To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2016/02/deep-dive-into-microservice-outer-architecture/
Microservices architecture (MSA) promotes loosely coupled services as building blocks for software system architecture. It was first adopted by large internet companies like Netflix and now is popular with enterprise architects everywhere.
You may find yourself asking what the main premises of MSA are and whether it replaces SOA. In this webinar Frank and Srinath will
Compare and contrast MSA with SOA and discuss both their pros and cons
Examine what MSA looks like in practice
Answer questions such as where to use databases, how to use security and how to perform service orchestration and integration
Discuss practical challenges
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)Michael Man
In just a few years, Open Policy Agent (OPA) has established itself as the de-facto standard for policy based guard rails around kubernetes clusters - now it's moving into our microservices! In this talk we'll explore the benefits of decoupling policy from application logic, and how OPA can help bring order to an increasingly distributed, heterogeneous and complex tech stack.
The Open Policy Agent (OPA) is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack.
The OPA is an open-source, general-purpose policy engine that can be used to enforce policies on various types of software systems like micro services, CI/CD pipelines, gateways, Kubernetes, etc. OPA was developed by Styra and is currently a part of CNCF.
DSO-LG 2021 Reboot: Policy As Code (Anders Eknert)Michael Man
In just a few years, Open Policy Agent (OPA) has established itself as the de-facto standard for policy based guard rails around kubernetes clusters - now it's moving into our microservices! In this talk we'll explore the benefits of decoupling policy from application logic, and how OPA can help bring order to an increasingly distributed, heterogeneous and complex tech stack.
The Open Policy Agent (OPA) is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack.
The OPA is an open-source, general-purpose policy engine that can be used to enforce policies on various types of software systems like micro services, CI/CD pipelines, gateways, Kubernetes, etc. OPA was developed by Styra and is currently a part of CNCF.
Swagger is an open source software framework backed by
a large ecosystem of tools that helps developers
design, build, document and consume RESTful Web
services.
In just a few years, Open Policy Agent (OPA) has emerged as one of the hotter technologies for policy management and fine grained access control in the cloud native ecosystem. Now it’s coming for your APIs!
In this session we will explore the underlying concepts and some of the components involved in OPA before we get hands on in live coding test driven authorization policies to protect API endpoints.
Kubernetes Security with Calico and Open Policy AgentCloudOps2005
Ray Kao and Kevin Harris from Microsoft presenting ‘Kubernetes Security with Calico and Open Policy Agent’ at the spring 2019 Kubernetes and Cloud Native meetup in Toronto.
Swagger is a simple yet powerful representation of your RESTful API. With the largest ecosystem of API tooling on the planet, thousands of developers are supporting Swagger in almost every modern programming language and deployment environment. With a Swagger-enabled API, you get interactive documentation, client SDK generation and discoverability.
Every Java developer knows that multithreading is the root of all evil and it is quite hard to write correct code for concurrent environment. But what tasks do exist in real commercial development except running code in asynchronous way?
In this talk I will present several tasks from my real projects and solutions we designed for them. This talk is very application oriented and allows participants to extend their vision of concurrent programming.
SpringOne Platform 2016
Speakers: Kevin Hoffman; Advisory Solutions Architect, Pivotal & Chris Umbel; Advisory Architect, Pivotal
With the advent of ASP.NET Core, developers can now build cross-platform microservices in .NET. We can build services on the Mac, Windows, or Linux and deploy anywhere--most importantly to the cloud.
In this session we'll talk about Cloud Native .NET, building .NET microservices, and deploying them to the cloud. We'll build services that participate in a robust ecosystem by consuming OSS servers such as Spring Cloud Configuration Server and Eureka. We'll also show how these .NET microservices can take advantage of circuit breakers and be automatically deployed to the cloud via CI/CD pipelines.
A Decentralized Autonomous Organization is governed by a set of software rules enacted by smart contracts on a blockchain. Potential use-cases are presented, as well as current applications of the technologies. DAOs promise to enable novel decision-making processes in an organization, innovate the current business models, and create new ones.
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
Hyperledger Fabric is a blockchain framework implementation initially developed by Digital Asset and IBM and now hosted by Linux Foundation under the hyperledger project. Fabric joined the hyperledger project for incubation in the early 2016 and after 1 year of incubation, it became the first project get into the ‘active’ state. On July 11, 2017, the hyperledger Technical Steering Committee announced their first production-ready distributed ledger codebase, Hyperledger Fabric V1.0
Kubernetes and Bluemix introduction along with the sample demo application(Color Cluster) on IBM Bluemix Container Service(BCS). Also, some advanced features provided by IBM. Sample code for the repo is here, [Kuberbetes Bluemix Demo](https://github.com/mohan08p/KubernetesMeetup/tree/master/14th%20Oct%202017/ColorDemo)
Swagger is an open source software framework backed by
a large ecosystem of tools that helps developers
design, build, document and consume RESTful Web
services.
In just a few years, Open Policy Agent (OPA) has emerged as one of the hotter technologies for policy management and fine grained access control in the cloud native ecosystem. Now it’s coming for your APIs!
In this session we will explore the underlying concepts and some of the components involved in OPA before we get hands on in live coding test driven authorization policies to protect API endpoints.
Kubernetes Security with Calico and Open Policy AgentCloudOps2005
Ray Kao and Kevin Harris from Microsoft presenting ‘Kubernetes Security with Calico and Open Policy Agent’ at the spring 2019 Kubernetes and Cloud Native meetup in Toronto.
Swagger is a simple yet powerful representation of your RESTful API. With the largest ecosystem of API tooling on the planet, thousands of developers are supporting Swagger in almost every modern programming language and deployment environment. With a Swagger-enabled API, you get interactive documentation, client SDK generation and discoverability.
Every Java developer knows that multithreading is the root of all evil and it is quite hard to write correct code for concurrent environment. But what tasks do exist in real commercial development except running code in asynchronous way?
In this talk I will present several tasks from my real projects and solutions we designed for them. This talk is very application oriented and allows participants to extend their vision of concurrent programming.
SpringOne Platform 2016
Speakers: Kevin Hoffman; Advisory Solutions Architect, Pivotal & Chris Umbel; Advisory Architect, Pivotal
With the advent of ASP.NET Core, developers can now build cross-platform microservices in .NET. We can build services on the Mac, Windows, or Linux and deploy anywhere--most importantly to the cloud.
In this session we'll talk about Cloud Native .NET, building .NET microservices, and deploying them to the cloud. We'll build services that participate in a robust ecosystem by consuming OSS servers such as Spring Cloud Configuration Server and Eureka. We'll also show how these .NET microservices can take advantage of circuit breakers and be automatically deployed to the cloud via CI/CD pipelines.
A Decentralized Autonomous Organization is governed by a set of software rules enacted by smart contracts on a blockchain. Potential use-cases are presented, as well as current applications of the technologies. DAOs promise to enable novel decision-making processes in an organization, innovate the current business models, and create new ones.
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
Hyperledger Fabric is a blockchain framework implementation initially developed by Digital Asset and IBM and now hosted by Linux Foundation under the hyperledger project. Fabric joined the hyperledger project for incubation in the early 2016 and after 1 year of incubation, it became the first project get into the ‘active’ state. On July 11, 2017, the hyperledger Technical Steering Committee announced their first production-ready distributed ledger codebase, Hyperledger Fabric V1.0
Kubernetes and Bluemix introduction along with the sample demo application(Color Cluster) on IBM Bluemix Container Service(BCS). Also, some advanced features provided by IBM. Sample code for the repo is here, [Kuberbetes Bluemix Demo](https://github.com/mohan08p/KubernetesMeetup/tree/master/14th%20Oct%202017/ColorDemo)
WSO2Con US 2015 Kubernetes: a platform for automating deployment, scaling, an...Brian Grant
Kubernetes can run application containers on clusters of physical or virtual machines.
It can also do much more than that.
Kubernetes satisfies a number of common needs of applications running in production, such as co-locating helper processes, mounting storage systems, distributing secrets, application health checking, replicating application instances, horizontal auto-scaling, load balancing, rolling updates, and resource monitoring.
However, even though Kubernetes provides a lot of functionality, there are always new scenarios that would benefit from new features. Ad hoc orchestration that is acceptable initially often requires robust automation at scale. Application-specific workflows can be streamlined to accelerate developer velocity.
This is why Kubernetes was also designed to serve as a platform for building an ecosystem of components and tools to make it easier to deploy, scale, and manage applications. The Kubernetes control plane is built upon the same APIs that are available to developers and users, implementing resilient control loops that continuously drive the current state towards the desired state. This design has enabled Apache Stratos and a number of other Platform as a Service and Continuous Integration and Deployment systems to build atop Kubernetes.
This presentation introduces Kubernetes’s core primitives, shows how some of its better known features are built on them, and introduces some of the new capabilities that are being added.
Business use of Social Media and Impact on Enterprise ArchitectureNUS-ISS
Presented on 7 March 2013 at The Architecture Community of Practice (ACoP) Forum at the Intstitute of Systems Science, National University of Singapore.
Web: www.iss.nus.edu.sg
Twitter:#ISSNUS
Facebook: www.facebook.com/ISS.NUS
A brief study on Kubernetes and its componentsRamit Surana
Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of "labels" and "pods", it groups the containers which make up an application into logical units for easy management and discovery.
Orchestrating Microservices with Kubernetes Weaveworks
- Kubernetes Concepts
- Hands on: Using kubeadm to stand up a Kubernetes cluster
- Hands on: Using kubectl to make changes to running Kubernetes cluster
The best cryptocurrency wallets allow individuals to send and collect coins and track their holdings. This type of wallet may be advantageous given that it increases safety in that digital currency can be transacted online using blockchain technology.
Blockchin architecture & use cases -part-2Mohammad Asif
In this session we have discussed some block chain real world use cases, different block-chain network and demo to setup hyper-ledger fabric network on Azure VM and installing chain code on peers.
apidays LIVE London 2021 - Open Insurance & Smart Contracts by Giovanni Lesna...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
APIs in Finance: The Next Evolution
Open Insurance & Smart Contracts
Giovanni Lesna, Head of Enterprise at API3
This is a talk I gave on patterns and antipatterns of SOA, based on my understandings and practices and inspired by Ron Jacobs famous webcast by the same name.
Blockchain is a technology for a new generation of transactional applications that establishes trust,
accountability and transparency while streamlining processes in business networks. Think of it as
an operating system for interactions between participants in a business network. It has the potential
to vastly reduce the cost and complexity of getting things done
WSO2 API Manager is a 100% open source API management solution, complete with API publishing, lifecycle management, developer portal, access control and analytics.
Next-Generation Spring Data and MongoDBVMware Tanzu
MongoDB 4.0, scheduled for release in Summer 2018, will add support for multi-document ACID transactions. Through snapshot isolation, transactions will provide a consistent view of data, and enforce all-or-nothing execution to maintain data integrity. Transactions in MongoDB will feel just like transactions developers are familiar with from relational databases, and will be easy to add to any application that needs them.
The addition of multi-document transactions will make it easier than ever for developers to address a complete range of use cases with MongoDB, although for many, simply knowing that they are available will provide critical peace of mind. The latest MongoDB 3.6 server release already ships with the main building block for those, client sessions.
The Spring Data team has implemented synchronous and reactive transaction support in preparation for the MongoDB 4.0 release, built on top of MongoDB sessions. Learn more about Spring Data MongoDB, and many new capabilities in the forthcoming Spring Data Lovelace release!
Presenters : Christoph Strobl, Pivotal and Mat Keep, MongoDB
For a long time APIs have largely been an exercise at the edge of complexity. They provide an engaging interface to attract developers, perhaps an underlying platform to monitor their consumption, and a means for those interested in whatever drives our backend to manage that success. That type interaction demands a certain type of interaction. But what happens in a backend world of microservices? Do we really have the same API needs and flexibility concerns at the mesh that we do at the edge and how might we best address these two worlds going forward? I will present the case for edge, the case for the mesh and try to bridge whatever space we have between them: chasm or ditch.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
At its core, the challenge of managing Human Resources data is an integration challenge: estimates range from 2-3 HR systems in use at a typical SMB, up to a few dozen systems implemented amongst enterprise HR departments, and these systems seldom integrate seamlessly between themselves. Providing a multi-tenant, cloud-native solution to integrate these hundreds of HR-related systems, normalize their disparate data models and then render that consolidated information for stakeholder decision making has been a substantial undertaking, but one significantly eased by leveraging Ballerina. In this session, we’ll cover:
The overall software architecture for VHR’s Cloud Data Platform
Critical decision points leading to adoption of Ballerina for the CDP
Ballerina’s role in multiple evolutionary steps to the current architecture
Roadmap for the CDP architecture and plans for Ballerina
WSO2’s partnership in bringing continual success for the CD
The integration landscape is changing rapidly with the introduction of technologies like GraphQL, gRPC, stream processing, iPaaS, and platformless. However, not all existing applications and industries can keep up with these new technologies. Certain industries, like manufacturing, logistics, and finance, still rely on well-established EDI-based message formats. Some applications use XML or CSV with file-based communications, while others have strict on premises deployment requirements. This talk focuses on how Ballerina's built-in integration capabilities can bridge the gap between "old" and "new" technologies, modernizing enterprise applications without disrupting business operations.
Platformless Horizons for Digital AdaptabilityWSO2
In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.
Quantum computers are rapidly evolving and are promising significant advantages in domains like machine learning or optimization, to name but a few areas. In this keynote we sketch the underpinnings of quantum computing, show some of the inherent advantages, highlight some application areas, and show how quantum applications are built.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
2. Causes of Volatility of RPC
(i.e. Synchronous Communication)
o Time Dependency
≈ All ingredients have to be available at same 8me
o Format Dependency
≈ Number and types of parameters must match
o Reference Dependency
≈ Hard-coded addresses
o PlaAorm Dependency
≈ Internal representa8ons of data (liDle/big endian...)
This is 8ght coupling!
5. Loose Coupling in SOA
o Reference Autonomy
o Client interacts with an endpoint (oRen a URI) not with a concrete
program, i.e. client doesn’t know the actual service
o Time Autonomy
o Asynchronous bindings (JMS,…) can be used
o Reply-to header, Correla8on header,… support
asynchrony even over synchronous transports
o Format Autonomy
o Binding specifies serializa8on format
o Transforma8on can be done “invisibly” along
the wire
o PlaAorm Autonomy
o Client interacts with service without having to
know programming language, hos8ng environment,… of service
7. We Will See in What Follows...
REST architectural style supports loose coupling
8. Reference Autonomy in REST: URIs
Resource
Implementation
Resource
Implementation
Resource
Resource
URIClient
REST Server
o URI decouples from knowing the actual func8on
implementa8on
o HATEOAS goes beyond (see later)
13. REST Maturity Model
(aka Richardson Maturity Model)
■ Support of HATEOAS
■ Use of appropriate HTTP methods
to manipulate individual resources
■ Use of appropriate HTTP status
codes
■ Individual resources are iden8fied
■ Use of single method (typically
POST)
■ Method invoked on individual
resource
■ Similar to “objects”
■ HTTP is used as a transport only
■ Single entry point only
■ Use of single method (typically
POST)
■ Examples: SOAP, XML-RPC
Swamp of POX
Resources
HTTP Verbs
Hypermedia Controls
Level 0
Level 1
Level 2
Level 3
14.
15. o …microservice architectural style is an approach to
o developing a single applica8on as a suite of small services,
o each running in its own process and
o communica8ng with lightweight mechanisms, oRen an HTTP
resource API.
o These services are built
o around business capabili8es and
o independently deployable by fully automated deployment
machinery.
o There is a bare minimum of centralized management of
these services, which
o may be wriDen in different programming languages and
o use different data storage technologies.
Definition: Quote(*)
(*) J. Lewis & M. Fowler: “Microservices” (2015), hDp://mar8nfowler.com/ar8cles/
microservices.html
16. Microservice: Main Properties
Microservice is
■ small
■ running in its own process
(or container these days)
■ communica8ng oRen [via] HTTP
■ built around business capabili8es
■ wriDen in different programming
languages
■ use different data storage
technologies
■ independently deployable by fully
automated deployment machinery
16
…whatever that means
True for many (!) service
True for many (!) service,
and most REST services
That’s what services are
That’s interes8ng
20. o Micro-Services are all about…
o …proper granularity of components
o …independent deployment
o They are not a counter-proposal to SOA
o They do not prove that SOA failed
o In the opposite: they require loose coupling,…
o They require a methodology to determine “proper granules” for
components
o …something like the holy grail of soRware engineering for
decades!
o …so, don’t expect your middleware vendors to solve this
problem for you! It’s all about YOU solving an very difficult
architecture/design problem!!!
The Essence of Micro-Services
21. What does it mean?
Let’s explore what this means for your design
22. o Each microservice should have it’s
own databases and Data MUST not
be shared via a database
o This Remove tight coupling via
database schema
o However, strong consistency ( if
needed) across data sources is hard in
that case.
o You either have to do distributed
transactions (DON’T) or use
compensations.
No Shared DBs
23. o If updates happens only in one microservice (e.g. loan
approval process check the balance), you can use a
asynchronous messaging (message queue).
o If updates happen in both services, perhaps, you need to
consider merging the two services. ( for example see
https://www.tigerteam.dk/2014/micro-services-its-not-only-
the-size-that-matters-its-also-how-you-use-them-part-2/ )
o If not see Next slide: Transaction
When data (DB) is shared?
24. o When possible, avoid transactions crossing microservice boundaries
o Depend lesser guarantees ( e.g. use timeouts, update via
persistent messaging): see
Starbucks Does Not Use Two-Phase Commit and
https://news.ycombinator.com/item?id=7995130
o Use compensation
o Read
Life Beyond Distributed Transactions: An Apostate’s Opinion
o There are some use cases where you must do distributed
transactions ( that cross microservice boundaries)
o Those MUST use transactions (e.g.
http://jbossts.blogspot.com/2015/04/microservices-and-
transactions-update.html)
Transactions
25. the commonly understood “contract” between microservices is that
their APIs are stable and forward compatible.
Forward compatibility is a design characteristic that allows a system to gracefully
accept input intended for a later version of itself
o Idea is that microservice can switch to new versions, without all it’s
dependencies having to switch.
o Idea is loose coupling letting each party evolve individually
o Good idea to do explicit API versioning
o Might be costly in same cases, also support for older versions have
to be dropped at some point
APIs are forward compatible
27. o Old method is service call DB or Identity Server
o Doing that from a Microservice is questionable
o Common method is client talks to identity server, get a token and
present it to microservice which verify the token. SAML tokens can
be verified by microservice itself, while OAuth tokens usually needs
a call to Identity Server.
o See following for more information
http://nordicapis.com/how-to-control-user-identity-within-
microservices/
MicroService Security (Contd.)
30. o Micro services are not allowed to talk to each other (e.g. as per
http://www.infoq.com/presentations/domain-service-aggregator,
aggregation is done at client browser)
o MicroServices view is no central server like ESB or BPS and do
composition at client.
o For this some has recommended using "backends for
frontends" (BFF) [1] and some even claims to be using it [2]. But
then, we are back at ESB, maybe little bit less logic at integration
layer but almost the same.
1. https://www.safaribooksonline.com/library/view/Building
+Microservices/9781491950340/ch04.html
2. http://www.slideshare.net/grandbora/microservices-
soundcloud slide 39
Composition of Microservices
31. o Overhead driving it from client which might be behind
slow network,
o Might add security concerns ( I can hack my app to give
me a loan)
o MicroServices so far talk about websites, and most
complex compositions often come from other use cases.
So general applicability of composition at the client yet to
be demonstrated.
o Where to keep the State? Can client be trusted to keep the
state of the workflow
Composition of Microservices:
Problems
32. o OK to use pure client driven model, if above drawbacks are not a
Major concern.
o If they are a concern, you need use centralized orchestrator ( use
SOA approach). For example
http://www.infoq.com/articles/microservices-intro propose to use
a API Gateway, which pretty much the SOA Approch.
Composition of Microservices:
Conclusion
33. o Goal of Microservices is loose coupling
o Reference, Time, Format, Platform Autonomy
o Micro-Services are all about…
o …proper granularity of components
o …independent deployment
o It is an further evolution of SOA ideas
o It is still evolving concepts, and some ground truths are
being established.
Conclusion