Open Source Applied - Real World Use Cases
Justin Reock
Rogue Wave Software - Lead Architect of OSS Support and Services
To find more by Rogue Wave Software: https://www.slideshare.net/RogueWaveSoftware
AnsibleFest 2020 - Automate cybersecurity solutions in a cloud native scenarioRoberto Carratala
Roberto Carratalá and Diego Escobar will present on automating cybersecurity solutions in a cloud native scenario using Red Hat Ansible Tower. The presentation will cover 5 labs demonstrating how to provision Tower, deploy an Azure environment, automatically configure Checkpoint security management and gateways, deploy applications with cybersecurity rules, and deploy NAT and firewall access rules. Red Hat experts Adrienne, Leonardo, Asier, and German will assist during the presentation. Access details and passwords to the lab environments are provided.
17 Things Developers Should Know About DatabasesAll Things Open
Presented at: Open Source 101 2020 - Columbia
Presented by: Peter Zaitsev, Percona
Abstract: Most applications use databases, yet many fail to follow even the most basic best practices causing poor performance, downtime and security incidents.
In this presentation, we will look into the foundational best practices you as a Developer should know about databases, with particular focus on the most popular Open Source Databases – MySQL, PostgreSQL, and MongoDB.
A list of action items you want to keep in mind when you're devsecops'ing for your cloudnative environments. Given as a part of a talk on the Modern Security series (
https://info.signalsciences.com/securing-cloud-native-ten-tips-better-container-security).
RedisConf18 - Redis in Dev, Test, and Prod with the OpenShift Service CatalogRedis Labs
This document discusses using Redis in development, test, and production environments with the OpenShift Service Catalog.
It demonstrates using Redis for iterative development with ephemeral instances in development. In testing, it shows production-like configurations with immutable infrastructure, recovery testing, and zero-downtime deployments. For production, it notes the Service Catalog can provide targeted Redis instances and make external services discoverable. It promotes the Open Service Broker API and OpenShift Service Catalog for expanding service options.
This document discusses why cloud native computing matters and provides three case studies. It begins by explaining how infrastructure is changing with the rise of containerization solutions in the 2010s. It then discusses why people use cloud native technologies because they work well and have a great community behind them. Three case studies are presented where companies moved workloads to cloud native solutions on Kubernetes to increase agility, reduce costs, and improve developer productivity. The document concludes by noting that while technology challenges can be solved, changing organizational culture can be the hardest challenge to address.
This document discusses 4 levels of IoT maturity and how Cloud Foundry can help organizations achieve the highest level of maturity. It begins with an analogy about turning raw data into a gourmet meal using a kitchen and restaurant-style services. It then discusses 3 common problems organizations face with data and proposes Cloud Foundry as a solution. The next section discusses a case study of a medical device company using Cloud Foundry to securely and cost-effectively monitor devices. It concludes by recommending some open-source IoT apps to try on Cloud Foundry.
CWIN17 london becoming cloud native part 2 - guy martin dockerCapgemini
This document discusses how organizations can become cloud native by embracing the full opportunity from cloud. It identifies six key steps: 1) delivering business visible and impactful benefits, 2) technical solutions that deliver the business case, 3) empowering a dedicated cloud services team, 4) creating a cloud service vending machine, 5) establishing a blueprint for integrating cloud into existing IT, and 6) implementing automated application and infrastructure pipelines. It then discusses how Docker can help organizations modernize traditional applications and build a secure software supply chain through containerization.
AnsibleFest 2020 - Automate cybersecurity solutions in a cloud native scenarioRoberto Carratala
Roberto Carratalá and Diego Escobar will present on automating cybersecurity solutions in a cloud native scenario using Red Hat Ansible Tower. The presentation will cover 5 labs demonstrating how to provision Tower, deploy an Azure environment, automatically configure Checkpoint security management and gateways, deploy applications with cybersecurity rules, and deploy NAT and firewall access rules. Red Hat experts Adrienne, Leonardo, Asier, and German will assist during the presentation. Access details and passwords to the lab environments are provided.
17 Things Developers Should Know About DatabasesAll Things Open
Presented at: Open Source 101 2020 - Columbia
Presented by: Peter Zaitsev, Percona
Abstract: Most applications use databases, yet many fail to follow even the most basic best practices causing poor performance, downtime and security incidents.
In this presentation, we will look into the foundational best practices you as a Developer should know about databases, with particular focus on the most popular Open Source Databases – MySQL, PostgreSQL, and MongoDB.
A list of action items you want to keep in mind when you're devsecops'ing for your cloudnative environments. Given as a part of a talk on the Modern Security series (
https://info.signalsciences.com/securing-cloud-native-ten-tips-better-container-security).
RedisConf18 - Redis in Dev, Test, and Prod with the OpenShift Service CatalogRedis Labs
This document discusses using Redis in development, test, and production environments with the OpenShift Service Catalog.
It demonstrates using Redis for iterative development with ephemeral instances in development. In testing, it shows production-like configurations with immutable infrastructure, recovery testing, and zero-downtime deployments. For production, it notes the Service Catalog can provide targeted Redis instances and make external services discoverable. It promotes the Open Service Broker API and OpenShift Service Catalog for expanding service options.
This document discusses why cloud native computing matters and provides three case studies. It begins by explaining how infrastructure is changing with the rise of containerization solutions in the 2010s. It then discusses why people use cloud native technologies because they work well and have a great community behind them. Three case studies are presented where companies moved workloads to cloud native solutions on Kubernetes to increase agility, reduce costs, and improve developer productivity. The document concludes by noting that while technology challenges can be solved, changing organizational culture can be the hardest challenge to address.
This document discusses 4 levels of IoT maturity and how Cloud Foundry can help organizations achieve the highest level of maturity. It begins with an analogy about turning raw data into a gourmet meal using a kitchen and restaurant-style services. It then discusses 3 common problems organizations face with data and proposes Cloud Foundry as a solution. The next section discusses a case study of a medical device company using Cloud Foundry to securely and cost-effectively monitor devices. It concludes by recommending some open-source IoT apps to try on Cloud Foundry.
CWIN17 london becoming cloud native part 2 - guy martin dockerCapgemini
This document discusses how organizations can become cloud native by embracing the full opportunity from cloud. It identifies six key steps: 1) delivering business visible and impactful benefits, 2) technical solutions that deliver the business case, 3) empowering a dedicated cloud services team, 4) creating a cloud service vending machine, 5) establishing a blueprint for integrating cloud into existing IT, and 6) implementing automated application and infrastructure pipelines. It then discusses how Docker can help organizations modernize traditional applications and build a secure software supply chain through containerization.
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
With the growing adoption of Kubernetes, organizations want to take advantage of containerized Microsoft SQL Server 2019 to optimize transactional performance and accelerate time-to-insights from their business-critical data. However, as enterprises embrace hybrid cloud strategy, they need to consider several aspects based on the performance, cost and data protection requirements for running enterprise-grade SQL Server databases.
In this webinar, we will compare and contrast various cloud-native platforms for SQL Server that would help CIOs, DevOps engineers, database administrators and applications architects to determine the most suitable platform that fits their business needs.
Join us as we explore some exciting results from a recent performance benchmark study conducted by McKnight Consulting Group, an independent consulting firm, to compare the performance of Microsoft SQL Server 2019 on the best possible configurations of the following Kubernetes platforms:
Diamanti Enterprise Kubernetes Platform
Amazon Web Services Elastic Kubernetes Service (AWS EKS)
Azure Kubernetes Service (AKS)
Topics will include:
Platform considerations and requirements for running Microsoft SQL Server 2019
Performance comparison and analysis of running SQL Server on various platform
Best practices for running containerized SQL Server databases in Kubernetes environment
Cloud native policy enforcement with Open Policy AgentLibbySchulze
This document provides an introduction to Open Policy Agent (OPA), an open source general purpose policy engine. It discusses how OPA can help manage policy in increasingly distributed systems by providing a unified toolset for defining and enforcing policies across the stack. Key points include:
- OPA decouples policy from application logic and allows policies to be written and tested using the declarative Rego language.
- OPA has a vibrant community with many integrations and production users, and is commonly used for use cases like Kubernetes admission control and microservice authorization.
- The document provides examples of how OPA can be used to enforce policies for systems like Kubernetes through validating admission controllers.
- Options for deploying
Journey Through Four Stages of Kubernetes Deployment MaturityAltoros
In this webinar we will discuss a crawl, walk, run approach to continuous delivery (CD) for applications, point by point:
Where to start, how to advance, and how to reach the level of maximum automation.
How to orchestrate CI/CD processes along with routing and business continuity.
When the automation level is sufficient.
GitOps principles and their benefits.
What tools should be used to automate CI, CD, GitOps, Container Registry, Secrets management, etc
Keeping your Kubernetes Cluster SecureGene Gotimer
From NOVA Cloud and Software Engineering Group meetup, Feb. 17, 2021 https://youtu.be/a5uPm1mPLKQ.
Hardening a Kubernetes cluster happens at different levels. We have to examine the nodes where Kubernetes is running. We want to secure the Kubernetes objects and workloads and review the files we used to create them. And we need to look for vulnerabilities in the containers we are using. Gene will show you some open-source tools that can find issues and vulnerabilities at each layer. All of them can be used in a pipeline to build your Kubernetes cluster safely and keep it secure.
Gene Gotimer is the meetup organizer and a DevSecOps Senior Engineer at Steampunk, focusing on agile processes, secure development practices, and automation. Gene feels strongly that repeatability, quality, and security are all strongly intertwined; each depends on the other two, making agile and DevSecOps that much more crucial to software development.
Monitoring Your AWS EKS Environment with DatadogDevOps.com
Join Datadog for a webinar on monitoring Kubernetes with a focus on Amazon EKS. You'll learn how to get the most out of Datadog's intuitive platform and EKS's unique capabilities, including:
How to monitor metrics, logs and traces from your EKS environment
How to test the usability of your environment with features such as adaptive Browser Tests and globally available Real User Monitoring
How to find and fix user-facing issues with synthetic monitoring features like adaptive Browser Tests and globally available Real User Monitoring
Don't Cross the Streams! (or do, we got you)Caito Scherr
Ghostbusters better get ready, because it's time to cross (ok, join) some streams! This talk will include easy-to-follow steps to set up and maximize a powerful, streaming data pipeline with the newest features from Apache Flink. This talk is for anyone using (or interested in) stream processing who wants to minimize their development overhead, and particularly for those who want to do so while leveraging available Open Source tools.
The document discusses Red Hat's CloudForms product and its capabilities for managing containers and Kubernetes/OpenShift environments. It provides an overview of CloudForms' integration with Kubernetes and OpenShift, how it allows monitoring and management of containers, pods, images, nodes and other resources. It also demonstrates CloudForms' topology views and dashboards for containers. The objectives of the event are to share knowledge about Red Hat's container solutions and how CloudForms addresses common concerns around managing containers.
This document discusses various methods for accessing Kubernetes pods including through API server proxies, port forwarding, and logs/attach. It begins with an overview of how pods expose access points via kubectl. Examples are provided for using kubectl proxy to access pod endpoints, port forwarding to proxy local ports to pods, and retrieving logs and attaching to pods' stdin/stdout/stderr. The raw kubectl option and debugging with increased log levels are also covered.
The document discusses migrating to cloud native solutions. It defines cloud native as an approach that exploits the advantages of cloud computing using containers, microservices, and other modern technologies. This allows applications to be scalable, resilient, and manageable. The document outlines the benefits of cloud native and provides a "trail map" to transitioning applications. It also discusses common challenges like technical debt and failing to meet CI/CD expectations, and provides recommendations to address them such as automating processes and simplifying architectures.
In the modern era, software is commonly delivered as a service: called web apps, or software-as-a-service. The twelve-factor app is a methodology for building software-as-a-service apps that:
Use declarative formats for setup automation, to minimize time and cost for new developers joining the project;Have a clean contract with the underlying operating system, offering maximum portability between execution environments;Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration;Minimize divergence between development and production, enabling continuous deployment for maximum agility;And can scale up without significant changes to tooling, architecture, or development practices.
The twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).
In the Melbourne edition of a 4-city Technology Radar roadshow, ThoughtWorks Australia's Head of Technology Scott Shaw and senior consultant Jen Smith cover topics from all 4 quadrants of the latest edition of the ThoughtWorks Technology Radar. This presentation covers Reactive Architectures, Hamms, Spring Boot vs. Nancy, and Impala.
As enterprises adopt cloud native infrastructure to run their applications, data security and compliance is becoming a crucial area of interest. When you run your containers in a public cloud, you want to make sure that the data being accessed is secure and that there are no bread crumbs left behind once the container exits. A common mistake many people make is to host-mount a volume directly inside a container, which leaves the container's data behind (directly on the host.)
In this session, we focus on the best practices for ensuring the security and compliance of your applications’ persistent volumes. But ensuring security is an on-going exercise. Ideally you would deploy intelligent software that can constantly monitor and audit the application environment for security holes and breaches.
Autopilot is an automated application runtime management engine built for Kubernetes, and is an open source project sponsored by Portworx: https://github.com/libopenstorage/autopilot
Presented by Gunjan Patel, Gou Rao, and Aditya Dani, January 2019. More details here: https://www.meetup.com/openstack/events/258284618/
Pivoting Spring XD to Spring Cloud Data Flow with Sabby AnandanPivotalOpenSourceHub
Pivoting Spring XD to Spring Cloud Data Flow: A microservice based architecture for stream processing
Microservice based architectures are not just for distributed web applications! They are also a powerful approach for creating distributed stream processing applications. Spring Cloud Data Flow enables you to create and orchestrate standalone executable applications that communicate over messaging middleware such as Kafka and RabbitMQ that when run together, form a distributed stream processing application. This allows you to scale, version and operationalize stream processing applications following microservice based patterns and practices on a variety of runtime platforms such as Cloud Foundry, Apache YARN and others.
About Sabby Anandan
Sabby Anandan is a Product Manager at Pivotal. Sabby is focused on building products that eliminate the barriers between application development, cloud, and big data.
This document summarizes Cisco's Partner Summit 2017, focusing on enabling a multicloud world. It introduces Cisco's new multicloud portfolio and offerings to help partners design, migrate, manage, and secure customer workloads across public and private clouds. Key speakers discuss opportunities in multicloud consulting, managed services, and software integration. Cisco and Google announce an open hybrid cloud solution integrating Google Cloud Platform with Cisco infrastructure software.
This document discusses a webinar about integrating infrastructure as code (IaC) security into the development lifecycle using Checkov. It notes that nearly half of open source Terraform and CloudFormation templates contain security issues. Checkov is introduced as an open source IaC scanning tool that supports multiple frameworks and cloud providers. The benefits of Checkov include lower remediation times, reduced security incidents, and simplifying compliance. Integrations with DevOps tools and the Cloud Native Application Platform Approach (CNAPP) are also discussed. A demo of Checkov is then shown including using it with VS Code and Azure DevOps.
Deploying your apps in the cloud - the options: an overviewCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. There are numerous ways to deploy applications within the cloud. The current rage is deploying within containers, but many applications continue to be deployed on VMs as well as on bare metal. In this session we will discuss the pros and cons and each approach and how to determine which method of deployment is best for your needs. While there is not one way to rule them all, OpenStack provides common APIs that can be used to orchestrate all your workloads regardless of the deployment options you need. OpenStack components and options covered include Heat, Murano, Kolla, and Magnum. Finally, we touch briefly on why you might want to consider building your application using microservices and how Shipped can help.
Barbican 1.0 - Open Source Key Management for OpenStackjarito030506
This document provides an overview of Barbican, an open source key management service for OpenStack. Barbican allows developers to securely generate, store, distribute, and revoke cryptographic keys and secrets. It supports various key storage and interaction models including transparent encryption, federated keys, and on-premise key management. Barbican also provides APIs and client libraries to integrate encryption services into applications and OpenStack services such as Swift, Glance, and Nova.
The document summarizes key topics from the Cloud Native Summit conference, including:
- Distributed tracing and Zipkin, which allows visibility into request paths and troubleshooting of latency issues. Zipkin is an open source distributed tracing system.
- Production ready Kubernetes clusters on Catalyst Cloud, which provides security, high availability, and scalability for containerized applications.
- Building serverless applications at scale using services like AWS Lambda, and addressing concurrency bottlenecks when autoscaling.
- Istio service mesh, which provides control of traffic policies, authentication, and observability across distributed services through its control plane and sidecar proxy architecture.
- GitOps for infrastructure as code deployments on Open
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...DevOps.com
Open-source machine learning can be transformative, but without the proper tools in place, enterprises struggle to balance the IT security and governance requirements with the need to deliver these powerpoint tools into the hands of their developers and modelers.
How can organizations get the latest technology from the open-source brain trust, while ensuring enterprise-grade management and security? In this webinar, we will discuss how Anaconda Team Edition, available on RedHat Marketplace, enables IT departments to mirror a curated set of packages into their organization in a safe and governed way.
Join Michael Grant, VP of services at Anaconda, to discuss:
How IT organizations are using Anaconda Team Edition to curate, govern and secure Python and R packages
Tips for how development and data science teams can get the most out of Team Edition, from uploading your own packages to building custom channels for groups or projects
How to distribute conda environments to desktops, servers and clusters:
GUI-based installers for desktop users
“Conda packs” for automated delivery to remote servers and distributed computing clusters
Conda-enabled Docker containers for application deployment
RedisConf18 - Common Redis Use Cases for Cloud Native Apps and MicroservicesRedis Labs
The document discusses cloud native applications and architectures. It explains that cloud native applications are designed to take advantage of cloud computing abilities like scaling up and down on demand and limitless compute. Being cloud native isn't just an architectural pattern but a combination of practices like agile development, continuous delivery, automation, containers, and microservices that change development culture and move to a DevOps model. It also discusses concepts like serverless computing, functions as a service, microservices, and twelve factor applications.
For enterprises, it's rarely a single function causing your OSS problem, it's a combination of architecture, packages, or networks. Using three real-world examples, these slides, from our recent webinar, walk through identifying the infrastructure needs, the technology stack selection process, and the final architected solution for each environment (e-commerce, PaaS, and HPC machine learning.)
Java and Serverless - A Match Made In Heaven, Part 1Curity
Part 1 of 2 of the "Java and Serverless" session held at the Stockholm Java User Group Meetup in Stockholm, August 22nd, 2018. Part 1 was held by Matthew Gillard, Java and Clojure Programmer at Oracle.
Description:
Java is extremely popular for most kind of server-side
development. Its stability, reliability and the wide array of good
tooling has made sure of this for many years. Java has been able to
stride through the explosive growth of virtualization and cloud
deployments, but a new application/deployment model has arrived and
although it seems to be popular, the beautiful fire of Java has not
caught light there. Here we are talking about so-called "Serverless"
platforms.
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
With the growing adoption of Kubernetes, organizations want to take advantage of containerized Microsoft SQL Server 2019 to optimize transactional performance and accelerate time-to-insights from their business-critical data. However, as enterprises embrace hybrid cloud strategy, they need to consider several aspects based on the performance, cost and data protection requirements for running enterprise-grade SQL Server databases.
In this webinar, we will compare and contrast various cloud-native platforms for SQL Server that would help CIOs, DevOps engineers, database administrators and applications architects to determine the most suitable platform that fits their business needs.
Join us as we explore some exciting results from a recent performance benchmark study conducted by McKnight Consulting Group, an independent consulting firm, to compare the performance of Microsoft SQL Server 2019 on the best possible configurations of the following Kubernetes platforms:
Diamanti Enterprise Kubernetes Platform
Amazon Web Services Elastic Kubernetes Service (AWS EKS)
Azure Kubernetes Service (AKS)
Topics will include:
Platform considerations and requirements for running Microsoft SQL Server 2019
Performance comparison and analysis of running SQL Server on various platform
Best practices for running containerized SQL Server databases in Kubernetes environment
Cloud native policy enforcement with Open Policy AgentLibbySchulze
This document provides an introduction to Open Policy Agent (OPA), an open source general purpose policy engine. It discusses how OPA can help manage policy in increasingly distributed systems by providing a unified toolset for defining and enforcing policies across the stack. Key points include:
- OPA decouples policy from application logic and allows policies to be written and tested using the declarative Rego language.
- OPA has a vibrant community with many integrations and production users, and is commonly used for use cases like Kubernetes admission control and microservice authorization.
- The document provides examples of how OPA can be used to enforce policies for systems like Kubernetes through validating admission controllers.
- Options for deploying
Journey Through Four Stages of Kubernetes Deployment MaturityAltoros
In this webinar we will discuss a crawl, walk, run approach to continuous delivery (CD) for applications, point by point:
Where to start, how to advance, and how to reach the level of maximum automation.
How to orchestrate CI/CD processes along with routing and business continuity.
When the automation level is sufficient.
GitOps principles and their benefits.
What tools should be used to automate CI, CD, GitOps, Container Registry, Secrets management, etc
Keeping your Kubernetes Cluster SecureGene Gotimer
From NOVA Cloud and Software Engineering Group meetup, Feb. 17, 2021 https://youtu.be/a5uPm1mPLKQ.
Hardening a Kubernetes cluster happens at different levels. We have to examine the nodes where Kubernetes is running. We want to secure the Kubernetes objects and workloads and review the files we used to create them. And we need to look for vulnerabilities in the containers we are using. Gene will show you some open-source tools that can find issues and vulnerabilities at each layer. All of them can be used in a pipeline to build your Kubernetes cluster safely and keep it secure.
Gene Gotimer is the meetup organizer and a DevSecOps Senior Engineer at Steampunk, focusing on agile processes, secure development practices, and automation. Gene feels strongly that repeatability, quality, and security are all strongly intertwined; each depends on the other two, making agile and DevSecOps that much more crucial to software development.
Monitoring Your AWS EKS Environment with DatadogDevOps.com
Join Datadog for a webinar on monitoring Kubernetes with a focus on Amazon EKS. You'll learn how to get the most out of Datadog's intuitive platform and EKS's unique capabilities, including:
How to monitor metrics, logs and traces from your EKS environment
How to test the usability of your environment with features such as adaptive Browser Tests and globally available Real User Monitoring
How to find and fix user-facing issues with synthetic monitoring features like adaptive Browser Tests and globally available Real User Monitoring
Don't Cross the Streams! (or do, we got you)Caito Scherr
Ghostbusters better get ready, because it's time to cross (ok, join) some streams! This talk will include easy-to-follow steps to set up and maximize a powerful, streaming data pipeline with the newest features from Apache Flink. This talk is for anyone using (or interested in) stream processing who wants to minimize their development overhead, and particularly for those who want to do so while leveraging available Open Source tools.
The document discusses Red Hat's CloudForms product and its capabilities for managing containers and Kubernetes/OpenShift environments. It provides an overview of CloudForms' integration with Kubernetes and OpenShift, how it allows monitoring and management of containers, pods, images, nodes and other resources. It also demonstrates CloudForms' topology views and dashboards for containers. The objectives of the event are to share knowledge about Red Hat's container solutions and how CloudForms addresses common concerns around managing containers.
This document discusses various methods for accessing Kubernetes pods including through API server proxies, port forwarding, and logs/attach. It begins with an overview of how pods expose access points via kubectl. Examples are provided for using kubectl proxy to access pod endpoints, port forwarding to proxy local ports to pods, and retrieving logs and attaching to pods' stdin/stdout/stderr. The raw kubectl option and debugging with increased log levels are also covered.
The document discusses migrating to cloud native solutions. It defines cloud native as an approach that exploits the advantages of cloud computing using containers, microservices, and other modern technologies. This allows applications to be scalable, resilient, and manageable. The document outlines the benefits of cloud native and provides a "trail map" to transitioning applications. It also discusses common challenges like technical debt and failing to meet CI/CD expectations, and provides recommendations to address them such as automating processes and simplifying architectures.
In the modern era, software is commonly delivered as a service: called web apps, or software-as-a-service. The twelve-factor app is a methodology for building software-as-a-service apps that:
Use declarative formats for setup automation, to minimize time and cost for new developers joining the project;Have a clean contract with the underlying operating system, offering maximum portability between execution environments;Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration;Minimize divergence between development and production, enabling continuous deployment for maximum agility;And can scale up without significant changes to tooling, architecture, or development practices.
The twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).
In the Melbourne edition of a 4-city Technology Radar roadshow, ThoughtWorks Australia's Head of Technology Scott Shaw and senior consultant Jen Smith cover topics from all 4 quadrants of the latest edition of the ThoughtWorks Technology Radar. This presentation covers Reactive Architectures, Hamms, Spring Boot vs. Nancy, and Impala.
As enterprises adopt cloud native infrastructure to run their applications, data security and compliance is becoming a crucial area of interest. When you run your containers in a public cloud, you want to make sure that the data being accessed is secure and that there are no bread crumbs left behind once the container exits. A common mistake many people make is to host-mount a volume directly inside a container, which leaves the container's data behind (directly on the host.)
In this session, we focus on the best practices for ensuring the security and compliance of your applications’ persistent volumes. But ensuring security is an on-going exercise. Ideally you would deploy intelligent software that can constantly monitor and audit the application environment for security holes and breaches.
Autopilot is an automated application runtime management engine built for Kubernetes, and is an open source project sponsored by Portworx: https://github.com/libopenstorage/autopilot
Presented by Gunjan Patel, Gou Rao, and Aditya Dani, January 2019. More details here: https://www.meetup.com/openstack/events/258284618/
Pivoting Spring XD to Spring Cloud Data Flow with Sabby AnandanPivotalOpenSourceHub
Pivoting Spring XD to Spring Cloud Data Flow: A microservice based architecture for stream processing
Microservice based architectures are not just for distributed web applications! They are also a powerful approach for creating distributed stream processing applications. Spring Cloud Data Flow enables you to create and orchestrate standalone executable applications that communicate over messaging middleware such as Kafka and RabbitMQ that when run together, form a distributed stream processing application. This allows you to scale, version and operationalize stream processing applications following microservice based patterns and practices on a variety of runtime platforms such as Cloud Foundry, Apache YARN and others.
About Sabby Anandan
Sabby Anandan is a Product Manager at Pivotal. Sabby is focused on building products that eliminate the barriers between application development, cloud, and big data.
This document summarizes Cisco's Partner Summit 2017, focusing on enabling a multicloud world. It introduces Cisco's new multicloud portfolio and offerings to help partners design, migrate, manage, and secure customer workloads across public and private clouds. Key speakers discuss opportunities in multicloud consulting, managed services, and software integration. Cisco and Google announce an open hybrid cloud solution integrating Google Cloud Platform with Cisco infrastructure software.
This document discusses a webinar about integrating infrastructure as code (IaC) security into the development lifecycle using Checkov. It notes that nearly half of open source Terraform and CloudFormation templates contain security issues. Checkov is introduced as an open source IaC scanning tool that supports multiple frameworks and cloud providers. The benefits of Checkov include lower remediation times, reduced security incidents, and simplifying compliance. Integrations with DevOps tools and the Cloud Native Application Platform Approach (CNAPP) are also discussed. A demo of Checkov is then shown including using it with VS Code and Azure DevOps.
Deploying your apps in the cloud - the options: an overviewCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. There are numerous ways to deploy applications within the cloud. The current rage is deploying within containers, but many applications continue to be deployed on VMs as well as on bare metal. In this session we will discuss the pros and cons and each approach and how to determine which method of deployment is best for your needs. While there is not one way to rule them all, OpenStack provides common APIs that can be used to orchestrate all your workloads regardless of the deployment options you need. OpenStack components and options covered include Heat, Murano, Kolla, and Magnum. Finally, we touch briefly on why you might want to consider building your application using microservices and how Shipped can help.
Barbican 1.0 - Open Source Key Management for OpenStackjarito030506
This document provides an overview of Barbican, an open source key management service for OpenStack. Barbican allows developers to securely generate, store, distribute, and revoke cryptographic keys and secrets. It supports various key storage and interaction models including transparent encryption, federated keys, and on-premise key management. Barbican also provides APIs and client libraries to integrate encryption services into applications and OpenStack services such as Swift, Glance, and Nova.
The document summarizes key topics from the Cloud Native Summit conference, including:
- Distributed tracing and Zipkin, which allows visibility into request paths and troubleshooting of latency issues. Zipkin is an open source distributed tracing system.
- Production ready Kubernetes clusters on Catalyst Cloud, which provides security, high availability, and scalability for containerized applications.
- Building serverless applications at scale using services like AWS Lambda, and addressing concurrency bottlenecks when autoscaling.
- Istio service mesh, which provides control of traffic policies, authentication, and observability across distributed services through its control plane and sidecar proxy architecture.
- GitOps for infrastructure as code deployments on Open
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...DevOps.com
Open-source machine learning can be transformative, but without the proper tools in place, enterprises struggle to balance the IT security and governance requirements with the need to deliver these powerpoint tools into the hands of their developers and modelers.
How can organizations get the latest technology from the open-source brain trust, while ensuring enterprise-grade management and security? In this webinar, we will discuss how Anaconda Team Edition, available on RedHat Marketplace, enables IT departments to mirror a curated set of packages into their organization in a safe and governed way.
Join Michael Grant, VP of services at Anaconda, to discuss:
How IT organizations are using Anaconda Team Edition to curate, govern and secure Python and R packages
Tips for how development and data science teams can get the most out of Team Edition, from uploading your own packages to building custom channels for groups or projects
How to distribute conda environments to desktops, servers and clusters:
GUI-based installers for desktop users
“Conda packs” for automated delivery to remote servers and distributed computing clusters
Conda-enabled Docker containers for application deployment
RedisConf18 - Common Redis Use Cases for Cloud Native Apps and MicroservicesRedis Labs
The document discusses cloud native applications and architectures. It explains that cloud native applications are designed to take advantage of cloud computing abilities like scaling up and down on demand and limitless compute. Being cloud native isn't just an architectural pattern but a combination of practices like agile development, continuous delivery, automation, containers, and microservices that change development culture and move to a DevOps model. It also discusses concepts like serverless computing, functions as a service, microservices, and twelve factor applications.
For enterprises, it's rarely a single function causing your OSS problem, it's a combination of architecture, packages, or networks. Using three real-world examples, these slides, from our recent webinar, walk through identifying the infrastructure needs, the technology stack selection process, and the final architected solution for each environment (e-commerce, PaaS, and HPC machine learning.)
Java and Serverless - A Match Made In Heaven, Part 1Curity
Part 1 of 2 of the "Java and Serverless" session held at the Stockholm Java User Group Meetup in Stockholm, August 22nd, 2018. Part 1 was held by Matthew Gillard, Java and Clojure Programmer at Oracle.
Description:
Java is extremely popular for most kind of server-side
development. Its stability, reliability and the wide array of good
tooling has made sure of this for many years. Java has been able to
stride through the explosive growth of virtualization and cloud
deployments, but a new application/deployment model has arrived and
although it seems to be popular, the beautiful fire of Java has not
caught light there. Here we are talking about so-called "Serverless"
platforms.
Docker & aPaaS: Enterprise Innovation and Trends for 2015WaveMaker, Inc.
WaveMaker Webinar: Cloud-based App Development and Docker: Trends to watch out for in 2015 - http://www.wavemaker.com/news/webinar-cloud-app-development-and-docker-trends/
CIOs, IT planners and developers at a growing number of organizations are taking advantage of the simplicity and productivity benefits of cloud application development. With Docker technology, cloud-based app development or aPaaS (Application Platform as a Service) is only becoming more disruptive − forcing organizations to rethink how they handle innovation, time-to-market pressures, and IT workloads.
Oracle - Continuous Delivery NYC meetup, June 07, 2018Oracle Developers
The document discusses Oracle's approach to containerization and Kubernetes. It provides an overview of container native development and Oracle's vision of an end-to-end container native suite. It also describes Oracle Container Engine (OKE) which provides a fully managed Kubernetes service on Oracle Cloud Infrastructure.
Cloud Native Applications - DevOps, EMC and Cloud FoundryBob Sokol
The document discusses several topics related to cloud native applications and digital transformation, including:
- DevOps practices and tools like Cloud Foundry that help developers quickly deploy cloud native applications.
- How every industry is being transformed by new "smart devices" and digitization of products and services.
- The importance of user experience in the digital age, exemplified by the success of the iPhone.
- How agile development principles focus on collaboration, working software, and responding to change.
Oracle Cloud : Big Data Use Cases and ArchitectureRiccardo Romani
Oracle Itay Systems Presales Team presents : Big Data in any flavor, on-prem, public cloud and cloud at customer.
Presentation done at Digital Transformation event - February 2017
How to scale your PaaS with OVH infrastructure?OVHcloud
ForePaaS provides a platform for data infrastructure automation that allows customers to collect, store, transform and analyze data across multiple cloud providers or on-premise in a unified manner. Key features of the ForePaaS platform include being end-to-end, multi-cloud, providing a marketplace for sharing elements of work, and offering automated infrastructure that scales based on customer needs. ForePaaS has partnered with OVH to leverage their public cloud, private cloud, and bare metal server offerings to power ForePaaS infrastructure globally.
Monitor OpenStack Environments from the bottom up and front to backIcinga
Talk given by Thomas Stocking at Icinga Camp San Francisco 2016 - https://www.icinga.org/community/events/archive/2016-archive/icinga-camp-san-francisco/
The document discusses Marketo's migration of their SAAS business analytics platform to Hadoop. It describes their requirements of near real-time processing of 1 billion activities per customer per day at scale. They conducted a technology selection process between various Hadoop components and chose HBase, Kafka and Spark Streaming. The implementation involved building expertise, designing and building their first cluster, implementing security including Kerberos, validation through passive testing, deploying the new system through a migration, and ongoing monitoring, patching and upgrading of the new platform. Challenges included managing expertise retention, Zookeeper performance on VMs, Kerberos integration, and capacity planning for the shared Hadoop cluster.
Recording here: https://www.youtube.com/watch?v=5W4n9K3PIVg
Since Docker was open sourced in 2013, the community and adoption around Docker containers has grown to over 6 billion downloads and over 1000 contributors. Learn about why this is, and why you should start using containers for your own applications.
Advanced technologies and techniques for debugging HPC applicationsRogue Wave Software
Presented at Supercomputing 18. Debugging and analyzing today's HPC applications requires a tool with capabilities and features to support the demands of today’s complex HPC applications. Debugging tools must be able to handle the extensive use of C++ templates and the STL, use of many shared libraries, optimized code, code leveraging GPU accelerators and applications constructed with multiple languages.
This presentation walks through the different advanced technologies provided by the debugger, TotalView for HPC, and shows how they can be used to easily understand complex code and quickly solve difficult problems. Showcasing TotalView’s new user interface, you will learn how to leverage the amazing technology of reverse debugging to replay how your program ran. You will also see how TotalView provides a unified view across applications that utilize Python and C++, debug CUDA applications, find memory leaks in your HPC codes and other powerful techniques for improving the quality of your code.
MySQL day Dublin - OCI & Application DevelopmentHenry J. Kröger
Slide deck from the MySQL day on the 23rd of October 2018 in the Oracle Dublin office. Presents Oracle's Cloud Infrastructure and Application Development Platform using Docker and Kubernetes.
Intel IT Open Cloud - What's under the Hood and How do we Drive it?Odinot Stanislas
L'IT d'Intel fait sa révolution et s'impose d'agir comme un "Cloud Service Provider". La transformation est initiée avec au programme la mise en place d'un Cloud Fédéré, Interopérable et Open mais aussi d'un framework de maturité, du DevOps et de la prise de risque. Bref, vraiment intéressant
This document discusses Red Hat's cloud platforms, including Infrastructure as a Service (OpenStack), Platform as a Service (OpenShift), and container technologies. It notes that business demands are driving IT transformation toward cloud-based architectures using open source technologies. Red Hat is a top contributor to OpenStack and OpenShift and offers integrated products like Red Hat Atomic Enterprise and OpenShift Enterprise to help customers deploy and manage container-based applications at scale across hybrid cloud environments.
Integrating Postgres with ActiveMQ and CamelJustin Reock
Learn how to use Postgres as a backing persistence adapter for the ActiveMQ messaging platform, as well as an integration endpoint for the powerful Apache Camel integration framework. Not only will you learn about JDBC, but you'll also get a solid introduction to these two mature and powerful integration platforms.
Intel IT is extending their OpenStack IaaS with Cloud Foundry PaaS to provide a more dynamic and flexible cloud environment. They selected Cloud Foundry due to its ability to improve application deployment times and support for a wide variety of applications. Intel IT deployed Cloud Foundry on OpenStack using BOSH and is addressing challenges around open source maturity, specialized requirements, and developing more cloud-aware applications. Their future strategy involves a hybrid cloud approach using smart orchestration between private and public clouds.
Sam Segal has experience as a software developer and systems engineer, specializing in Java, Spring, Android, and web development technologies. His resume highlights roles developing web and mobile applications for startups as well as larger companies like Appion and MapLarge. He has a variety of skills including Spring, Java, Android, SQL, NoSQL, web services, and front-end technologies.
Simplify DevOps with Microservices and Mobile Backends.pptxssuser5faa791
This document discusses simplifying DevOps with microservices and mobile backends. It introduces Oracle's Backend for Spring Boot platform, which provides a unified backend for developing apps using Kubernetes, containers, and the Oracle database. The platform offers developer tools, platform services, and integration with the Oracle database. It also discusses managing transactions across microservices using sagas and Oracle's Transaction Manager. The presentation concludes by inviting attendees to try out building a sample banking application in the provided hands-on lab.
Similar to Open Source Applied - Real World Use Cases (20)
Building Reliability - The Realities of ObservabilityAll Things Open
Presented at the ATO RTP Meetup
Presented by Jeremy Proffit, Director of DevSecOps & SRE for Customer Care and Communications, Ally
Title: Building Reliability - The Realities of Observability
Abstract: Join me as we discuss true observability, learn what works and what doesn't. We'll not only discuss dashboards, monitoring and alerting, but how these can be built by automation or included in your IAC modules. We'll talk about how to properly alert staff based on priority to keep your staff and yourself sane. And even discuss architecture and how it impacts reliably and why serverless isn't always the best at being reliable.
Presented at the ATO RTP Meetup
Presented by Peter Zaitsev, Founder of Percona
Title: Modern Database Best Practices
Abstract: There are now more Database choices available for developers than ever before - there are general purpose databases and specialized databases, single node and distributed databases, Open Source, Proprietary databases and databases available exclusively in the cloud. In this presentation we will cover the best practices of choosing database(s) for your applications, best practices as it comes to application development as well as managing those databases to achieve best possible performance, security, availability at the lowest cost.
All Things Open 2023
Presented at All Things Open 2023
Presented by Deb Bryant - Open Source Initiative, Patrick Masson - Apereo Foundation, Stephen Jacobs - Rochester Institute of Technology, Ruth Suehle - SAS, & Greg Wallace - FreeBSD Foundation
Title: Open Source and Public Policy
Abstract: New regulations in the software industry and adjacent areas such as AI, open science, open data, and open education are on the rise around the world. Cyber Security, societal impact of AI, data and privacy are paramount issues for legislators globally. At the same time, the COVID-19 pandemic drove collaborative development to unprecedented levels and took Open Source software, open research, open content and data from mainstream to main stage, creating tension between public benefit and citizen safety and security as legislators struggle to find a balance between open collaboration and protecting citizens.
Historically, the open source software community and foundations supporting its work have not engaged in policy discussions. Moving forward, thoughtful development of these important public policies whilst not harming our complex ecosystems requires an understanding of how our ecosystem operates. Ensuring stakeholders without historic benefit of representation in those discussions becomes paramount to that end.
Please join our open discussion with open policy stakeholders working constructively on current open policy topics. Our panelists will provide a view into how oss foundations and other open domain allies are now rising to this new challenge as well as seizing the opportunity to influence positive changes to the public’s benefit.
Topics: Public Policy, Open Science, Open Education, current legislation in the US and EU, US interest in OSS sustainability, intro to the Open Policy Alliance
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...All Things Open
This document summarizes a presentation about graph-quilt, an open source GraphQL orchestrator library. It discusses the challenges of building a GraphQL orchestrator to unify data from multiple services. Graph-quilt addresses this by allowing services to register their GraphQL schemas and composing them into a unified schema. It also supports features like remote schema extensions, authorization, and adapting existing REST APIs. The presenters believe graph-quilt provides a flexible way to build GraphQL gateways and help more clients adopt GraphQL.
The State of Passwordless Auth on the Web - Phil NashAll Things Open
Presented at All Things Open 2023
Presented by Phil Nash - Sonar
Title: The State of Passwordless Auth on the Web
Abstract: Can we get rid of passwords yet? They make for a poor user experience and users are notoriously bad with them. The advent of WebAuthn has brought a passwordless world closer, but where do we really stand?
In this talk we'll explore the current user experience of WebAuthn and the requirements a user has to fulfil to authenticate without a password. We'll also explore the fallbacks and safeguards we can use to make the password experience better and more secure. By the end of the session you'll have a vision of how authentication could look in the future and a blueprint for how to build the best auth experience today.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Total ReDoS: The dangers of regex in JavaScriptAll Things Open
Presented at All Things Open 2023
Presented by Phil Nash - Sonar
Title: Total ReDoS: The dangers of regex in JavaScript
Abstract: Regular expressions are complicated and can be hard to learn. On top of that, they can also be a security risk; writing the wrong pattern can open your application up to denial of service attacks. One token out of place and you invite in the dreaded ReDoS.
But how can a regular expression cause this? In this talk we’ll track down the patterns that can cause this trouble, explain why they are an issue and propose ways to fix them now and avoid them in the future. Together we’ll demystify these powerful search patterns and keep your application safe from expressions that behave in a way that is anything but regular.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
What Does Real World Mass Adoption of Decentralized Tech Look Like?All Things Open
Presented at All Things Open 2023
Presented by Karl Mozurkewich - Storj
Title: What Does Real World Mass Adoption of Decentralized Tech Look Like?
Abstract: We delve into the transformative potential of decentralized technology. Beginning with a brief overview of the rise of centralization with the advent of the internet and the counter-shift marked by blockchain we explore the intrinsic characteristics of decentralized and distributed systems, such as trustless operations, peer-to-peer networks, and enterprise application scalability. Various sectors, including finance, supply chains, media and entertainment, data science and cloud infrastructure are on the brink of disruption. The societal implications are vast, with the potential for greater individual empowerment, a greener planet and more viable resource utilization, but concerns about data security persist.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Anastasia Lalamentik - Kaleido
Title: How to Write & Deploy a Smart Contract
Abstract: In this talk, Anastasia Lalamentik, Full Stack Engineer at Kaleido, will walk through how Ethereum smart contracts work and go over related concepts like gas fees, the Ethereum Virtual Machine (EVM), the block explorer, and the Solidity programming language. This is vital to anyone who wants to build a blockchain app and is a great introduction to blockchain technology for newcomers to the space.
By the end of the talk, attendees will better understand how to:
- Write a simple smart contract
- Deploy their smart contract to an Ethereum test network through the latest tools like Hardhat and the MetaMask wallet
- Test interactions with their deployed smart contract and ensure that everything is working properly
Additionally, participants will get to interact with Anastasia's deployed smart contract at the end of the talk. Anastasia’s past talks have attracted and have been attended by a diverse group of participants with a range of experience in the space.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlowAll Things Open
Presented at All Things Open 2023
Presented by Paul Brebner - Instaclustr (by Spot by NetApp)
Title: Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Abstract: In this talk we’ll build a Drone delivery application, and then use it to do some Machine Learning “on the fly”.
In the 1st part of the talk, we'll build a real-time Drone Delivery demonstration application using a combination of two open-source technologies: Uber’s Cadence (for stateful, scheduled, long-running workflows), and Apache Kafka (for fast streaming data).
With up to 2,000 (simulated) drones and deliveries in progress at once this application generates a vast flow of spatio-temporal data.
In the 2nd part of the talk, we'll use this platform to explore Machine Learning (ML) over streaming and drifting Kafka data with TensorFlow to try and predict which shops will be busy in advance.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at the All Things Open 2023 Inclusion and Diversity in Open Source Event
Presented by Efraim Marquez-Arreaza - Red Hat
Title: DEI Challenges and Success
Abstract: In today's world, many companies and organizations have Diversity, Equity and Inclusion (DEI) communities. Red Hat Unidos is a DEI community focused on advocating for the Hispanic/Latine community. In this talk, we would like to share our challenges and success during the past 4-years and plans for the future.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Lydia Cupery - HubSpot
Title: Scaling Web Applications with Background Jobs: Takeaways from Generating a Huge PDF
Abstract: Do you need to perform time-consuming or CPU-intensive processes in your web application but are concerned about performance? That’s where background jobs come in. By offloading resource-intensive tasks to separate worker processes, you can improve the scalability of your web application.
In this talk, I'll share my experience of using background jobs to scale our web application. I'll discuss the challenges my team faced that led us to adopt background jobs. Then, I'll share practical tips on how to design background jobs for CPU-intensive or time-consuming processes, such as generating huge PDFs and batch emailing. I'll wrap up by going over the performance and cost tradeoffs of background jobs.
I'll use Typescript, Express, and Heroku as examples in this talk, but the concepts and best practices that I'll share are applicable to other languages and tools.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Robert Aboukhalil - CZI
Title: Supercharging tutorials with WebAssembly
Abstract: sandbox.bio is a free platform that features interactive command-line tutorials for bioinformatics. This talk is a deep-dive into how sandbox.bio was built, with a focus on how WebAssembly enabled bringing command-line tools like awk and grep to the web. Although these tools were originally written in C/C++, they all run directly in the browser, thanks to WebAssembly! And since the computations run on each user's computer, this makes the application highly scalable and cost-effective.
Along the way, I'll discuss how WebAssembly works and how to get started using it in your own applications. The talk will also cover more advanced WebAssembly features such as threads and SIMD, and will end with a discussion of WebAssembly's benefits and pitfalls (it's a powerful technology, but it's not always the right tool!).
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by K.S. Bhaskar - YottaDB LLC
Title: Using SQL to Find Needles in Haystacks
Abstract: Database journal files capture every update to a database. A database of a few hundred GB can generate GBs worth of journal files every minute at busy times. Troubleshooting and forensices, especially of rare and intermittent problems, such as which process made what update and when, is an exercise of finding needles in haystacks. A similar problem exists with syslogs. A solution is to load the journal files and syslogs into a database, and use SQL to query the database. Bhaskar will present and demonstrate this with a 100% FOSS stack.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Configuration Security as a Game of Pursuit InterceptAll Things Open
The document discusses configuration security as a game of pursuit-evasion and intercept. It was presented by Wes Widner, Principal Engineer at Automox. The document includes a JSON policy snippet with an ID, statement, actions, effects, resources, and principal allowing the GetObject action on all objects in an S3 bucket for all principals. It has page numbers at the bottom indicating it is from a larger presentation.
Presented at All Things Open 2023
Presented by Carol Huang & Mike Fix - Stripe
Title: Scaling an Open Source Sponsorship Program
Abstract: We already know this: the open-source ecosystem needs further monetary investment from the companies that benefit most from it. Likewise, companies say they want to participate in these initiatives, but find it hard to dedicate resources to open source funding when there isn’t a clear ROI.
This talk discusses how the Open Source Program Office at Stripe built a scalable, sustainable open source sponsorship model that aligns internal company incentives with those of open source maintainers and the community at large. We go over the unique “platformization” of our OSPO that allowed us to create multiple funding models, such as BYOB (Bring Your Own Budget), and share lessons learned from this experience as well as other OSPOs.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Build Developer Experience Teams for Open SourceAll Things Open
Presented at All Things Open 2023
Presented by Arundeep Nagaraj - Amazon Web Services (AWS)
Title: Build Developer Experience Teams for Open Source
Abstract: Open Source has become the default strategy for many IT organizations and Enterprises. However, the constant challenge with Open Source leaders of these organizations has been -
How is my product's developer experience?
Is this the right metric to track?
How can I scale my team to support our products better?
How can I add automation to scale redundant workflows?
If my product involves working with developers, how can I scale to the complexity of the requests and reduce Engineering bandwidth?
The challenges within support of open source products continues to magnify depending on the end user persona whether they are consumers or contributors to your product. Consumers utilize your product, SDK's and API's and are blocked with using it or run into issues, whereas contributors are advanced users of your software that understands the codebase to provide a meaningful contribution back to the product.
The answer to the above is to look at Open Source support as a first-class citizen of your corporate support strategy. To employ the right level of developer focused support as opposed to traditional infrastructure based support is key to scale to the amount of developers using your product. Supporting customers in the open involves more than pure support - building customer / developer experiences (DX) in the open (across platforms and communities) that pivots over the ability of your product's users or developers to be focused on the end-to-end value add. This helps with your active developer growth and retention of users.
Key Takeaways:
- IT leaders of Open Source will learn to employ strategies to build a DX team that engages on multiple platforms
- Work on identifying accurate metrics for product and organization
- Innovate on platforms such as Discord to build a bot and a dashboard
- Ability to leverage customer feedback and iterate over the customer success flywheel
- Distinguish between DX and Developer Advocacy (DA)
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Danny McCormick - Google
Title: Deploying Models at Scale with Apache Beam
Abstract: Apache Beam is an open source tool for building distributed scalable data pipelines. This talk will explore how Beam can be used to perform common machine learning tasks, with a heavy focus on running inference at scale. The talk will include a demo component showing how Beam can be used to deploy and update models efficiently on both CPUs and GPUs for inference workloads.
An attendee can expect to leave this talk with a high level understanding of Beam, the challenges of deploying models at scale, and the ability to use Beam to easily parallelize their inference workloads.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Sudo – Giving access while staying in controlAll Things Open
Presented at All Things Open 2023
Presented by Peter Czanik - One Identity
Title: Sudo – Giving access while staying in control
Abstract: Sudo is used by millions to control and log administrator access to systems, but using the default configuration only, there are plenty of blind spots. Using the latest features in sudo let you watch some previously blind spots and control access to them. Here are four major new features, which arrived since the 1.9.0 release, allowing you see your blind spots:
- configuring a working directory or chroot within sudo often makes full shell access redundant
- JSON-formatted logs give you more details on events and are easier to act on
- relays in sudo_logsrvd make session recording collection more secure and reliable
- you can log and control sub-commands executed by the command run through sudo
Let us take a closer look at each of these.
Previously, there were quite a few situations where you had to give users full shell access through sudo. Typical examples include when you need to run a command from a given directory, or running commands in a chroot environment. You can now configure the working directory or the chroot directory and give access only to the command the user really needs.
Logging is a central role of sudo, to see who did what on the system. Using JSON-formatted log messages gives you even more information about events. What is even more: structured logs are easier to act on. Setting up alerting for suspicious events is much easier when you have a single parser to configure for any kind of sudo logs. You can collect sudo logs not only by local syslog, but also by using sudo_logsrvd, the same application used to collect session recordings.
Speaking of session recordings: instead of using a single central server, you can now have multiple levels of sudo_logsrvd relays between the client and the final destination. This allows session collection even if the central server is unavailable, providing you with additional security. It also makes your network configuration simpler.
Finally, you can log sub-commands executed from the command started through sudo. You can see commands started from a shell. No more unnoticed shell access from text editors. Best of all: you can also intercept sub-commands.
These are just a few of the most prominent features helping you to watch and control previous blind spots on your systems. See these and other possibilities in action in some live demos during our presentation.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Fortifying the Future: Tackling Security Challenges in AI/ML ApplicationsAll Things Open
Presented at All Things Open 2023
Presented by Christine Abernathy - F5, Inc.
Title: Fortifying the Future: Tackling Security Challenges in AI/ML Applications
Abstract: As Artificial Intelligence (AI) and Machine Learning (ML) applications continue to surge, it is crucial to be aware of and address the security risks associated with these technologies. In this talk, Christine will explore AI/ML failure modes, threats, and mitigation strategies. She will guide you through the fundamentals of ML models then introduce you to key security challenges such as adversarial attacks, data poisoning, model inversion, model stealing, and membership inference attacks, using real-world examples to demonstrate their potential impact.
Christine will also discuss privacy and ethical considerations in ML, touching upon techniques like federated learning and shedding light on the current regulatory landscape surrounding security risks. If you are developing AI/ML applications or incorporating AI/ML components into your technology stack, check out this talk. You will walk away with a deeper understanding of the current AI/ML security landscape and a toolkit to help you address these risks, enabling you to build safer, more secure, and privacy-aware applications.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...All Things Open
Presented at All Things Open 2023
Presented by Carlos Santana - AWS
Title: Securing Cloud Resources Deployed with Control Planes on Kubernetes using Governance and Policy as Code
Abstract: Are you concerned about the security of your cloud resources deployed on Kubernetes? Are you struggling to ensure compliance with regulatory requirements while managing your cloud infrastructure? If yes, then this talk is for you!
We will discuss how to secure cloud resources deployed with Crossplane on Kubernetes using Governance and Policy as Code. We will explore how to leverage Governance and Policy as Code tools like Rego, Kyverno, and OPA to ensure security and compliance.
By the end of this talk, you will have a better understanding of the challenges associated with securing cloud resources deployed with Crossplane or ACK on Kubernetes, the importance of Governance and Policy as Code in ensuring security and compliance, and why it is critical to use open source and open standards in these technologies.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillLizaNolte
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Must Know Postgres Extension for DBA and Developer during MigrationMydbops
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.