This document discusses how tools can help address cultural issues that arise between development and operations teams. It provides examples of tools that can help with common problems like configuration management, packaging, visibility into systems, and development environments. While no single tool solves all problems, tools like Puppet, Chef, Docker, Jenkins, and Logstash are highlighted as helping to standardize processes and provide more visibility. The document advocates learning new skills, finding solutions, and improving communication between teams.
My speech about Microservices at Geecon Prague: what are microservices and why we use them? what are the anti-patterns? what opensource solution we can use to manage them?
My speech about Microservices at Geecon Prague: what are microservices and why we use them? what are the anti-patterns? what opensource solution we can use to manage them?
"Docker For Polyglots" - Nathan LeClaire - YAPC::Asia 2015nathanleclaire
In this presentation Nathan LeClaire outlines some of the ways Docker can help polyglots (those who speak multiple languages) to be more efficient and happier in their workflows.
Customers, Content & Experiences - Beyond Random Acts Of TechnologyThe Content Advisory
This is the talk I gave at Intelligent Content 2014 #ICC2014 and also the keynote address for ContentTech #ContentTech. It's about how CIO/CMO Alignment is about more than just understanding one another - and suggests a framework for addressing the landscape of technology.
Son todos los emprendedores colombianos de Colombia que son muy importantes para mi y para todo mi salón escolar del colegio en el que estudio que adoro y es super bueno aca en medellin
Redes socialesparaempresas - ActualizadaAdriana Alban
Como señalé en la primera versión de esta presentación, todo cambia y el enfoque con el que personalmente miro el acercamiento de las empresas ecuatorianas a la web social también ha cambiado. Hace falta un paso más entre la decisión gerencial de iniciar con presencia corporativa en Internet y la puesta en marcha de las comunidades. Hace falta el paso de la evaluación interna y externa, la planeación estratégica y la capacitación. A todo esto yo le llamo estrategia digital, es decir, tener claro qué camino se recorrerá para lograr un determinado objetivo en un tiempo señalado. Conozcan este approach y de paso, a mi como consultora y al equipo de gente en el que me apoyo.
"Docker For Polyglots" - Nathan LeClaire - YAPC::Asia 2015nathanleclaire
In this presentation Nathan LeClaire outlines some of the ways Docker can help polyglots (those who speak multiple languages) to be more efficient and happier in their workflows.
Customers, Content & Experiences - Beyond Random Acts Of TechnologyThe Content Advisory
This is the talk I gave at Intelligent Content 2014 #ICC2014 and also the keynote address for ContentTech #ContentTech. It's about how CIO/CMO Alignment is about more than just understanding one another - and suggests a framework for addressing the landscape of technology.
Son todos los emprendedores colombianos de Colombia que son muy importantes para mi y para todo mi salón escolar del colegio en el que estudio que adoro y es super bueno aca en medellin
Redes socialesparaempresas - ActualizadaAdriana Alban
Como señalé en la primera versión de esta presentación, todo cambia y el enfoque con el que personalmente miro el acercamiento de las empresas ecuatorianas a la web social también ha cambiado. Hace falta un paso más entre la decisión gerencial de iniciar con presencia corporativa en Internet y la puesta en marcha de las comunidades. Hace falta el paso de la evaluación interna y externa, la planeación estratégica y la capacitación. A todo esto yo le llamo estrategia digital, es decir, tener claro qué camino se recorrerá para lograr un determinado objetivo en un tiempo señalado. Conozcan este approach y de paso, a mi como consultora y al equipo de gente en el que me apoyo.
Аналіз рівнів реалізуємості технічного потенціалу енергозбереження за енергот...Yurii Chernukha
Метою роботи є формування наступних алгоритмів: оцінки заходів з енергозбереження за кількісними показниками енергоефективності; аналізу рівнів реалізуємості технічного потенціалу енергозбереження за енерготехнологічними критеріями для об’єктів промислового, комерційного та житлового секторів.
Tools and tips for simplifying startup formation.Alex Shoer
Models to help you setup your startup in the right way. With an equity structure that benefits all, vesting to ensure no one runs off with equity and advisor incentives to bring in the senior experts you need.
How can faculty or students join the 70,000 contributors to Wikipedia, the world's largest knowledge base?
Learn how educators can use Wikipedia in the classroom!
For more information and resources:
https://en.wikipedia.org/wiki/Wikipedia:Meetup/NYC/Fordham_October_2016
http://facultyedtechpd.wikispaces.com/Wikipedia+for+Educators
Be Aware Webinar - ¿CÓMO RESPONDER A LAS AMENAZAS CRECIENTES DE RANSOMWARE?Symantec LATAM
¿CÓMO RESPONDER A LAS AMENAZAS CRECIENTES DE RANSOMWARE?
21. october 28th 2015
Mientras las estafas a través de las redes sociales proporcionan a los cibercriminales dinero rápido, algunos de ellos se basan en métodos de ataque más agresivos y lucrativos, como los ransomware, que aumentaron el 113% el año pasado.
En este Webinar usted aprenderá sobre:
¿Qué hacer? y ¡Qué no hacer? al ser víctima del ransomware.
Crypto Ransomware Malware.
Cómo prepararse, y cómo responder efectivamente.
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
Docker is currently one of the most popular Go projects. After a (quick) Docker intro, we will discuss why we picked Go, and how it turned out for us.
We tried to list all the drawbacks and minor inconveniences that we met while developing Docker; not to complain about Go, but to give the audience an idea of what to expect. Depending on your project, those drawbacks could be minor inconveniences or showstoppers; we thought you would want to know about them to help you to make the right choice!
OSMC 2017 | Groovy There is a Docker in my Dashing Pipeline by Kris Buytaert NETWAYS
Dashing or rather Smashing is an awesome Monitoring Dashboard, but it’s a pita to deploy. This talk will document the efforts we went trough to make the deployment of both dashing and the dashboards fully automated. It also will show how we test these dashboards using docker and how we build these pipelines with the JenkinsDSL.
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLoveNETWAYS
In the beginning there was CFEngine, and the learning curve was high, then came Puppet , Chef and the learning curve was still high.
Now we have Ansible , for everyone that wasn't smart enough to learn the original tools. Or wasn't that the problem ?
For some people Infrastructure as Code became a goal alone, not caring about the infrastructure, Junior people wanted to learn Puppet, but forgot about the service they were configuring. Too Complex, Too much effort, .. And then containers came.
Puppet@Citygrid - Julien Rottenberg - PuppetCamp LA '12Puppet
Julien Rottenberg, CityGrid. Presentation of the tools and workflow for our puppet setup. How puppet helps us managing 500+ servers in a hybrid environment O&O Datacenter and EC2, hands free. Watch the video at http://youtu.be/FPwga7HwomM
PuppetCamp LA, May '12.
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionJérôme Petazzoni
Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere.
This is the presentation which was shown in December 2014 for the last stop of the "Tour de France" in Bordeaux. It is slightly different from the presentation which was shown in the other cities (http://www.slideshare.net/jpetazzo/introduction-to-docker-december-2014-tour-de-france-edition), and includes a detailed history of dotCloud and Docker and a few other differences.
Special thanks to https://twitter.com/LilliJane and https://twitter.com/zirkome, who gave me the necessary motivation to put together this slightly different presentation, since they had already seen the other presentation in Paris :-)
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
5. “With XXXXX you are be able to do easily
common task on your local or remote machine.
The aim of XXXXX is to become the unique and
universal tool language that permit you to make
your own brew, apt-get or yum package, same
syntax for all your machine.”
6. Not Puppet Not Chef
Not Capistrano
“With XXXXX you are be able to do easily
common task on your local or remote machine.
The aim of XXXXX is to become the unique and
universal tool language that permit you to make
your own brew, apt-get or yum package, same
syntax for all your machine.”
Not Fabric
Not DeployML
Not CFengine
12. Some Issues
● Repository mismatch
● Different languages
● Volatile configuration
● Visibility
● Sensitive information
● Testability
● Packaging
13. Caveats and Comments
● No single tool is going to solve all your
problems – sorry.
● You may have already heard of some of these
tools.
● You will likely have to “mold” some of these
tools to fit your environment
● The tool itself is not the point, it is the end result
● I don't have all the answers...
15. Sample Shop
● Operations – Puppet, EC2
● Development – Maven, Spring
● War files
● Spring properties files
● Metric assloads of XML
● Database changes
16. Issues
● Operations repository isn't application repository
● Developers need to test locally during development
● Properties files are artifacts
● Some settings are environment specific
● Some settings are “sensitive”
● How do new settings get in CM?
● Where do database changes fit?
● What about the rest of the business?
23. Configuration Competition
● XML files (unless you run bcfg2)
● Key/Value property files (.ini style files)
● YAML
● JSON
● Hard coded “stuff”
● My-effing-SQL, Mongo-effing-DB
All of these things are “simpler” to understand.
24. Configuration Champions
● ZooKeeper, Nesoi, Noah
● Moves volatile configuration outside of application
● Can be populated by both operations and development*
● Service discovery
● No immediate need to learn a new DSL/Language
● Can still control access*
● Don't underestimate the power of environment variables
● You still need “proper” configuration management
26. Packaging Protagonists
● War files
● Lein, Maven/Ivy, Rubygems, Agner, CPAN, Pypi
● RVM
● Homebrew
Not always simpler to understand but built into
the community.
27. Packaging Princes
● FPM, brew2deb, fpm-cookery
● Makes building OS packages “painless”
● OS packages have value (rollback, versioning,
validation)
● Need a single artifact that can be deployed in
all environments
29. Development Defeat
● Windows/OSX for development, Linux/Solaris
for production
● QA different than Production
● Different versions of critical libraries, jars, gems
whatever
● Exploded war files vs. Packaged war files
“Works on my machine”
30. Development Dreams
● Vagrant, Veewee, Whirr
● Provides “production” in a box
● Developers should be “deploying” locally
● Operations needs to make modules, manifests,
cookbooks (whatever) flexible
This is one of the hardest to accomplish
33. Visibility Victors - part 1
● Statsd, Graphite, Graylog2, Logstash
● ruby-metrics, codahale metrics for JVM
● “If it moves, graph it”
● Disk is “cheap”
● Dashboards are the bomb. Become one with
information radiators.
● Logstash can pipe the shit out of EVERYTHING
● You don't know what you don't need until you know what
you have
● Overcompensate initially (but don't over do it!)
34. Visibility Victors - part 2
● Jenkins, Rundeck, MCollective
● Hosts don't matter, only services
● Sometimes you still need to get on a specific
host....to reprovision it.
● Wrap the access for auditing and accountability
● DevOps is not about giving root access to
developers
● The “myth” of security.
36. Shitty Stuff
● Manual database migrations
● Rollbacks
● The myth of the sensitive
37. Smart Stuff
● Flyway, Liquibase, Rails migrations
● Consider NoSQL/Schema-less stores
● Roll forward. Never roll back.
● You can never truly roll back anyway
● “Sensitive” data is a myth (for some values of
sensitive)
38. There is, however, ONE tool that can solve
almost every technological and cultural
problem
46. Kelsey's Problem
● Operations used Puppet with Cobbler as ENC
● Application configuration was in ERB templates
managed by Puppet
● Cultural issues ruled out development actually
managing the templates
● System of Record was Cobbler
47. Kelsey's Solution
● Programming motherf**er
● Learned some Java (in a week)
● Wrote some classes, built some jars
● Delivered an XML-RPC library that
development could use to query Cobbler for
information
49. Jordan's Problem
● Everyone has their own effing packaging format
● Distributions suck
● Debs suck to build
● RPMS suck moderately less to build
50. Jordan's Solution
● Hate Driven Development
● Wrote FPM (eFfing package manager)
● Alien done right
● Converts debs, rpms, pypi, gems, compiled
directories to native distro package format
51. Side note: If you ever say “I wonder if
someone has done X” stop at the “I” and go to
github.com/jordansissel
52. Real Talk
● Step outside your comfort zone
● Be a technologist not a specialist
● SysAdmins: Learn to write some code.
Seriously.
● Developers: Learn the OS. Seriously.
● Everyone: Stop blaming other people
● Software can help ease communication but
only you can prevent forest fires.