Reach me on twitter - @matt_billock
Covers some of the lessons learned by Backand as we worked with AWS Lambda over a year in our multi-tenant serverless development platform
This presentation covers techniques for building an AWS Lambda test harness application, allowing for local development and debugging of AWS Lambda functions.
Building a Serverless company with Node.js, React and the Serverless Framewor...Luciano Mammino
Planet9energy.com is a new electricity company building a sophisticated analytics and energy trading platform for the UK market. Since the earliest draft of the platform, we took the unconventional decision to go serverless and build the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk, I want to discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite self-scalability and the piece of mind of not having to manage hundreds of servers. Finally, we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Building a serverless company on AWS lambda and Serverless frameworkLuciano Mammino
Planet9energy.com is a new electricity company building a sophisticated analytics and energy trading platform for the UK market. Since the earliest draft of the platform, we took the unconventional decision to go serverless and build the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk, I want to discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite self-scalability and the peace of mind of not having to manage hundreds of servers. Finally, we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Technologies:
Backend
Frontend
Application architecture
Javascript
cloud computing
Kotlin is a language from the tool gurus at JetBrains. In 2016, after about six years of development, Kotlin reached version 1.0. In 2017 it won the hearts of developers and became an officially supported language for Android.
Kotlin, like Java, is for more than creating Android applications. It can replace or enhance Java most places it is used today including on AWS. AWS Lambda functions sometimes called Serverless Computing, is a service which lets us developers build web services without worrying about configuring servers.
In this session, we will create a lambda service on AWS using Kotlin. Along the way, we will learn what a makes Kotlin an excellent replacement for Java and how simple it is to construct an AWS Lambda function.
This presentation covers techniques for building an AWS Lambda test harness application, allowing for local development and debugging of AWS Lambda functions.
Building a Serverless company with Node.js, React and the Serverless Framewor...Luciano Mammino
Planet9energy.com is a new electricity company building a sophisticated analytics and energy trading platform for the UK market. Since the earliest draft of the platform, we took the unconventional decision to go serverless and build the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk, I want to discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite self-scalability and the piece of mind of not having to manage hundreds of servers. Finally, we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Building a serverless company on AWS lambda and Serverless frameworkLuciano Mammino
Planet9energy.com is a new electricity company building a sophisticated analytics and energy trading platform for the UK market. Since the earliest draft of the platform, we took the unconventional decision to go serverless and build the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk, I want to discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite self-scalability and the peace of mind of not having to manage hundreds of servers. Finally, we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Technologies:
Backend
Frontend
Application architecture
Javascript
cloud computing
Kotlin is a language from the tool gurus at JetBrains. In 2016, after about six years of development, Kotlin reached version 1.0. In 2017 it won the hearts of developers and became an officially supported language for Android.
Kotlin, like Java, is for more than creating Android applications. It can replace or enhance Java most places it is used today including on AWS. AWS Lambda functions sometimes called Serverless Computing, is a service which lets us developers build web services without worrying about configuring servers.
In this session, we will create a lambda service on AWS using Kotlin. Along the way, we will learn what a makes Kotlin an excellent replacement for Java and how simple it is to construct an AWS Lambda function.
Modern software development is increasingly taking a “microservice” approach that has resulted in an explosion of complexity at the network level. We have more applications running distributed across different datacenters. Distributed tracing, events, and metrics are essential for observing and understanding modern microservice architectures.
This talk is a deep dive on how to monitor your distributed system. You will get tools, methodologies, and experiences that will help you to realize what your applications expose and how to get value out from all these information.
Gianluca Arbezzano, SRE at InfluxData will share how to monitor a distributed system, how to switch from a more traditional monitoring approach to observability. Stay focused on the server’s role and not on the hostname because it’s not really important anymore, our servers or containers are fast moving part and it’s easy to detach it from the right in case of trouble than call the server by name as a cute puppet. How to design a SLO for your core services and now to iterate on them. Instrument your services with tracing using tools like Zipkin or Jaeger to measure latency between in your network.
Presentation given to NashJS (http://meetup.com/nashjs) on 6/14/2018 about serverless architecture in AWS using the Serverless framework (http://serverless.com).
Python is popular amongst data scientists and engineers for data processing tasks. The big data ecosystem has traditionally been rather JVM centric. Often Java (or Scala) are the only viable option to implement data processing pipelines. That sometimes poses an adoption barrier for organizations that have already invested in other language ecosystems. The Apache Beam project provides a unified programming model for data processing and its ongoing portability effort aims to enable multiple language SDKs (currently Java, Python and Go) on a common set of runners. The combination of Python streaming on the Apache Flink runner is one example. Let’s take a look how the Flink runner translates the Beam model into the native DataStream (or DataSet) API, how the runner is changing to support portable pipelines, how Python user code execution is coordinated with gRPC based services and how a sample pipeline runs on Flink.
Flink Forward Berlin 2017: Dominik Bruhn - Deploying Flink Jobs as Docker Con...Flink Forward
This talk will focus on how to package, distribute and deploy Flink Jobs by leveraging existing docker technology: Previously deploying of Flink Jobs has been a manual job which leads into errors. In this talk, we present an approach which works well in an CI/CD environment by automating most steps: From the code of a Flink Job in a repository to a running Job on an YARN cluster.
AWS Lambda and Serverless framework: lessons learned while building a serverl...Luciano Mammino
Planet9energy.com is a new electricity company that is building a sophisticated analytics and energy trading platform for the UK market. Since the earliest days of the company we took the unconventional decision to go serverless and finally we are building the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk we will discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite auto-scalability and the piece of mind of not having to manage hundreds of servers. Finally we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Thanks to Padraig O'Brien and Luciano Mammino for speaking this month.
Speakers Bio:
Padraig O'Brien
Podge @Podgeypoos79 is a software engineer for over 15 years, most of that was spent developing in .NET and SQL Server, designing and building large scale data intensive applications. Lately he has shifted towards open source technologies and is spending most of his time learning Node.js, Scala and cool data tech like Spark, Cassandra. He is also working on a “super-secret” project called UnicornDB, don’t tell anybody!
In his spare time he helps out with organising some meetups like NodeSchool Dublin, NodeSchool Dun Laoghaire and teaching Kanban via Agile Lean Ireland.
Luciano Mammino
Luciano @loige is a Software Engineer born in 1987, the same year that the Nintendo released “Super Mario Bros” in Europe, which, “by chance” is his favourite game! His primary passion is code and he is extremely fascinated by the web, smart apps and everything that's creative like music, art and design. He started coding at the age of 12 using his father's old i386 provided only with DOS and the qBasic interpreter.He is a senior software developer at Planet9Energy in Dublin and he loves JavaScript (React/Node.js). He is also the co-author of "Node.js design patterns" 2nd edition (Packt, http://amzn.to/1ZF279B).
Hosted by Intercom, sponsored by Nearform and organised by Node.js Dublin (https://www.meetup.com/Dublin-Node-js-Meetup/events/236870576/)
Modern software development is increasingly taking a “microservice” approach that has resulted in an explosion of complexity at the network level. We have more applications running distributed across different datacenters. Distributed tracing, events, and metrics are essential for observing and understanding modern microservice architectures.
This talk is a deep dive on how to monitor your distributed system. You will get tools, methodologies, and experiences that will help you to realize what your applications expose and how to get value out from all these information.
Gianluca Arbezzano, SRE at InfluxData will share how to monitor a distributed system, how to switch from a more traditional monitoring approach to observability. Stay focused on the server’s role and not on the hostname because it’s not really important anymore, our servers or containers are fast moving part and it’s easy to detach it from the right in case of trouble than call the server by name as a cute puppet. How to design a SLO for your core services and now to iterate on them. Instrument your services with tracing using tools like Zipkin or Jaeger to measure latency between in your network.
Presentation given to NashJS (http://meetup.com/nashjs) on 6/14/2018 about serverless architecture in AWS using the Serverless framework (http://serverless.com).
Python is popular amongst data scientists and engineers for data processing tasks. The big data ecosystem has traditionally been rather JVM centric. Often Java (or Scala) are the only viable option to implement data processing pipelines. That sometimes poses an adoption barrier for organizations that have already invested in other language ecosystems. The Apache Beam project provides a unified programming model for data processing and its ongoing portability effort aims to enable multiple language SDKs (currently Java, Python and Go) on a common set of runners. The combination of Python streaming on the Apache Flink runner is one example. Let’s take a look how the Flink runner translates the Beam model into the native DataStream (or DataSet) API, how the runner is changing to support portable pipelines, how Python user code execution is coordinated with gRPC based services and how a sample pipeline runs on Flink.
Flink Forward Berlin 2017: Dominik Bruhn - Deploying Flink Jobs as Docker Con...Flink Forward
This talk will focus on how to package, distribute and deploy Flink Jobs by leveraging existing docker technology: Previously deploying of Flink Jobs has been a manual job which leads into errors. In this talk, we present an approach which works well in an CI/CD environment by automating most steps: From the code of a Flink Job in a repository to a running Job on an YARN cluster.
AWS Lambda and Serverless framework: lessons learned while building a serverl...Luciano Mammino
Planet9energy.com is a new electricity company that is building a sophisticated analytics and energy trading platform for the UK market. Since the earliest days of the company we took the unconventional decision to go serverless and finally we are building the product on top of AWS Lambda and the Serverless framework using Node.js. In this talk we will discuss why we took this radical decision, what are the pros and cons of this approach and what are the main issues we faced as a tech team in our design and development experience. We will discuss how normal things like testing and deployment need to be re-thought to work on a serverless fashion but also the benefits of (almost) infinite auto-scalability and the piece of mind of not having to manage hundreds of servers. Finally we will underline how Node.js seems to fit naturally in this scenario and how it makes developing serverless applications extremely convenient.
Thanks to Padraig O'Brien and Luciano Mammino for speaking this month.
Speakers Bio:
Padraig O'Brien
Podge @Podgeypoos79 is a software engineer for over 15 years, most of that was spent developing in .NET and SQL Server, designing and building large scale data intensive applications. Lately he has shifted towards open source technologies and is spending most of his time learning Node.js, Scala and cool data tech like Spark, Cassandra. He is also working on a “super-secret” project called UnicornDB, don’t tell anybody!
In his spare time he helps out with organising some meetups like NodeSchool Dublin, NodeSchool Dun Laoghaire and teaching Kanban via Agile Lean Ireland.
Luciano Mammino
Luciano @loige is a Software Engineer born in 1987, the same year that the Nintendo released “Super Mario Bros” in Europe, which, “by chance” is his favourite game! His primary passion is code and he is extremely fascinated by the web, smart apps and everything that's creative like music, art and design. He started coding at the age of 12 using his father's old i386 provided only with DOS and the qBasic interpreter.He is a senior software developer at Planet9Energy in Dublin and he loves JavaScript (React/Node.js). He is also the co-author of "Node.js design patterns" 2nd edition (Packt, http://amzn.to/1ZF279B).
Hosted by Intercom, sponsored by Nearform and organised by Node.js Dublin (https://www.meetup.com/Dublin-Node-js-Meetup/events/236870576/)
Summary: In this talk you’ll learn how to implement and deploy a basic serverless Python application. --- Serverless is a concept that has recently raised to popularity, boosted by the drive to financially optimize usage of computing power in cloud environments while reducing maintenance efforts. The following topics will be covered in this talk: - What is a serverless application? - What are the benefits of the serverless execution model? - What is AWS Lambda - How to implement a basic Python serverless application with AWS Lambda? - How to implement a serverless Python based Webservice using Zappa
Lambda and serverless - DevOps North East Jan 2017Mike Shutlar
Introduction to AWS Lambda, serverless architectures, & the new AWS Serverless Application Model.
Source code for demo serverless application available here:
https://github.com/infectedsoundsystem/lambda-refarch-webapp
Speaker spoke about features and benefits of the AWS Lambda service and explained how to increase system performance by using AWS services.
This presentation by Mykhailo Brodskyi (Senior Software Engineer, Consultant, GlobalLogic, Kharkiv), was delivered at GlobalLogic Kharkiv Java Conference 2018 on June 10, 2018.
AWS October Webinar Series - AWS Lambda Best Practices: Python, Scheduled Job...Amazon Web Services
AWS Lambda lets you run code without provisioning or managing servers. We have introduced a few new features this year at re:Invent and would like to share with you some of the best practices.
This webinar will introduce you to scheduled AWS Lambda functions and how to use long running functions to handle large volume data ingestion and processing jobs. We will demonstrate how to use versioning to control which Lambda function version is being executed in your development, testing, and production environments. We will also show you how to run your Python code in AWS Lambda.
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
You can now develop your AWS Lambda functions in C# using the .NET Core 1.0 runtime.
The easiest way to get started is with the AWS Toolkit for Visual Studio, which includes project templates for individual C# Lambda functions, full C# serverless applications, and also tools to publish both projects types to AWS.
To manually create a C# Lambda function, you simply specify the Lambda runtime parameter as “netcore1.0” and upload the ZIP of all NuGet dependencies as well as your own published DLL assemblies through the AWS CLI or AWS Lambda console. Alternatively, you can use AWS CloudFormation through the AWS Serverless Application Specification for deploying your C# Lambda function.
These are the slides of the second talk of the second Tech Talk@TransferWise Singapore, which happened on the 1st of March 2018.
We take a look at what Serverless Computing is, find out what we can do with Amazon Web Services Lambda and when it can be useful. We also explore how it has evolved for the past 3 years and learn about its remaining limitations.
Just as serverless application development is rapidly becoming the most popular way to bring highly scalable applications to the cloud, .NET has undergone radical changes with .NET Core to become a premier development platform for the cloud. In this session, you will learn how to use the newly launched C# support for .NET Core with AWS Lambda to create highly scalable serverless applications that target platforms from the traditional desktop to mobile devices. We will demonstrate how to write, test, and deploy C# code to AWS Lambda and see how we can leverage our serverless back end from mobile applications.
Skillenza Build with Serverless Challenge - Advanced Serverless ConceptsDhaval Nagar
Skillenza is back with another game-changing virtual hackathon for you. Seize this amazing opportunity to create projects on serverless architecture. For those of you who are not acquainted with it, serverless architectures are system designs that use third-party services to build and run applications.
As developers, this helps you to gain better scalability and flexibility without needing any administration to manage infrastructure. So you can build quicker and at a reduced cost as well.
https://skillenza.com/challenge/build-with-serverless-online-hackathon-aws
Laskar: High-Velocity GraphQL & Lambda-based Software Development ModelGarindra Prahandono
Sale Stock Engineering, represented by Garindra Prahandono, presents "High-Velocity GraphQL & Lambda-based Software Development Model" in BandungJS event on May 14th, 2018.
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
4. AWS Lambda
● Created in 2014, launched at
re:Invent
● Kicked off "serverless" (caveat)
● Function-as-a-Service
○Deploy code, not applications
5. AWS Lambda Details
● Supports Node.JS, Python, C#, and
Java
● Can call to server functionality
● Code deployment options
○ Uploading as a ZIP file (S3 or HTTP)
○ In-browser editor
15. ● Scraped logs of 2.6 million function
calls
● Pulled from CloudWatch on AWS
○ Function execution only
● Data on computing resources
consumed only
Examining Lambda Performance
16. ● Graphs built on a sample of full data set
(26,000 vs 2.6 million)
○ Sample is not random
● No relation to size of Lambda function
● Confounding factors may be present
● Significant outliers
First, Caveats
18. Memory vs Execution Time
● Does not incorporate HTTP Request
● Not a very strong correlation (r=-0.03)
● Three distinct groupings
● Tip: More memory allocated = faster
processor
20. Runtime Histogram
● Many functions run in < 100 ms
● Ignores code characteristics
● Ignores significant outliers on both ends
● Bimodal due to function characteristics
21. Improving the Analysis
● Capture full cycle times if possible
● Correlate runtimes with size of function
● Algorithmic complexity analysis
● Randomize sample selection
23. Four problems to solve:
● Problem 1 - Lambda Ownership
● Problem 2 - Deduplication
● Problem 3 - Triggering Lambda Functions
● Problem 4 - User Security
Lambda Integration
24. Problem 1 - Lambda Ownership
Option 1: User ownership
● Users host Lambda functions in their AWS
account
● Backand uses provided credentials to call
Lambda
● Maximizes freedom at the expense of ease of
use (also, security)
25. Problem 1 - Lambda Ownership
Option 2: Backand ownership
● Backand hosts Lambda functions in internal
AWS account
● No need for user's AWS credentials
● Maximizes ease of use at expense of user
freedom
Solution selected: Backand owns code
26. ● Lambda function names need to be unique
● Name length limits:
○ 140 characters for full ARN
○ 64 character subset for function name
Solution Selected: prepend guaranteed unique data
● Backand app names have a uniqueness constraint
● Could also use GUID, but this reduces name length
to 32 characters
Problem 2 - Deduplication
27. ● Most triggers AWS-based
○ S3, DynamoDB, Cloudwatch
○ None work for our use case
● API Gateway
○ Positive: Allows HTTP trigger
○ Negative: Complex configuration
○ Negative: Return value requirements
Solution selected: AWS SDK
Problem 3 - Triggering Lambda
28. ● Default: configure IAM profile and users
○ Need to give every dev access to AWS
○ Does not integrate with org security
○ Needs to be managed in multiple places
● Clients want flexibility and security
○ Need Single Sign-On
○ Need custom third-party security tools
○ Need ease of management
Solution selected: Lambda Launcher
Problem 4 - User Security
30. Debugging Lambda Functions
● Cloudwatch Integration
○ Provides call record, and console.log()
● Custom parameter input
○ Modal dialog presented before each run
● … and that's it
32. Emulating trigger event
● Each trigger sends different data
● Dump data from a sample call
(console.log())
● Keep in mind any transformations (API
Gateway)
33. Lambda Machine Environment
● Based on Amazon Machine Instance
● Dynamically provisioned (hot vs cold)
● Temporary storage (/tmp, 500 MB)
○ NOT guaranteed to persist
● Cannot accurately model machine
34. Invoking Lambda
● External Function Call (entry point)
● Custom parameters in "event" object
● Execution context details in "context"
● Callbacks (if supported) in "callback"
35. Debugging Lambda Locally
● Execution environment hard to
emulate
● Need to mimic input format from
action
● Need to mimic output format
● Need a test harness
36. Creating a Test Harness (Node.js)
● Function Prototype
● Including Handler
● Mimicking Lambda Invocation
○ Parameters in event object
○ Handlers in the context object
38. Test Harness Notes
● Callback mechanism
○ Need to adapt for each language
● Using callbacks in context parameter
○ Not supported, overloads context object
● Not a perfect substitute
○ Calls the function, but not from the same
environment
39. What do we get?
● Per-line output via console.log
● Immediate feedback from command
● Breakpoints and other local debugging
tools
● Unit and Integration tests
● CI/CD compatible (with CLI)
40. Deploying Your Code
● Zip-file from S3, or manual upload
○ Gotcha: zip only the source
code, not the parent folder!
● Test upload
● Publish new API
● Complex, non-intuitive
42. Lambda through a CLI
● Initialize a function
○ backand function init
● Copy your Node.JS code into created
directory and iterate
● Deploy
○ backand function deploy
43. Calling Your Lambda
● Authentication
○ can be anonymous
○ api.backand.com/1/token
● cURL
curl -H "<auth header>" "https://api.backand.com/1/function/general/<name>"
● JavaScript (with Backand SDK)
backand.function.get(...)
44. What is Backand?
● Serverless app platform
● Manages your app's database
● Manages your app's security and
authentication
● Provides custom server-side code execution
● Provides hosting options
● Provides logging, analytics, and more
45. Backand Features
● Automated REST API
● Bring your own Database
● Custom JavaScript Actions
● Server-Side Code Execution
● Batch and Bulk Processing
● Scheduled Tasks
● Automated messages
● Real-time Communications
● User and Role-based
Security
● Social Media Authentication
● GUI Schema Editor
● Custom Queries
● REST API Playground
● Sample Code Generation
● Hosting
● Detailed Analytics
● Logging
● Multi-Platform SDK
● Single Sign On Support
46. ● Live online demo every other Wednesday
● Webinar - Invoking Lambda through Alexa
Thursday, June 22nd, 11 AM Pacific
Learn more at https://www.backand.com
Want to know more?