으로 이미 pivot_root에서도 사용하였지만, mount 처리를 격리함으로써 컨테이너 내부의 파일시스템 구조를 독립적으로 유지합니다. 실제 도커 컨테이너의 이미지 tarball을 이용하여 pivot_root와 mount namespace까지 적용하여 실제 도커 방식과 유사하게 컨테이너를 기동하여 봅니다. 그리고, 컨테이너 이미지 용량/중복을 해결하기 위한 overlayFS 에 대하여 다룹니다.
https://netpple.github.io
Dima Krasner talks about FUSE, Filesystem in Userspace, its pros and cons, usage, tips and tricks, and more.
Dima is a senior developer at Sam Seamless Network.
Agenda:
In this session, Shmulik Ladkani discusses the kernel's net_device abstraction, its interfaces, and how net-devices interact with the network stack. The talk covers many of the software network devices that exist in the Linux kernel, the functionalities they provide and some interesting use cases.
Speaker:
Shmulik Ladkani is a Tech Lead at Ravello Systems.
Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration.
51966 coffees and billions of forwarded packets later, with millions of homes running his software, Shmulik left his position as Jungo’s lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud service. He's now focused around virtualization systems, network virtualization and SDN.
My talk about Tarantool and Lua at Percona Live 2016Konstantin Osipov
In my talk I will focus on a practical use case: task queue
application, using Tarantool as an application server and a
database.
The idea of the task queue is that producers put tasks (objects)
into a queue, and consumers take tasks, perform them, mark as
completed.
The queue must guarantee certain properties: if a consumer failed,
a task should return to the queue automatically, a task can't be
taken by more than one consumer, priorities on tasks should be
satisfied.
With Tarantool, a task queue is a distributed networked
application: there are multiple consumer/producer endpoints
(hosts) through which a user can interact with the queue.
The queue itself is a fault-tolerant distributed database:
every task is stored in Tarantool database and replicated
in multiple copies.
If a machine goes down, the state of a task is tracked on a
replica, and the user can continue working with the
queue through a replica.
Total power failure is also not an issue, since tasks are stored
persistently on disk with transactional semantics.
Performance of such an application is in hundreds of thousands of
transactions per second.
At the same time, the queue is highly customizable, since it's
written entirely in Lua, is a Lua rock, but the code is running
inside the database. This is the strength of Lua:
one size doesn't have to fit all, and you don't have to sacrifice
performance if you need customization.
The second part of the talk will be about implementation details,
performance numbers, a performance comparison with other queue
products (beanstalkd, rabbitmq) in particular, and an overview
of the implementation from language bindings point of view: how we
make database API available in Lua, what are the challenges and
performance hurdles of such binding.
Have you ever heard of FreeBSD? Probably.
Have you ever interacted with its kernel? Probably not.
In this talk, Gili Yankovitch (nyxsecuritysolutions.com) will talk about the FreeBSD operating system, its network stack and how to write network drivers for it.
The talk will cover the following topics:
* Kernel/User interation in FreeBSD
* The FreeBSD Network Stack
* Network Buffers API
* L2 and L3 Hooking
In this talk, Gil Yankovitch discusses the PaX patch for the Linux kernel, focusing on memory manager changes and security mechanisms for memory allocations, reads, writes from user/kernel space and ASLR.
[Defcon24] Introduction to the Witchcraft Compiler CollectionMoabi.com
With this presentation, we take a new approach to reverse engineering. Instead of attempting to decompile code, we seek to undo the work of the linker and produce relocatable files, the typical output of a compiler. The main benefit of the later technique over the former being that it does work. Once achieved universal code ‘reuse’ by relinking those relocatable objects as arbitrary shared libraries, we'll create a form of binary reflection, add scripting capabilities and in memory debugging using a JIT compiler, to attain automated API prototyping and annotation, which, we will argue, constitutes a primary form of binary code self awareness. Finally, we'll see how abusing the dynamic linker internals shall elegantly solve a number of complex tasks for us, such as calling a given function within a binary without having to craft a valid input to reach it.
The applications in terms of vulnerability exploitation, functional testing, static analysis validation and more generally computer wizardry being tremendous, we'll have fun demoing some new exploits in real life applications, and commit public program profanity, such as turning PEs into ELFs, functional scripting of sshd in memory, stealing crypto routines without even disassembling them, among other things that were never supposed to work. All the above techniques have been implemented into the Wichcraft Compiler Collection, to be released as proper open source software (MIT/BSD-2 licenses) exclusively at DEF CON 24.
Jonathan Brossard is a computer whisperer from France, although he's been living in Brazil, India, Australia and now lives in San Francisco. For his first conference at DEF CON 16, he hacked Microsoft Bitlocker, McAffee Endpoint and a fair number of BIOS Firmwares. During his second presentation at DEF CON 20, he presented Rakshasa, a BIOS malware based on open source software, the MIT Technology review labeled "incurable and undetectable".
This year will be his third DEF CON ... Endrazine is also known in the community for having run the Hackito Ergo Sum and NoSuchCon conferences in France, participating to the Shakacon Program Committee in Hawaii, and authoring a number of exploits over the past decade. Including the first remote Windows 10 exploit and several hardcore reverse engineering tools and whitepapers. Jonathan is part of the team behind MOABI.COM, and acts as the Principal Engineer of Product Security at Salesforce.
Twitter: @endrazine
Facebook: toucansystem
https://moabi.com
Vmlinux: anatomy of bzimage and how x86 64 processor is bootedAdrian Huang
This slide deck describes the Linux booting flow for x86_64 processors.
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
In this talk, Madhu Venugopal will present Docker Networking & Service Discovery features shipped in 1.11 and new Experimental Vlan network drivers introduced in 1.11.
Decompressed vmlinux: linux kernel initialization from page table configurati...Adrian Huang
Talk about how Linux kernel initializes the page table.
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
While probably the most prominent, Docker is not the only tool for building and managing containers. Originally meant to be a "chroot on steroids" to help debug systemd, systemd-nspawn provides a fairly uncomplicated approach to work with containers. Being part of systemd, it is available on most recent distributions out-of-the-box and requires no additional dependencies.
This deck will introduce a few concepts involved in containers and will guide you through the steps of building a container from scratch. The payload will be a simple service, which will be automatically activated by systemd when the first request arrives.
1,2편에서 다룬 chroot와 pivot_root를 통해서 root filesystem을 isolation하였습니다. 마운트 네임스페이스는 파일시스템 마운트를 isolation 하는 것으로 이미 pivot_root에서도 사용하였지만, mount 처리를 격리함으로써 컨테이너 내부의 파일시스템 구조를 독립적으로 유지합니다. 실제 도커 컨테이너의 이미지 tarball을 이용하여 pivot_root와 mount namespace까지 적용하여 실제 도커 방식과 유사하게 컨테이너를 기동하여 봅니다. 그리고, 컨테이너 이미지 용량/중복을 해결하기 위한 overlayFS 에 대하여 다룹니다.
https://netpple.github.io
Dima Krasner talks about FUSE, Filesystem in Userspace, its pros and cons, usage, tips and tricks, and more.
Dima is a senior developer at Sam Seamless Network.
Agenda:
In this session, Shmulik Ladkani discusses the kernel's net_device abstraction, its interfaces, and how net-devices interact with the network stack. The talk covers many of the software network devices that exist in the Linux kernel, the functionalities they provide and some interesting use cases.
Speaker:
Shmulik Ladkani is a Tech Lead at Ravello Systems.
Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration.
51966 coffees and billions of forwarded packets later, with millions of homes running his software, Shmulik left his position as Jungo’s lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud service. He's now focused around virtualization systems, network virtualization and SDN.
My talk about Tarantool and Lua at Percona Live 2016Konstantin Osipov
In my talk I will focus on a practical use case: task queue
application, using Tarantool as an application server and a
database.
The idea of the task queue is that producers put tasks (objects)
into a queue, and consumers take tasks, perform them, mark as
completed.
The queue must guarantee certain properties: if a consumer failed,
a task should return to the queue automatically, a task can't be
taken by more than one consumer, priorities on tasks should be
satisfied.
With Tarantool, a task queue is a distributed networked
application: there are multiple consumer/producer endpoints
(hosts) through which a user can interact with the queue.
The queue itself is a fault-tolerant distributed database:
every task is stored in Tarantool database and replicated
in multiple copies.
If a machine goes down, the state of a task is tracked on a
replica, and the user can continue working with the
queue through a replica.
Total power failure is also not an issue, since tasks are stored
persistently on disk with transactional semantics.
Performance of such an application is in hundreds of thousands of
transactions per second.
At the same time, the queue is highly customizable, since it's
written entirely in Lua, is a Lua rock, but the code is running
inside the database. This is the strength of Lua:
one size doesn't have to fit all, and you don't have to sacrifice
performance if you need customization.
The second part of the talk will be about implementation details,
performance numbers, a performance comparison with other queue
products (beanstalkd, rabbitmq) in particular, and an overview
of the implementation from language bindings point of view: how we
make database API available in Lua, what are the challenges and
performance hurdles of such binding.
Have you ever heard of FreeBSD? Probably.
Have you ever interacted with its kernel? Probably not.
In this talk, Gili Yankovitch (nyxsecuritysolutions.com) will talk about the FreeBSD operating system, its network stack and how to write network drivers for it.
The talk will cover the following topics:
* Kernel/User interation in FreeBSD
* The FreeBSD Network Stack
* Network Buffers API
* L2 and L3 Hooking
In this talk, Gil Yankovitch discusses the PaX patch for the Linux kernel, focusing on memory manager changes and security mechanisms for memory allocations, reads, writes from user/kernel space and ASLR.
[Defcon24] Introduction to the Witchcraft Compiler CollectionMoabi.com
With this presentation, we take a new approach to reverse engineering. Instead of attempting to decompile code, we seek to undo the work of the linker and produce relocatable files, the typical output of a compiler. The main benefit of the later technique over the former being that it does work. Once achieved universal code ‘reuse’ by relinking those relocatable objects as arbitrary shared libraries, we'll create a form of binary reflection, add scripting capabilities and in memory debugging using a JIT compiler, to attain automated API prototyping and annotation, which, we will argue, constitutes a primary form of binary code self awareness. Finally, we'll see how abusing the dynamic linker internals shall elegantly solve a number of complex tasks for us, such as calling a given function within a binary without having to craft a valid input to reach it.
The applications in terms of vulnerability exploitation, functional testing, static analysis validation and more generally computer wizardry being tremendous, we'll have fun demoing some new exploits in real life applications, and commit public program profanity, such as turning PEs into ELFs, functional scripting of sshd in memory, stealing crypto routines without even disassembling them, among other things that were never supposed to work. All the above techniques have been implemented into the Wichcraft Compiler Collection, to be released as proper open source software (MIT/BSD-2 licenses) exclusively at DEF CON 24.
Jonathan Brossard is a computer whisperer from France, although he's been living in Brazil, India, Australia and now lives in San Francisco. For his first conference at DEF CON 16, he hacked Microsoft Bitlocker, McAffee Endpoint and a fair number of BIOS Firmwares. During his second presentation at DEF CON 20, he presented Rakshasa, a BIOS malware based on open source software, the MIT Technology review labeled "incurable and undetectable".
This year will be his third DEF CON ... Endrazine is also known in the community for having run the Hackito Ergo Sum and NoSuchCon conferences in France, participating to the Shakacon Program Committee in Hawaii, and authoring a number of exploits over the past decade. Including the first remote Windows 10 exploit and several hardcore reverse engineering tools and whitepapers. Jonathan is part of the team behind MOABI.COM, and acts as the Principal Engineer of Product Security at Salesforce.
Twitter: @endrazine
Facebook: toucansystem
https://moabi.com
Vmlinux: anatomy of bzimage and how x86 64 processor is bootedAdrian Huang
This slide deck describes the Linux booting flow for x86_64 processors.
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
In this talk, Madhu Venugopal will present Docker Networking & Service Discovery features shipped in 1.11 and new Experimental Vlan network drivers introduced in 1.11.
Decompressed vmlinux: linux kernel initialization from page table configurati...Adrian Huang
Talk about how Linux kernel initializes the page table.
Note: When you view the the slide deck via web browser, the screenshots may be blurred. You can download and view them offline (Screenshots are clear).
While probably the most prominent, Docker is not the only tool for building and managing containers. Originally meant to be a "chroot on steroids" to help debug systemd, systemd-nspawn provides a fairly uncomplicated approach to work with containers. Being part of systemd, it is available on most recent distributions out-of-the-box and requires no additional dependencies.
This deck will introduce a few concepts involved in containers and will guide you through the steps of building a container from scratch. The payload will be a simple service, which will be automatically activated by systemd when the first request arrives.
Containerization is more than the new Virtualization: enabling separation of ...Jérôme Petazzoni
Docker offers a new, lightweight approach to application
portability. Applications are shipped using a common container format,
and managed with a high-level API. Their processes run within isolated
namespaces which abstract the operating environment, independently of
the distribution, versions, network setup, and other details of this
environment.
This "containerization" has often been nicknamed "the new
virtualization". But containers are more than lightweight virtual
machines. Beyond their smaller footprint, shorter boot times, and
higher consolidation factors, they also bring a lot of new features
and use cases which were not possible with classical virtual machines.
We will focus on one of those features: separation of operational
concerns. Specifically, we will demonstrate how some fundamental tasks
like logging, remote access, backups, and troubleshooting can be
entirely decoupled from the deployment of applications and
services. This decoupling results in independent, smaller, simpler
moving parts; just like microservice architectures break down large
monolithic apps in more manageable components.
Isolating an applications using LXC – Linux ContainersVenkat Raman
configuring and running an application inside the container. Dockers are built on top of LXC. In Dockers case, its advantage is that its open-source engine can be used to pack, ship, and run any application as a lightweight, portable, self-sufficient LXC container that runs virtually anywhere. It’s a packaging system for applications.
Spraykatz is a credentials gathering tool automating remote procdump and parse of lsass process. Spraykatz is a tool able to retrieve credentials on Windows machines and large Active Directory environments. It simply tries to procdump machines and parse dumps remotely in order to avoid detections by antivirus softwares as much as possible.
Containerization Is More than the New VirtualizationC4Media
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1E5GzZX.
Jérôme Petazzoni borrows from his experience at Docker Inc. to explain live applications running in Docker, including reading logs, remote access, and troubleshooting tips. Filmed at qconsf.com.
Jérôme Petazzoni is a senior engineer at dotCloud, where he rotates between Ops, Support and Evangelist duties and the nickname of “master Yoda”, has earned.
Preparation study for Docker Event
Mulodo Open Study Group (MOSG) @Ho chi minh, Vietnam
http://www.meetup.com/Open-Study-Group-Saigon/events/229781420/
Dynamical systems simulation in Python for science and engineeringMassimo Talia
Tutorial about the simulations in Python for professional, researchers and students in information, industrial engineering, physics, mathematics. The tutorial describes some cases of simulation using the Python packages: Simupy, Control, Plotly and Dash.
Free of charge download.
How to integrate modern containers into a classical system monitoring. This covers both LXC (System Containers) and Docker/Kubernetes (Application) containers.
It starts with a brief introduction into the world of containers and then uses two examples (check_lxc and check_rancher2) how to monitor the two types of containers.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
10. systemd on the host:
systemd-machined + machinectl
machinectl terminate, machinectl shell, machinectl login, . . .
journalctl -M, systemctl -M, loginctl -M, systemd-run -M, . . .
nss-myhostname
Works for any container manager that registers with it
systemd and Containers
12. systemd in the container:
Should just work, many integration points under the hood:
systemd and Containers
13. systemd in the container:
Should just work, many integration points under the hood:
Provision machine UUID
systemd and Containers
14. systemd in the container:
Should just work, many integration points under the hood:
Provision machine UUID
Start a login prompt
systemd and Containers
15. systemd in the container:
Should just work, many integration points under the hood:
Provision machine UUID
Start a login prompt
Socket activation
systemd and Containers
16. systemd in the container:
Should just work, many integration points under the hood:
Provision machine UUID
Start a login prompt
Socket activation
Configure network automatically (systemd-networkd)
systemd and Containers
18. systemd(-nspawn) as the container manager:
a minimal container manager is built in
systemd and Containers
19. systemd(-nspawn) as the container manager:
a minimal container manager is built in
machinectl start, machinectl enable, . . .
systemd and Containers
20. systemd(-nspawn) as the container manager:
a minimal container manager is built in
machinectl start, machinectl enable, . . .
Focus 1: OS containers, i.e. containers that carry a full OS inside,
including an init system
systemd and Containers
21. systemd(-nspawn) as the container manager:
a minimal container manager is built in
machinectl start, machinectl enable, . . .
Focus 1: OS containers, i.e. containers that carry a full OS inside,
including an init system
Focus 2: basic building block for other systems
systemd and Containers
22. systemd(-nspawn) as the container manager:
a minimal container manager is built in
machinectl start, machinectl enable, . . .
Focus 1: OS containers, i.e. containers that carry a full OS inside,
including an init system
Focus 2: basic building block for other systems
See: rkt
systemd and Containers
24. Basic mode of operation:
Place an OS tree in /var/lib/machines/foo
systemd and Containers
25. Basic mode of operation:
Place an OS tree in /var/lib/machines/foo
Test it with systemd-nspawn -M foo
systemd and Containers
26. Basic mode of operation:
Place an OS tree in /var/lib/machines/foo
Test it with systemd-nspawn -M foo
Enable it permanently: machinectl enable foo
systemd and Containers
27. Basic mode of operation:
Place an OS tree in /var/lib/machines/foo
Test it with systemd-nspawn -M foo
Enable it permanently: machinectl enable foo
Start it now: machinectl start foo
systemd and Containers
29. Basic concept: “Full OS containers as a system service”
Container foo is running as system service
systemd-nspawn@foo.service
systemd and Containers
30. Basic concept: “Full OS containers as a system service”
Container foo is running as system service
systemd-nspawn@foo.service
Usual service management commands are supported
systemd and Containers
47. Copying files in and out of a container:
systemd and Containers
48. Copying files in and out of a container:
machinectl copy-to foo ...
systemd and Containers
49. Copying files in and out of a container:
machinectl copy-to foo ...
machinectl copy-from foo ...
systemd and Containers
50. Copying files in and out of a container:
machinectl copy-to foo ...
machinectl copy-from foo ...
Also, bind mounting directories:
systemd and Containers
51. Copying files in and out of a container:
machinectl copy-to foo ...
machinectl copy-from foo ...
Also, bind mounting directories:
machinectl bind foo /srv/waldo
systemd and Containers
59. Networking Options:
MACVLAN, IPVLAN, veth, bridge, zone. . .
Port exposure
Automatic networkd handling with default configuration: in the
container, and on the host
systemd and Containers
74. And don’t forget: nspawn containers are normal system services,
hence regular resource management is supported:
systemctl set-property systemd-nspawn@foobar.service MemoryLimit=3G
systemd and Containers