MySQL Database Service Webinar: Installing Drupal in oci with mdsFrederic Descamps
How to Install Drupal in OCI using MySQL Database Service.
Discover in this talk two ways to install Drupal on OCI using MDS:
- easy way: using Resource Manager Stacks
- usual way: creating everything manually
Pi Day 2022 - from IoT to MySQL HeatWave Database ServiceFrederic Descamps
HeatWave is a massively parallel, high performance, in-memory query accelerator for Oracle MySQL Database Service that accelerates MySQL performance by orders of magnitude for analytics and mixed workloads. But how do you collect data from an Internet of Things Environment so you can use HeatWave to process it? In one hour you will see how data collected by a Raspberry PI or other Internet of Things device can be uploaded to the MySQL Database Service and then processed by HeatWave.
Présentation de MySQL 8.0 est des nouveautés récentes dans les toutes dernières versions ainsi que des informations sur la prochaine beta du MySQL Operator for Kubernetes
MySQL Tech Café #8: MySQL 8.0 for Python DevelopersFrederic Descamps
Usually it seems Python developers don't always think about MySQL as their first choice.... However when test test it with the right connector and MySQL 8.0 they love it !
Join this talk to learn how Python with mysql-connector-python can take advantages of MySQL 8.0.
This means using Standard MySQL Protocol but much nicer the X Protocol. During this session you will see how you can use MySQL Document Store and MySQL as RDBMS on the same session to benefits from both worlds.
MySQL Database Service Webinar: Installing Drupal in oci with mdsFrederic Descamps
How to Install Drupal in OCI using MySQL Database Service.
Discover in this talk two ways to install Drupal on OCI using MDS:
- easy way: using Resource Manager Stacks
- usual way: creating everything manually
Pi Day 2022 - from IoT to MySQL HeatWave Database ServiceFrederic Descamps
HeatWave is a massively parallel, high performance, in-memory query accelerator for Oracle MySQL Database Service that accelerates MySQL performance by orders of magnitude for analytics and mixed workloads. But how do you collect data from an Internet of Things Environment so you can use HeatWave to process it? In one hour you will see how data collected by a Raspberry PI or other Internet of Things device can be uploaded to the MySQL Database Service and then processed by HeatWave.
Présentation de MySQL 8.0 est des nouveautés récentes dans les toutes dernières versions ainsi que des informations sur la prochaine beta du MySQL Operator for Kubernetes
MySQL Tech Café #8: MySQL 8.0 for Python DevelopersFrederic Descamps
Usually it seems Python developers don't always think about MySQL as their first choice.... However when test test it with the right connector and MySQL 8.0 they love it !
Join this talk to learn how Python with mysql-connector-python can take advantages of MySQL 8.0.
This means using Standard MySQL Protocol but much nicer the X Protocol. During this session you will see how you can use MySQL Document Store and MySQL as RDBMS on the same session to benefits from both worlds.
FOSDEM 2022 MySQL Devroom: MySQL 8.0 - Logical Backups, Snapshots and Point-...Frederic Descamps
Logical dumps are becoming popular again. MySQL Shell parallel dump & load utility changed to way to deal with logical dumps, certainly when using instances in the cloud. MySQL 8.0 released also an awesome physical snapshot feature with CLONE.
In this session, I will show how to use these two ways of saving your data and how to use the generated backup to perform point-in-time recovery like a rockstar with MySQL 8.0 in 2022 !
Open Source 101 2022 - MySQL Indexes and HistogramsFrederic Descamps
Nobody complains that the database is too fast. But when things slow down, the complaints come quickly. The two most popular approaches to speeding up queries are indexes and histograms. But there are so many options and types on indexes that it can get confusing. Histograms are fairly new to MySQL but they do not work for all types of data. This talk covers how indexes and histograms work and show you how to test just how effective they are so you can measure the performance of your queries.
UAE MySQL Users Group Meet-up : MySQL Shell Document Store & more...Frederic Descamps
Discover MySQL 8.0 Document Store and how to use CRUD operations from the MySQL Shell. Also discover how to extend the MySQL Shell with User Defined Reports and Plugins
MySQL InnoDB Cluster - Advanced Configuration & OperationsFrederic Descamps
MySQL InnoDB Cluster is a very easy HA solution to deploy. However it's also a very customizable solution able to respond to most needs. During this session I will give an overview of settings that you may tune like those related to quorum lost, level of consistency, but also some you may not know like how to change recovery system, effect of increasing the event horizon. We will also discus about maintenance operations like how to stream large transactions, how to deal with DDL in multi-primary environments...
State of the Dolphin 2020 - 25th Anniversary of MySQL with 8.0.20Frederic Descamps
This is the online live version of the State of The Dolphin during Percona Live Online in May 2020.Discover what's new in MySQL 8.0, the Document Store, CTEs, Window Functions, Lateral, JSON_TABLE, the new Volcano Iterator, EXPLAIN ANLYZE, HASH JOIN, the new double write buffer, binlog compression, InnoDB Cluster, InnoDB ReplicaSet, DNS-SRV.... and last but not least our Contributors who made MySQL 8.0 so Great !
OpenExpo Virtual Experience 2020: MySQL 8.0 Document Store - Discovery of a n...Frederic Descamps
MySQL Document Store enables us to work with SQL relational tables and schema-less JSON collections. So instead of having a mixed bag of databases, you can just rely on MySQL, where the JSON documents can be stored in collections and managed with CRUD operations. All you need to do is install the X plugin. In this session, you will learn what a document store is, how to install and use it, and all the reasons for considering it. We will also see several specific features helping developers and illustrate how the usual MySQL DBA can manage this new world.
FOSDEM 2022 MySQL Devroom: MySQL 8.0 - Logical Backups, Snapshots and Point-...Frederic Descamps
Logical dumps are becoming popular again. MySQL Shell parallel dump & load utility changed to way to deal with logical dumps, certainly when using instances in the cloud. MySQL 8.0 released also an awesome physical snapshot feature with CLONE.
In this session, I will show how to use these two ways of saving your data and how to use the generated backup to perform point-in-time recovery like a rockstar with MySQL 8.0 in 2022 !
Open Source 101 2022 - MySQL Indexes and HistogramsFrederic Descamps
Nobody complains that the database is too fast. But when things slow down, the complaints come quickly. The two most popular approaches to speeding up queries are indexes and histograms. But there are so many options and types on indexes that it can get confusing. Histograms are fairly new to MySQL but they do not work for all types of data. This talk covers how indexes and histograms work and show you how to test just how effective they are so you can measure the performance of your queries.
UAE MySQL Users Group Meet-up : MySQL Shell Document Store & more...Frederic Descamps
Discover MySQL 8.0 Document Store and how to use CRUD operations from the MySQL Shell. Also discover how to extend the MySQL Shell with User Defined Reports and Plugins
MySQL InnoDB Cluster - Advanced Configuration & OperationsFrederic Descamps
MySQL InnoDB Cluster is a very easy HA solution to deploy. However it's also a very customizable solution able to respond to most needs. During this session I will give an overview of settings that you may tune like those related to quorum lost, level of consistency, but also some you may not know like how to change recovery system, effect of increasing the event horizon. We will also discus about maintenance operations like how to stream large transactions, how to deal with DDL in multi-primary environments...
State of the Dolphin 2020 - 25th Anniversary of MySQL with 8.0.20Frederic Descamps
This is the online live version of the State of The Dolphin during Percona Live Online in May 2020.Discover what's new in MySQL 8.0, the Document Store, CTEs, Window Functions, Lateral, JSON_TABLE, the new Volcano Iterator, EXPLAIN ANLYZE, HASH JOIN, the new double write buffer, binlog compression, InnoDB Cluster, InnoDB ReplicaSet, DNS-SRV.... and last but not least our Contributors who made MySQL 8.0 so Great !
OpenExpo Virtual Experience 2020: MySQL 8.0 Document Store - Discovery of a n...Frederic Descamps
MySQL Document Store enables us to work with SQL relational tables and schema-less JSON collections. So instead of having a mixed bag of databases, you can just rely on MySQL, where the JSON documents can be stored in collections and managed with CRUD operations. All you need to do is install the X plugin. In this session, you will learn what a document store is, how to install and use it, and all the reasons for considering it. We will also see several specific features helping developers and illustrate how the usual MySQL DBA can manage this new world.
Toronto Virtual Meetup #7 - Anypoint VPC, VPN and DLB ArchitectureAlexandra N. Martinez
Join us for this meetup where Jitendra Bafna (Jacky) will be talking about Anypoint VPC, VPN and DLB Architecture. He will mention the best practices, some use cases, and a live demo!
VMworld 2013: Data In, Data Out and Data Protected VMworld
VMworld 2013
Mike Laverick, VMware
Roshni Pary, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
A Pulsar Use Case In Federated Learning - Pulsar Summit NA 2021StreamNative
Federated learning (FL) is a machine learning technique that enables multiple decentralized organizations to train a model without exposing local data samples. Instead, during the training, lots of encrypted messages will be exchanged among the participants to aggregate the global model. Due to the message is so important and its requirements of real-time and sequential, it brings some challenges to the transmission.
In this session, we will talk about how to address the above challenge with the Apache Pulsar project, and we will go through the details about how popular FL project FATE(https://github.com/FederatedAI/FATE) use Pulsar to do federated training.
Slides from the MySQL Cluster 8.0 tutorial given at MySQL preFOSDEM days in Brussels, January 2020.
There is an accompanying text file with commands and example output.
MySQL Database Architectures - High Availability and Disaster Recovery SolutionMiguel Araújo
MySQL InnoDB ClusterSet brings multi-datacenter capabilities to our solutions and makes it very easy to set up a disaster recovery architecture. Think multiple MySQL InnoDB Clusters into one single database architecture, fully managed from MySQL Shell and with full MySQL Router integration to make it easy to access the entire architecture.
This presentation covers the various solutions of MySQL for High Availability, Replication, and Disaster Recovery, with a special focus on InnoDB ClusterSet:
- The various features of InnoDB Clusterset
- How to setup MySQL InnoDB ClusterSet
- Ways to migrate from an existing MySQL InnoDB Cluster into MySQL InnoDB ClusterSet
- How to deal with various failures
- The various features of router integration make the connection to the database architecture easy.
Gray Cover_ The dangers of cloudshells.pdfColin Estep
A malicious insider or attacker can abuse the Google Cloud Shell service to exfiltrate data and evade detection. All of your Google Workspace/GCP users have access to it by default, and it is very difficult to detect. With limited detection options, we’ll cover the attack and how to mitigate the risk.
In this talk, we’ll show how a malicious insider or an attacker can abuse the Google Cloud Shell service to exfiltrate data and evade detection. There’s no need for any privilege escalation or lateral movement, your GCP users will have the ability to instantiate a Cloud Shell instance by default.
First we’ll introduce the Cloud Shell service and demonstrate how it can be used to easily copy files from your local computer to the Cloud Shell instance via the command line or web console. Then we’ll show that once the files are on the instance, they can be sent to another location on the Internet.
Next we’ll cover why this attack is so hard to detect. Uploading files to Cloud Shell will likely blend in with normal network activity from your organization’s endpoints. Since CloudShell is not run on servers that you provision, but are managed by Google itself, you can not implement any firewall rules to control this traffic and you do not have any network logs from CloudShell instances that reflect what’s being sent to the Internet. In addition, there is no visibility into the commands being run by your users on these instances by default.
Google makes Cloud Shell very easy to use and accessible to everyone by design. However, this opens a very dangerous avenue for malicious activity because you are not able to restrict its use. Red teamers should consider this method to evade detection when attempting to exfiltrate data, and blue teamers should strongly consider disabling it for most users.
In this tutorial, we cover the different deployment possibilities of the MySQL architecture depending on the business requirements for the data. We also deploy some architecture and see how to evolve to the next one.
The tutorial covers the new MySQL Solutions like InnoDB ReplicaSet, InnoDB Cluster, and InnoDB ClusterSet.
MySQL | My SQL docker containerization | Docker Networkshrenikp
MySQL Docker containerization with host network, overlay network, master slave replication on same and different host. MySQL backup in container, Docker Network
Since the introduction of replication in MySQL, users have been trying to automate the promotion of a replica to a primary as well as automating the failover of TCP connections from one database server to another in the event of a database failure: planned or unplanned. For over a decade, users and organizations have designed various types of solutions to achieve this. Though, many of these solutions were done manually or were using third party software, mostly open source, to automate and integrate various architectures.
For more than 5 years now, MySQL offers complete and very easy-to-use solutions to set up database architectures that provide High-Availability and recently added Disaster Recovery capabilities. Completely built in-house and supported by Oracle, many enterprises large and small have adopted these solutions into business-critical applications.
Business requirements dictate what type of database architecture is required for your system. Disaster tolerance is key and can be measured at different levels: data loss, data availability, and uptime. In this session, the various MySQL Database Architecture solutions will be covered to help you choose the right solution based on your business requirements
MySQL Database Architectures - MySQL InnoDB ClusterSet 2021-11Kenny Gryp
Oracle's MySQL solutions make it easy to setup various database architectures and achieve high availability with the introduction MySQL InnoDB Cluster and MySQL InnoDB ReplicaSet meeting various high availability requirements. MySQL InnoDB ClusterSet provides a popular disaster recovery solution.
Completely built in-house and supported by Oracle, many enterprises large and small have adopted these solutions into business critical applications.
In this presentation the various database architecture solutions for high availability and disaster recovery will be covered and help you choose the right solutions based on your business requirements.
Andy Kennedy - Scottish VMUG April 2016Andy Kennedy
NSX Keynote session from the Scottish VMUG event in Glasgow on the 22nd April, 2016.
Key theme is a discussion on how security "blind spots" can occur through the adoption of new compute models, further highlighting the necessity for the industry to have a platform which provides the virtues of micro-segmentation and a zero trust model, irrespective of the technology being used to host modern applications.
MySQL Router - Explore The Secrets (MySQL Belgian Days 2024)Miguel Araújo
Talk given at MySQL Belgian Days 2024.
The goal of this talk is to describe Router's architecture, highlight its role/features in MySQL Architectures, and go through other features that are less known and/or new, namely:
- Group Replication notifications
- Connection sharing/reuse
- TLS Session caching
- REST API
- MRS
- RW Splitting
At the moment MySQL 8 and MariaDB 10.4 are the latest versions of the corresponding database management systems. Each of these DBMSs has a unique set of features, unavailable in its analogue (MariaDB features might be unavailable in MySQL, and vice versa). In this presentation, we’ll cover these new features and provide recommendations re: which application will work best on which DBMS.
Attendees will be able to identify what focus areas that either MySQL or MariaDB targeted. This talk also gives a great overview of what are the benefits of using one over another.
MySQL Shell/AdminAPI - MySQL Architectures Made Easy For All!Miguel Araújo
Talk given at MySQL Belgian Days 2024.
Covers all the MySQL Architectures supported to ensure business continuity with a focus on business requirements, tecnicalities, and features: InnoDB Cluster, InnoDB ClusterSet, InnoDB Cluster Read Replicas and InnoDB ReplicaSet.
A special focus is given on the AdminAPI of MySQL Shell, with its main features, recommendations, and the latest additions and features.
Similar to MySQL Database Service Webinar: Upgrading from on-premise MySQL to MDS (20)
MySQL Innovation & Cloud Day - Document Store avec MySQL HeatWave Database Se...Frederic Descamps
Découvrez un nouveau monde où l'on peut gérer ses données sans la moindre ligne de SQL.
MySQL Document Store utilise le nouveau protocol MySQL X, qui est également présent avec MySQL Database Service sur OCI, et permet aux développeurs d'écrire du code simple et efficace.
Mais attention, si nécessaire, MySQL Document Store peut également traiter les document JSON comme s'ils étaient des tables relationnelles et permettre des requêtes très poussées...
Percona Live 2022 - The Evolution of a MySQL Database SystemFrederic Descamps
From a single MySQL instance to multi-site high availability, this is what you will find out in this presentation. You will learn how to make this transition and which solutions best suit changing business requirements (RPO, RTO). Recently, MySQL has extended the possibilities for easy deployment of architecture with integrated tools. Come and discover these open source solutions that are part of MySQL.
LinuxFest Northwest 2022 - The Evolution of a MySQL Database SystemFrederic Descamps
At the beginning of a project, the database is just a single MySQL instance (maybe not even running on its own hardware)... but with the evolution of the business requirements, the database must change to also meet the new targets of data loss and uptime. During this session we will follow the journey of a single MySQL server from the simple instance to a High Available Architecture with multi-site Disaster Recovery. We will discover easy manageable native solutions like MySQL InnoDB ReplicaSet, MySQL InnoDB Cluster and MySQL InnoDB ClusterSet. The session is also illustrated with commands and examples.
D'une simple instance MysQL à une haute-disponibilité multi-sites, voici ce que vous décrouvrirez dans cette présentation. Comment effectuer cette transition et quelles solutions conviennent les mieux aux évolutions des exigences commerciales (RPO, RTO). Récemment, MySQL a étendu les possibilités de déploiement aisé d'architecture avec des outils intégrés. Venez découvrir ces solution Open Source qui font partie de MySQL.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for
information purpose only, and may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality, and should not be relied up in
making purchasing decisions. The development, release, timing and pricing of any features
or functionality described for Oracle´s product may change and remains at the sole
discretion of Oracle Corporation.
Copyright @ 2020 Oracle and/or its affiliates.
2 / 92
3. Who am I ?
about.me/lefred
Copyright @ 2020 Oracle and/or its affiliates.
3 / 92
7. Requirements
a running MySQL Server
mine is running 8.0 and can access Internet
Copyright @ 2020 Oracle and/or its affiliates.
7 / 92
8. Requirements
a running MySQL Server
mine is running 8.0 and can access Internet
an OCI account
Copyright @ 2020 Oracle and/or its affiliates.
8 / 92
9. Requirements
a running MySQL Server
mine is running 8.0 and can access Internet
an OCI account
you can get a free trial on h ps://www.oracle.com/mysql/
Copyright @ 2020 Oracle and/or its affiliates.
9 / 92
10. Requirements
a running MySQL Server
mine is running 8.0 and can access Internet
an OCI account
you can get a free trial on h ps://www.oracle.com/mysql/
Copyright @ 2020 Oracle and/or its affiliates.
10 /
92
11. The Plan
Migrating to MySQL Database Service
Copyright @ 2020 Oracle and/or its affiliates.
11 /
92
12. The Plan
. create a VCN with two subnets, the public and the private one
Copyright @ 2020 Oracle and/or its affiliates.
12 /
92
13. The Plan
. create a VCN with two subnets, the public and the private one
. create a MDS instance
Copyright @ 2020 Oracle and/or its affiliates.
13 /
92
14. The Plan
. create a VCN with two subnets, the public and the private one
. create a MDS instance
. create a VPN
Copyright @ 2020 Oracle and/or its affiliates.
14 /
92
15. The Plan
. create a VCN with two subnets, the public and the private one
. create a MDS instance
. create a VPN
. create an Object Storage Bucket
Copyright @ 2020 Oracle and/or its affiliates.
15 /
92
16. The Plan
. create a VCN with two subnets, the public and the private one
. create a MDS instance
. create a VPN
. create an Object Storage Bucket
. dump the data to be loaded in MDS
Copyright @ 2020 Oracle and/or its affiliates.
16 /
92
17. The Plan
. create a VCN with two subnets, the public and the private one
. create a MDS instance
. create a VPN
. create an Object Storage Bucket
. dump the data to be loaded in MDS
. load the data in MDS
Copyright @ 2020 Oracle and/or its affiliates.
17 /
92
18. The Plan
. create a VCN with two subnets, the public and the private one
. create a MDS instance
. create a VPN
. create an Object Storage Bucket
. dump the data to be loaded in MDS
. load the data in MDS
. create an in-bound replication channel in MDS
Copyright @ 2020 Oracle and/or its affiliates.
18 /
92
20. on premise MySQL instance
OpenVPN client with a static ip:
172.27232.134
MySQL Shell (>= 8.0.21)
Architecture - on-premise
Copyright @ 2020 Oracle and/or its affiliates.
20 /
92
21. one VCN (10.0.0.0/16)
one Internet Gateway
two subnets
one public (10.0.0.0/24)
on private (10.0.1.0/24)
one OpenVPN Server Instance
one MDS Instance
In-bound replication channel
Architecture - on OCI
Copyright @ 2020 Oracle and/or its affiliates.
21 /
92
26. Subnets
We create 2 subnets: 1 public and 1 private:
Copyright @ 2020 Oracle and/or its affiliates.
26 /
92
27. Range: 10.0.0.0/24
Instances in this
subnet can be
reachable via a public
IP
Subnet - Public
Copyright @ 2020 Oracle and/or its affiliates.
27 /
92
28. Subnet - Public (2)
Don't forget to set it as public:
Copyright @ 2020 Oracle and/or its affiliates.
28 /
92
29. Range: 10.0.1.0/24
Instances in this
subnet cannot be
addressed from the
Internet
Subnet - Private (3)
Copyright @ 2020 Oracle and/or its affiliates.
29 /
92
30. Subnet - Public (4)
Don't forget to set it as private:
Copyright @ 2020 Oracle and/or its affiliates.
30 /
92
44. The deployment is made using Terraform.
VPN - OpenVPN (5)
Copyright @ 2020 Oracle and/or its affiliates.
44 /
92
45. A login and a password must be provided to
be used OpenVPN's admin interface.
VPN - OpenVPN (6)
Copyright @ 2020 Oracle and/or its affiliates.
45 /
92
46. The instance must be located in the Public
Subnet.
VPN - OpenVPN (7)
Copyright @ 2020 Oracle and/or its affiliates.
46 /
92
47. The information to connect to the VPN
admin interface is shown in the log of that
stack deployment
VPN - OpenVPN (8)
Copyright @ 2020 Oracle and/or its affiliates.
47 /
92
48. VPN - OpenVPN con guration (9)
Copyright @ 2020 Oracle and/or its affiliates.
48 /
92
49. setup 2 networks:
dynamic
static
use routing
add the VCN
Subnets
VPN - OpenVPN con guration (10)
Copyright @ 2020 Oracle and/or its affiliates.
49 /
92
50. VPN - OpenVPN con guration (11)
We create a dedicate user
Copyright @ 2020 Oracle and/or its affiliates.
50 /
92
51. assigned static IP
use routing
VPN - OpenVPN con guration (12)
Copyright @ 2020 Oracle and/or its affiliates.
51 /
92
52. VPN - OpenVPN ge ing the certi cate (13)
Copyright @ 2020 Oracle and/or its affiliates.
52 /
92
53. VPN - OpenVPN client on-premise (14)
We need to install OpenVPN on the MySQL server on-premise:
$ sudo yum install -y openvpn
We put the client.ovpn le we downloaded as /etc/openvpn/client/client.conf.
And we start the VPN client:
$ sudo systemctl status openvpn-client@client
Enter Auth Username: lefred
Enter Auth Password: ******
Copyright @ 2020 Oracle and/or its affiliates.
53 /
92
59. OCI Config File
Migrating to MySQL Database Service
Copyright @ 2020 Oracle and/or its affiliates.
59 /
92
60. OCI Con g File
We need an OCI con g le to use Object Storage with MySQL Shell
[DEFAULT]
user=ocid1.user.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ngerprint=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
key_ le=/home/lefred/oci_api_key.pem
tenancy=ocid1.tenancy.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
compartment=ocid1.compartment.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
region=us-ashburn-1
Copyright @ 2020 Oracle and/or its affiliates.
60 /
92
61. OCI Con g File
We need an OCI con g le to use Object Storage with MySQL Shell
[DEFAULT]
user=ocid1.user.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ngerprint=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
key_ le=/home/lefred/oci_api_key.pem
tenancy=ocid1.tenancy.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
compartment=ocid1.compartment.oc1..xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
region=us-ashburn-1
all ocids can be copied from the OCI's dashboard
Copyright @ 2020 Oracle and/or its affiliates.
61 /
92
63. GTID check
On the on-premise server, GTID's must be enabled to replicate to MDS.
Let's check it:
on-premise mysql> select @@gtid_mode;
+-------------+
| @@gtid_mode |
+-------------+
| OFF |
+-------------+
1 row in set (0.00 sec)
Copyright @ 2020 Oracle and/or its affiliates.
63 /
92
64. GTID check
On the on-premise server, GTID's must be enabled to replicate to MDS.
Let's check it:
on-premise mysql> select @@gtid_mode;
+-------------+
| @@gtid_mode |
+-------------+
| OFF |
+-------------+
1 row in set (0.00 sec)
As GTID is disabled, we need to enable it.
Copyright @ 2020 Oracle and/or its affiliates.
64 /
92
65. Enabling GTID
To enable GTID without restarting MySQL, we can proceed like this:
on-premise mysql> SET PERSIST server_id=1;
on-premise mysql> SET PERSIST enforce_gtid_consistency=true;
on-premise mysql> SET PERSIST gtid_mode=off_permissive;
on-premise mysql> SET PERSIST gtid_mode=on_permissive;
on-premise mysql> SET PERSIST gtid_mode=on;
Copyright @ 2020 Oracle and/or its affiliates.
65 /
92
66. Enabling GTID
To enable GTID without restarting MySQL, we can proceed like this:
on-premise mysql> SET PERSIST server_id=1;
on-premise mysql> SET PERSIST enforce_gtid_consistency=true;
on-premise mysql> SET PERSIST gtid_mode=off_permissive;
on-premise mysql> SET PERSIST gtid_mode=on_permissive;
on-premise mysql> SET PERSIST gtid_mode=on;
And now verify:
on-premise mysql> select @@gtid_mode;
+-------------+
| @@gtid_mode |
+-------------+
| ON |
+-------------+
Copyright @ 2020 Oracle and/or its affiliates.
66 /
92
68. Routing
We need to add some routing rules to our VCN to route to our OpenVPN client.
Copyright @ 2020 Oracle and/or its affiliates.
68 /
92
69. We need to route the tra c for the VPN static
range (172.27.232.0/24) through the VPN
Server (10.0.0.11).
Routing (2)
Copyright @ 2020 Oracle and/or its affiliates.
69 /
92
70. Security List
We also need to allow access on the MySQL ports:
Copyright @ 2020 Oracle and/or its affiliates.
70 /
92
72. Security List (3)
On the Default Security List for lefred_vcn we also need to allow connections to MySQL
ports. We will use them later to connect to the on-premise MySQL Server from our
Database S instance:
Copyright @ 2020 Oracle and/or its affiliates.
72 /
92
73. Dump & Load using MySQL Shell
Migrating to MySQL Database Service
Copyright @ 2020 Oracle and/or its affiliates.
73 /
92
78. We still need to set the GTID purged
information from when the dump was taken.
In MDS, this operation can be achieved
calling sys.set_gtid_purged().
The GTID executed value is in the le @.json.
Set GTID Purged
Copyright @ 2020 Oracle and/or its affiliates.
78 /
92
79. We still need to set the GTID purged
information from when the dump was taken.
In MDS, this operation can be achieved
calling sys.set_gtid_purged().
The GTID executed value is in the le @.json.
Set GTID Purged
Copyright @ 2020 Oracle and/or its affiliates.
79 /
92
80. In-bound Replication to MDS
Migrating to MySQL Database Service
Copyright @ 2020 Oracle and/or its affiliates.
80 /
92
81. Replication User Creation
A dedicated user for replication needs to be created on the on-premise MySQL instance:
mysql> CREATE USER 'repl'@'10.0.1.%'
IDENTIFIED BY 'C0mpl1c4t3d!Paddw0rd' REQUIRE SSL;
mysql> GRANT REPLICATION SLAVE ON *.* TO 'repl'@'10.0.1.%';
Copyright @ 2020 Oracle and/or its affiliates.
81 /
92
88. Now the Instance in MDS is kept updated with the data from
the on-premise MySQL.
When ready, you can move your complete workload to OCI,
stop the replication channel and decommissioned your on-
premise server.
Now relax and rely on MySQL Database Service!
Conclusion
Copyright @ 2020 Oracle and/or its affiliates.
88 /
92