In a talk at Paris in 2009, Mark Burgess presents Cfengine 3, the new version of the famous configuration management software, and the fundamental theory on which it is based, the promise theory.
YellowJacket health and safety software manages quality, environmental, health and safety performance
YellowJacket is a low cost cloud-based tool that makes it easy to manage performance. Whichever industry you’re in and whatever size you are, it can help you improve your safety record, meet your quality standards and reach your environmental targets.
An Intro to Resolver's Resilience ApplicationResolver Inc.
In 2017, Resolver acquired Global AlertLink, an industry leading platform for business continuity, disaster recovery and emergency management. This presentation will walk you through a data breach scenario and showcase an integrated approach to response with cyber and physical security, disaster recovery, business continuity, and crisis management.
DR, IT Resilience, & Continuity: What's the Difference?marketingunitrends
IT resilience is a new buzzword being bantered around but what does it have to do with backup and recovery? It represents a proactive strategic approach to avoiding, responding and immediately rectifying disruptions. Can you do that today?
According to Google, SRE is what you get when you treat operations as if it’s a software problem. In this video, I briefly explain important documents required for running SRE teams, reporting service state, New SRE onboarding and service decommissioning.
Video at: https://youtu.be/FfIiTVwF0pI
Cure your monday morning networking headachesDImension Data
If you’re an ICT network technician, manager, or decision-maker, Mondays usually come with a heavier workload and intense pressure to sort out the problems that have crept up over the weekend.
Learn more here: http://www.dimensiondata.com/Global/Latest-Thinking/Monday-morning-networking-headaches/Pages/Home.aspx
YellowJacket health and safety software manages quality, environmental, health and safety performance
YellowJacket is a low cost cloud-based tool that makes it easy to manage performance. Whichever industry you’re in and whatever size you are, it can help you improve your safety record, meet your quality standards and reach your environmental targets.
An Intro to Resolver's Resilience ApplicationResolver Inc.
In 2017, Resolver acquired Global AlertLink, an industry leading platform for business continuity, disaster recovery and emergency management. This presentation will walk you through a data breach scenario and showcase an integrated approach to response with cyber and physical security, disaster recovery, business continuity, and crisis management.
DR, IT Resilience, & Continuity: What's the Difference?marketingunitrends
IT resilience is a new buzzword being bantered around but what does it have to do with backup and recovery? It represents a proactive strategic approach to avoiding, responding and immediately rectifying disruptions. Can you do that today?
According to Google, SRE is what you get when you treat operations as if it’s a software problem. In this video, I briefly explain important documents required for running SRE teams, reporting service state, New SRE onboarding and service decommissioning.
Video at: https://youtu.be/FfIiTVwF0pI
Cure your monday morning networking headachesDImension Data
If you’re an ICT network technician, manager, or decision-maker, Mondays usually come with a heavier workload and intense pressure to sort out the problems that have crept up over the weekend.
Learn more here: http://www.dimensiondata.com/Global/Latest-Thinking/Monday-morning-networking-headaches/Pages/Home.aspx
If you have home, heath, and life insurance why shouldn't you have business data insurance? WE help small businesses with enterprise level backups for all data.
Best practices to dedupe and prioritize IT alerts using our rich integrations with popular monitoring tools including Datadog, SolarWinds, AWS CloudWatch, and Nagios.
Bidirectional connectivity with ticketing systems including Jira and ServiceNow.
New ChatOps capabilities, in which you can acknowledge and respond to alerts using collaboration tools such as Slack, HipChat, and Microsoft Teams.
New Mass Notifications Functionality and the ability to spawn instant video conferencing and teleconferencing sessions to aid in collaboration.
5 Tips To Getting Your Network Ready For Digital TransformationMartello Technologies
Digital transformation and rapid technology adoption are competitive differentiators for today’s businesses. How can you be sure your network is ready? Use our tips.
Learn the causes and effects of business downtime, in time of disaster, and how you can prevent this from happening with a Business Continuity Solution. Visit http://www.quick-backup-recovery.com
Mind the Gap: How to bridge the gap between development and operations with release management
The release management process remains challenging for large IT organizations due to the continuing disconnect between development, QA, and operations teams. The challenge faced by these large enterprises is that process maturity, methodology, and platforms vary greatly across teams, organizations and business units. These challenges often produce gaps between development and operations teams. Release management is still being done, but with very inconsistent results and at a high cost, providing minimal insight and a lack of audit compliance.
Join us as Julian Fish, Director of Products at Serena Software, demonstrates how the unique integration framework and process capabilities of Serena Release Control can deliver a consistent and repeatable process that provides complete traceability, audit and compliance across Waterfall, Progressive and Agile processes, for both ITIL and DevOps approaches, and supporting Mainframe to mobile platforms.
NEMEA Compliance Center - the most powerful survey creation, management, and reporting solution available. It intuitively collects responses, writes, and produces standardized regulatory compliance reports. In fact, it even supports the use of many different standards at once. Our compliance software has a fully featured user-interface that lets you rapidly compare the laws and regulations that govern your industry and business.
Efficient Performance Test Automation - Opitmizing the Jenkins PipelineJules Pierre-Louis
Shift-left testing represents a huge opportunity within the context of DevOps and Continuous Delivery, and integrating performance tests into your Continuous Integration scope greatly reduces performance risks when adding a new feature, or fixing a bug.
Even better – adding performance tests into the widely used Jenkins Pipeline is easier than you might think. In this webinar, co-presented by CA BlazeMeter and CloudBees, we’ll offer practical tips and best practices for leveraging performance test automation in a continuous integration environment.
In this webinar we’ll cover:
- How to easily implement a project’s entire build/test/deploy pipeline in Jenkins and store that alongside existing code
- How to configure and execute realistic, large-scale performance-testing scenarios as part of the Continuous Integration process
- Enabling easy test configuration maintenance using the open source test automation tool Taurus along with Jenkins Pipeline
- Analyzing comprehensive performance test results in real-time, and integrating those results as a part of the build promotion criteria
Extend the impact of performance testing across the software delivery pipeline and the popular tools your teams are already using.
Secure Delivery Center, Eclipse Open SourceGenuitec, LLC
This non-intrusive software management and delivery technology is easy-to-use and installs right into the enterprise by asking simple policy questions about open source governance and IDE usage. For Eclipse, MyEclipse and IBM Rational.
JUC Europe 2015: Making Strides towards Enterprise-Scale DevOps...with Jenkin...CloudBees
By Ilkka Turunen, Sonatype
Moving to DevOps in large complex enterprise-IT environments is an incremental process. One that requires culture, process and technology. Technology like Jenkins, Nexus, Puppet, Docker and more. In this session, you’ll hear about first-hand experiences building successful enterprise-scale DevOps practices and specifically look at the role of Jenkins working with other key technologies in the continuous tool chain. Learn about additional practices to support the goal of driving down cycle times. And no DevOps practice is complete without accounting for compliance and security requirements Jenkins can play a key role there too. Learn more.
DevOps - The Key to Rapid Productization (Introduction to the 5C's of DevOps)Cygnet Infotech
DevOps combines software development and operations optimizing the development life cycle through continuous integration and delivery resulting Rapid Productization with superior quality. Here are the 5C's of DevOps that everyone must know.
VMware vSphere, the industry-leading virtualisation platform for building cloud infrastructures, enables you to run business critical applications and respond to business needs.
Developing and delivering applications in a repeatable way, with the expected quality is a great challenge these days. In order to maximize business value at-the-speed-of-business, initiatives are being driven both by the development or delivery teams and by operations. They each have their own focus and specifics, but in essence they are both centered around: Collaboration and integration, automation, standardization and governance.
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014Amazon Web Services
More organizations are embracing DevOps to realize compelling business benefits, such as more frequent feature releases, increased application stability, and more productive resource utilization. However, security and compliance monitoring tools have not kept up. In fact, they often represent the largest single remaining barrier to continuous delivery. Learn how to integrate security controls in your DevOps program from experts at Alert Logic and George Miranda, engineer and evangelist at Chef. Sponsored by Alert Logic.
ארגונים ברחבי העולם מגבירים את השימוש בתהליכי DevOps לטובת שיפור היתרון התחרותי שלהם, הורדת סיכונים והפחתת עלויות פיתוח. כיום ניתן ליישם את ההצלחה של ה-DevOps בעולם מסדי הנתונים, על ידי ביצוע אוטומציה של תהליכי הפיתוח והעברה בין סביבות, אכיפת מנגנוני אבטחה, והפחתת הסיכונים הכרוכים בתהליך.
If you have home, heath, and life insurance why shouldn't you have business data insurance? WE help small businesses with enterprise level backups for all data.
Best practices to dedupe and prioritize IT alerts using our rich integrations with popular monitoring tools including Datadog, SolarWinds, AWS CloudWatch, and Nagios.
Bidirectional connectivity with ticketing systems including Jira and ServiceNow.
New ChatOps capabilities, in which you can acknowledge and respond to alerts using collaboration tools such as Slack, HipChat, and Microsoft Teams.
New Mass Notifications Functionality and the ability to spawn instant video conferencing and teleconferencing sessions to aid in collaboration.
5 Tips To Getting Your Network Ready For Digital TransformationMartello Technologies
Digital transformation and rapid technology adoption are competitive differentiators for today’s businesses. How can you be sure your network is ready? Use our tips.
Learn the causes and effects of business downtime, in time of disaster, and how you can prevent this from happening with a Business Continuity Solution. Visit http://www.quick-backup-recovery.com
Mind the Gap: How to bridge the gap between development and operations with release management
The release management process remains challenging for large IT organizations due to the continuing disconnect between development, QA, and operations teams. The challenge faced by these large enterprises is that process maturity, methodology, and platforms vary greatly across teams, organizations and business units. These challenges often produce gaps between development and operations teams. Release management is still being done, but with very inconsistent results and at a high cost, providing minimal insight and a lack of audit compliance.
Join us as Julian Fish, Director of Products at Serena Software, demonstrates how the unique integration framework and process capabilities of Serena Release Control can deliver a consistent and repeatable process that provides complete traceability, audit and compliance across Waterfall, Progressive and Agile processes, for both ITIL and DevOps approaches, and supporting Mainframe to mobile platforms.
NEMEA Compliance Center - the most powerful survey creation, management, and reporting solution available. It intuitively collects responses, writes, and produces standardized regulatory compliance reports. In fact, it even supports the use of many different standards at once. Our compliance software has a fully featured user-interface that lets you rapidly compare the laws and regulations that govern your industry and business.
Efficient Performance Test Automation - Opitmizing the Jenkins PipelineJules Pierre-Louis
Shift-left testing represents a huge opportunity within the context of DevOps and Continuous Delivery, and integrating performance tests into your Continuous Integration scope greatly reduces performance risks when adding a new feature, or fixing a bug.
Even better – adding performance tests into the widely used Jenkins Pipeline is easier than you might think. In this webinar, co-presented by CA BlazeMeter and CloudBees, we’ll offer practical tips and best practices for leveraging performance test automation in a continuous integration environment.
In this webinar we’ll cover:
- How to easily implement a project’s entire build/test/deploy pipeline in Jenkins and store that alongside existing code
- How to configure and execute realistic, large-scale performance-testing scenarios as part of the Continuous Integration process
- Enabling easy test configuration maintenance using the open source test automation tool Taurus along with Jenkins Pipeline
- Analyzing comprehensive performance test results in real-time, and integrating those results as a part of the build promotion criteria
Extend the impact of performance testing across the software delivery pipeline and the popular tools your teams are already using.
Secure Delivery Center, Eclipse Open SourceGenuitec, LLC
This non-intrusive software management and delivery technology is easy-to-use and installs right into the enterprise by asking simple policy questions about open source governance and IDE usage. For Eclipse, MyEclipse and IBM Rational.
JUC Europe 2015: Making Strides towards Enterprise-Scale DevOps...with Jenkin...CloudBees
By Ilkka Turunen, Sonatype
Moving to DevOps in large complex enterprise-IT environments is an incremental process. One that requires culture, process and technology. Technology like Jenkins, Nexus, Puppet, Docker and more. In this session, you’ll hear about first-hand experiences building successful enterprise-scale DevOps practices and specifically look at the role of Jenkins working with other key technologies in the continuous tool chain. Learn about additional practices to support the goal of driving down cycle times. And no DevOps practice is complete without accounting for compliance and security requirements Jenkins can play a key role there too. Learn more.
DevOps - The Key to Rapid Productization (Introduction to the 5C's of DevOps)Cygnet Infotech
DevOps combines software development and operations optimizing the development life cycle through continuous integration and delivery resulting Rapid Productization with superior quality. Here are the 5C's of DevOps that everyone must know.
VMware vSphere, the industry-leading virtualisation platform for building cloud infrastructures, enables you to run business critical applications and respond to business needs.
Developing and delivering applications in a repeatable way, with the expected quality is a great challenge these days. In order to maximize business value at-the-speed-of-business, initiatives are being driven both by the development or delivery teams and by operations. They each have their own focus and specifics, but in essence they are both centered around: Collaboration and integration, automation, standardization and governance.
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014Amazon Web Services
More organizations are embracing DevOps to realize compelling business benefits, such as more frequent feature releases, increased application stability, and more productive resource utilization. However, security and compliance monitoring tools have not kept up. In fact, they often represent the largest single remaining barrier to continuous delivery. Learn how to integrate security controls in your DevOps program from experts at Alert Logic and George Miranda, engineer and evangelist at Chef. Sponsored by Alert Logic.
ארגונים ברחבי העולם מגבירים את השימוש בתהליכי DevOps לטובת שיפור היתרון התחרותי שלהם, הורדת סיכונים והפחתת עלויות פיתוח. כיום ניתן ליישם את ההצלחה של ה-DevOps בעולם מסדי הנתונים, על ידי ביצוע אוטומציה של תהליכי הפיתוח והעברה בין סביבות, אכיפת מנגנוני אבטחה, והפחתת הסיכונים הכרוכים בתהליך.
RAMS 2013 Calculating roi when implementing a dfr program by mike silvermanAccendo Reliability
Presentation given at RAMS 2013
Three-phase inverters are physically large, complex and expensive elements of major solar power generation systems. The inverter converts DC power created by the photovoltaic (PV) panels to AC power suitable for adding to the power grid.
The inverters’ reliability testing is a complex task and relies on reliability block diagrams (RBD), vendor and field data, plus selecting accelerated life tests (ALT) based on critical elements of the product.
This paper illustrates a case study that developed an RBD, used field and vendor data, and includes the design and use of two ALTs. The result is a working framework or model that provides a reasonable estimate of the expected lifetime performance of the inverter. While any project similar to this, is always a work in progress, the examination of the decisions and inputs for the model proves valuable for the continued improvement of the model and resulting life predictions. This project provides an excellent real life example of reliability estimation having a multitude of constraints including: sample size, test duration, and field data, thus having to rely on all sources of available data starting from field and vendor data to theoretical component reliability calculations, ALT plan execution, failure analysis, and finally summarizing the results using RBD to estimate product expected lifetime. At the time of writing this paper, based on completion of system level ALT, an availability of 99.97% is valid over a 10 year period according to southern Ontario weather as the main installation base. This will be revisited once subsystem ALT is completed.
What if configuration management didn't need to be lvl60 in dev?RUDDER
Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit.
Server infrastructure automation is not simple. Several solutions have existed for several years and most of them rely on infra-as-code to achieve their mission. By the way, why infra-as-code?
And unfortunately, these solutions require strong development skills. So how can we do this when the infrastructure team does not have sufficient and, above all, homogeneous expertise? Because otherwise, beware of the "Guru Team" effect, or how the infrastructure automation to save time ends up with a huge SPOF because only one person in the team knows how it works....
I would like to discuss this together and introduce you to RUDDER briefly. RUDDER is a configuration management solution, and therefore infra-as-code, that allows you to automate your systems by relying entirely on a graphical interface to manage your configurations. Because the infrastructure is complex enough to add a layer!
Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit Paris 2019).
Security is everyone's business, an exploited breach is enough. Teams are aware of this and yet it is still as difficult as ever to be able to ensure, be confident, and reassure others (prove) that at least one party is under control.
And when it comes to server infrastructure, especially at the OS / middleware level, everything gets complicated. Even with an operational security team, it is difficult to ensure that the Information System Security Policy and security recommendations are properly implemented on all servers.
How can we be sure that our security policies are properly applied on all our servers other than through a massive and costly audit? Even if they were when they were created, how do you know if they remain perfectly compliant after a few days / weeks / months?
Let's discover together RUDDER, an open-source solution for continuous compliance based on configuration management to automatically audit and/or correct our systems.
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?RUDDER
On parle d’observabilité des services lorsque ceux-ci exposent des états et métriques internes pour améliorer la disponibilité globale.
Qu’en est-il de l’observabilité des infrastructures sur lesquelles ils sont déployés, configurés et maintenus ?
Les différents logs (centralisés, agrégés) permettent un bon début d’analyse mais il faut aussi observer les systèmes au fil de l’eau pour tracer chaque changement et les corréler avec le monitoring. Aujourd’hui, ces étapes de configuration IT devraient être prises en charge par les outils de gestion de configuration, qui deviennent la passerelle vers l’observabilité des opérations.
Nous montrerons l'intérêt de cette approche pour la gestion IT moderne avec un retour d’expérience sur les challenges de leur mise en place dans Rudder, notre solution libre d’audit et de gestion de configuration en continu.
OW2Con - Configurations, do you prove yours?RUDDER
How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?
We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.
This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.
The latest major version of the solution has brought a major new feature to the Rudder solution: a plugin ecosystem.
The Rudder software architect will present the reasons for this new feature, how it works, and what are the different plugins available.
Benoit Peccatte, CfgMgmtCamp 2019.
Benoit Peccatte started out as a developer for air traffic control systems but quickly became more interested in writing code generators to automate his job.
After meeting some smart sysadmins on the beach, he switched jobs and has been automating servers for the past decade.
He stumbled across open source in engineering school, and quickly became convinced that free software is the only way to keep software maintainable whatever happens in the future.
Benoit is now trying to automate his job on Rudder, developing features in Rudder to continuously configure and audit more and more servers.
What uses for observing operations of Configuration Management?RUDDER
Nicolas Charles, CfgMgmtCamp 2019.
More and more services expose their state, internal details and metrics to be observable, and improve overall quality of service.
But what about observing the infrastructure they are deployed, configured and maintained on?
What can we learn from that, and what do we need from configuration management to get these features and metrics?
Logs from installation is a good start, but they need centralization, aggregation and especially knowledge derivation from these - but also we need to observe these features over time, to trace changes, and correlate them with monitoring.
Rudder was built around the predicate that all actions of the configuration agent need to be traced, centralized and exposed in a meaningful way - with agents ensuring the continuous configuration of systems, and this talk will show the rationale behind this predicate, how we implemented this solution, and the benefits of this approach for the modern IT world.
UX challenges of a UI-centric config management toolRUDDER
Raphaël Gauthier, CfgMgmtCamp 2019.
One of Rudder’s main focuses is its comprehensive graphical user interface, which allows users to view and manage its configurations without writing a line of code.
The user experience and interface considerations for a tool as technical and complex, and with such potential to break things as a configuration management tool are certainly a challenge, and in some ways in unchartered territory. Rudder’s frontend developer will present an analysis of the situation, the issues encountered and the approach adopted for the improvement of UX and UI planned for 2019.
What happened in RUDDER in 2018 and what’s next?RUDDER
Alexis Mousset, CfgMgmtCamp 2019.
Let’s take a look at Rudder’s new features from 2018, both in terms of the features of versions 4.3 and 5.0 as well as the new documentation and our platform for building and distributing binaries.
We will then present the provisional roadmap for 2019: let’s go to Rudder 5.1 and 5.2!
Alexandre Brianceau, CfgMgmtCamp 2019.
Rudder is an open source configuration management tool that includes continuous auditing (with or without remediation), compliance info and graphs and the possibility to configure everything in the UI and/or APIs.
It has been around for more than six years and has users large (think 10 000 nodes) and small around the world.
Let’s take a moment to look at the vision that lead us here, how Rudder is different from similar tools, and what users find invaluable, nice (or annoying - I’ll be honest!).
If you’re not familiar with Rudder this is a great talk to attend to get the basics covered.
How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?
We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.
This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.
L'audit en continu : clé de la conformité démontrable (#POSS 2018)RUDDER
Présentation issue du talk pour le Paris Open Source Summit 2018 par Alexandre Brianceau dans le track Cybersécurité.
Les politiques de sécurité sont de plus en plus complexes et exigeantes à mettre en oeuvre pour les équipes opérationnelles. Comment pouvons-nous être certains que nos politiques de sécurité soient bien appliquées sur tous sos serveurs autrement qu’à travers un audit massif et coûteux ? Quand bien même le seraient-elles lors de leur création, comment savoir si elles restent parfaitement conformes après quelques jours / semaines / mois ?
Nous montrerons comment définir des règles techniques d'une politique de sécurité dans RUDDER, une solution d'automatisation de conformité informatique open source issue du monde devops où la gestion automatique de la configuration est déjà la norme. ensuite toutes les 5 minutes sur chacun des serveurs afin de remonter un résumé global permettant alors d’inspecter les problèmes qui doivent être corrigés.
Nous expliquerons également comment une politique d’audit déployée avec succès peut être imposée sur tous les systèmes avec le même outil, en passant de l’audit automatique à la remédiation automatique.
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)RUDDER
Présentation issue du talk pour le BBOOST 2018 par Alexandre Brianceau.
Une infrastructure dont les configurations ne sont pas homogènes, surveillées et maintenues en conformité en continu finit inévitablement par dériver, entraînant failles de sécurité et incidents de production.
Alors que la fiabilité de l’IT est devenue critique, la méthode traditionnelle consistant à mener des audits tous les X mois montre ses limites : une dérive entre deux audits peut passer inaperçue et causer un incident.
RUDDER est une solution qui garantit la conformité des configurations en permanence.
Stay up - voyage d'un éditeur de logiciels libresRUDDER
Voici le retour d'expérience d'un des fondateurs Rudder sur ce que c'est qu'être entrepreneur dans les logiciels libres et les 10 ans de voyage écoulés à travers 4 étapes clés:
- la constitution de l'équipe,
- le passage par un incubateur,
- la levée de fond (ou pas),
- et la recherche d'un business model soutenable.
How we scaled Rudder to 10k, and the road to 50kRUDDER
Management graphical interface, real-time compliance and ease of use are some of Rudder core principles. When Rudder was created in 2010, hundreds of servers were considered a large installation, and the constraints and limits to manage systems were totally different than nowadays, as IT speaks in terms of thousands of nodes. I’ll present how we scaled Rudder from hundreds to 10k nodes, on each different aspect of the product: changing the way nodes talk with the Rudder server, rewriting the data model, evolving the UI, how we detected new limits - further away - and how we removed them; and made sure these limits don’t come back through tooling and testing. Finally, I’ll present the planned evolutions in upcoming releases to reach 50k managed nodes.
Rudder 4.1 was released in March 2017 with:
- an advanced feature to query external APIs and pull in node properties dynamically
the ability to add "key=value" tags to all Rules and Directives in order to categorize them
- a new API on relay servers to enable node-to-node file sharing and remote run in firewalled environments performance improvements
- a new plugin package format
Rudder 4.2 was released in September 2017 and includes the support for a new plugin that adds support for a new Windows DSC-based agent. Rudder 4.3 will include:
- Parameters for Technique Editor techniques
- ACLs on the API accounts
- Many architecture improvements
In parallel, new plugins are being developed:
- A plugin to integrate data from external APIs
- Monitoring integration with Centreon
- CMDB integration with iTop
- A reporting plugin for historized compliance
This talk will introduce these new features and show how to use them, hopefully getting you as excited as we are! Then, we will move on to explain about longer-term feature ideas we have for Rudder, and the general vision linked to future developments.
About Nicolas Charles
Nicolas is a tinkerer who likes when things just work, and tries his best to reach this goal. He started as a developer 15 years ago, and often had to reach out of this role to solve issues.
In 2010, he co-founded Normation, and he still enjoys fixing things in Rudder and at its users.
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...RUDDER
En tant qu’hébergeur et infogérant, Jaguar Network est confronté à une double évolution :
Le marché attend de la part d’un Service Provider de prendre en charge une part toujours plus importante de la gestion du système d’information.
La croissance de l’entreprise entraîne une pression plus importante quantitativement (scalabilité) et qualitativement (garantir la fiabilité et la sécurité sur l’ensemble du parc géré).
Ainsi, Jaguar Network a dû trouver une solution capable de résoudre cette double problématique à laquelle de plus en plus de sociétés sont confrontées : assurer la croissance rapide du parc tout en améliorant et en garantissant la fiabilité.
Grâce à RUDDER, solution open-source française de Continuous Configuration dédiée aux contraintes de la production, l’atteinte de cet objectif a été grandement facilité. En duo avec l’éditeur de RUDDER, Jaguar Network racontera le déroulement de ce projet, de la mise en place de l’outil aux résultats constatés, en passant par l’intégration avec les autres technologies du SI.
Un retour d’expérience concret et complet sur le concept de Continuous Configuration et son implémentation avec RUDDER.
RUDDER is an easy to use, web-driven, role-based solution for IT Infrastructure Automation and Compliance. With a focus on continuously checking configurations and centralising real-time status data, RUDDER can show a high-level summary (“ISO 27001 rules are at 100%!”) and break down noncompliance issues to a deep technical level (“Host prod-web-03: SSH server configuration allows root logins”).
A few things that make RUDDER stand out:
- A simple framework allows you to extend the built-in rules to implement specific low-level configuration patterns, however complex they may be, using simple building blocks (“ensure package installed in version X,” “ensure file content,” “ensure line in file,” etc.). A graphical builder lowers the technical level required to use this.
- Each policy can be independently set to be automatically checked or enforced on a policy or host level. In Enforce mode, each remediation action is recorded, showing the value of these invisible fixes.
- RUDDER works on almost every kind of device, so you’ll be managing physical and virtual servers in the data center, cloud instances, and embedded IoT devices in the same way.
- RUDDER is designed for critical environments where a security breach can mean more than a blip in the sales stats. Built-in features include change requests, audit logs, and strong authentication.
- RUDDER relies on an agent that needs to be installed on all hosts to audit. The agent is very lightweight (10 to 20 MB of RAM at peak) and blazingly fast (it’s written in C and takes less than 10 seconds to verify 100 rules). Installation is self-contained, via a single package, and can auto-update to limit agent management burden.
- RUDDER is a true and professional open source solution—the team behind RUDDER doesn’t believe in the dual-speed licensing approach that makes you reinstall everything and promotes open source as little more than a “demo version.”
RUDDER is an established project with several 10000s of node managed, in companies from small to biggest-in-their-field. Typical deployments manage 100s to 1000s of nodes. The biggest known deployment in 2016 is about 7000 nodes.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
2. Some users of Cfengine
SELF-HEALING DATACENTER SOLUTION
3. The future is not certain
• We encourage it but we
do not decide it
• It is about simple
patterns that are
robust
• There are no
guarantees, but we
can try to keep
promises
SELF-HEALING DATACENTER SOLUTION
5. Promise Technology
Based on Promise Theory research
Puts goals not recipes in focus
– Goals are invariants, recipes depend on
circumstances
– Simple connection to “Service Level
Agreements”
– Easy to measure compliance
A promise is a documentation item
– Knowledge integration
SELF-HEALING DATACENTER SOLUTION
7. Convergence = self-healing
Promises focus on the end state (desired state)
not on fragile procedures and baselines
We automate repair using Cfengine's published
convergence principle
SELF-HEALING DATACENTER SOLUTION
8. Pull not push – scale and security
Every node is responsible for its own state
– Allows flat scalability (no bottlenecks)
– Allows detailed adaptation to local environment (each host
knows its own environment best)
Hosts subscribe to external resources they need
– Software Package manager integration
– Policy updates from orchestrator when available
Push attacks a system, pull grants autonomy to all parts of the
network and it fault tolerant of network outage (for wireless,
pervasive, field operations etc)
SELF-HEALING DATACENTER SOLUTION
13. Cfengine Nova Extras
• Now
– One touch bootstrap
– Self-knowledge / analysis document integration
– Ultra lightweight monitoring integrated
– Native cross-platform support includes Windows
– Enhanced security (FIPS)
– Directory service integration with fault tolerance
– Virtualization and elastic scaling support
• 3-6 months
– Cfengine 2 to Nova conversion
– GUI “helm” single point of contact and change
SELF-HEALING DATACENTER SOLUTION
14. The Company and Partners
Cfengine AS
Oslo
Norway
Cfengine Inc
Tampa
USA
Tel: +47 22 95 85 00
Fax: +47 22 60 44 27
Mail: Contact@cfengine.com
SELF-HEALING DATACENTER SOLUTION