ok.ru is one of top 10 internet sites of the World, according to similarweb.com. Under the hood, it has several thousand servers. Each of those servers own only fraction of the data or business logic. Shared nothing architecture can be hardly applied to social network, due to its nature, so a lot of communication happens between these servers, diverse in kind and volume. This makes ok.ru one of the largest, complicated, yet highly loaded distributed systems in the world.
This talk is about our experience in building always available, resilient to failures distributed systems in Java, their basic and not so basic failure and recovery scenarios, methods of failure testing and diagnostics. We’ll also discuss on possible disasters and how to prevent or get over them.
ok.ru is one of top 10 internet sites of the World, according to similarweb.com. Under the hood, it has several thousand servers. Each of those servers own only fraction of the data or business logic. Shared nothing architecture can be hardly applied to social network, due to its nature, so a lot of communication happens between these servers, diverse in kind and volume. This makes ok.ru one of the largest, complicated, yet highly loaded distributed systems in the world.
This talk is about our experience in building always available, resilient to failures distributed systems in Java, their basic and not so basic failure and recovery scenarios, methods of failure testing and diagnostics. We’ll also discuss on possible disasters and how to prevent or get over them.
From continuous integration servers to blogging systems, we've all seen and used pluggable applications. Writing our own though can be an elusive task. That need not be the case, though, as the Java EE spec contains all you need to do just that. In this session, we'll see how we can leverage the power of CDI to write, for example, easily extensible JSF applications. When the session is over, you'll have all you need to write the next killer app, and, thanks to Java EE, you'll be surprised to see how little work it really is.
Save 10% off ANY FITC event with discount code 'slideshare'
See our upcoming events at www.fitc.ca
OVERVIEW
Join Raimundas (author of mvcExpress frameworks) as he presents his vision of next step in AS3 MVC framework evolution.
Writing maintainable software fast – was never a trivial task, but MVC frameworks are here to help us! In this session you will see short reminder of MVC framework history, comparison of coding convenience and performance benchmark results for PureMVC, robotlegs and mvcExpress frameworks.
For those who does not enjoy seeing code or statistic tables as much as running applications, Raimundas will show dungeon editor/crawler to demonstrate mvcExpress modular programming features, designed to save even more time and headaches while developing games and applications.
An overview presentation covering the use of Oracle's PX functionality including some tips and traps. Detailed white paper at http://oracledoug.com/px.html
Groovy update - S2GForum London 2011 - Guillaume LaforgeGuillaume Laforge
Groovy Update: what's new in 1.8 and what's coming in 1.9
The Groovy Development team is releasing Groovy 1.8, and this session will cover the new features including improved support for advanced and readable Domain-Specific Languages thanks to Groovy 1.8's "Extended Command Expressions", new performance improvements in the area of integer arithmetics, built-in support for parsing and producing JSON payloads, new AST transformations and now GPars come already bundled.
The fork/join framework, which is based on the ForkJoinPool class, is an implementation of the Executor interface. It is designed to efficiently run a large number of tasks using a pool of worker threads. A work-stealing technique is used to keep all the worker threads busy, to take full advantage of multiple processors
From continuous integration servers to blogging systems, we've all seen and used pluggable applications. Writing our own though can be an elusive task. That need not be the case, though, as the Java EE spec contains all you need to do just that. In this session, we'll see how we can leverage the power of CDI to write, for example, easily extensible JSF applications. When the session is over, you'll have all you need to write the next killer app, and, thanks to Java EE, you'll be surprised to see how little work it really is.
Save 10% off ANY FITC event with discount code 'slideshare'
See our upcoming events at www.fitc.ca
OVERVIEW
Join Raimundas (author of mvcExpress frameworks) as he presents his vision of next step in AS3 MVC framework evolution.
Writing maintainable software fast – was never a trivial task, but MVC frameworks are here to help us! In this session you will see short reminder of MVC framework history, comparison of coding convenience and performance benchmark results for PureMVC, robotlegs and mvcExpress frameworks.
For those who does not enjoy seeing code or statistic tables as much as running applications, Raimundas will show dungeon editor/crawler to demonstrate mvcExpress modular programming features, designed to save even more time and headaches while developing games and applications.
An overview presentation covering the use of Oracle's PX functionality including some tips and traps. Detailed white paper at http://oracledoug.com/px.html
Groovy update - S2GForum London 2011 - Guillaume LaforgeGuillaume Laforge
Groovy Update: what's new in 1.8 and what's coming in 1.9
The Groovy Development team is releasing Groovy 1.8, and this session will cover the new features including improved support for advanced and readable Domain-Specific Languages thanks to Groovy 1.8's "Extended Command Expressions", new performance improvements in the area of integer arithmetics, built-in support for parsing and producing JSON payloads, new AST transformations and now GPars come already bundled.
The fork/join framework, which is based on the ForkJoinPool class, is an implementation of the Executor interface. It is designed to efficiently run a large number of tasks using a pool of worker threads. A work-stealing technique is used to keep all the worker threads busy, to take full advantage of multiple processors
This presentation introduces some advanced concepts of threads, as implemented in the Java platform. It is part of a series of slides dedicated to threads. This slides introduces the following concepts:
- Callable
- Futures
- Executors and executor services
- Deadlocks (brief introduction)
The presentation is took from the Java course I run in the bachelor-level informatics curriculum at the University of Padova.
Resilience becomes a must. Actually resilience is an issue for a long time, but with ever-increasing distribution it becomes a must. But how can we implement resilience into our applications? Hystrix, an open-source library developed by Netflix provides a nice starting point. It provides downstream isolation by implementing patterns like timeout, circuit breaker and load shedder. This presentation gives an introduction into Hystrix, providing lots of code examples.
Se lancer dans l'aventure microservices avec Spring Cloud - Julien Royekino
Vous êtes convaincus par l’architecture micro-services et vous souhaitez vous lancer dans l'aventure. Durant cette session, nous expliquons comment démarrer concrètement ; quelles sont les nouvelles problématiques que soulève cette architecture et comment les résoudre. Nous détaillons – à travers une application de démonstration qui implémente les concepts de Service Discovery, Circuit Breaker, Routing et Client Side Load Balancing – l'utilisation de la libraire Spring Cloud Netflix (Eureka, Hystrix, Ribbon , ...). Nous survolerons ensuite les différentes alternatives développées par les autres géants du Web tels que Twitter, Airbnb, ...
Fault tolerance in general is a challenging topic. Yet we need fault toleranct designs more badly than ever in order to provide robust, highly available systems - especially in times of scale out systems becoming more and more popular.
Unfortunately, most developers do not care too much about a fault tolerant design, either because they are scared by the complexity of the realm or because they do not care enough. One of the problems is that a lack of fault tolerant design does not hurt a lot in development or in QA, but it hurts a lot in production - as Michael Nygard said: "It's all about production!" (at least figuratively).
In this presentation I do *not* try to give a general introduction to fault tolerant design. Instead I pick a few generic case studies that demonstrate the results of missing fault tolerant design, try to sensitize a bit about the production relevance of fault tolerant design and then go along with a few selected patterns. I picked a few patterns which are surprisingly easy to implement and help to mitigate the problems of the former case studies.
This way I try to show two things:
1. A piece of architecture or design as a pattern is not necessarily hard to implement. Sometimes the code is written quicker than it takes to explain the pattern beforehand.
2. Even if fault tolerant design as a general topic might be hard, some parts of it can be implemented very easily and it's more than worth the coding effort if you look how much better your system behaves in production just from adding those few lines of code.
10 Typical Problems in Enterprise Java ApplicationsEberhard Wolff
This presentation shows some typical problems that you will find in far too many Enterprise Java Applications. It is the result of quite a few code reviews I did as a consultant.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Fault Tolerance in a High Volume, Distributed System
1. Fault Tolerance in a
High Volume, Distributed System
Ben Christensen
Software Engineer – API Platform at Netflix
@benjchristensen
http://www.linkedin.com/in/benjchristensen
1
2. Dozens of dependencies.
One going down takes everything down.
99.99%30 = 99.7% uptime
0.3% of 1 billion = 3,000,000 failures
2+ hours downtime/month
even if all dependencies have excellent uptime.
Reality is generally worse.
2
14. Separate Threads: Limited Concurrency
try {
if (!threadPool.isQueueSpaceAvailable()) {
// we are at the property defined max so want to throw the RejectedExecutionException to simulate
// reaching the real max and go through the same codepath and behavior
throw new RejectedExecutionException("Rejected command
because thread-pool queueSize is at rejection threshold.");
}
... define Callable that performs executeCommand() ...
// submit the work to the thread-pool
return threadPool.submit(command);
} catch (RejectedExecutionException e) {
circuitBreaker.markThreadPoolRejection();
// rejected so return fallback
return getFallback();
}
14
15. Separate Threads: Limited Concurrency
try {
if (!threadPool.isQueueSpaceAvailable()) {
// we are at the property defined max so want to throw the RejectedExecutionException to simulate
// reaching the real max and go through the same codepath and behavior
throw new RejectedExecutionException("Rejected command
RejectedExecutionException
because thread-pool queueSize is at rejection threshold.");
}
... define Callable that performs executeCommand() ...
// submit the work to the thread-pool
return threadPool.submit(command);
} catch (RejectedExecutionException e) {
circuitBreaker.markThreadPoolRejection();
// rejected so return fallback
return getFallback();
}
15
16. Separate Threads: Limited Concurrency
try {
if (!threadPool.isQueueSpaceAvailable()) {
// we are at the property defined max so want to throw the RejectedExecutionException to simulate
// reaching the real max and go through the same codepath and behavior
throw new RejectedExecutionException("Rejected command
RejectedExecutionException
because thread-pool queueSize is at rejection threshold.");
}
... define Callable that performs executeCommand() ...
// submit the work to the thread-pool
return threadPool.submit(command);
} catch (RejectedExecutionException e) {
circuitBreaker.markThreadPoolRejection();
// rejected so return fallback
return getFallback();
}
16
17. Separate Threads: Timeout
Override of Future.get()
public K get() throws CancellationException, InterruptedException, ExecutionException {
try {
long timeout =
getCircuitBreaker().getCommandTimeoutInMilliseconds();
return get(timeout, TimeUnit.MILLISECONDS);
} catch (TimeoutException e) {
// report timeout failure
circuitBreaker.markTimeout(
System.currentTimeMillis() - startTime);
// retrieve the fallback
return getFallback();
}
}
17
18. Separate Threads: Timeout
Override of Future.get()
public K get() throws CancellationException, InterruptedException, ExecutionException {
try {
long timeout =
getCircuitBreaker().getCommandTimeoutInMilliseconds();
return get(timeout, TimeUnit.MILLISECONDS);
} catch (TimeoutException e) {
// report timeout failure
circuitBreaker.markTimeout(
System.currentTimeMillis() - startTime);
// retrieve the fallback
return getFallback();
}
}
18
19. Separate Threads: Timeout
Override of Future.get()
public K get() throws CancellationException, InterruptedException, ExecutionException {
try {
long timeout =
getCircuitBreaker().getCommandTimeoutInMilliseconds();
return get(timeout, TimeUnit.MILLISECONDS);
} catch (TimeoutException e) {
// report timeout failure
circuitBreaker.markTimeout(
System.currentTimeMillis() - startTime);
// retrieve the fallback
return getFallback();
}
}
19
26. Tryable semaphores for “trusted” clients and fallbacks
Separate threads for “untrusted” clients
Aggressive timeouts on threads and network calls
to “give up and move on”
Circuit breakers as the “release valve”
26
30. Benefits of Separate Threads
Protection from client libraries
Lower risk to accept new/updated clients
Quick recovery from failure
Client misconfiguration
Client service performance characteristic changes
Built-in concurrency
30
31. Drawbacks of Separate Threads
Some computational overhead
Load on machine can be pushed too far
...
Benefits outweigh drawbacks
when clients are “untrusted”
31
33. Visualizing Circuits in Realtime
(generally sub-second latency)
Video available at
https://vimeo.com/33576628
33
34. Rolling 10 second counter – 1 second granularity
Median Mean 90th 99th 99.5th
Latent Error Timeout Rejected
Error Percentage
(error+timeout+rejected)/
(success+latent success+error+timeout+rejected).
34
49. Questions & More Information
Fault Tolerance in a High Volume, Distributed System
http://techblog.netflix.com/2012/02/fault-tolerance-in-high-volume.html
Making the Netflix API More Resilient
http://techblog.netflix.com/2011/12/making-netflix-api-more-resilient.html
Ben Christensen
@benjchristensen
http://www.linkedin.com/in/benjchristensen
49