Session on API auto scaling, monitoring and Log managementpqrs1234
API Autoscaling
When to configure
How to configure
Points to be noted while configuring
Anypoint Monitoring Overview
Advantages and uses
Built-in dashboards
Custom dashboards
Reports
Alerts
Functional Monitoring
Log Management
Log Search
Log Points
Log Download
Mulesoft with ELK (Elastic Search, Log stash, Kibana)Gaurav Sethi
Use the Elastic Stack (ELK stack) to analyze the business data and API analytics.
You can use Logstash for Filebeat to process Anypoint Platform log files, insert them into an Elasticsearch database, and then analyze them with Kibana.
ELK stands for the three Elastic products - Elasticsearch, Logstash, and Kibana
To understand what the Elastic core products, we will use a simple architecture:
1. The logs will be created by an application and pushed into the AWS SQS Queue.
2. Logstash aggregates the logs from different sources and processes them.
3. Elasticsearch stores and indexes the data in order to search it.
4. Kibana is the visualization tool that makes sense of the data.
1. How to Secure Network Communication?
2. SSL(Secure Socket Layer)
3. Digital Certificate
Signature(Signed and Unsigned)
Digest(SHA-256, MD5)
4. Keys
Private, Public, and Session Key
5. Types of Encryption
Symmetric and Asymmetric
6. One-way and Two-way SSL
7. Keystore and Truststore
This document provides an overview of migrating MuleSoft applications from an on-premises deployment to a CloudHub deployment. It discusses the different deployment models, reasons for migrating to the cloud, key steps in the migration process, and considerations for application code changes, networking configuration, continuous integration/deployment processes, monitoring, and scaling in CloudHub. The presenter is a MuleSoft customer success engineer with experience helping customers migrate their applications from on-premises environments to CloudHub.
The explosion of APIs, SaaS applications, and mobile devices has created a massive integration wave. The resulting shift in the way we connect is forcing an IT mega change unlike anything we've seen before. As the development model moves from writing lots of code to composing APIs together, a new generation of middle tier application architecture is being born.
Logging best practice in mule using logger componentGovind Mulinti
Logging is a key part of application debugging and analysis. This document discusses best practices for logging in Mule applications using the logger component. It recommends configuring log4j to use RollingFileAppender to control log file sizes. The logger component should be used to log messages with the log level and category string providing meaning. The category string should indicate the project, functionality, and flow being logged to help decode where log messages originate. Log4j properties can enable logging at granular levels like specific flows by configuring logger categories. Following these practices helps support teams debug issues faster through meaningful logs.
1) The document provides tips for optimizing performance on WebSphere DataPower devices by adjusting caching, enabling persistent connections, using processing rules efficiently, optimizing MQ and XSLT configurations, and leveraging synchronous and asynchronous actions appropriately.
2) It recommends creating a "facade service" to monitor and shape requests to external services like logging servers to prevent slow responses from impacting core transactions. This facade service would use monitors and service level management policies to control latencies.
3) Using separate delegate services with monitoring is suggested to avoid direct connections to external services that could become slow and bottleneck transactions if they degrade in performance.
Session on API auto scaling, monitoring and Log managementpqrs1234
API Autoscaling
When to configure
How to configure
Points to be noted while configuring
Anypoint Monitoring Overview
Advantages and uses
Built-in dashboards
Custom dashboards
Reports
Alerts
Functional Monitoring
Log Management
Log Search
Log Points
Log Download
Mulesoft with ELK (Elastic Search, Log stash, Kibana)Gaurav Sethi
Use the Elastic Stack (ELK stack) to analyze the business data and API analytics.
You can use Logstash for Filebeat to process Anypoint Platform log files, insert them into an Elasticsearch database, and then analyze them with Kibana.
ELK stands for the three Elastic products - Elasticsearch, Logstash, and Kibana
To understand what the Elastic core products, we will use a simple architecture:
1. The logs will be created by an application and pushed into the AWS SQS Queue.
2. Logstash aggregates the logs from different sources and processes them.
3. Elasticsearch stores and indexes the data in order to search it.
4. Kibana is the visualization tool that makes sense of the data.
1. How to Secure Network Communication?
2. SSL(Secure Socket Layer)
3. Digital Certificate
Signature(Signed and Unsigned)
Digest(SHA-256, MD5)
4. Keys
Private, Public, and Session Key
5. Types of Encryption
Symmetric and Asymmetric
6. One-way and Two-way SSL
7. Keystore and Truststore
This document provides an overview of migrating MuleSoft applications from an on-premises deployment to a CloudHub deployment. It discusses the different deployment models, reasons for migrating to the cloud, key steps in the migration process, and considerations for application code changes, networking configuration, continuous integration/deployment processes, monitoring, and scaling in CloudHub. The presenter is a MuleSoft customer success engineer with experience helping customers migrate their applications from on-premises environments to CloudHub.
The explosion of APIs, SaaS applications, and mobile devices has created a massive integration wave. The resulting shift in the way we connect is forcing an IT mega change unlike anything we've seen before. As the development model moves from writing lots of code to composing APIs together, a new generation of middle tier application architecture is being born.
Logging best practice in mule using logger componentGovind Mulinti
Logging is a key part of application debugging and analysis. This document discusses best practices for logging in Mule applications using the logger component. It recommends configuring log4j to use RollingFileAppender to control log file sizes. The logger component should be used to log messages with the log level and category string providing meaning. The category string should indicate the project, functionality, and flow being logged to help decode where log messages originate. Log4j properties can enable logging at granular levels like specific flows by configuring logger categories. Following these practices helps support teams debug issues faster through meaningful logs.
1) The document provides tips for optimizing performance on WebSphere DataPower devices by adjusting caching, enabling persistent connections, using processing rules efficiently, optimizing MQ and XSLT configurations, and leveraging synchronous and asynchronous actions appropriately.
2) It recommends creating a "facade service" to monitor and shape requests to external services like logging servers to prevent slow responses from impacting core transactions. This facade service would use monitors and service level management policies to control latencies.
3) Using separate delegate services with monitoring is suggested to avoid direct connections to external services that could become slow and bottleneck transactions if they degrade in performance.
Mule 4 Migration Planning by Anu Vijayamohan
Integration Challenges by Angel Alberici
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Mule 4 Migration Planning
This session is for Consultants, Developers, Engineers and Architects who want to understand what the benefits of Mule 4 are and how to plan their migration ahead of the Mule 3.8 End of Life deadlines.
In this session we will discuss:
Mule 4 Benefits
Product EOL - Implications of not migrating
Where and How do I start?
Migration Planning & Decision Guides
Enablement and Customer Adoption
Mule Migration Assistant
After this session, you will have a better understanding of how to plan a successful migration to Mule 4
Integration Challenges
Top common technical integration challenges that he keeps seeing when working with customers
This document contains a presentation by Rupesh Sinha from Whishworks Ltd about an architecture solution presented to ABC, a UK-based luxury mobile device manufacturer. ABC wants to build an integration solution to unlock internal data for use on their website and mobile apps via APIs, and to accept and process orders from various sources through their internal systems. The presentation discusses MuleSoft's Anypoint Platform as a solution, showing how it can provide a centralized integration platform to connect various systems and create APIs to share data across ABC's applications and systems.
The document discusses implementing security and availability requirements for a banking API system using open source software. It describes using the 3scale API management platform and Keycloak identity management software together to meet authentication, authorization, access control, availability, and standards compliance requirements. Patches were submitted to these open source projects to enhance their features and better support the banking use case.
This document discusses how to use MuleSoft API Gateway to proxy an existing SOAP web service and expose it as a RESTful API. It involves adding a new proxy API in Anypoint Platform, configuring the API endpoint to point to a proxy project, using a Web Service Consumer to call the SOAP service and Transform Messages to map requests and responses between JSON and SOAP formats. The configured proxy API can then be tested to invoke the backend SOAP service via REST.
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010Priyanka Aash
"Existing techniques for bypassing wired port security are limited to attacking 802.1x-2004, which does not provide encryption or the ability to perform authentication on a packet-by-packet basis [1][2][3][4]. The development of 802.1x-2010 mitigates these issues by using MacSEC to provide Layer 2 encryption and packet integrity check to the protocol [5]. Since MacSEC encrypts data on a hop-by-hop basis, it successfully protects against the bridge-based attacks pioneered by the likes of Steve Riley, Abb, and Alva Duckwall [5][6].
In addition to the development of 802.1x-2010, improved 802.1x support by peripheral devices such as printers also poses a challenge to attackers. Gone are the days in which bypassing 802.1x was as simple as finding a printer and spoofing address, as hardware manufacturers have gotten smarter.
In this talk, we will introduce a novel technique for bypassing 802.1x-2010 by demonstrating how MacSEC fails when weak forms of EAP are used. Additionally, we will discuss how improved 802.1x support by peripheral devices does not necessarily translate to improved port-security due to the widespread use of weak EAP. Finally, we will consider how improvements to the Linux kernel have made bridge-based techniques easier to implement and demonstrate an alternative to using packet injection for network interaction. We have packaged each of these techniques and improvements into an open source tool called Silent Bridge, which we plan on releasing at the conference."
This document provides an overview of FortiGate multi-threat security systems and their administration, content inspection, and basic VPN capabilities. It discusses FortiGate devices, FortiGuard subscription services, logging and alerts capabilities, firewall policies, basic VPN configurations, authentication, antivirus, spam filtering, and web filtering. The document includes descriptions of FortiGate portfolio models, FortiGuard dynamic updates, FortiManager and FortiAnalyzer management products, logging levels, and log storage locations.
The document discusses API security patterns and practices. It covers topics like API gateways, authentication methods like basic authentication and OAuth 2.0, authorization with XACML policies, and securing APIs through measures like TLS, JWTs, and throttling to ensure authentication, authorization, confidentiality, integrity, non-repudiation, and availability. Key points covered include the gateway pattern, direct vs brokered authentication, JSON web tokens for self-contained access tokens, and combining OAuth and XACML for fine-grained access control.
How to create a User Defined Policy with IBM APIc (v10)Shiu-Fun Poon
IBM APIc ships a set of policy. However you can extend those capabilities by creating your own policy. This gives step by step on how that can be done, it also provides a template to help you jump start the process.
Moving Gigantic Files Into and Out of the Alfresco RepositoryJeff Potts
This talk is a technical case study showing show Metaversant solved a problem for one of their clients, Noble Research Institute. Researchers at Noble deal with very large files which are often difficult to move into and out of the Alfresco repository.
MuleSoft Surat Meetup#44 - Anypoint Flex Gateway Custom Policies With RustJitendra Bafna
This document provides an overview of a presentation on custom policies with Rust for Anypoint Flex Gateway. The agenda includes an introduction to Flex Gateway, writing custom policies, a demo, trivia, and wrap-up. Custom policies for Flex Gateway can be written in Rust as WebAssembly (WASM) filters using the Proxy WASM SDK. The presentation will demonstrate compiling a sample Rust policy and deploying it by publishing the schema and definition files and adding the binary implementation file. Attendees are invited to nominate future topics and provide feedback to help improve future meetup events.
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)Prashanth Kurimella
Differences between MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
For additional information, read https://www.linkedin.com/pulse/mulesoft-deployment-strategies-rtf-vs-hybrid-cloudhub-kurimella/
Speaker: Anu Vijayamohan
Host: Angel Alberici
VirtualMuleys: 66 - 20220304-April
Recording & Slides: https://meetups.mulesoft.com/events/details/mulesoft-online-group-english-presents-mulesoft-sizing-guidelines/
All Recordings & Slides: meetups.mulesoft.com/online-group-english/ & youtube.com/c/VirtualMuleysOnline/videos
In this session we will discuss:
Core concepts of sizing
Factors that impact mule sizing
T-Shirt sizing
Sizing nuances in Cloudhub vs OnPrem vs RTF
High Availability
The document summarizes a presentation about custom policies in Mule 4. It includes an agenda for the presentation, background on API security and attacks, an overview of policy categories and types in Mule, steps for creating a custom policy, and a demo. The presentation covers what custom policies are, when to use them, how to develop, package, and apply them, and how to configure them with parameters and Handlebars variables. It also discusses policy execution order, propagation, and error handling. The document concludes with a trivia quiz and next steps.
This document provides an overview of Kong, an open-source API gateway. It discusses that Kong is a cloud-native, scalable middleware between clients and APIs, and supports features like authentication, security, traffic control, and analytics. The document also summarizes the Community and Enterprise editions of Kong, including that the Enterprise edition provides additional capabilities like an admin GUI, API analytics, and support. It concludes with an example of using Kong to expose an API and discusses benefits and concerns of Kong.
Mule 4 Migration Planning by Anu Vijayamohan
Integration Challenges by Angel Alberici
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Mule 4 Migration Planning
This session is for Consultants, Developers, Engineers and Architects who want to understand what the benefits of Mule 4 are and how to plan their migration ahead of the Mule 3.8 End of Life deadlines.
In this session we will discuss:
Mule 4 Benefits
Product EOL - Implications of not migrating
Where and How do I start?
Migration Planning & Decision Guides
Enablement and Customer Adoption
Mule Migration Assistant
After this session, you will have a better understanding of how to plan a successful migration to Mule 4
Integration Challenges
Top common technical integration challenges that he keeps seeing when working with customers
This document contains a presentation by Rupesh Sinha from Whishworks Ltd about an architecture solution presented to ABC, a UK-based luxury mobile device manufacturer. ABC wants to build an integration solution to unlock internal data for use on their website and mobile apps via APIs, and to accept and process orders from various sources through their internal systems. The presentation discusses MuleSoft's Anypoint Platform as a solution, showing how it can provide a centralized integration platform to connect various systems and create APIs to share data across ABC's applications and systems.
The document discusses implementing security and availability requirements for a banking API system using open source software. It describes using the 3scale API management platform and Keycloak identity management software together to meet authentication, authorization, access control, availability, and standards compliance requirements. Patches were submitted to these open source projects to enhance their features and better support the banking use case.
This document discusses how to use MuleSoft API Gateway to proxy an existing SOAP web service and expose it as a RESTful API. It involves adding a new proxy API in Anypoint Platform, configuring the API endpoint to point to a proxy project, using a Web Service Consumer to call the SOAP service and Transform Messages to map requests and responses between JSON and SOAP formats. The configured proxy API can then be tested to invoke the backend SOAP service via REST.
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010Priyanka Aash
"Existing techniques for bypassing wired port security are limited to attacking 802.1x-2004, which does not provide encryption or the ability to perform authentication on a packet-by-packet basis [1][2][3][4]. The development of 802.1x-2010 mitigates these issues by using MacSEC to provide Layer 2 encryption and packet integrity check to the protocol [5]. Since MacSEC encrypts data on a hop-by-hop basis, it successfully protects against the bridge-based attacks pioneered by the likes of Steve Riley, Abb, and Alva Duckwall [5][6].
In addition to the development of 802.1x-2010, improved 802.1x support by peripheral devices such as printers also poses a challenge to attackers. Gone are the days in which bypassing 802.1x was as simple as finding a printer and spoofing address, as hardware manufacturers have gotten smarter.
In this talk, we will introduce a novel technique for bypassing 802.1x-2010 by demonstrating how MacSEC fails when weak forms of EAP are used. Additionally, we will discuss how improved 802.1x support by peripheral devices does not necessarily translate to improved port-security due to the widespread use of weak EAP. Finally, we will consider how improvements to the Linux kernel have made bridge-based techniques easier to implement and demonstrate an alternative to using packet injection for network interaction. We have packaged each of these techniques and improvements into an open source tool called Silent Bridge, which we plan on releasing at the conference."
This document provides an overview of FortiGate multi-threat security systems and their administration, content inspection, and basic VPN capabilities. It discusses FortiGate devices, FortiGuard subscription services, logging and alerts capabilities, firewall policies, basic VPN configurations, authentication, antivirus, spam filtering, and web filtering. The document includes descriptions of FortiGate portfolio models, FortiGuard dynamic updates, FortiManager and FortiAnalyzer management products, logging levels, and log storage locations.
The document discusses API security patterns and practices. It covers topics like API gateways, authentication methods like basic authentication and OAuth 2.0, authorization with XACML policies, and securing APIs through measures like TLS, JWTs, and throttling to ensure authentication, authorization, confidentiality, integrity, non-repudiation, and availability. Key points covered include the gateway pattern, direct vs brokered authentication, JSON web tokens for self-contained access tokens, and combining OAuth and XACML for fine-grained access control.
How to create a User Defined Policy with IBM APIc (v10)Shiu-Fun Poon
IBM APIc ships a set of policy. However you can extend those capabilities by creating your own policy. This gives step by step on how that can be done, it also provides a template to help you jump start the process.
Moving Gigantic Files Into and Out of the Alfresco RepositoryJeff Potts
This talk is a technical case study showing show Metaversant solved a problem for one of their clients, Noble Research Institute. Researchers at Noble deal with very large files which are often difficult to move into and out of the Alfresco repository.
MuleSoft Surat Meetup#44 - Anypoint Flex Gateway Custom Policies With RustJitendra Bafna
This document provides an overview of a presentation on custom policies with Rust for Anypoint Flex Gateway. The agenda includes an introduction to Flex Gateway, writing custom policies, a demo, trivia, and wrap-up. Custom policies for Flex Gateway can be written in Rust as WebAssembly (WASM) filters using the Proxy WASM SDK. The presentation will demonstrate compiling a sample Rust policy and deploying it by publishing the schema and definition files and adding the binary implementation file. Attendees are invited to nominate future topics and provide feedback to help improve future meetup events.
MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)Prashanth Kurimella
Differences between MuleSoft Deployment Strategies (RTF vs Hybrid vs CloudHub)
For additional information, read https://www.linkedin.com/pulse/mulesoft-deployment-strategies-rtf-vs-hybrid-cloudhub-kurimella/
Speaker: Anu Vijayamohan
Host: Angel Alberici
VirtualMuleys: 66 - 20220304-April
Recording & Slides: https://meetups.mulesoft.com/events/details/mulesoft-online-group-english-presents-mulesoft-sizing-guidelines/
All Recordings & Slides: meetups.mulesoft.com/online-group-english/ & youtube.com/c/VirtualMuleysOnline/videos
In this session we will discuss:
Core concepts of sizing
Factors that impact mule sizing
T-Shirt sizing
Sizing nuances in Cloudhub vs OnPrem vs RTF
High Availability
The document summarizes a presentation about custom policies in Mule 4. It includes an agenda for the presentation, background on API security and attacks, an overview of policy categories and types in Mule, steps for creating a custom policy, and a demo. The presentation covers what custom policies are, when to use them, how to develop, package, and apply them, and how to configure them with parameters and Handlebars variables. It also discusses policy execution order, propagation, and error handling. The document concludes with a trivia quiz and next steps.
This document provides an overview of Kong, an open-source API gateway. It discusses that Kong is a cloud-native, scalable middleware between clients and APIs, and supports features like authentication, security, traffic control, and analytics. The document also summarizes the Community and Enterprise editions of Kong, including that the Enterprise edition provides additional capabilities like an admin GUI, API analytics, and support. It concludes with an example of using Kong to expose an API and discusses benefits and concerns of Kong.
Landing Page Testing can lead to double digit conversion rate gains. Learn how to test your pages to improve conversion, and attract super affiliates without changing your payout structure.
Landingpage - Concetti base per la realizzazione di landingpage efficaciMassimo Petrucci
Landing Page: concetti base per realizzare landing page efficaci, per aumentare la capacità di conversione ovvero vendite, inscrizioni alla newsletter, generazione di lead. Si consiglia l'ebook "Landing Page Perfetta 100 utili consigli" acquistabile a 3 euro sollo store di Amazon: http://www.amazon.it/Landing-Page-Perfetta-consigli-ebook/dp/B008OIPLPY
Snapchat - Funzionalità e utilizzo per le Aziende Case Study & Best PracticeGiuliano Ambrosio
Vediamo insieme le sue funzionalità e ultime novità della piattaforma e come le aziende in Italia e nel Mondo stanno utilizzando le funzionalità del fantasmino. Snapchat non è per tutti e può diventare un nuovo media efficace per intercettare un pubblico moto giovane.
La Configuration Management riguarda le politiche, i processi e gli strumenti per la gestione dei sistemi software in evoluzione.
La Software Configuration Management è stata definita da Bersoff, Henson e Siegel come la disciplina che identifica la configurazione di un sistema in momenti distinti nel tempo allo scopo di controllare sistematicamente i cambiamenti e garantire l’integrità e la tracciabilità di ogni configurazione per tutto il ciclo di vita.
Seminario in lingua italiana, svolto con Antonio Fasulo.
CruiseControl.net in un progetto realeDotNetMarche
La Continuous Integration è una pratica di sviluppo fondamentale per migliorare la qualità del software: CruiseControl.NET è una suite open-source per gestire questo processo in modo trasparente al team di sviluppo. Il relatore mostrerà i vantaggi derivati dall'uso di tale metodologia in un caso pratico, ovvero nello sviluppo della piattaforma di blogging Subtext, di cui è membro del team di sviluppo, nonché Build Manager.
DSTORIE DALLA TRINCEA: TEAM FOUNDATION SERVER IN CASI LIMITE E NON SOLO...DotNetCampus
Amministrare Team Foundation Server può diventare un lavoro a tempo pieno, viste le complessità che può raggiungere. In questa sessione vedremo una raccolta di casi reali - basati sull'esperienza diretta - spaziando dalle attività più comuni fino alle situazioni estreme di una grande infrastruttura, quali strumenti utilizzare e soprattutto quali sono le best practice da tenere in considerazione.
Introduzione al Controllo di versione (in generale) e al funzionamento di Git (in particolare). Upgrade di un'altra presentazione simile nelle basi ma incentrata su SVN.
DotNetCampus - Continuous Integration con Sql ServerAlessandro Alpi
Continuous Integration con SQL Server. Come automatizzare i processi di build e di test su database SQL Server. Come includere SQL Server nei processi di Application Lifecycle Management (Database Lifecycle Management).
La continuous integration, ovvero un insieme di pratiche di sviluppo atte a rilasciare frequentemente le modifiche al nostro codice, può essere applicata anche a SQL Server. In questa sessione andremo a descrivere come mettere sotto controllo del codice sorgente i nostri database in un'ottica di teamwork e, successivamente, a capire come automatizzare il processo di test unitario al fine di prevenire regressioni e correggere quanto prima bug.
OCS in un’ora - Introduzione a Open Conference Systems AmmLibera AL
Il software Open Conference Systems (OCS) è una soluzione open source per gestire e pubblicare on line convegni scientifici. OCS è un sistema di gestione e pubblicazione altamente gestibile che può essere scaricato gratuitamente e installato su un server locale.
È stato progettato per ridurre tempo ed energia dedicati ai compiti amministrativi e gestionali, aumentando l’efficienza del processo editoriale e della pubblicazione. Il sistema cerca di aumentare inoltre la qualità scientifica della pubblicazione di congressi, permettendo l’uso di politiche più trasparenti e aumentando le possibilità di indicizzazione.
Link all'articolo "OCS - Open Conference Systems" su aepic.it
http://www.aepic.it/ocs.php
DbUp è una libreria .NET che facilita il deploy delle modifiche allo schema del database di una applicazione. Tiene traccia degli scripts SQL che sono già stati applicati ed esegue gli script di modifica, necessari ad effettuare la migrazione del database.
PASS Virtual Chapter - SQL Server Continuous IntegrationAlessandro Alpi
Build automatizzate, esecuzione di unit test, creazione di un pacchetto nuget, ecco cosa serve per essere pronti con SQL Server e la continuous integration
DevOpsHeroes 2016 - Realizzare Continouous Integration con SQL Server e Visua...Alessandro Alpi
In questa serie di slide vedremo come creare i build step su Visual Studio Team Services sfruttando gli add-on forniti da Red Gate, come DLM Automation 2: Build.
La ragione principale per cui le aziende decidono di non adottare il DevOps per il database è di preservare la sicurezza del database stesso. Eppure, si tratta di una concezione errata: applicando il DevSecOps al DB, infatti, è possibile creare in ambienti strutturati le condizioni per un rilascio sicuro degli script del database, gestendo al meglio potenziali rischi di sicurezza. Segui il webinar per apprendere come includere il DB all’interno della tua strategia DevSecOps.
Similar to Corso di Versioning, Configuration & Document Management (20)
Marty dives into the complex process of business transformation, highlighting both its anti-patterns and valuable lessons from successes.
The talk underscores the shift from mere ‘Agile’ labels to profound changes in building, problem-solving, and decision-making. He emphasizes transitioning from big releases to consistent cadences, evolving from stakeholder-driven roadmaps to empowered product teams, and redefining how companies prioritize threats and opportunities.
At its core, the transformation journey seeks to tap into the talent of your people to provide a machine for consistent innovation. This talk promises to provide a holistic view of company transformation, guiding product leaders on where they stand and where they need to head.
The document summarizes the outcomes of Facile.it Partner's 2023 hackathon. Some key points:
- The hackathon aimed to break down silos, foster collaboration, and promote a culture of sharing, creativity, and innovation.
- Activities included shadowing, brainstorming sessions, coding, prototyping, and team building. These resulted in ideas generated, issues solved, and code deployed.
- A rubber duck was used as the hackathon mascot to represent debugging techniques. Homemade gadgets with the company logo were also produced.
- The hackathon scope was expanded to ensure knowledge sharing and collaboration by involving sales accounts throughout the process.
- The
This document provides guidance on delivering effective feedback in 3 sentences or less:
The document defines feedback as helpful information or criticism given to improve performance and outlines key components of effective feedback, including asking permission, being specific, kind, empathetic, and timely. It also recommends using a feedback equation of observing a behavior, describing its impact, and asking a question to make feedback actionable. The overall message is that feedback should be a two-way dialogue to understand different perspectives and help the recipient improve.
No Silver Bullet - Essence and Accident in Software EngineeringSalvatore Cordiano
Frederick P. Brooks, Jr.
University of North Carolina at Chapel Hill
There is no single development, in either technology or management
technique, which by itself promises even one order-of-magnitude
improvement within a decade in productivity, in reliability, in simplicity.
The document summarizes a recent hackathon held by Facile.it Partner from May 9-12, 2022. It discusses the vision for the hackathon as an opportunity for cross-functional teams to solve problems in a new way. The hackathon utilized a new format of separating the problem and solution spaces. It involved 30 participants across 5 cross-functional teams who worked to identify issues, present solutions, and code implementations. The "Doctor Shark" team won the competition with 61 points by identifying issues, giving pitches, participating in team-building, and implementing the most story points worth of solutions. The hackathon aimed to foster a mindset of continuous problem solving across teams.
The document summarizes an FP Hackathon that took place from 9-12 May 2022. It discusses improvements from the 2021 to 2022 event, including an increase in participants from 30 to 55 and the use of a Miro board instead of a wall board. The top three winning teams were announced, with Doctor Shark taking first place. The hackathon aimed to develop solutions to reduce inbound calls, increase autonomy, and improve user experience for collaborators.
Today we started our 2nd internal #hackathon, introducing new approaches to complexity dealing. We propose to adopt the "Manifesto for Slow Thinking", even if we are in a time-bound competition.
According to my perspective, a #SlowThinking mindset enables empathy, critical thinking, humbleness, feedback, and emotional intelligence.
Ownership is about taking the initiative to do the right thing. It’s about taking the bull by the horns, driving the process and not assuming it is someone else’s responsibility.
The Eisenhower Matrix is a time management tool based on strategies used by Dwight D. Eisenhower to prioritize tasks. It divides tasks into four quadrants based on their urgency and importance: tasks that are both urgent and important should be completed immediately; important non-urgent tasks can be scheduled; unimportant tasks should be avoided or delegated; and urgent but unimportant tasks can be delegated to others. The matrix provides a simple framework to evaluate tasks and determine the best way to manage workload and priorities.
The Blake Mouton Managerial Grid assesses leadership styles based on two dimensions: concern for people and concern for results. The grid defines five styles ranging from low concern in both areas ("Nightmare") to high concern in both ("Heaven"). Leaders are evaluated based on how they balance accomplishing tasks while considering employees' needs, interests, and development.
The document announces a hackathon being held by Facile.it on June 7th. It lists the company's core values such as easiness, courage, concreteness, passion, and relationship. It also lists shared principles for the hackathon such as being against standardization, connecting people, and ensuring programs meet user expectations rather than creator expectations. The document defines empathy and its four key attributes. It wishes attendees a happy hackathon.
4. Che cos’è il versioning?
Il termine è l’abbreviazione del controllo di versione o
version control.
5. Version control
Un programma che tiene traccia delle modifiche ai
file ed alle cartelle.
!
!
Il controllo di versione è anche noto come:
• Source Control Manager (SCM)
• Revision Control System (RCS)
• Version Control System (VCS)
6. Perché usare il controllo di
versione?
Perché questo fa schifo!
7. Alcuni esempio di software
per il controllo di versione
• CVS
• SVN!
• Git!
• Mercurial
• Bazaar Darcs
• Perforce
• Fossil
• BitKeeper
!
Nel corso della lezione faremo principalmente riferimento ad SVN http://subversion.apache.org/
8. Quali sono i vantaggi dell’uso di un
sistema di controllo delle versioni?
• Fornisce supporto alla memorizzazione dei codici
sorgenti.
• Fornisce uno storico di ciò che è stato fatto.
• Può fornire un modo per lavorare in parallelo su
diversi aspetti dell’applicazione in sviluppo.
• Può fornire un modo per lavorare in parallelo senza
intralciarsi a vicenda.
9. Il numero di versione (1)
• Le modifiche su file e cartelle
sono identificate incrementando
un numero o un codice associato,
denominato “numero di
versione”, “etichetta di versione”,
o semplicemente “versione”.
• Ad ogni versione è associato
un’etichetta che identifica il nome
della persona che ha apportato la
modifica.
10. Il numero di versione (2)
• Head: identifica l’ultima revisione del repository.
• Base: identifica l’ultimo aggiornatamento della
copia di lavoro.
• Committed: identifica l’ultima revisione in cui un
elemento ha subito modifiche.
11. Che tipo di file?
• Testo
• Grafica
• Binario
• Qualunque
12. Glossario (1)
• Repository: Il repository è dove i file sono memorizzati,
spesso su un server.
• Commit: un commit si effettua quando si copiano le
modifiche fatte su file locali nel repository (il software di
controllo versione controlla quali file sono stati modificati
dall'ultima sincronizzazione).
• Change: una modifica (change) rappresenta una specifica
modifica ad un documento sottoposto al controllo di
versione. La granularità delle modifiche considerate come
cambiamenti varia tra i sistemi di controllo versione.
• Change list: su molti sistemi di controllo versione con
commit di modifiche multiple atomiche, una changelist
identifica un insieme di changes fatti in un singolo commit.
13. Glossario (2)
• Check-out: un check-out effettua una copia di
lavoro dal repository (può essere visto come
l’operazione inversa dell’importazione).
• Update: un update copia le modifiche fatte sul
repository nella propria directory di lavoro (può
essere visto come l’operazione inversa del commit).
• Merge: un merge o integrazione unisce modifiche
concorrenti in una revisione unificata.
• Revision (o versione): è una versione in una catena
di modifiche.
• Revert: annulla ogni modifica locale a file e cartelle.
14. Glossario (3)
• Conflict: un conflitto si presenta quando diversi
soggetti fanno modifiche in contemporanea alla
stessa porzione di un documento.
• Resolve conflict: l’intervento di un utente per la
risoluzione di un conflitto tra modifiche differenti di
uno stesso documento.
15. Concetti di base
Repository!
• Un posto dove memorizzare i sorgenti.
• Tipicamente si trova su una macchina remota affidabile
e sicura.
• Tutti gli sviluppatori condividono lo stesso repository.
!
Working folder!
• Cartella di lavoro.
• Ogni sviluppatore ne ha una collocata sulla propria
macchina.
• Contiene una copia del codice sorgente relativo al
progetto.
16. Repository = Time machine
• Il Repository è un archivio di ogni versione di ogni
file di codice sorgente.
• Contiene la storia del progetto.
• Rende possibile navigare indietro nel tempo e
recuperare versioni vecchie dei file
• Capire perché sono state fatte certe scelte e chi le
ha fatte.
• Capire perché sono stati introdotti nuovi bug e chi li
ha introdotti.
17. Quando viene rilevato un
conflitto?
• Sui sorgenti quando: due sviluppatori modificano la
stessa linea di codice; il primo fa un commit, il
secondo un update e rileva il conflitto.
• Sulla struttura dei file/direttori quando: due
sviluppatori rinominano/spostano lo stesso file/
direttorio.
20. Trunk, branch, tag (2)
Un modo ragionevole per organizzare un repository è
fare in modo che contenga:
• Un tronco principale di sviluppo: Trunk
• Un luogo dove memorizzare le linee di sviluppo
alternative: Branch, Branches
• Un luogo dove memorizzare le release stabili: Tag,
Tags
21. Branch (1)
• Relativamente ad un progetto, un branch è una
linea di sviluppo indipendente dalle altre.
• Viene inizialmente generato come copia completa
e condivide parte della storia.
22. Branch (2)
• I Branch, ad esempio, consentono di iniziare lo
sviluppo di una nuova release quando la
precedente è ancora in fase di consolidamento.
• Una volta terminato il consolidamento è possibile
effettuare il merge fra il branch ed il trunk.
• Il bug risolti in fase di consolidamento saranno fusi
insieme alle modifiche apportate per incorporare le
funzionalità della nuova release.
23. Tag
• Tag = Release
• Viene memorizzato separatamente in modo da
avere a portata di mano tutti i sorgenti relativi ad
una certa release.
• In questo modo non è necessario andare a
ripescare dal main trunk i sorgenti andando indietro
con le versioni dei file.
25. A cosa serve il CM?
• Ma il sistema funzionava ieri, cosa è accaduto?
• Non riesco a riprodurre il problema (bug) sulla mia
copia di sistema
26. Tre problemi “classici” di CM
• Doppia manutenzione
Impedire l’esistenza di copie multiple dello stesso
file da aggiornare in modo indipendente
• Dati condivisi
Permettere a due o più sviluppatori di accedere
agli stessi file/dati
• Aggiornamento simultaneo
Impedire il “clobbering” quando due o più
sviluppatori modificano lo stesso file
27. Configuration management
(1)
• Identifica e tiene traccia di tutti gli elementi rilevanti
della configurazione del sistema, affinché tutti gli
errori possibili vengano individuati e vengano
trovate le possibili soluzioni.
28. Configuration management
(2)
CM is the practice of handling changes
systematically so that a system maintains its integrity
over time.
29. Configuration management
• La configurazione è definita come l’insieme delle
caratteristiche funzionali e fisiche di un prodotto
stabilite nei documenti tecnici e realizzate nel
prodotto stesso.
• Il configuration management si occupa di gestire e
controllare la variazione di tali caratteristiche.
• Non costituisce un’attività opzionale.
30. Configuration item
Il configuration item (CI) è un unità di configurazione
che può essere gestita individualmente.
Ad esempio in riferimento ad un’infrastruttura IT un CI
può essere un server, un software, un router, etc.
31. Configuration management
database
• E’ un elemento chiave del processo di CM
• Viene utilizzato per tracciare tutte le CI e le relazioni
tra di loro (Ad esempio: sul server X è disponibile il
sistema operativo Y, etc.).
32. Principali processi del
configuration management
• Pianificazione: include le strategie, policy, obiettivi, ruoli e
responsabilità nel processo di Configuration Management. Altro
elemento da tenere presente nella pianficazione è la struttura del
CMDB.
• Identificazione: include la selezione, identificazione e “labeling”
delle CI.
• Controllo: include il processo di assicurare che solo le CI
autorizzate siano presenti nel CMDB. Tutto le CI possono essere
modificate solo attraverso il processo di change management.
• Status Accounting: la gestione del ciclo di vita delle CI. Si
occupa del tracciamento e del reporting delle informazioni sullo
stato dei CI.
• Verifica: include gli audit effettuati con lo scopo di verificare
l’accuratezza del CMDB.
33. I tool di CM (1)
• Sono tool di IT automation che fanno un sacco di
lavoro.
• I tool di Configuration Management leggono le
configurazioni a partire da un file sorgente ed
applicano le stesse su uno o più server, in modo
automatico, prevedibile e idempotente.
!
Idempotente: posso applicare la stessa operazione più volte senza avere effetti
“collaterali”.
34. I tool di CM (2)
inizio configurazione
1. assicurati che apache2 sia installato
2. assicurati che php5 sia installato
3. assicurati che mysql sia installato
fine configurazione
35. Alcuni esempi di tool di CM
• Puppet
• Chef
• CFEngine
• Bcfg2
• BMCBladelogic
37. Cosa intendiamo per
document management?
• Generalmente si fa riferimento al sistema di
gestione di documenti o document management
system (DMS).
• E’ una categoria di sistemi software che serve a
organizzare e facilitare la creazione collaborativa di
documenti e di altri contenuti.
• Tecnicamente il DMS è un’applicazione che si
occupa di eseguire operazioni massive sui
documenti, catalogandoli ed indicizzandoli
secondo determinati algoritmi.
38. Document management
system
Dietro un
termine
apparentemente
semplice si cela
un ambito
complesso:
!
!
!
• metadata
• integration
• capture
• validation
• indexing
• storage
• retrieval
• distribution
• security
• signature
• workflow
• collaboration
• versioning
• publishing
• reproduction