This document discusses best practices for building microservices architectures. It begins by noting that there is no single right way to implement microservices and that each domain needs to be considered individually. It then provides guidelines for microservice design, such as having each service perform a single well-defined function. The document also distinguishes between building a platform of collaborating services versus a distributed services layer with more independent services. It offers recommendations for infrastructure, configuration management, documentation, and other considerations for successful microservices implementations.
This talk is a very quick intro to Docker, Terraform, and Amazon's EC2 Container Service (ECS). In just 15 minutes, you'll see how to take two apps (a Rails frontend and a Sinatra backend), package them as Docker containers, run them using Amazon ECS, and to define all of the infrastructure-as-code using Terraform.
Unique course notes for the Certified Kubernetes Administrator (CKA) for each section of the exam. Designed to be engaging and used as a reference in the future for kubernetes concepts.
SAST vs. DAST: What’s the Best Method For Application Security Testing?Cigital
High profile security breaches are leading to heightened organizational security concerns. Firms around the world are now observing the consequences of security breaches that are becoming more widespread and more advanced. Due to this, firms are ready to identify vulnerabilities in their applications and mitigate the risks.
Two ways to go about this are static application security testing (SAST) and dynamic application security testing (DAST). These application security testing methodologies are used to find the security vulnerabilities that make your organization’s applications susceptible to attack.
The two methodologies approach applications very differently. They are most effective at different phases of the software development life cycle (SDLC) and find different types of vulnerabilities. For example, SAST detects critical vulnerabilities such as cross-site scripting (XSS), SQL injection, and buffer overflow earlier in the SDLC. DAST, on the other hand, uses an outside-in penetration testing approach to identify security vulnerabilities while web applications are running.
Let us guide you through your application security testing journey with more key differences between SAST and DAST:
A common microservice architecture anti-pattern is more the merrier. It occurs when an organization team builds an excessively fine-grained architecture, e.g. one service-per-developer. In this talk, you will learn about the criteria that you should consider when deciding service granularity. I'll discuss the downsides of a fine-grained microservice architecture. You will learn how sometimes the solution to a design problem is simply a JAR file.
Kubernetes Security Best Practices - With tips for the CKS examAhmed AbouZaid
Agenda:
1. Introduction
2. Shift-left and DevSecOps
3. General Security Concepts
4. The 4C’s of Cloud Native Security
5. Kubernetes Security Starter Kit
6. CKS Exam Overview and Tips
Overview:
A dive into Kubernetes Security Best Practices in addition to tips for the Certified Kubernetes Security Specialist (CKS) exam.
The 1-3 sections are for everyone and they will cover the security in the container era. So it doesn’t matter what’s your title or background, they are a good start for anyone.
The 4-6 sections will dive more into Kubernetes security, so probably DevOps engineers and SREs will find that more interesting. But in general anyone interested in Kubernetes security is more than welcome.
This talk is a very quick intro to Docker, Terraform, and Amazon's EC2 Container Service (ECS). In just 15 minutes, you'll see how to take two apps (a Rails frontend and a Sinatra backend), package them as Docker containers, run them using Amazon ECS, and to define all of the infrastructure-as-code using Terraform.
Unique course notes for the Certified Kubernetes Administrator (CKA) for each section of the exam. Designed to be engaging and used as a reference in the future for kubernetes concepts.
SAST vs. DAST: What’s the Best Method For Application Security Testing?Cigital
High profile security breaches are leading to heightened organizational security concerns. Firms around the world are now observing the consequences of security breaches that are becoming more widespread and more advanced. Due to this, firms are ready to identify vulnerabilities in their applications and mitigate the risks.
Two ways to go about this are static application security testing (SAST) and dynamic application security testing (DAST). These application security testing methodologies are used to find the security vulnerabilities that make your organization’s applications susceptible to attack.
The two methodologies approach applications very differently. They are most effective at different phases of the software development life cycle (SDLC) and find different types of vulnerabilities. For example, SAST detects critical vulnerabilities such as cross-site scripting (XSS), SQL injection, and buffer overflow earlier in the SDLC. DAST, on the other hand, uses an outside-in penetration testing approach to identify security vulnerabilities while web applications are running.
Let us guide you through your application security testing journey with more key differences between SAST and DAST:
A common microservice architecture anti-pattern is more the merrier. It occurs when an organization team builds an excessively fine-grained architecture, e.g. one service-per-developer. In this talk, you will learn about the criteria that you should consider when deciding service granularity. I'll discuss the downsides of a fine-grained microservice architecture. You will learn how sometimes the solution to a design problem is simply a JAR file.
Kubernetes Security Best Practices - With tips for the CKS examAhmed AbouZaid
Agenda:
1. Introduction
2. Shift-left and DevSecOps
3. General Security Concepts
4. The 4C’s of Cloud Native Security
5. Kubernetes Security Starter Kit
6. CKS Exam Overview and Tips
Overview:
A dive into Kubernetes Security Best Practices in addition to tips for the Certified Kubernetes Security Specialist (CKS) exam.
The 1-3 sections are for everyone and they will cover the security in the container era. So it doesn’t matter what’s your title or background, they are a good start for anyone.
The 4-6 sections will dive more into Kubernetes security, so probably DevOps engineers and SREs will find that more interesting. But in general anyone interested in Kubernetes security is more than welcome.
ARCHITECTURE MICROSERVICE : TOUR D’HORIZON DU CONCEPT ET BONNES PRATIQUESSOAT
Les systèmes distribués ont largement évolués ces 10 dernières années, passant d’énormes applications monolithiques à de petits containers de services, apportant plus de souplesse et d’agilité au sein des systèmes d’information.
Le terme « Architecture microservice » a vu le jour pour décrire cette manière particulière de concevoir des applications logicielles.
Bien qu’il n’y ait pas de définition précise de ce style d’architecture, elles ont un certain nombre de caractéristiques communes basées autour de l’organisation de l’entreprise, du déploiement automatisé et de la décentralisation du contrôle du langage et des données.
Seulement, développer ces systèmes peut tourner au véritable casse-tête. Je vous propose donc un tour des concepts et différentes caractéristiques de ce type d’architecture, des bonnes et mauvaises pratiques, de la création jusqu’au déploiement des applications.
배민찬(https://www.baeminchan.com) 서비스의 백엔드 시스템 중 일부가 지난 1년간 어떤 고민과 아이디어, 결과물을 만들어냈는지 공유하려고 합니다. 발표 중 언급되는 용어나 도구에 대해 일반적인 정의나 간단한 설명은 언급되나 자세히 다루지 않습니다. 사용된 도구들로 어떻게 이벤트 기반 분산 시스템을 만들었는지에 대한 이야기가 중심입니다.
Au cours des 10 précédentes années, nous avons eu des sessions de Devoxx FR et plusieurs versions dont certaines majeures de Java.
L’objectif de ce talk est de revenir rétrospectivement sur certaines annonces et sur certaines des nombreuses évolutions de Java, notamment récentes afin d’en profiter dans nos applications. Au-delà des évolutions syntaxiques et dans les API, ce sera aussi l’occasion de justifier la migration vers des versions plus récentes de Java.
This session is focused on the Hashicorp vault which is a secret management tool. We can manage secrets for 2-3 environments but what if we have more than 10 environments, then it will become a very painful task to manage them when secrets are dynamic and need to be rotated after some time. Hashicorp vault can easily manage secrets for both static and dynamic also it can help in secret rotations.
Static Application Security Testing Strategies for Automation and Continuous ...Kevin Fealey
Static Application Security Testing (SAST) introduces challenges with existing Software Development Lifecycle Configurations. Strategies at different points of the SDLC improve deployment time, while still improving the quality and security of the deliverable. This session will discuss the different strategies that can be implemented for SAST within SDLC—strategies catering to developers versus security analysts versus release engineers. The strategies consider the challenges each team may encounter, allowing them to incorporate security testing without jeopardizing deadlines or existing process.
SpringOne Platform 2017
Ryan Baxter, Pivotal
You have heard and seen great things about Spring Cloud and you decide it is time to dive in and try it out yourself. You fire up your browser head to Google and land on the Spring Cloud homepage. Then it hits you, where do you begin? What do each of these projects do? Do you need to use all of them or can you be selective? The number of projects under the Spring Cloud umbrella has grown immensely over the past couple of years and if you are a newcomer to the Spring Cloud ecosystem it can be quite daunting to sift through the projects to find what you need. By the end of this talk you will leave with a solid understanding of the Spring Cloud projects, how to use them to build cloud native apps, and the confidence to get started!
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
Are you struggling with application security testing? Do you wish it was easier, faster, and better? Join us to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence.
Fully automate secure app delivery and deployment, without the need for extra security scans or processes.
Free up DevOps resources to focus on strategic or mission-critical tasks and contributions.
Back in 2015, Square and Google collaborated to launch gRPC, an open source RPC framework backed by protocol buffers and HTTP/2, based on real-world experiences operating microservices at scale. If you build microservices, you will be interested in gRPC.
This webcast covers:
- a technical overview of gRPC
- use cases and applicability in your stack
- a deep dive into the practicalities of operationalizing gRPC
Zero Code Multi-Cloud Automation with Ansible and TerraformAvi Networks
Does your automation require more or less work? Avi's take is less. That’s why Avi offers zero-code multi-cloud automation for Day 0 and Day 1+. DevOps and IT teams can achieve self-service application and infrastructure resources provisioning (Day 0) without writing custom scripts per app or per cloud. We will walk through how to leverage Ansible and Terraform to automate tasks throughout the lifecycle of an application (Day 1+) using YAML-based declarative configurations.
Learn how to:
- Achieve efficient, repeatable, and automated app provisioning without writing code
- Use Ansible roles and modules or Terraform providers to easily automate common tasks
- Deploy across multi-cloud environments with consistent experience without customizations
- Gain visibility into network topology and app performance
- Apply closed-loop analytics to drive automation
Watch the full webinar: https://info.avinetworks.com/webinars-ansible-and-terraform-recipes
Static Analysis Security Testing for Dummies... and YouKevin Fealey
Most enterprise application security teams have at least one Static Analysis Security Testing (SAST) tool in their tool-belt; but for many, the tool never leaves the belt. SAST tools have gotten a reputation for being slow, error-prone, and difficult to use; and out of the box, many of them are – but with a little more knowledge behind how these tools are designed, a SAST tool can be a valuable part of any security program.
In this talk, we’ll help you understand the strengths and weaknesses of SAST tools by illustrating how they trace your code for vulnerabilities. You’ll see out-of-the-box rules for commercial and open-source SAST tools, and learn how to write custom rules for the widely-used open source SAST tool, PMD. We’ll explain the value of customizing tools for your organization; and you’ll learn how to integrate SAST technologies into your existing build and deployment pipelines. Lastly, we’ll describe many of the common challenges organizations face when deploying a new security tool to security or development teams, as well as some helpful hints to resolve these issues
I did this presentation for one of my java user groups at work.
Basically, this is a mashed up version of various presentations, slides and images that I gathered over the internet.
I've quoted the sources in the end. Feel free to reuse it as you like.
Are you still using FTP to deploy your code? Are you still manually performing the same steps of deploying a feature, again and again? How many hours have you spent on ssh-ing into the server, pulling the repo, migrating the database, reloading the web server and so on, for each deployment?? Ever wondered if there is a process as simple as a single click to perform all these steps for you?
Automated Deployment does exactly these things for you. It takes the burden of remembering all the steps required in each deployment process and execute it smoothly.
Vagrant is a well-known tool for creating development environments in a simple and consistent way. Since we adopted in our organization we experienced several benefits: lower project setup times, better shared knowledge among team members, less wtf moments ;-)
In this session I'd like to share our experience, including but not limited to:
- advanced vagrantfile configuration
- vm configuration tips for dev environment: performance, debug, tuning
- our wtf moments
- puphet/phansilbe: hot or not?
- tips for sharing a box
ARCHITECTURE MICROSERVICE : TOUR D’HORIZON DU CONCEPT ET BONNES PRATIQUESSOAT
Les systèmes distribués ont largement évolués ces 10 dernières années, passant d’énormes applications monolithiques à de petits containers de services, apportant plus de souplesse et d’agilité au sein des systèmes d’information.
Le terme « Architecture microservice » a vu le jour pour décrire cette manière particulière de concevoir des applications logicielles.
Bien qu’il n’y ait pas de définition précise de ce style d’architecture, elles ont un certain nombre de caractéristiques communes basées autour de l’organisation de l’entreprise, du déploiement automatisé et de la décentralisation du contrôle du langage et des données.
Seulement, développer ces systèmes peut tourner au véritable casse-tête. Je vous propose donc un tour des concepts et différentes caractéristiques de ce type d’architecture, des bonnes et mauvaises pratiques, de la création jusqu’au déploiement des applications.
배민찬(https://www.baeminchan.com) 서비스의 백엔드 시스템 중 일부가 지난 1년간 어떤 고민과 아이디어, 결과물을 만들어냈는지 공유하려고 합니다. 발표 중 언급되는 용어나 도구에 대해 일반적인 정의나 간단한 설명은 언급되나 자세히 다루지 않습니다. 사용된 도구들로 어떻게 이벤트 기반 분산 시스템을 만들었는지에 대한 이야기가 중심입니다.
Au cours des 10 précédentes années, nous avons eu des sessions de Devoxx FR et plusieurs versions dont certaines majeures de Java.
L’objectif de ce talk est de revenir rétrospectivement sur certaines annonces et sur certaines des nombreuses évolutions de Java, notamment récentes afin d’en profiter dans nos applications. Au-delà des évolutions syntaxiques et dans les API, ce sera aussi l’occasion de justifier la migration vers des versions plus récentes de Java.
This session is focused on the Hashicorp vault which is a secret management tool. We can manage secrets for 2-3 environments but what if we have more than 10 environments, then it will become a very painful task to manage them when secrets are dynamic and need to be rotated after some time. Hashicorp vault can easily manage secrets for both static and dynamic also it can help in secret rotations.
Static Application Security Testing Strategies for Automation and Continuous ...Kevin Fealey
Static Application Security Testing (SAST) introduces challenges with existing Software Development Lifecycle Configurations. Strategies at different points of the SDLC improve deployment time, while still improving the quality and security of the deliverable. This session will discuss the different strategies that can be implemented for SAST within SDLC—strategies catering to developers versus security analysts versus release engineers. The strategies consider the challenges each team may encounter, allowing them to incorporate security testing without jeopardizing deadlines or existing process.
SpringOne Platform 2017
Ryan Baxter, Pivotal
You have heard and seen great things about Spring Cloud and you decide it is time to dive in and try it out yourself. You fire up your browser head to Google and land on the Spring Cloud homepage. Then it hits you, where do you begin? What do each of these projects do? Do you need to use all of them or can you be selective? The number of projects under the Spring Cloud umbrella has grown immensely over the past couple of years and if you are a newcomer to the Spring Cloud ecosystem it can be quite daunting to sift through the projects to find what you need. By the end of this talk you will leave with a solid understanding of the Spring Cloud projects, how to use them to build cloud native apps, and the confidence to get started!
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
Are you struggling with application security testing? Do you wish it was easier, faster, and better? Join us to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence.
Fully automate secure app delivery and deployment, without the need for extra security scans or processes.
Free up DevOps resources to focus on strategic or mission-critical tasks and contributions.
Back in 2015, Square and Google collaborated to launch gRPC, an open source RPC framework backed by protocol buffers and HTTP/2, based on real-world experiences operating microservices at scale. If you build microservices, you will be interested in gRPC.
This webcast covers:
- a technical overview of gRPC
- use cases and applicability in your stack
- a deep dive into the practicalities of operationalizing gRPC
Zero Code Multi-Cloud Automation with Ansible and TerraformAvi Networks
Does your automation require more or less work? Avi's take is less. That’s why Avi offers zero-code multi-cloud automation for Day 0 and Day 1+. DevOps and IT teams can achieve self-service application and infrastructure resources provisioning (Day 0) without writing custom scripts per app or per cloud. We will walk through how to leverage Ansible and Terraform to automate tasks throughout the lifecycle of an application (Day 1+) using YAML-based declarative configurations.
Learn how to:
- Achieve efficient, repeatable, and automated app provisioning without writing code
- Use Ansible roles and modules or Terraform providers to easily automate common tasks
- Deploy across multi-cloud environments with consistent experience without customizations
- Gain visibility into network topology and app performance
- Apply closed-loop analytics to drive automation
Watch the full webinar: https://info.avinetworks.com/webinars-ansible-and-terraform-recipes
Static Analysis Security Testing for Dummies... and YouKevin Fealey
Most enterprise application security teams have at least one Static Analysis Security Testing (SAST) tool in their tool-belt; but for many, the tool never leaves the belt. SAST tools have gotten a reputation for being slow, error-prone, and difficult to use; and out of the box, many of them are – but with a little more knowledge behind how these tools are designed, a SAST tool can be a valuable part of any security program.
In this talk, we’ll help you understand the strengths and weaknesses of SAST tools by illustrating how they trace your code for vulnerabilities. You’ll see out-of-the-box rules for commercial and open-source SAST tools, and learn how to write custom rules for the widely-used open source SAST tool, PMD. We’ll explain the value of customizing tools for your organization; and you’ll learn how to integrate SAST technologies into your existing build and deployment pipelines. Lastly, we’ll describe many of the common challenges organizations face when deploying a new security tool to security or development teams, as well as some helpful hints to resolve these issues
I did this presentation for one of my java user groups at work.
Basically, this is a mashed up version of various presentations, slides and images that I gathered over the internet.
I've quoted the sources in the end. Feel free to reuse it as you like.
Are you still using FTP to deploy your code? Are you still manually performing the same steps of deploying a feature, again and again? How many hours have you spent on ssh-ing into the server, pulling the repo, migrating the database, reloading the web server and so on, for each deployment?? Ever wondered if there is a process as simple as a single click to perform all these steps for you?
Automated Deployment does exactly these things for you. It takes the burden of remembering all the steps required in each deployment process and execute it smoothly.
Vagrant is a well-known tool for creating development environments in a simple and consistent way. Since we adopted in our organization we experienced several benefits: lower project setup times, better shared knowledge among team members, less wtf moments ;-)
In this session I'd like to share our experience, including but not limited to:
- advanced vagrantfile configuration
- vm configuration tips for dev environment: performance, debug, tuning
- our wtf moments
- puphet/phansilbe: hot or not?
- tips for sharing a box
Understand benefits and pain points of cloud, local and vagrant based development
Describe a development flow that combines vagrant and AWS to create a:
consistent environments for all developers
consistent environment from development to production
help organizations move fast – if they are not already doing this
integrate nearly flawlessly with AWS
Ease Development <-> Production Software Deployment
It Works On My Machine: Vagrant for Software DevelopmentCarlos Perez
Vagrant is a command-line interface for simplifying the use of virtual machines (VM's). Vagrant allows teams to standardize their software development workflows by offering a uniform and portable interface to provision and run VM's on different operating platforms such as Mac OS X, Windows, and Linux and achieve identical results. It supports all the major virtualization solutions such as VirtualBox, VMWare, and Hyper-V and supports configuration tools that range from simple shell scripts to powerful Chef and Puppet recipes. Developers simply invoke “vagrant up” and immediately enjoy a standard, consistent, and reproducible VM for software development and testing.
Vagrant is an excellent tool for quickly setup a development environment in a reproducible manner. However it is also a DecOps tool. In this talk the idea is to introduce audience how they can use Vagrant for DevOps
With Vagrant 1.1, you can use the same configuration and workflow to spin up and provision machines in VirtualBox, VMware, AWS, RackSpace, and more. You get all the benefits of Vagrant with the power of working in whatever environment you need to.
In this talk, you’ll learn how to use the new multi-provider features of Vagrant to more effectively develop and test Chef cookbooks.
[WSO2Con EU 2017] Microservices for EnterprisesWSO2
Microservice architecture (MSA) is fast becoming a popular architecture pattern in today’s agile enterprises. Its iterative architecture and development methodologies are attracting the interest of architects who need continuous delivery to fulfill business needs. But, is every characteristic of MSA new or even pragmatic? Can MSA alone help you solve your enterprise challenges? This session will explore how middleware plays a key role in successful MSA-based implementations.
This is a small introduction to microservices. you can find the differences between microservices and monolithic applications. You will find the pros and cons of microservices. you will also find the challenges (Business/ technical) that you may face while implementing microservices.
MuCon 2015 - Microservices in Integration ArchitectureKim Clark
Discusses the how microservices fit into the ever evolving integration architecture, looking at how these concepts are often seen very differently through the eyes of enterprises with different lanscapes.
The Reality of Managing Microservices in Your CD PipelineDevOps.com
As we shift from monolithic software development practices to microservices, our well-designed CD pipeline will need to change. Microservices are small functions, deployed independently and linked via APIs at run-time. While these differences seem minor, they actually have a large impact on your overall CD structure. Think hundreds of workflows, small of any builds and the loss of a monolithic 'application.'
Join Tracy Ragan, CEO of DeployHub and Brendan O'Leary, Developer Evangelist at GitLab, to learn more.
It's never too early to start the conversation.
These are my summarized notes from all the microservices session I attended at QCon 2015. These sessions had tons of learning around how to scale microservices and avoid common pitfalls
Modernizing the monolithic architecture to container based architecture apaco...Vinay Kumar
Transform the architecture from monolithic architecture to container/serverless architecture. Speaker would explain how things work with monolithic implementation and what would require to change to the container-based design. Example of Fusion middleware (WebLogic) to new technologies like node.js etc would be given. This session would be more interactive and provides advantages of the container-based system. Container and container management software would be explained.
IBM Rational Host Access Transformation Services (HATS) is a tool for modernizing IBM i 5250 and mainframe 3270 telnet applications. This presentation, given at IBM Innovate 2014, demonstrates how HATS can turn those green screen applications into JAX-WS or RESTful JSON web services, how to consume Program Call Markup Language (PCML) enabled IBM i Programs, and how to to integrate with databases using SQL, JDBC, and the Java Persistence API (JPA) 2.0 features of Rational Application Developer. Finally we describe using servlet filters to further enhance the abilities of the Rational HATS entry servlet.
Cloud-native Data: Every Microservice Needs a Cachecornelia davis
Presented at the Pivotal Toronto Users Group, March 2017
Cloud-native applications form the foundation for modern, cloud-scale digital solutions, and the patterns and practices for cloud-native at the app tier are becoming widely understood – statelessness, service discovery, circuit breakers and more. But little has changed in the data tier. Our modern apps are often connected to monolithic shared databases that have monolithic practices wrapped around them. As a result, the autonomy promised by moving to a microservices application architecture is compromised.
With lessons from the application tier to guide us, the industry is now figuring out what the cloud-native architectural patterns are at the data tier. Join us to explore some of these with Cornelia Davis, a five year Cloud Foundry veteran who is now focused on cloud-native data. As it happens, every microservice needs a cache and this evening will drill deep on that topic. She’ll cover a variety of caching patterns and use cases, and demonstrate how their use helps preserve the autonomy that is driving agile software delivery practices today.
<November 2017 Updated from earlier presentations on Cloud-native Data>
Cloud-native applications form the foundation for modern, cloud-scale digital solutions, and the patterns and practices for cloud-native at the app tier are becoming widely understood – statelessness, service discovery, circuit breakers and more. But little has changed in the data tier. Our modern apps are often connected to monolithic shared databases that have monolithic practices wrapped around them. As a result, the autonomy promised by moving to a microservices application architecture is compromised.
What we need are patterns and practices for cloud-native data. The anti-patterns of shared databases and simple proxy-style web services to front them give way to approaches that include use of caches (Netflix calls caching their hidden microservice), database per service and polyglot persistence, modern versions of ETL and data integration and more. In this session, aimed at the application developer/architect, Cornelia will look at those patterns and see how they serve the needs of the cloud-native application.
Slides from my GGX 2013 talk. http://skillsmatter.com/podcast/home/message-driven-architecture-in-grails
Code here: https://github.com/danveloper/ggx-2013-mda
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. A Simple Truth
There is no right way to “do” microservices.
• Microservices represent a problem domain
that scales development, architecture,
operations, and infrastructure
• Thinking that one-size-fits-all is naïve
• Need to consider your domain and how it should
all fit together
3. Guidelines for Microservices
• Should perform a single function in the scope
of the domain
– Business/Platform/Operation function
• Should not emphasize LoC in the “micro”
mindset
– “Micro” should speak to a service’s function, not
its size
• Should encapsulate its domain
– Domain modeling, business logic, API
4. What Are You Building?
• Understand how your distributed
infrastructure fits together
• Are you building a set of services that
collaborate toward a common goal?
– Then you’re building a “platform”
• Are you building services that act in a one-off
or composable manner?
– Then you’re building a “distributed service layer”
5. Building A Platform
• A Platform is composed of many different
microservices that collaborate in terms of a
broader “system”
• Microservices perform a very specific function
in the overall processing
• A Gateway Layer should be employed to
service consumers
7. Platform Architecture
• Consumers never speak directly to the
underlying microservices
• Consumers talk to the Gateway layer as
though they are talking to a monolith
• Microservices never talk amongst themselves
– They are clean vertical slices in the architecture
• Gateway layer is responsible for consuming
and aggregating data from microservices
8. Platform Architecture
• In a platform, the data model is coupled because of
the overall collaborative nature of the system
• It is OK to share a data model between microservice and
Gateway layers through a client library
• Since the Gateway will be the only consumer of a backend
microservice, coupling via a client library is OK
• Gateway can gracefully degrade service or data
offerings when a backend service is not available
9. Distributed Service Layer
Microservices
• Distributed Service Layer microservices are
those services that do not cooperate within a
strict “system”
• They are able to be composed by many
consumers for their purposes
• Consumers are responsible for understanding
the service’s data structures and domains
11. Distributed Service Layer
Microservices
• Interconnectivity means the dependency
graph can be difficult to figure out
• Failure in the overall infrastructure can be
difficult to realize and trace
• May be difficult to push data structure and
model changes without breaking many
consumers
• Can quickly turn in “spaghetti infrastructure”
14. Distributed Service Layer
Microservices Architecture
• Define two tiers of distributed service layer
types: data consumers/aggregators & data
producers
• Having a logical boundary between services
that talk to other services and those that do
not makes the infrastructure manageable
• Data producers should not inter-communicate
at their level
16. Distributed Service Layer
Microservices Architecture
• Microservices should not share a domain
model
– The complexity of a distributed service layer can
make dependency management very difficult
• Microservices should focus on documentation
as the contract
• Consumer service tier should be resilient to
failure
17. Distributed Service Layer
Microservices Architecture
• Considerations:
– What about when one or more “consuming”
service tier microservices want to collaborate?
– Dependency graph can still be messy; versioning
of APIs and data models should be strictly
adhered to
– Documentation is hard to get right. How can we
make service structures and APIs more
discoverable?
18. Documentation
• It’s important to document a distributed
service layer microservice in a “human
consumable” way
– Explaining the domain and what a service is doing
is more important than showing the endpoints
– Showing the endpoints is still important
• Platform architectures should expose
documentation through the Gateway layer
19. Documentation
• Discoverability:
– Documentation can be difficult to maintain and
manage, especially with an evolving API
– Statically documenting the API is OK, making it
programmatically discoverable is better
– Documentation + making the API discoverable
gives great coverage over what a service is doing
and how to interface with it
20. Discoverability
• HATEOAS
– Informs of what relationships exist within the data
object that is returned
– Informs of how to access the data of some
relationship
– Can be a great strategy for gracefully degrading
behavior in a platform
25. Discoverability
• HATEOAS
– When the review service goes offline, we can
inform consumers by removing it from the
_links block in the data object
– This means that we only need to document the
model and intention of the service
– Consumers will only need to know the
relationship within the system to know
26. Discoverability
• JSON-LD
– Provides a “linked data” structure for consumers
– Allows you to provide a type for your API
endpoints, and can be programmatically
interpreted in a number of ways
– Worth investigating: http://www.hydra-cg.com/
27. Project Structure
• Many questions in a microservice
architecture:
– Repo per microservice?
– Module per microservice?
– Every microservice in its own process space?
28. Project Structure
• In services that do not collaborate, they should
not share a project structure
• It may make sense for platform microservices to
exist as a module in a singular project
• Following a repo-per- approach for distributed
service layer microservices keeps the concerns
nicely isolated
– “What about when we need to share common things
(constants, configs, etc)?” Publish a library; it’s easier
than ever with things like jfrog* and jcenter*
* http://bintray.com
31. Project Structure
• Principles:
– Generate a self-contained, lightweight artifact
– Should be runnable and environment agnostic
(within the build)
– Runnable JARs or a standalone distribution is the
best way to go
32. Project Structure
• Principles:
– Generate a self-contained, lightweight artifact
– Should be runnable and environment agnostic
(within the build)
– Runnable JARs or a standalone distribution is the
best way to go
33. Project Structure
apply plugin: 'groovy’
apply plugin: 'application'
mainClassName = "com.tld.microservice.Main"
repositories {
jcenter()
}
dependencies {
compile 'org.codehaus.groovy:groovy-all:2.4.3’
...
}
How do we run this thing
34. Project Structure
apply plugin: 'groovy’
apply plugin: 'application'
mainClassName = "com.tld.microservice.Main"
repositories {
jcenter()
}
dependencies {
compile 'org.codehaus.groovy:groovy-all:2.4.3’
...
}
How do we build this thing
35. Project Structure
apply plugin: 'groovy’
apply plugin: 'application’
...
• Gradle Task
./gradlew installDist
Creates a distribution of the application, which pulls down all the
dependencies, structures them in a directory, and produces shell scripts that
can start the app in a standalone way.
Can be found in {projectDir}/build/install/{projectName}
37. Project Structure
./gradlew shadowJar
• Produces a “fat jar” with all the dependencies contained
• Integrates with the application plugin to make the fat jar
runnable
• Excellent solution for building lightweight deployables
• Can be run anywhere Java is available
38. Infrastructure
• Managing a microservice infrastructure is
difficult
• Big benefit to microservices/distributed
systems is the ability to scale a service
according to its specific requirements
• Means that all microservices will run on their
own instances/containers
39. Infrastructure
• Infrastruct principles for microservices:
– Follow immutable infrastructure paradigms
– Make the unit of deployment for a microservice
portable
– Structure microservices such that configuration is
derived from the runtime environment
40. Infrastructure
• Immutable infrastructure:
– Once a server is provisioned, it cannot be changed
– Any detail about provisioning a server for a
microservice should come from the microservice’s
build
– Initialization, service starting, base configuration
should be performed only once during provisioning,
never adjusted after that
– Any modifications to the server’s runtime should be in
change control under the microservice project’s
purview
41. Infrastructure
• Portable deployables:
– Building just a JAR is fine, but it doesn’t inform the
server as to how to run that JAR
– Unit of deployment should specify all of the
dependencies required to run your application
• “My microservice depends on Java”, for example
– Unit of deployment should self-contain any
configuration steps, including things like
ansible/chef/puppet runs (beyond any base-image
configuration)
42. Infrastructure
• Portable deployables:
– Package your project as an os-package
– Gradle plugin available from Netflix (Nebula) to
pull your project into a .deb or .rpm file
• Provides a DSL for specifying pre-install/post-install
steps
• Uses Gradle CopySpec to install files into the resulting
os package
45. buildscript {
repositories { jcenter() }
dependencies {
classpath 'com.netflix.nebula:gradle-ospackage-plugin:2.0.2’
}
}
... [snip] ...
mainClassName = "com.tld.products.Main"
ospackage {
packageName = "products"
release '3'
into "/opt/products"
from "${project.buildDir}/install/${project.applicationName}"
from("osfiles") {
into "/"
}
}
buildDeb {
dependsOn installDist
requires(“openjdk-7-jre”)
preInstall file('scripts/preInstall.sh')
}
Puts everything in the project’s
“osfiles” directory into the root of the
server’s filesystem (config, start scripts, other?)
46. buildscript {
repositories { jcenter() }
dependencies {
classpath 'com.netflix.nebula:gradle-ospackage-plugin:2.0.2’
}
}
... [snip] ...
mainClassName = "com.tld.products.Main"
ospackage {
packageName = "products"
release '3'
into "/opt/products"
from "${project.buildDir}/install/${project.applicationName}"
from("osfiles") {
into "/"
}
}
buildDeb {
dependsOn installDist
requires(“openjdk-7-jre”)
preInstall file('scripts/preInstall.sh')
}
Informs the server as to any dependencies
that your project might have
47. buildscript {
repositories { jcenter() }
dependencies {
classpath 'com.netflix.nebula:gradle-ospackage-plugin:2.0.2’
}
}
... [snip] ...
mainClassName = "com.tld.products.Main"
ospackage {
packageName = "products"
release '3'
into "/opt/products"
from "${project.buildDir}/install/${project.applicationName}"
from("osfiles") {
into "/"
}
}
buildDeb {
dependsOn installDist
requires(“openjdk-7-jre”)
preInstall file('scripts/preInstall.sh')
}
Will execute the script before your project
is installed on the server. Allows you to provide
Any additional tuning.
48. Infrastructure
./gradlew buildDeb
• Produces the artifact into the
{project}/build/distributions/{projectName}_{vers
ion}-3.deb file
• Can be installed on any server/container and all dependencies are
resolved at provisioning
• “osfiles” can include anything, but common use-cases are startup
scripts, any system-level configuration needed by the microservice
• Pre/Post install can include things like Ansible/Chef/Puppet runs
50. Infrastructure
• Docker:
– An “OK” option for microservices
– Can be difficult to manage
– Cloud providers out there taking this on
• CloudFoundry (cloudfoundry.com)
• Morpheus (gomorpheus.com)
• Project Atomic (projectatomic.io)
– Gradle Plugin available for packaging your
microservice as a Docker container
• https://github.com/bmuschko/gradle-docker-plugin
51. Microservice Configuration
Management
• When you get into a distributed architecture,
you need faculties to help manage
configuration
• Builds/projects should be agnostic to the
environment they are deployed in
• Environment configuration should be derived
from the environment
54. Microservice Configuration
Management
• Rules of thumb for configuration
management:
– Place config server in an internal DNS zone
– For robust architectures, have a config server per
environment
– Have microservices re-poll the configuration
server for any real-time changes
– During server deployment, export the
environment key (as part of User Data, for
example)
55. Microservice Configuration
Management
• Spring Cloud OSS helps provide integration
with configuration management servers for
pulling properties dynamically
– Gives you the ability to read from Cloud CM
– Provides management endpoints for updating
microservice configurations dynamically
– https://github.com/spring-cloud/spring-cloud-config#spring-cloud-config-client
– http://cloud.spring.io/spring-cloud-consul/spring-cloud-consul.html
56. Additional Considerations
• Metrics Reporting
– Use statsd and things will be very portable
• Service Discovery
– Eureka, Consul, Load Balancing
• Log publishing
– Should write out application logs to a common
location (S3, for example) for inspection