Apache Cayenne is an open source object-relational mapping framework for Java. It has been an Apache project since 2006 and has over 17 committers and 9 project management committee members. Cayenne provides tools for mapping database schemas to Java objects and vice versa, as well as tools for querying, caching query results, and handling object lifecycles. It aims to simplify working with relational databases for Java developers in a similar way to how Enterprise Objects Framework simplified it for Objective-C developers.
Very often, if not always, we need to create jobs running periodically. It can be database cleanup, mail sending, statistics calculations, … One implementation among other is to create DirectActions invoked by Cron but there is a better option: Quartz. Quartz is a famous java open source library that allows developers to create jobs easily. In this session, you will learn how it's easy to integrate Quartz in your WebObjects application and how you can use job persistance based on EOF.
JDK.IO 2016 (http://jdk.io)
Java EE 7 introduced a new batch processing API. This session will go over how to use the batch processing API introduced with Java EE 7. This API is makes it easy to implement long running data/compute intensive jobs which need to be scheduled or initiated on-demand. Basics of the API will be demonstrated via code samples. The API will also be compared to Spring Batching and Hadoop to provide context and guidance on when these technologies are appropriate.
Node.js Development with Apache NetBeansRyan Cuprak
This session covers the basics of developing Node.js applications with NetBeans. NetBeans includes fully integrated support for both JavaScript and Node.js. You’ll get a tour of the features and learn how NetBeans can accelerate your projects. The presentation looks at basic code editing capabilities provided by the IDE, tool integration (npm/Grunt/Bower/Webpack), frameworks such as Express, and debugging capabilities. You’ll see why NetBeans is the best free JavaScript/Node.js IDE.
Don't Wait! Develop Responsive Applications with Java EE7 InsteadWASdev Community
The document discusses how to develop responsive applications with Java EE7. It focuses on using asynchronous processing and non-blocking I/O to maximize throughput and handle many requests. Key technologies discussed include JAX-RS 2.0 asynchronous processing, the Concurrency Utilities, the WebSocket API, and non-blocking I/O in Servlet 3.1. Code examples are provided for implementing asynchronous processing using these different Java EE 7 technologies.
Java 9 ships in July, are you ready for Java 9 modules? Java 9 modules (aka Project Jigsaw) is the biggest fundamental change to the Java runtime. Code that use Oracle/Sun private APIs will break. This session will cover the basics of Java 9 modules and also the current state of tooling. The ramifications to existing and legacy applications will be covered along with the steps you’ll need to take to harness the power of modules and write more maintainable systems.
Gradle is an open source build automation tool that uses Groovy for its build configuration files rather than XML like Maven. It offers features like incremental compilation, parallel task execution, and a built-in dependency management system. Projects can be configured as multi-module builds with hierarchical or flat layouts. Gradle supports plugins for tasks like compilation, testing, packaging, and publishing. It integrates with IDEs like IntelliJ, Eclipse, and NetBeans and can be used to build Java EE applications and other projects.
Apache Cayenne is an open source object-relational mapping framework for Java. It has been an Apache project since 2006 and has over 17 committers and 9 project management committee members. Cayenne provides tools for mapping database schemas to Java objects and vice versa, as well as tools for querying, caching query results, and handling object lifecycles. It aims to simplify working with relational databases for Java developers in a similar way to how Enterprise Objects Framework simplified it for Objective-C developers.
Very often, if not always, we need to create jobs running periodically. It can be database cleanup, mail sending, statistics calculations, … One implementation among other is to create DirectActions invoked by Cron but there is a better option: Quartz. Quartz is a famous java open source library that allows developers to create jobs easily. In this session, you will learn how it's easy to integrate Quartz in your WebObjects application and how you can use job persistance based on EOF.
JDK.IO 2016 (http://jdk.io)
Java EE 7 introduced a new batch processing API. This session will go over how to use the batch processing API introduced with Java EE 7. This API is makes it easy to implement long running data/compute intensive jobs which need to be scheduled or initiated on-demand. Basics of the API will be demonstrated via code samples. The API will also be compared to Spring Batching and Hadoop to provide context and guidance on when these technologies are appropriate.
Node.js Development with Apache NetBeansRyan Cuprak
This session covers the basics of developing Node.js applications with NetBeans. NetBeans includes fully integrated support for both JavaScript and Node.js. You’ll get a tour of the features and learn how NetBeans can accelerate your projects. The presentation looks at basic code editing capabilities provided by the IDE, tool integration (npm/Grunt/Bower/Webpack), frameworks such as Express, and debugging capabilities. You’ll see why NetBeans is the best free JavaScript/Node.js IDE.
Don't Wait! Develop Responsive Applications with Java EE7 InsteadWASdev Community
The document discusses how to develop responsive applications with Java EE7. It focuses on using asynchronous processing and non-blocking I/O to maximize throughput and handle many requests. Key technologies discussed include JAX-RS 2.0 asynchronous processing, the Concurrency Utilities, the WebSocket API, and non-blocking I/O in Servlet 3.1. Code examples are provided for implementing asynchronous processing using these different Java EE 7 technologies.
Java 9 ships in July, are you ready for Java 9 modules? Java 9 modules (aka Project Jigsaw) is the biggest fundamental change to the Java runtime. Code that use Oracle/Sun private APIs will break. This session will cover the basics of Java 9 modules and also the current state of tooling. The ramifications to existing and legacy applications will be covered along with the steps you’ll need to take to harness the power of modules and write more maintainable systems.
Gradle is an open source build automation tool that uses Groovy for its build configuration files rather than XML like Maven. It offers features like incremental compilation, parallel task execution, and a built-in dependency management system. Projects can be configured as multi-module builds with hierarchical or flat layouts. Gradle supports plugins for tasks like compilation, testing, packaging, and publishing. It integrates with IDEs like IntelliJ, Eclipse, and NetBeans and can be used to build Java EE applications and other projects.
12 Things About WebLogic 12.1.3 #oow2014 #otnla15Frank Munz
This document summarizes 12 key things to know about Oracle WebLogic Server 12c. It discusses the new lightweight installer, per domain node manager, server templates, dynamic clusters, unified management APIs, Java Mission Control monitoring, built-in WLDF modules, RESTful management APIs, Java EE 7 support, new Maven goals, and using WebLogic with Docker containers. The presentation provides an overview of new and updated features in WebLogic 12c and highlights reasons to upgrade from previous versions.
Java EE 8 Presentation given at NYC Java SIG on May 4, 2017. This presentation provides the latest information on the forthcoming release of Java EE 8 in June.
The document provides an overview of the Java EE 8 specification update including proposed enhancements and changes. Key points include:
- Servlet 4.0 will add support for HTTP/2 to improve performance. Other specifications like JAX-RS 2.1 and JSF 2.3 will be enhanced.
- Some originally planned specifications like JMS 2.1 and Java EE Management 2.0 may be dropped from Java EE 8.
- A "reboot" was conducted and the scope of some specs like Security 1.0 was expanded. New specifications around areas like health checking and configuration may be added.
- Specification groups are actively working on drafts and milestones for specs like CDI
A general- ‐purpose build automation tool. It can automate building, testing, deployment, publishing, generate documentation etc.
Designed to take advantage of convention over configuration.
Combines the power and flexibility of Ant with the dependency management and
conventions of Maven into a more effective way to build.
The document provides an introduction to Typesafe Activator and the Play Framework. It discusses how Activator is a tool that helps developers get started with the Typesafe Reactive Platform and Play applications. It also covers some core features of Play like routing, templates, assets, data access with Slick and JSON, and concurrency with Futures, Actors, and WebSockets.
Boost Development With Java EE7 On EAP7 (Demitris Andreadis)Red Hat Developers
JBoss EAP7 brings support for the most recent industry standards and technologies, including Java EE7, the latest edition of the premier enterprise development standard. This session will provide an overview of the major additions to Java EE7, and how your team can use these capabilities on the advanced EAP7 runtime to produce better applications with less code.
The Play Framework is a web framework for Java and Scala that provides a lightweight and scalable architecture built on Akka. It allows for the creation of RESTful applications with non-blocking I/O and real-time capabilities. Play embraces modern web technologies and includes features for persistence, security, internationalization and more.
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12cBruno Borges
This document provides an overview and agenda for a presentation on developing Java EE applications for WebLogic 12c with IntelliJ IDEA. The presentation agenda includes an overview of Oracle WebLogic 12c, installing and configuring WebLogic 12c and IntelliJ IDEA, and developing Java EE applications. It also discusses features of WebLogic 12c such as dynamic clusters, high availability, database integration, developer tools and technologies.
Scala is an alternative JVM language with both object-oriented and functional programming paradigms. Scala development with the Java EE 7 platform is definitely possible and can be a pleasant experience. If you have uncertainty about how Scala can fit around the Java EE 7 platform, then this session aims to illustrate the huge benefit that Scala adoption can bring to the platform. Many other developers are taking advantage and the challenge of the JVM’s capability of being a vessel for multi-language programming. You no longer have to write every single project using Java, even if you like Lambdas experiences. For the developer and engineering terms that feeling a little braver than usual, Scala is attractive as it is strongly typed and lets you set the gauge on how object oriented or how functional you want to be. You will learn how to reuse the annotations and creating Scala plain object safely and concisely. This session will highlight and contrast the experience I had developing Scala solutions with Java EE, and there will be plenty of advice about using the functional programming features against the Java object oriented API.
Scala language overview
Java EE 7 architecture and design
WildFly 8 application server
Using Gradle as a build tool
How to create beans in Scala with dependency injection
JAX-RS endpoints
Servlet Endpoints
JMS Messaging
Scala adoption advice and hints for sustainable team development
An application server is software that hosts web applications and provides additional services for them. Oracle uses WebLogic Server as its application server for Oracle Fusion Middleware. The document discusses deploying WebLogic Server on Oracle Database Appliance (ODA) hardware, which provides an integrated and automated setup of WebLogic Server and Oracle Real Application Clusters.
AAI 2236-Using the New Java Concurrency Utilities with IBM WebSphereKevin Sutter
The document discusses the new Java Concurrency Utilities introduced in Java EE 7, including managed executor services, scheduled executor services, managed thread factories, and context services that allow execution of asynchronous tasks on managed threads while propagating common Java EE contexts. It outlines the goals and APIs of these services and provides examples of how developers can utilize managed executor services, scheduled executor services, and context services in Java EE applications to support concurrency patterns. The document also lists additional related sessions at the InterConnect 2015 conference that may be of interest.
This document summarizes Josh Long's presentation on updates to the Spring framework. It discusses:
- Spring Framework versions 3.1, 3.2, and the upcoming 4.0 release
- New features in Spring 3.1 including environment profiles, Java-based configuration, caching, and Servlet 3.0 support
- Plans for Spring 3.2 including a Gradle build, contribution model on GitHub, and asynchronous MVC processing
- Changes to plans for Spring 3.2 where support for Java EE 7 and Java SE 8 was postponed due to delays in those projects. Spring 3.2 will instead focus on core framework refinements with Java 8 and EE 7 features planned for Spring 3.
Login information and group memberships (identity) often are centrally managed in Enterprises. Many systems use this information to, for example, achieve Single Sign On (SSO) functionality. Surprisingly, access to the Weblogic Server Console and applications is often not centrally managed. I will explain why centralizing management of these identities, in addition to increased security, quickly starts reducing operational cost and even increases developer productivity. During a demonstration, I will introduce several methods for debugging authentication using an external authentication provider in order to lower the bar to apply this pattern. This technically oriented presentation is especially useful for people working in operations managing Weblogic Servers.
WebLogic 12.2 introduces new multitenancy features including:
- Improved high density deployment features through microcontainers and partitions that allow for increased isolation between tenant applications and resources.
- Enhanced multitenancy capabilities including live partition migration to move running partitions between clusters with zero downtime.
- Continuous availability features such as automated data center setup and failover, cross-domain transaction recovery, and multitenant live partition migration.
Remote Procedure Calls in GWT allow Java server code to be called from GWT clients using procedure-like calls that can pass complex objects. The document discusses how GWT RPC is implemented, best practices for using RPC effectively including embracing asynchrony, using data transfer objects to avoid abstraction issues, and considerations for integrating RPC with server-side frameworks. Future directions for GWT RPC such as improved merging of updated objects from the client are also mentioned.
The document introduces the Play Framework version 2.1 and highlights its key features. It demonstrates building a sample application in Scala using Play's reactive, non-blocking architecture. Key features discussed include Play's built-in support for Scala, reactive programming, JSON APIs, routing, templates, and testing.
Connector/J is a popular Java database connector for connecting to MySQL databases. It allows building Java applications that connect to MySQL and provides features for high availability access. The presentation discusses using Connector/J to connect to MySQL for basic queries, in Tomcat applications, and for high availability configurations like replication, multi-master replication, MySQL Fabric, and MySQL Cluster. It also covers monitoring connections using tools like MySQL Enterprise Monitor.
This document discusses Spring Framework 4.0 and its support for Java 8 features. Spring 4.0 will include first-class support for Java 8 language features like lambda expressions and the new date/time API. It will also support upcoming Java EE 7 specifications. Some initial challenges in supporting Java 8 included differences in bytecode versions and hash algorithm changes. The document provides examples of using Java 8 lambda expressions with Spring's JdbcTemplate. It also discusses the state of Java 8 and tool support as Spring 4.0 development progresses.
Welcome to presentation on Spring boot which is really great and relatively a new project from Spring.io. Its aim is to simplify creating new spring framework based projects and unify their configurations by applying some conventions. This convention over configuration is already successfully applied in so called modern web based frameworks like Grails, Django, Play framework, Rails etc.
12 Things About WebLogic 12.1.3 #oow2014 #otnla15Frank Munz
This document summarizes 12 key things to know about Oracle WebLogic Server 12c. It discusses the new lightweight installer, per domain node manager, server templates, dynamic clusters, unified management APIs, Java Mission Control monitoring, built-in WLDF modules, RESTful management APIs, Java EE 7 support, new Maven goals, and using WebLogic with Docker containers. The presentation provides an overview of new and updated features in WebLogic 12c and highlights reasons to upgrade from previous versions.
Java EE 8 Presentation given at NYC Java SIG on May 4, 2017. This presentation provides the latest information on the forthcoming release of Java EE 8 in June.
The document provides an overview of the Java EE 8 specification update including proposed enhancements and changes. Key points include:
- Servlet 4.0 will add support for HTTP/2 to improve performance. Other specifications like JAX-RS 2.1 and JSF 2.3 will be enhanced.
- Some originally planned specifications like JMS 2.1 and Java EE Management 2.0 may be dropped from Java EE 8.
- A "reboot" was conducted and the scope of some specs like Security 1.0 was expanded. New specifications around areas like health checking and configuration may be added.
- Specification groups are actively working on drafts and milestones for specs like CDI
A general- ‐purpose build automation tool. It can automate building, testing, deployment, publishing, generate documentation etc.
Designed to take advantage of convention over configuration.
Combines the power and flexibility of Ant with the dependency management and
conventions of Maven into a more effective way to build.
The document provides an introduction to Typesafe Activator and the Play Framework. It discusses how Activator is a tool that helps developers get started with the Typesafe Reactive Platform and Play applications. It also covers some core features of Play like routing, templates, assets, data access with Slick and JSON, and concurrency with Futures, Actors, and WebSockets.
Boost Development With Java EE7 On EAP7 (Demitris Andreadis)Red Hat Developers
JBoss EAP7 brings support for the most recent industry standards and technologies, including Java EE7, the latest edition of the premier enterprise development standard. This session will provide an overview of the major additions to Java EE7, and how your team can use these capabilities on the advanced EAP7 runtime to produce better applications with less code.
The Play Framework is a web framework for Java and Scala that provides a lightweight and scalable architecture built on Akka. It allows for the creation of RESTful applications with non-blocking I/O and real-time capabilities. Play embraces modern web technologies and includes features for persistence, security, internationalization and more.
Developing Java EE Applications on IntelliJ IDEA with Oracle WebLogic 12cBruno Borges
This document provides an overview and agenda for a presentation on developing Java EE applications for WebLogic 12c with IntelliJ IDEA. The presentation agenda includes an overview of Oracle WebLogic 12c, installing and configuring WebLogic 12c and IntelliJ IDEA, and developing Java EE applications. It also discusses features of WebLogic 12c such as dynamic clusters, high availability, database integration, developer tools and technologies.
Scala is an alternative JVM language with both object-oriented and functional programming paradigms. Scala development with the Java EE 7 platform is definitely possible and can be a pleasant experience. If you have uncertainty about how Scala can fit around the Java EE 7 platform, then this session aims to illustrate the huge benefit that Scala adoption can bring to the platform. Many other developers are taking advantage and the challenge of the JVM’s capability of being a vessel for multi-language programming. You no longer have to write every single project using Java, even if you like Lambdas experiences. For the developer and engineering terms that feeling a little braver than usual, Scala is attractive as it is strongly typed and lets you set the gauge on how object oriented or how functional you want to be. You will learn how to reuse the annotations and creating Scala plain object safely and concisely. This session will highlight and contrast the experience I had developing Scala solutions with Java EE, and there will be plenty of advice about using the functional programming features against the Java object oriented API.
Scala language overview
Java EE 7 architecture and design
WildFly 8 application server
Using Gradle as a build tool
How to create beans in Scala with dependency injection
JAX-RS endpoints
Servlet Endpoints
JMS Messaging
Scala adoption advice and hints for sustainable team development
An application server is software that hosts web applications and provides additional services for them. Oracle uses WebLogic Server as its application server for Oracle Fusion Middleware. The document discusses deploying WebLogic Server on Oracle Database Appliance (ODA) hardware, which provides an integrated and automated setup of WebLogic Server and Oracle Real Application Clusters.
AAI 2236-Using the New Java Concurrency Utilities with IBM WebSphereKevin Sutter
The document discusses the new Java Concurrency Utilities introduced in Java EE 7, including managed executor services, scheduled executor services, managed thread factories, and context services that allow execution of asynchronous tasks on managed threads while propagating common Java EE contexts. It outlines the goals and APIs of these services and provides examples of how developers can utilize managed executor services, scheduled executor services, and context services in Java EE applications to support concurrency patterns. The document also lists additional related sessions at the InterConnect 2015 conference that may be of interest.
This document summarizes Josh Long's presentation on updates to the Spring framework. It discusses:
- Spring Framework versions 3.1, 3.2, and the upcoming 4.0 release
- New features in Spring 3.1 including environment profiles, Java-based configuration, caching, and Servlet 3.0 support
- Plans for Spring 3.2 including a Gradle build, contribution model on GitHub, and asynchronous MVC processing
- Changes to plans for Spring 3.2 where support for Java EE 7 and Java SE 8 was postponed due to delays in those projects. Spring 3.2 will instead focus on core framework refinements with Java 8 and EE 7 features planned for Spring 3.
Login information and group memberships (identity) often are centrally managed in Enterprises. Many systems use this information to, for example, achieve Single Sign On (SSO) functionality. Surprisingly, access to the Weblogic Server Console and applications is often not centrally managed. I will explain why centralizing management of these identities, in addition to increased security, quickly starts reducing operational cost and even increases developer productivity. During a demonstration, I will introduce several methods for debugging authentication using an external authentication provider in order to lower the bar to apply this pattern. This technically oriented presentation is especially useful for people working in operations managing Weblogic Servers.
WebLogic 12.2 introduces new multitenancy features including:
- Improved high density deployment features through microcontainers and partitions that allow for increased isolation between tenant applications and resources.
- Enhanced multitenancy capabilities including live partition migration to move running partitions between clusters with zero downtime.
- Continuous availability features such as automated data center setup and failover, cross-domain transaction recovery, and multitenant live partition migration.
Remote Procedure Calls in GWT allow Java server code to be called from GWT clients using procedure-like calls that can pass complex objects. The document discusses how GWT RPC is implemented, best practices for using RPC effectively including embracing asynchrony, using data transfer objects to avoid abstraction issues, and considerations for integrating RPC with server-side frameworks. Future directions for GWT RPC such as improved merging of updated objects from the client are also mentioned.
The document introduces the Play Framework version 2.1 and highlights its key features. It demonstrates building a sample application in Scala using Play's reactive, non-blocking architecture. Key features discussed include Play's built-in support for Scala, reactive programming, JSON APIs, routing, templates, and testing.
Connector/J is a popular Java database connector for connecting to MySQL databases. It allows building Java applications that connect to MySQL and provides features for high availability access. The presentation discusses using Connector/J to connect to MySQL for basic queries, in Tomcat applications, and for high availability configurations like replication, multi-master replication, MySQL Fabric, and MySQL Cluster. It also covers monitoring connections using tools like MySQL Enterprise Monitor.
This document discusses Spring Framework 4.0 and its support for Java 8 features. Spring 4.0 will include first-class support for Java 8 language features like lambda expressions and the new date/time API. It will also support upcoming Java EE 7 specifications. Some initial challenges in supporting Java 8 included differences in bytecode versions and hash algorithm changes. The document provides examples of using Java 8 lambda expressions with Spring's JdbcTemplate. It also discusses the state of Java 8 and tool support as Spring 4.0 development progresses.
Welcome to presentation on Spring boot which is really great and relatively a new project from Spring.io. Its aim is to simplify creating new spring framework based projects and unify their configurations by applying some conventions. This convention over configuration is already successfully applied in so called modern web based frameworks like Grails, Django, Play framework, Rails etc.
Continuous Security: From tins to containers - now what!Michael Man
The document discusses securing containers throughout their lifecycle from selection of base images and configuration to runtime. It emphasizes applying security controls at each stage including static analysis of Dockerfiles, scanning of images for vulnerabilities, and using admission controllers in Kubernetes to enforce policies for privileges, network access, and resource usage. The document demonstrates potential security risks if containers are not secured properly and provides examples of admission controllers and best practices to mitigate those risks in Kubernetes.
This talk will focus on how we deploy and manage CentOS on our fleet at Facebook, and showcase challenges, best practices and lessons learned working with a deployment of hundreds of thousands of machines. We'll discuss challenges encountered over the years, tools that we developed to overcome them, the process used to integrate upstream updates, packaging tools and workflows and configuration management challenges. The talk is mostly focused on bare metal, but will cover some container best practices as well. We'll also focus on our interactions with the RPM, Yum, Anaconda and systemd projects to showcase how to work with the upstream community.
This document provides an overview and demonstration of Security Onion, an open-source Linux distribution for intrusion detection and network security monitoring. It describes Security Onion's tools like Snort, Sguil, Pulled Pork, Snorby and Daemonlogger. The document demonstrates how to install Security Onion, use its tools to analyze network traffic, view alerts and raw packet captures. It also provides challenges for users to further explore Security Onion's capabilities.
WSO2Con USA 2015: Revolutionizing WSO2 PaaS with Kubernetes & App FactoryWSO2
Containerization is now becoming the most efficient way of developing and deploying software solutions in the cloud. It provides means of running applications with less resource usage, fast startup times, portability across machines, lightweight & layered container images, container image registries, multi-tenancy and many more additional advantages. Docker embraced this space by fulfilling the above requirements and attracting the industry within a very short period of time. Google solved container cluster management features by initiating the Kubernetes project over a decade of experience on running container technologies at scale. Now Kubernetes is in the process of adding more advanced PaaS features such as autoscaling, multicloud or region deployments and composite application model with best of breed ideas and practices from the community.
WSO2 App Factory and WSO2 App Cloud are application Platform as a Service (aPaaS) that provide application development and hosting deployed through these technologies. In this tutorial we will demonstrate how WSO2 products can be run on Kubernetes and the latest WSO2 App Cloud features.
Medooze MCU Video Multiconference Server Installation and configuration guide...sreeharsha43
This document provides instructions for installing and configuring a Medooze MCU videoconferencing system on Ubuntu 12.04 LTS. It describes how to install various software tools like Wireshark, Java JDK, and NetBeans IDE. It then explains how to install the Medooze Media Mixer Server and mcuWeb application. Finally, it outlines the steps to deploy mcuWeb in application servers like GlassFish, JBoss and Tomcat, and configure media mixers, video profiles, conferences and other features of the videoconferencing system.
FreeBSD is a complete open source operating system used by many companies for networking and servers. It includes tools, packages, and documentation. Some key features are ZFS filesystem, jails for virtualization, excellent networking stack as TCP/IP was developed on BSD, and security features like MAC frameworks. The community is very active in development and uses FreeBSD for many applications including routers, databases, and desktop use through bhyve virtualization.
The document provides instructions for installing Cacti, an open-source monitoring and graphing tool, on CentOS 5. It describes adding a repository, installing required packages, downloading and configuring Cacti, creating a MySQL database and user, editing configuration files, and setting up a cron job to populate graphs. Finally, it notes that the installation can be verified by accessing Cacti in a web browser and viewing example graphs populated with system data.
This document provides an overview of efforts to port Android 10 to inexpensive single board computers like the Orange Pi using only open source components. It discusses the requirements to use the latest Android version, a cheap board, only open source projects, and to have a working solution out of the box. The document outlines the project structure, including mainline kernel with patches, Mesa for graphics, and upstream HWComposer and audio HAL projects. It provides timeline details for graphics and video driver mainlining. Supported boards currently include Orange Pi PC, Plus2e and Raspberry Pi 4, with plans to expand support. Building instructions are provided.
This document discusses FreeBSD, an open source operating system. It provides an overview of FreeBSD, describing who uses it, why it's useful, its networking capabilities and improvements over time. Key points include that FreeBSD is a complete OS with over 24,000 packages, used by companies like Apple and Netflix. It has high performance, stability and security features like jails and ZFS filesystem. The networking stack is highly optimized and it can run Linux binaries through translation.
Remix of two other open source presentations along with my own content, 40 slides set to play at 20 seconds auto-timed (similar to Pecha-Kucha style timing). This was delivered via Caribbean Tech Dev forum's monthly Google Hangout in November 2015, and video can be viewed at https://www.youtube.com/watch?v=xANrsSin_-0
This document provides an overview of essential Linux commands and utilities for SQL Server DBAs. It covers topics such as Linux history, users and permissions, file editing and navigation commands like vi, process monitoring with ps and top, and system diagnostic utilities like sar, vmstat, and mpstat. The document aims to teach SQL Server DBAs basic Linux skills to manage their environment and troubleshoot issues.
This document provides instructions for integrating FreeRadius with Novell eDirectory to enable wireless authentication. It describes installing and configuring Novell OES Linux, applying necessary patches, installing FreeRadius and the RADIUS plugin for iManager, extending the eDirectory schema, generating certificates, and configuring FreeRadius, eDirectory, and clients. The goal is to set up wireless authentication against an eDirectory user directory using FreeRadius as the RADIUS server.
The document discusses GlassFish v3 Prelude and the Update Center. It summarizes that the Update Center can be installed via a bootstrap mechanism and registers a desktop notifier. It also shows examples of using the pkg command line tool to list, install, and manage software packages. Finally, it provides links to additional resources for more information.
The document provides instructions for installing and configuring OTRS (Open Ticket Request System) on a CentOS 5.5 server. It includes steps to configure the Apache web server and MySQL database, which are requirements for OTRS. It then describes downloading and installing the OTRS RPM package, and resolving any dependent package requirements to complete the OTRS installation.
Using and Customizing the Android Framework / part 4 of Embedded Android Work...Opersys inc.
1) The document provides an overview of using and customizing the Android framework, covering topics like kickstarting the framework, utilities and commands, system services internals, and creating custom services.
2) It describes the core building blocks of the framework, like services, Dalvik, and the boot process. It also covers utilities like am, pm, and dumpsys.
3) The document discusses native daemons like servicemanager and installd. It explains how to observe the system server and interact with services programmatically.
Similar to Deployment of WebObjects applications on FreeBSD (20)
This document describes KAAccessControl, a framework for managing user access control and permissions. It provides concise summaries in 3 sentences or less that provide the high level and essential information from the document.
The framework allows defining roles, profiles, lists and managing user permissions through annotations and configuration files. It handles authentication but does not provide the authentication mechanism. The framework manages the current user's profile and permissions and allows impersonating other users through its user service class. Components check permissions by annotating allowed roles and querying the framework's access control services.
The document describes an in-memory OLAP engine created by Samuel Pelletier to enable fast querying of multidimensional data with millions of facts. It loads data into memory as plain old Java objects (POJOs) for faster access compared to entity objects or SQL queries. Dimensions are modeled as classes to index the facts and compute summarized results. The engine is multithreaded and designed for simplicity and minimal dependencies.
Using Nagios to monitor your WO systemsWO Community
Nagios is an open source monitoring tool that has been available since 1999. It is commonly used to monitor servers, services, and applications. The document discusses how to install and configure Nagios on various platforms like CentOS, Ubuntu, and Mac OS X. It also provides examples of how to monitor common services like HTTP, MySQL, disk space, and custom applications using Nagios plugins. Graphing and alerting capabilities are discussed as well. The presentation concludes with a demonstration and Q&A section.
This document discusses various tools and techniques for building and deploying software, including Git, Git hooks, Puppet, native packages, and Maven. It provides examples of using post-receive Git hooks to deploy code to servers, configuring Puppet modules to install packages and configure services, creating native packages with tools like fpm and Ant, and bundling deployment scripts within packages.
The document discusses various strategies for achieving high availability of web applications and databases. It covers evaluating business requirements, DNS configuration, using cloud infrastructure or owning hardware, basic setups with application and database servers, database replication and clustering options, load balancing tools for Linux and cloud environments, auto scaling features, and monitoring. The key strategies presented include replicating databases, load balancing web traffic, auto-scaling cloud resources, and configuring failover between redundant application and database servers.
This document discusses enabling SOAP web services using ERJaxWS in WebObjects. It provides examples of how to create a SOAP service from Java classes or a WSDL, call an external SOAP service, handle data mapping and custom types, define web faults, create stateful services, add security, and troubleshoot SOAP services. Resources for further information on JAX-WS, JAXB, and SOAP are also included.
Chaining the Beast - Testing Wonder Applications in the Real WorldWO Community
This document discusses the importance of testing applications in the real world. It covers various types of testing including catching regressions, checking new features, and addressing issues like incorrect data or slow page responses. Specific testing methodologies are mentioned, like verifying models and business logic. The importance of usability testing is also covered, such as checking the appearance and interactivity of applications. Automated testing tools like Selenium are recommended for testing functionality across different browsers. Building invariant test pages can help find faults and browser-specific problems.
The document discusses stateful controllers in Direct To Web (D2W) applications built with WebObjects. It provides background on D2W and how controllers were traditionally implemented using ERDBranchDelegate and NextPageDelegate. Stateful controllers improve upon this by allowing controller classes to be reused across multiple pages while maintaining state between pages. This is done by overriding branchChoicesForContext to programmatically define branch choices and storing necessary objects like the editing context. The document provides examples of how stateful controllers can implement common page flows and interactions through utility methods while keeping code DRY and reusable.
This document discusses deploying WebObjects applications on Windows. It covers setting up the Windows and WebObjects prerequisites, configuring the basic WOStart application launcher and WOSetup, demoing the setup process, and using JavaMonitor and WOTaskD to manage multiple applications across hosts. It also discusses potential issues like debugging WOStart and the WOAdaptor, using IIS or Apache as the web server, and common pitfalls in a Windows deployment. URLs are provided for downloading needed tools and components.
The document discusses WOUnit, a unit testing framework for Wonder. It provides features like mocking the editing context, creating dummy objects to bypass validations, and spying on objects. Sample tests are shown to test validation rules and relationships. WOUnit aims to make testing simple, fast and support Wonder features like editing contexts through assertions and annotations like @Rule, @Dummy and @Spy.
This document discusses alternatives to using WebObjects for developing web applications. It summarizes the key aspects of a stack that could satisfy former WebObjects developers, including:
- Dependency injection frameworks like Spring and Google Guice that allow loose coupling between classes.
- HTML frameworks like Tapestry that are similar to WebObjects in allowing infinitely nestable page components.
- JAX-RS as a REST framework specification implemented by libraries like Jersey that maps HTTP requests to Java methods.
- Migrating from WebObjects by keeping its philosophies but rewriting code from scratch using these new frameworks, with tools to import existing data models and port components like DirectToWeb and DirectToJavaClient.
This document provides an overview and demonstrations of advanced Apache Cayenne concepts including:
1. Reusing Cayenne and service code between admin apps and discussing object context management.
2. Lifecycle events can be received via callbacks or listeners, with callbacks used for simple initialization and listeners for more complex workflows.
3. Caching in Cayenne includes object caching of entities by ID and query caching of result lists by generated keys, with local caching at the context level and shared caching at the domain level.
4. Demonstrations of object caching, query caching, and turning off cross-context synchronization, using query caching with expiration policies, and considering optimistic locking for performance.
The document discusses the steps for migrating an existing project to Wonder, including:
1) Moving the codebase to Git version control for branching during the migration process.
2) Preparing the codebase by adding packages, creating custom subclasses for components like the editing context and direct actions, and renaming any enum collisions.
3) Starting the actual wonderization by importing Wonder frameworks and removing duplicate jars.
This document discusses iOS application architecture and REST client implementation. It covers common iOS concepts like MVC, UIKit, table views and their data sources. It also describes a Comet architecture using a REST API and database to retrieve and display product data in a table. The controller implements the table view data source and delegate methods to display the data and handle user interactions like tapping rows.
This document discusses using iOS apps as clients for ERREST servers. It provides an example architecture of an iOS app connecting to an ERREST backend using REST calls. It also includes code snippets showing how to make REST requests using classes like PLRestful and CometAPI that handle the network requests and JSON parsing. The document is intended to explain how to build iOS clients for existing ERREST backends rather than how to code the iOS apps themselves.
This document discusses the "Framework Principal" pattern which allows optimizing resource usage across multiple applications by initializing shared services and configurations in a single starter class. The Framework Principal runs very early and can be used to launch services independently of any application based on configuration properties. It provides examples of how to configure different applications to use the same Framework Principal by specifying different property files and user names for production vs sandbox environments. This allows launching shared services only once across multiple applications rather than separately in each one.
This document discusses filtering data in Direct to Web (D2W) by limiting the visibility of data based on the current user or company. It presents two solutions:
1. Modifying fetch specifications at the editing context level to add relationship qualifiers restricting results to the current company. This works but is low-level.
2. Using query and relationship components in D2W that call business logic to generate the appropriate qualifiers and restricted data sources. This provides a cleaner, more reusable approach compared to the first solution.
The document also discusses enhancing relationship components to support restricting fetch specifications to simplify generating qualifiers across different entities and relationships. In summary, it focuses on programmatically filtering data in D2
The document discusses the WOver, a small mobile robot built using a Raspberry Pi single board computer connected via serial interface to control an Asuro driving module. It provides instructions to connect to its WiFi network and control interface webpage to drive the robot. Details are given on the hardware components used, including the Raspberry Pi, Asuro driving module, and custom operating system on the module to receive motor control commands from the Raspberry Pi. Potential next steps discussed include adding database, games, sensors, power management, camera, and benchmarks.
Localizing your apps for multibyte languagesWO Community
This document discusses considerations for localizing apps to support multibyte languages. It covers setting the encoding in Eclipse, Ant builds, and database connections to UTF-8. It also discusses features of Japanese like reading direction from right to left, lack of word spacing, and the different character sets of kanji, hiragana, katakana and their encodings. The document recommends converting all characters to single byte widths before storing in databases for ease of use and searching.
WOdka is a WebObjects framework that was originally developed in Japan. It includes several frameworks like AuditTrail, JQueryMobileD2W, and ModernistD2W. WOdka has a unified dashboard for developers and administrators. It provides features like logical delete, roles and permissions, and integration with NotificationCenter. WOdka supports modern techniques like CSS3, multi-language, and REST. It is actively developed and maintained by developers in Japan and internationally.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/how-axelera-ai-uses-digital-compute-in-memory-to-deliver-fast-and-energy-efficient-computer-vision-a-presentation-from-axelera-ai/
Bram Verhoef, Head of Machine Learning at Axelera AI, presents the “How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-efficient Computer Vision” tutorial at the May 2024 Embedded Vision Summit.
As artificial intelligence inference transitions from cloud environments to edge locations, computer vision applications achieve heightened responsiveness, reliability and privacy. This migration, however, introduces the challenge of operating within the stringent confines of resource constraints typical at the edge, including small form factors, low energy budgets and diminished memory and computational capacities. Axelera AI addresses these challenges through an innovative approach of performing digital computations within memory itself. This technique facilitates the realization of high-performance, energy-efficient and cost-effective computer vision capabilities at the thin and thick edge, extending the frontier of what is achievable with current technologies.
In this presentation, Verhoef unveils his company’s pioneering chip technology and demonstrates its capacity to deliver exceptional frames-per-second performance across a range of standard computer vision networks typical of applications in security, surveillance and the industrial sector. This shows that advanced computer vision can be accessible and efficient, even at the very edge of our technological ecosystem.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
4. FreeBSD overview
• UNIX System
• BSD License (of course!)
• Supports x86, amd64, pc98 as Tier 1
• Distributed and installed via FTP, HTTP, CD/DVD, etc.
5. FreeBSD overview
• Integration and consistency
• The same team handles the Kernel and user-land tools
• Release engineering team
6. Installation
• Pseudo-graphical installation
• Very fast, low footprint
• Installs only the essential, the rest is up to you
7.
8. Networking
• Everything you would expect from an UNIX system
• Reference (KAME) IPv6 implementation
9. Documentation
• FreeBSD Handbook (free, on freebsd.org)
• Mail-lists
10. Security
• Most software installs with safe default
configuration
• Installing a port prints a message with
security information if appropriate
• Easy to configure daily scan for security
advisors on OS and installed ports
• http://security.freebsd.org/
11. Security
The following files will be updated as part of
updating to 7.1-RELEASE-p16:
/usr/lib/libssl.a
/usr/lib/libssl.so.5
/usr/lib/libssl_p.a
/usr/src/crypto/openssl/ssl/s3_clnt.c
/usr/src/sys/conf/newvers.sh
WARNING: FreeBSD 7.1-RELEASE-p15 HAS PASSED ITS
END-OF-LIFE DATE.
Any security issues discovered after Tue Feb 1
00:00:00 WET 2011
will not have been corrected.
12. FreeBSD versions
• Major versions
• May break binary and source compatibility.
• Used to introduce new features, deprecate or remove unused
stuff.
13. FreeBSD versions
• Minor versions:
• Maintain binary and source compatibility (main goal)
• Bug fixes, mostly
• New features (usually, small ones) if baked enough
14. FreeBSD versions
• Security advisors and erratas:
• Released for all the currently supported versions
• Very easy to install, specially if you use GENERIC kernel
• Fix security vulnerabilities and show-stopper bugs
• Don’t break binary or source compatibility
• Never introduce new features
• Kernel and OS source is updated too if installed
15. Release cycles
• Security advisors and erratas are only made available for
currently supported FreeBSD releases
• The life-time of each release depends on a few factors
18. Minor versions
New security advisor
New minor version
.0 .1 .2 .3 .4
New security advisor
Major versions
8 8.0 8.3
8.1 8.2-P1 8.3-P1
8.2
8.1-P1 8.2-P2
8.1-P2 8.2-P3
8.1-P3
8.1-P4
7 7.0 7.1 7.2 7.3 7.4-P1
7.4
7.3-P1 7.4-P2
7.3-P2 7.4-P3
7.3-P3 7.4-P4
7.3-P4
7.3-P5
6 6.0 6.1 6.2 6.3 …
19. Updating
• If using GENERIC kernel, errata or security advisor is trivial:
• freebsd-update fetch
• freebsd-update install
• reboot
• If stuff happens:
• freebsd-update rollback
20. Updating
• Put this on cron to be warned when there’s a patch to install:
• @daily root freebsd-update cron
• Minor and major version updates can be done remotely, but are
more complex
• Check FreeBSD Handbook (24.2 - FreeBSD Update)
• May need to recompile installed software
• May need console access
21. Installing software
• Packages
• Ports
• Traditional UNIX way (configure, make, make install)
22. Packages
• Binary distributions
• Usually smaller than source archives
• No compilation required
• Much faster, specially when there are many dependencies
• pkg_add -r <package>
23. Ports
• Packages are compiled with conservative options (must run on
all hardware). Ports can be tuned.
• Ports allow compile-time options configuration.
• Some software licenses force source-only distribution.
• May apply local patches.
• The source is with you.
24. Port Tree
• The port tree stays in /usr/ports
• Installation using portsnap:
• portsnap fetch
• portsnap extract
• Updating:
• portsnap fetch
• portsnap update
25. Installing a Port
• Browser for ports: http://www.freebsd.org/ports/
• Install port (typical):
• cd /usr/ports/<path to port>
• make install clean
• make config to see configuration menu
26. Updating ports
• The easiest way to upgrade a port and it’s dependencies is using
one of these utilities:
• portupgrade
• portmanager
• portmaster
• See Handbook (4.5.4 - Upgrading Ports)
27. Port security scan
• Install ports-mgmt/portaudit
• After installing, FreeBSD makes daily security scans on installed
ports and notifies you of any released security advisors.
28. Checking for a current audit database:
Database created: Wed Apr 21 03:10:01 WEST 2010
Checking for packages with security vulnerabilities:
Affected package: sudo-1.7.2.5
Type of problem: sudo -- Privilege escalation with sudoedit.
Reference: <http://portaudit.FreeBSD.org/1a9f678d-48ca-11df-85f8-000c29a67389.html>
Affected package: gtar-1.22
Type of problem: gtar -- buffer overflow in rmt client.
Reference: <http://portaudit.FreeBSD.org/c175d72f-3773-11df-8bb8-0211d880e350.html>
2 problem(s) in your installed packages found.
You are advised to update or deinstall the affected package(s) immediately.
29. Jails
• OS-level virtualization system
• More isolation than chroot, less isolation than VM
• Jail has its own kernel structures, binded IPs and superuser
• Can be used to test software or isolate deployed services
• Can’t use a different kernel
• No live-migration
31. Status
! Guest
– FreeBSD/amd64 releases 7.2 and 8.1
– SMP - up to 8 virtual cpus
– I/O - virtio or pci passthru
– Minor kernel patches required
! Host
– FreeBSD/amd64 release 8.1
– Unmodified GENERIC kernel
! Hardware
– Requires hardware virtualization assist with Nested Page Tables
– Intel VT-x is supported
– AMD-V support in progress
3
32. Init scripts
• Shares a lot with Mac OS X startup items
• /etc/rc.conf - switches and configurations
• /etc/rc.d/<servicename> <action>
• /etc/rc.d/sshd restart
• /usr/local/etc/rc.d/<servicename> <action>
• Scripts can specify provided and required services
35. Kernel Tuning
• File /etc/sysctl.conf:
# Increase the number of maximum open file descriptors
kern.maxfiles=65535
# Enough space to cache the full java launch command line,
# so that we can see it in "ps" output instead of [java]
kern.ps_arg_cache_limit=1024
# Limits the number of logging lines per logging rule
net.inet.ip.fw.verbose_limit=5
36. Java
• Diablo distribution (Sun JVM)
• Port java/diablo-jdk16
• Installation may include time-zone updaters and JCE Policy files
• All files must be downloaded manually due to licensing
• The port will guide you
38. WebObjects
• Two ways to install the WO frameworks on FreeBSD:
• Using the WOPort
• Manually
• http://wiki.objectstyle.org/confluence/display/WO/Deploying
+on+FreeBSD+8.2+and+WebObjects+5.4.3
40. DB Server
DB Server
DNS
WWW Server
Updates
Private
Public
WWW Server The Internets!
App Server
WWW Server
App Server
App Server
App Server
41. Why?
• Security
• Data between wotaskd and other components
• Data (RR) between adaptors and apps
• Broadcasted and other custom data between apps
• Hide database and other services from the public network
• Save public IPs
42. Why?
• Ideally, you should only expose ports 80 and 443
43. Network configuration
• em0 with private IP
• em1 with public IP
• Add as much services as you can to private network
44. Software configuration
• On file /usr/local/etc/rc.d/wotaskd:
• command_args="${log_args} -WOHost 10.1.2.3"
• On JavaMonitor:
• Add hosts using their private IPs
• Add -WOHost argument with private IP to apps
45. WOHostUtilities
• WO Apps need to make sure requests for stats, shutdown,
refuse new sessions, etc, are legit
• Those requests must not came from web server, and their source
must be localhost.
• Problem is… private IPs are not considered localhost IPs by Java.
46. WOHostUtilities
• Use Wonder, set er.extensions.WOHostUtilities.localhostips
er.extensions.WOHostUtilities.localhostips=(10.1.2.1,10.1.2.2,10.1.2.3)
47. SoftLayer
• Dual network configuration by default
• VPN access to the private network
• Free IPv6 for every server
• Amazing support staff
48. One small detail…
• FreeBSD + Adaptec 5405 RAID card = pain
• Must use firmware 17574 or newer.
• SoftLayer use this cards, request updated firmware or older
card.