On parle d’observabilité des services lorsque ceux-ci exposent des états et métriques internes pour améliorer la disponibilité globale.
Qu’en est-il de l’observabilité des infrastructures sur lesquelles ils sont déployés, configurés et maintenus ?
Les différents logs (centralisés, agrégés) permettent un bon début d’analyse mais il faut aussi observer les systèmes au fil de l’eau pour tracer chaque changement et les corréler avec le monitoring. Aujourd’hui, ces étapes de configuration IT devraient être prises en charge par les outils de gestion de configuration, qui deviennent la passerelle vers l’observabilité des opérations.
Nous montrerons l'intérêt de cette approche pour la gestion IT moderne avec un retour d’expérience sur les challenges de leur mise en place dans Rudder, notre solution libre d’audit et de gestion de configuration en continu.
On parle d’observabilité des services lorsque ceux-ci exposent des états et métriques internes pour améliorer la disponibilité globale.
Qu’en est-il de l’observabilité des infrastructures sur lesquelles ils sont déployés, configurés et maintenus ?
Les différents logs (centralisés, agrégés) permettent un bon début d’analyse mais il faut aussi observer les systèmes au fil de l’eau pour tracer chaque changement et les corréler avec le monitoring. Aujourd’hui, ces étapes de configuration IT devraient être prises en charge par les outils de gestion de configuration, qui deviennent la passerelle vers l’observabilité des opérations.
Nous montrerons l'intérêt de cette approche pour la gestion IT moderne avec un retour d’expérience sur les challenges de leur mise en place dans Rudder, notre solution libre d’audit et de gestion de configuration en continu.
What uses for observing operations of Configuration Management?RUDDER
Nicolas Charles, CfgMgmtCamp 2019.
More and more services expose their state, internal details and metrics to be observable, and improve overall quality of service.
But what about observing the infrastructure they are deployed, configured and maintained on?
What can we learn from that, and what do we need from configuration management to get these features and metrics?
Logs from installation is a good start, but they need centralization, aggregation and especially knowledge derivation from these - but also we need to observe these features over time, to trace changes, and correlate them with monitoring.
Rudder was built around the predicate that all actions of the configuration agent need to be traced, centralized and exposed in a meaningful way - with agents ensuring the continuous configuration of systems, and this talk will show the rationale behind this predicate, how we implemented this solution, and the benefits of this approach for the modern IT world.
How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?
We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.
This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.
Stay clear of the bugs: Troubleshooting Applications in Microsoft AzureHARMAN Services
Slides from our #GoCloudWebinar series. In this presentation, you will learn how to incorporate the necessary diagnostic tools into your application so you can monitor and take action on your Azure applications. Michael Collier, Principal Cloud Architect at Aditi and our guest speaker, Mike Wood, Technical Evangelist at Cerebrata give you insights on how to best troubleshoot your Microsoft Azure applications.
Los patrones están en todos lados. Los patrones de diseño han existido desde hace mucho tiempo para las arquitecturas tradicionales (monolíticas). Los patrones nos permiten tener un abanico de opciones de diseño predeterminadas, que se pueden aplicar según cada problema de negocio y tecnológico, dándonos una ventaja en el diseño de la solución, dado que son estructuras que han sido probadas durante el tiempo en forma repetitiva, hasta consolidarse como un patrón. Sin embargo, los patrones de diseño han cambiado con la llegada de la nube y el enfoque de microservicios. En esta oportunidad vamos a discutir en profundidad estos patrones de diseño y su aplicabilidad.
https://www.meetup.com/Cloud-Native-Chile/
Optimizing a React application for Core Web VitalsJuan Picado
The performance of your web application can define the success of your website, the core web vitals are key metrics that help you to keep track and improve the user experience. This talk we will see how to optimize and measure a React application performance using some basic techniques, like code splitting with webpack, SEO optimization and bottleneck resolutions with examples.
On parle d’observabilité des services lorsque ceux-ci exposent des états et métriques internes pour améliorer la disponibilité globale.
Qu’en est-il de l’observabilité des infrastructures sur lesquelles ils sont déployés, configurés et maintenus ?
Les différents logs (centralisés, agrégés) permettent un bon début d’analyse mais il faut aussi observer les systèmes au fil de l’eau pour tracer chaque changement et les corréler avec le monitoring. Aujourd’hui, ces étapes de configuration IT devraient être prises en charge par les outils de gestion de configuration, qui deviennent la passerelle vers l’observabilité des opérations.
Nous montrerons l'intérêt de cette approche pour la gestion IT moderne avec un retour d’expérience sur les challenges de leur mise en place dans Rudder, notre solution libre d’audit et de gestion de configuration en continu.
What uses for observing operations of Configuration Management?RUDDER
Nicolas Charles, CfgMgmtCamp 2019.
More and more services expose their state, internal details and metrics to be observable, and improve overall quality of service.
But what about observing the infrastructure they are deployed, configured and maintained on?
What can we learn from that, and what do we need from configuration management to get these features and metrics?
Logs from installation is a good start, but they need centralization, aggregation and especially knowledge derivation from these - but also we need to observe these features over time, to trace changes, and correlate them with monitoring.
Rudder was built around the predicate that all actions of the configuration agent need to be traced, centralized and exposed in a meaningful way - with agents ensuring the continuous configuration of systems, and this talk will show the rationale behind this predicate, how we implemented this solution, and the benefits of this approach for the modern IT world.
How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?
We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.
This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.
Stay clear of the bugs: Troubleshooting Applications in Microsoft AzureHARMAN Services
Slides from our #GoCloudWebinar series. In this presentation, you will learn how to incorporate the necessary diagnostic tools into your application so you can monitor and take action on your Azure applications. Michael Collier, Principal Cloud Architect at Aditi and our guest speaker, Mike Wood, Technical Evangelist at Cerebrata give you insights on how to best troubleshoot your Microsoft Azure applications.
Los patrones están en todos lados. Los patrones de diseño han existido desde hace mucho tiempo para las arquitecturas tradicionales (monolíticas). Los patrones nos permiten tener un abanico de opciones de diseño predeterminadas, que se pueden aplicar según cada problema de negocio y tecnológico, dándonos una ventaja en el diseño de la solución, dado que son estructuras que han sido probadas durante el tiempo en forma repetitiva, hasta consolidarse como un patrón. Sin embargo, los patrones de diseño han cambiado con la llegada de la nube y el enfoque de microservicios. En esta oportunidad vamos a discutir en profundidad estos patrones de diseño y su aplicabilidad.
https://www.meetup.com/Cloud-Native-Chile/
Optimizing a React application for Core Web VitalsJuan Picado
The performance of your web application can define the success of your website, the core web vitals are key metrics that help you to keep track and improve the user experience. This talk we will see how to optimize and measure a React application performance using some basic techniques, like code splitting with webpack, SEO optimization and bottleneck resolutions with examples.
Activity Recognition is a project that aims to recognize your activities like standing, sitting, walking and running in order to keep track of your daily trends.
GitHub page
https://github.com/riccardo97p/IoT_ActivityRecognition
Hackster post
https://www.hackster.io/andreanapoletani/activity-recognition-with-genuino-101-and-aws-iot-fbeea2
Authors:
Alessandro Giannetti
https://www.linkedin.com/in/alessandro-giannetti-2b1864b4/
Andrea Napoletani
https://www.linkedin.com/in/andrea-napoletani-aa0b87166/
Riccardo Pattuglia
https://www.linkedin.com/in/riccardo-pattuglia-3a09ab182/
By attending this webinar, you will be able to learn from the product developers on what WSO2 Enterprise Integrator 7.1.0 is, and what features it brings in to cater to integration with seamless developer experience. Key features include:
- Support for both centralized ESB and microservices-based deployments
- Streaming ETL support with CDC, file scraping, flow monitoring and more
- New observability solution based on Grafana, Prometheus, Jaeger, and Loki
- A CI/CD pipeline using Docker, Jenkins, Kubernetes and more
- New connectors for CSV transformation, Azure Data Lake and more
- Improvements to WSO2 Integration Studio (Tooling) UI and connector configuration view
On-demand webinar: https://wso2.com/library/webinars/wso2-enterprise-integrator-7-1-0-release/
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDJulian Mazzitelli
Presented at Kubernetes and Cloud Native meetup in Toronto on December 4, 2019
See https://www.youtube.com/watch?v=YmIAatr3Who for a video recording of a similar talk.
Are you looking to get more flexibility out of your CICD platform? Interested how GitOps fits into the mix? Learn how Argo CD, Workflows, and Events can be combined to craft custom CICD flows. All while staying Kubernetes native, enabling you to leverage existing observability tooling.
Building A Product Assortment Recommendation EngineDatabricks
Amid the increasingly competitive brewing industry, the ability of retailers and brewers to provide optimal product assortments for their consumers has become a key goal for business stakeholders. Consumer trends, regional heterogeneities and massive product portfolios combine to scale the complexity of assortment selection. At AB InBev, we approach this selection problem through a two-step method rooted in statistical learning techniques. First, regression models and collaborative filtering are used to predict product demand in partnering retailers. The second step involves robust optimization techniques to recommend a set of products that enhance business-specified performance indicators, including retailer revenue and product market share.
With the ultimate goal of scaling our approach to over 100k brick-and-mortar retailers across the United States and online platforms, we have implemented our algorithms in custom-built Python libraries using Apache Spark. We package and deploy production versions of Python wheels to a hosted repository for installation to production infrastructure.
To orchestrate the execution of these processes at scale, we use a combination of the Databricks API, Azure App Configuration, Azure Functions, Azure Event Grid and some custom-built utilities to deploy the production wheels to on-demand and interactive Databricks clusters. From there, we monitor execution with Azure Application Insights and log evaluation metrics to Databricks Delta tables on ADLS. To create a full-fledged product and deliver value to customers, we built a custom web application using React and GraphQL which allows users to request assortment recommendations in a self-service, ad-hoc fashion.
The starting point for this project was a MapReduce application that processed log files produced by the support portal. This application was running on Hadoop with Ruby Wukong. At the time of the project start it was underperforming and did not show good scalability. This made the case for redesigning it using Spark with Scala and Java.
Initial review of the Ruby code revealed that it was using disk IO excessively, in order to communicate between MapReduce jobs. Each job was implemented as a separate script passing large data volumes through. Spark is more efficient in managing intermediate data passed between MapReduce jobs – not only it keeps it in memory whenever possible, it often eliminates the need for intermediate data at all. However, that alone not brought us much improvement since there were additional bottlenecks at data aggregation stages.
The application involved a global data ordering step, followed by several localized aggregation steps. This first global sort required significant data shuffle that was inefficient. Spark allowed us to partition the data and convert a single global sort into many local sorts, each running on a single node and not exchanging any data with other nodes. As a result, several data processing steps started to fit into node memory, which brought about a tenfold performance improvement.
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015StampedeCon
At the StampedeCon 2015 Big Data Conference: The starting point for this project was a MapReduce application that processed log files produced by the support portal. This application was running on Hadoop with Ruby Wukong. At the time of the project start it was underperforming and did not show good scalability. This made the case for redesigning it using Spark with Scala and Java.
Initial review of the Ruby code revealed that it was using disk IO excessively, in order to communicate between MapReduce jobs. Each job was implemented as a separate script passing large data volumes through. Spark is more efficient in managing intermediate data passed between MapReduce jobs – not only it keeps it in memory whenever possible, it often eliminates the need for intermediate data at all. However, that alone not brought us much improvement since there were additional bottlenecks at data aggregation stages.
The application involved a global data ordering step, followed by several localized aggregation steps. This first global sort required significant data shuffle that was inefficient. Spark allowed us to partition the data and convert a single global sort into many local sorts, each running on a single node and not exchanging any data with other nodes. As a result, several data processing steps started to fit into node memory, which brought about a tenfold performance improvement.
Talk delivered at BSides Toronto on Sep 29, 2018 on positioning container security in context of application lifecycle, as well as observed trends and upcoming technologies.
This session will focus on the strategy, the technology, and the review process that customers use to move their most important systems to the cloud. nib Group will discuss their preparations to move a system of record to AWS with a specific focus on the platform built to meet their security, risk, and resiliency requirements. In this session, learn about what they did, lessons learned, and tips on how you could do the same
Presenters: Wayne Bozza, Head of Cybersecurity, and Mathew Finch, Head of Emerging Tech, nib Health Funds
IT Application Decommissioning - Application Retirement ServicesAvenDATA
Whether ERP or CRM systems, unstructured data or files you have, we will build an archiving system for you that will free you from your legacy systems at the same time fulfilling legal requirements. Benefit from our many years‘ experience in the market, which is reflected in the hundreds of our archiving projects worldwide.
Due to our specialisation in system archiving, system decommissioning and carve-out, we are significantly more efficient, cost-effective, functional and faster than you could ever imagine.
Why AvenDATA?
For many years we have specialized in archiving legacy systems in applications decommissioning. As a result, we have successfully implemented our software in the hundreds of companies from a wide range of industries worldwide. Our experience portfolio includes more than 250 systems from various manufacturers. Benefit from our long experience. Our archiving solution can manage 250+ systems and up to 100+ TB.
We are specialized in archiving legacy systems within applications decommissioning. In doing so, we have successfully implemented with hundreds of companies from a wide range of industries worldwide. Our portfolio includes experience with more than 250 systems from various manufacturers. Benefit from our years of experience. The AvenDATA Group operates worldwide with headquarters in Berlin and additional offices in Budapest, Mumbai and New York.
Splunk, SIEMs, and Big Data - The Undercroft - November 2019Jonathan Singer
Guild members join us on Thursday November 14th at 6pm for our class on Splunk. Our Analyze Guild Master Jonathan Singer will be hitting on Centralized Logging, SEIM, Big Data, and much more.
Getting Started: How to Set Up Your "Data as a Feature" ProjectTIBCO Jaspersoft
This workshop series features a brand-new demo application—created by the TIBCO Jaspersoft team and projekt202—that illustrates and teaches you how to create answer-generating applications of your own. Over the course of 5 webinars, we will introduce you to the what and the why of data as a feature applications and how you can build your own.
Lesson #2 Agenda:
- Project Overview
- Defining the user experience
- Setting up the application environment
- Preparing data
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
Designed for beginners, this presentation demystifies Python project management using Hatch and delves into pyproject.toml for efficient configuration. We'll guide you through organizing directories, implementing unit testing for code reliability, and using mypy for type checking to enhance code quality. The session concludes with insights into ruff, a modern linter for maintaining Python standards, which is replacing black, isort, flake8. This talk is a comprehensive toolkit for anyone eager to learn and apply the latest practices in Python development.
The talk was given at PyConDE / PyData Berlin 2024. More details here: https://pretalx.com/pyconde-pydata-2024/talk/CBVTEG/
What if configuration management didn't need to be lvl60 in dev?RUDDER
Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit.
Server infrastructure automation is not simple. Several solutions have existed for several years and most of them rely on infra-as-code to achieve their mission. By the way, why infra-as-code?
And unfortunately, these solutions require strong development skills. So how can we do this when the infrastructure team does not have sufficient and, above all, homogeneous expertise? Because otherwise, beware of the "Guru Team" effect, or how the infrastructure automation to save time ends up with a huge SPOF because only one person in the team knows how it works....
I would like to discuss this together and introduce you to RUDDER briefly. RUDDER is a configuration management solution, and therefore infra-as-code, that allows you to automate your systems by relying entirely on a graphical interface to manage your configurations. Because the infrastructure is complex enough to add a layer!
Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit Paris 2019).
Security is everyone's business, an exploited breach is enough. Teams are aware of this and yet it is still as difficult as ever to be able to ensure, be confident, and reassure others (prove) that at least one party is under control.
And when it comes to server infrastructure, especially at the OS / middleware level, everything gets complicated. Even with an operational security team, it is difficult to ensure that the Information System Security Policy and security recommendations are properly implemented on all servers.
How can we be sure that our security policies are properly applied on all our servers other than through a massive and costly audit? Even if they were when they were created, how do you know if they remain perfectly compliant after a few days / weeks / months?
Let's discover together RUDDER, an open-source solution for continuous compliance based on configuration management to automatically audit and/or correct our systems.
More Related Content
Similar to OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
Activity Recognition is a project that aims to recognize your activities like standing, sitting, walking and running in order to keep track of your daily trends.
GitHub page
https://github.com/riccardo97p/IoT_ActivityRecognition
Hackster post
https://www.hackster.io/andreanapoletani/activity-recognition-with-genuino-101-and-aws-iot-fbeea2
Authors:
Alessandro Giannetti
https://www.linkedin.com/in/alessandro-giannetti-2b1864b4/
Andrea Napoletani
https://www.linkedin.com/in/andrea-napoletani-aa0b87166/
Riccardo Pattuglia
https://www.linkedin.com/in/riccardo-pattuglia-3a09ab182/
By attending this webinar, you will be able to learn from the product developers on what WSO2 Enterprise Integrator 7.1.0 is, and what features it brings in to cater to integration with seamless developer experience. Key features include:
- Support for both centralized ESB and microservices-based deployments
- Streaming ETL support with CDC, file scraping, flow monitoring and more
- New observability solution based on Grafana, Prometheus, Jaeger, and Loki
- A CI/CD pipeline using Docker, Jenkins, Kubernetes and more
- New connectors for CSV transformation, Azure Data Lake and more
- Improvements to WSO2 Integration Studio (Tooling) UI and connector configuration view
On-demand webinar: https://wso2.com/library/webinars/wso2-enterprise-integrator-7-1-0-release/
A GitOps Kubernetes Native CICD Solution with Argo Events, Workflows, and CDJulian Mazzitelli
Presented at Kubernetes and Cloud Native meetup in Toronto on December 4, 2019
See https://www.youtube.com/watch?v=YmIAatr3Who for a video recording of a similar talk.
Are you looking to get more flexibility out of your CICD platform? Interested how GitOps fits into the mix? Learn how Argo CD, Workflows, and Events can be combined to craft custom CICD flows. All while staying Kubernetes native, enabling you to leverage existing observability tooling.
Building A Product Assortment Recommendation EngineDatabricks
Amid the increasingly competitive brewing industry, the ability of retailers and brewers to provide optimal product assortments for their consumers has become a key goal for business stakeholders. Consumer trends, regional heterogeneities and massive product portfolios combine to scale the complexity of assortment selection. At AB InBev, we approach this selection problem through a two-step method rooted in statistical learning techniques. First, regression models and collaborative filtering are used to predict product demand in partnering retailers. The second step involves robust optimization techniques to recommend a set of products that enhance business-specified performance indicators, including retailer revenue and product market share.
With the ultimate goal of scaling our approach to over 100k brick-and-mortar retailers across the United States and online platforms, we have implemented our algorithms in custom-built Python libraries using Apache Spark. We package and deploy production versions of Python wheels to a hosted repository for installation to production infrastructure.
To orchestrate the execution of these processes at scale, we use a combination of the Databricks API, Azure App Configuration, Azure Functions, Azure Event Grid and some custom-built utilities to deploy the production wheels to on-demand and interactive Databricks clusters. From there, we monitor execution with Azure Application Insights and log evaluation metrics to Databricks Delta tables on ADLS. To create a full-fledged product and deliver value to customers, we built a custom web application using React and GraphQL which allows users to request assortment recommendations in a self-service, ad-hoc fashion.
The starting point for this project was a MapReduce application that processed log files produced by the support portal. This application was running on Hadoop with Ruby Wukong. At the time of the project start it was underperforming and did not show good scalability. This made the case for redesigning it using Spark with Scala and Java.
Initial review of the Ruby code revealed that it was using disk IO excessively, in order to communicate between MapReduce jobs. Each job was implemented as a separate script passing large data volumes through. Spark is more efficient in managing intermediate data passed between MapReduce jobs – not only it keeps it in memory whenever possible, it often eliminates the need for intermediate data at all. However, that alone not brought us much improvement since there were additional bottlenecks at data aggregation stages.
The application involved a global data ordering step, followed by several localized aggregation steps. This first global sort required significant data shuffle that was inefficient. Spark allowed us to partition the data and convert a single global sort into many local sorts, each running on a single node and not exchanging any data with other nodes. As a result, several data processing steps started to fit into node memory, which brought about a tenfold performance improvement.
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015StampedeCon
At the StampedeCon 2015 Big Data Conference: The starting point for this project was a MapReduce application that processed log files produced by the support portal. This application was running on Hadoop with Ruby Wukong. At the time of the project start it was underperforming and did not show good scalability. This made the case for redesigning it using Spark with Scala and Java.
Initial review of the Ruby code revealed that it was using disk IO excessively, in order to communicate between MapReduce jobs. Each job was implemented as a separate script passing large data volumes through. Spark is more efficient in managing intermediate data passed between MapReduce jobs – not only it keeps it in memory whenever possible, it often eliminates the need for intermediate data at all. However, that alone not brought us much improvement since there were additional bottlenecks at data aggregation stages.
The application involved a global data ordering step, followed by several localized aggregation steps. This first global sort required significant data shuffle that was inefficient. Spark allowed us to partition the data and convert a single global sort into many local sorts, each running on a single node and not exchanging any data with other nodes. As a result, several data processing steps started to fit into node memory, which brought about a tenfold performance improvement.
Talk delivered at BSides Toronto on Sep 29, 2018 on positioning container security in context of application lifecycle, as well as observed trends and upcoming technologies.
This session will focus on the strategy, the technology, and the review process that customers use to move their most important systems to the cloud. nib Group will discuss their preparations to move a system of record to AWS with a specific focus on the platform built to meet their security, risk, and resiliency requirements. In this session, learn about what they did, lessons learned, and tips on how you could do the same
Presenters: Wayne Bozza, Head of Cybersecurity, and Mathew Finch, Head of Emerging Tech, nib Health Funds
IT Application Decommissioning - Application Retirement ServicesAvenDATA
Whether ERP or CRM systems, unstructured data or files you have, we will build an archiving system for you that will free you from your legacy systems at the same time fulfilling legal requirements. Benefit from our many years‘ experience in the market, which is reflected in the hundreds of our archiving projects worldwide.
Due to our specialisation in system archiving, system decommissioning and carve-out, we are significantly more efficient, cost-effective, functional and faster than you could ever imagine.
Why AvenDATA?
For many years we have specialized in archiving legacy systems in applications decommissioning. As a result, we have successfully implemented our software in the hundreds of companies from a wide range of industries worldwide. Our experience portfolio includes more than 250 systems from various manufacturers. Benefit from our long experience. Our archiving solution can manage 250+ systems and up to 100+ TB.
We are specialized in archiving legacy systems within applications decommissioning. In doing so, we have successfully implemented with hundreds of companies from a wide range of industries worldwide. Our portfolio includes experience with more than 250 systems from various manufacturers. Benefit from our years of experience. The AvenDATA Group operates worldwide with headquarters in Berlin and additional offices in Budapest, Mumbai and New York.
Splunk, SIEMs, and Big Data - The Undercroft - November 2019Jonathan Singer
Guild members join us on Thursday November 14th at 6pm for our class on Splunk. Our Analyze Guild Master Jonathan Singer will be hitting on Centralized Logging, SEIM, Big Data, and much more.
Getting Started: How to Set Up Your "Data as a Feature" ProjectTIBCO Jaspersoft
This workshop series features a brand-new demo application—created by the TIBCO Jaspersoft team and projekt202—that illustrates and teaches you how to create answer-generating applications of your own. Over the course of 5 webinars, we will introduce you to the what and the why of data as a feature applications and how you can build your own.
Lesson #2 Agenda:
- Project Overview
- Defining the user experience
- Setting up the application environment
- Preparing data
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
Designed for beginners, this presentation demystifies Python project management using Hatch and delves into pyproject.toml for efficient configuration. We'll guide you through organizing directories, implementing unit testing for code reliability, and using mypy for type checking to enhance code quality. The session concludes with insights into ruff, a modern linter for maintaining Python standards, which is replacing black, isort, flake8. This talk is a comprehensive toolkit for anyone eager to learn and apply the latest practices in Python development.
The talk was given at PyConDE / PyData Berlin 2024. More details here: https://pretalx.com/pyconde-pydata-2024/talk/CBVTEG/
What if configuration management didn't need to be lvl60 in dev?RUDDER
Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit.
Server infrastructure automation is not simple. Several solutions have existed for several years and most of them rely on infra-as-code to achieve their mission. By the way, why infra-as-code?
And unfortunately, these solutions require strong development skills. So how can we do this when the infrastructure team does not have sufficient and, above all, homogeneous expertise? Because otherwise, beware of the "Guru Team" effect, or how the infrastructure automation to save time ends up with a huge SPOF because only one person in the team knows how it works....
I would like to discuss this together and introduce you to RUDDER briefly. RUDDER is a configuration management solution, and therefore infra-as-code, that allows you to automate your systems by relying entirely on a graphical interface to manage your configurations. Because the infrastructure is complex enough to add a layer!
Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit Paris 2019).
Security is everyone's business, an exploited breach is enough. Teams are aware of this and yet it is still as difficult as ever to be able to ensure, be confident, and reassure others (prove) that at least one party is under control.
And when it comes to server infrastructure, especially at the OS / middleware level, everything gets complicated. Even with an operational security team, it is difficult to ensure that the Information System Security Policy and security recommendations are properly implemented on all servers.
How can we be sure that our security policies are properly applied on all our servers other than through a massive and costly audit? Even if they were when they were created, how do you know if they remain perfectly compliant after a few days / weeks / months?
Let's discover together RUDDER, an open-source solution for continuous compliance based on configuration management to automatically audit and/or correct our systems.
OW2Con - Configurations, do you prove yours?RUDDER
How can we be sure of the continuous configuration management proper operation? How to expose factual topic-related reports to dev, sec, managers, customers...?
We believe that, in order to deliver the full business and collaboration value of continuous configuration management, the solution needs to go further than simply applying policies - it must ensure configuration reliability; prove historized application and status; share it to other teams; notify of any drift with a relevant context.
This talk will present why and how we should be concerned about transmitting factual measures on infrastructure management to all parties involved. We will also guide you through the journey to include a full-fledged reporting feature in a configuration management solution.
The latest major version of the solution has brought a major new feature to the Rudder solution: a plugin ecosystem.
The Rudder software architect will present the reasons for this new feature, how it works, and what are the different plugins available.
Benoit Peccatte, CfgMgmtCamp 2019.
Benoit Peccatte started out as a developer for air traffic control systems but quickly became more interested in writing code generators to automate his job.
After meeting some smart sysadmins on the beach, he switched jobs and has been automating servers for the past decade.
He stumbled across open source in engineering school, and quickly became convinced that free software is the only way to keep software maintainable whatever happens in the future.
Benoit is now trying to automate his job on Rudder, developing features in Rudder to continuously configure and audit more and more servers.
UX challenges of a UI-centric config management toolRUDDER
Raphaël Gauthier, CfgMgmtCamp 2019.
One of Rudder’s main focuses is its comprehensive graphical user interface, which allows users to view and manage its configurations without writing a line of code.
The user experience and interface considerations for a tool as technical and complex, and with such potential to break things as a configuration management tool are certainly a challenge, and in some ways in unchartered territory. Rudder’s frontend developer will present an analysis of the situation, the issues encountered and the approach adopted for the improvement of UX and UI planned for 2019.
What happened in RUDDER in 2018 and what’s next?RUDDER
Alexis Mousset, CfgMgmtCamp 2019.
Let’s take a look at Rudder’s new features from 2018, both in terms of the features of versions 4.3 and 5.0 as well as the new documentation and our platform for building and distributing binaries.
We will then present the provisional roadmap for 2019: let’s go to Rudder 5.1 and 5.2!
Alexandre Brianceau, CfgMgmtCamp 2019.
Rudder is an open source configuration management tool that includes continuous auditing (with or without remediation), compliance info and graphs and the possibility to configure everything in the UI and/or APIs.
It has been around for more than six years and has users large (think 10 000 nodes) and small around the world.
Let’s take a moment to look at the vision that lead us here, how Rudder is different from similar tools, and what users find invaluable, nice (or annoying - I’ll be honest!).
If you’re not familiar with Rudder this is a great talk to attend to get the basics covered.
L'audit en continu : clé de la conformité démontrable (#POSS 2018)RUDDER
Présentation issue du talk pour le Paris Open Source Summit 2018 par Alexandre Brianceau dans le track Cybersécurité.
Les politiques de sécurité sont de plus en plus complexes et exigeantes à mettre en oeuvre pour les équipes opérationnelles. Comment pouvons-nous être certains que nos politiques de sécurité soient bien appliquées sur tous sos serveurs autrement qu’à travers un audit massif et coûteux ? Quand bien même le seraient-elles lors de leur création, comment savoir si elles restent parfaitement conformes après quelques jours / semaines / mois ?
Nous montrerons comment définir des règles techniques d'une politique de sécurité dans RUDDER, une solution d'automatisation de conformité informatique open source issue du monde devops où la gestion automatique de la configuration est déjà la norme. ensuite toutes les 5 minutes sur chacun des serveurs afin de remonter un résumé global permettant alors d’inspecter les problèmes qui doivent être corrigés.
Nous expliquerons également comment une politique d’audit déployée avec succès peut être imposée sur tous les systèmes avec le même outil, en passant de l’audit automatique à la remédiation automatique.
Fiabilité et conformité continues en production avec Rudder (#BBOOST 2018)RUDDER
Présentation issue du talk pour le BBOOST 2018 par Alexandre Brianceau.
Une infrastructure dont les configurations ne sont pas homogènes, surveillées et maintenues en conformité en continu finit inévitablement par dériver, entraînant failles de sécurité et incidents de production.
Alors que la fiabilité de l’IT est devenue critique, la méthode traditionnelle consistant à mener des audits tous les X mois montre ses limites : une dérive entre deux audits peut passer inaperçue et causer un incident.
RUDDER est une solution qui garantit la conformité des configurations en permanence.
Stay up - voyage d'un éditeur de logiciels libresRUDDER
Voici le retour d'expérience d'un des fondateurs Rudder sur ce que c'est qu'être entrepreneur dans les logiciels libres et les 10 ans de voyage écoulés à travers 4 étapes clés:
- la constitution de l'équipe,
- le passage par un incubateur,
- la levée de fond (ou pas),
- et la recherche d'un business model soutenable.
How we scaled Rudder to 10k, and the road to 50kRUDDER
Management graphical interface, real-time compliance and ease of use are some of Rudder core principles. When Rudder was created in 2010, hundreds of servers were considered a large installation, and the constraints and limits to manage systems were totally different than nowadays, as IT speaks in terms of thousands of nodes. I’ll present how we scaled Rudder from hundreds to 10k nodes, on each different aspect of the product: changing the way nodes talk with the Rudder server, rewriting the data model, evolving the UI, how we detected new limits - further away - and how we removed them; and made sure these limits don’t come back through tooling and testing. Finally, I’ll present the planned evolutions in upcoming releases to reach 50k managed nodes.
Rudder 4.1 was released in March 2017 with:
- an advanced feature to query external APIs and pull in node properties dynamically
the ability to add "key=value" tags to all Rules and Directives in order to categorize them
- a new API on relay servers to enable node-to-node file sharing and remote run in firewalled environments performance improvements
- a new plugin package format
Rudder 4.2 was released in September 2017 and includes the support for a new plugin that adds support for a new Windows DSC-based agent. Rudder 4.3 will include:
- Parameters for Technique Editor techniques
- ACLs on the API accounts
- Many architecture improvements
In parallel, new plugins are being developed:
- A plugin to integrate data from external APIs
- Monitoring integration with Centreon
- CMDB integration with iTop
- A reporting plugin for historized compliance
This talk will introduce these new features and show how to use them, hopefully getting you as excited as we are! Then, we will move on to explain about longer-term feature ideas we have for Rudder, and the general vision linked to future developments.
About Nicolas Charles
Nicolas is a tinkerer who likes when things just work, and tries his best to reach this goal. He started as a developer 15 years ago, and often had to reach out of this role to solve issues.
In 2010, he co-founded Normation, and he still enjoys fixing things in Rudder and at its users.
DevOps D-Day 2017 - Gestion des configurations et mise en conformité chez un ...RUDDER
En tant qu’hébergeur et infogérant, Jaguar Network est confronté à une double évolution :
Le marché attend de la part d’un Service Provider de prendre en charge une part toujours plus importante de la gestion du système d’information.
La croissance de l’entreprise entraîne une pression plus importante quantitativement (scalabilité) et qualitativement (garantir la fiabilité et la sécurité sur l’ensemble du parc géré).
Ainsi, Jaguar Network a dû trouver une solution capable de résoudre cette double problématique à laquelle de plus en plus de sociétés sont confrontées : assurer la croissance rapide du parc tout en améliorant et en garantissant la fiabilité.
Grâce à RUDDER, solution open-source française de Continuous Configuration dédiée aux contraintes de la production, l’atteinte de cet objectif a été grandement facilité. En duo avec l’éditeur de RUDDER, Jaguar Network racontera le déroulement de ce projet, de la mise en place de l’outil aux résultats constatés, en passant par l’intégration avec les autres technologies du SI.
Un retour d’expérience concret et complet sur le concept de Continuous Configuration et son implémentation avec RUDDER.
RUDDER is an easy to use, web-driven, role-based solution for IT Infrastructure Automation and Compliance. With a focus on continuously checking configurations and centralising real-time status data, RUDDER can show a high-level summary (“ISO 27001 rules are at 100%!”) and break down noncompliance issues to a deep technical level (“Host prod-web-03: SSH server configuration allows root logins”).
A few things that make RUDDER stand out:
- A simple framework allows you to extend the built-in rules to implement specific low-level configuration patterns, however complex they may be, using simple building blocks (“ensure package installed in version X,” “ensure file content,” “ensure line in file,” etc.). A graphical builder lowers the technical level required to use this.
- Each policy can be independently set to be automatically checked or enforced on a policy or host level. In Enforce mode, each remediation action is recorded, showing the value of these invisible fixes.
- RUDDER works on almost every kind of device, so you’ll be managing physical and virtual servers in the data center, cloud instances, and embedded IoT devices in the same way.
- RUDDER is designed for critical environments where a security breach can mean more than a blip in the sales stats. Built-in features include change requests, audit logs, and strong authentication.
- RUDDER relies on an agent that needs to be installed on all hosts to audit. The agent is very lightweight (10 to 20 MB of RAM at peak) and blazingly fast (it’s written in C and takes less than 10 seconds to verify 100 rules). Installation is self-contained, via a single package, and can auto-update to limit agent management burden.
- RUDDER is a true and professional open source solution—the team behind RUDDER doesn’t believe in the dual-speed licensing approach that makes you reinstall everything and promotes open source as little more than a “demo version.”
RUDDER is an established project with several 10000s of node managed, in companies from small to biggest-in-their-field. Typical deployments manage 100s to 1000s of nodes. The biggest known deployment in 2016 is about 7000 nodes.
Rudder is an easy to use, web-driven, role-based solution for IT Infrastructure Automation and Compliance. With a focus on continuously checking configurations and centralising real-time status data, Rudder can show a high-level summary (“ISO 27001 rules are at 100%!”) and break down noncompliance issues to a deep technical level (“Host prod-web-03: SSH server configuration allows root logins”).
A few things that make Rudder stand out:
- A simple framework allows you to extend the built-in rules to implement specific low-level configuration patterns, however complex they may be, using simple building blocks (“ensure package installed in version X,” “ensure file content,” “ensure line in file,” etc.). A graphical builder lowers the technical level required to use this.
- Each policy can be independently set to be automatically checked or enforced on a policy or host level. In Enforce mode, each remediation action is recorded, showing the value of these invisible fixes.
- Rudder works on almost every kind of device, so you’ll be managing physical and virtual servers in the data center, cloud instances, and embedded IoT devices in the same way.
- Rudder is designed for critical environments where a security breach can mean more than a blip in the sales stats. Built-in features include change requests, audit logs, and strong authentication.
- Rudder relies on an agent that needs to be installed on all hosts to audit. The agent is very lightweight (10 to 20 MB of RAM at peak) and blazingly fast (it’s written in C and takes less than 10 seconds to verify 100 rules). Installation is self-contained, via a single package, and can auto-update to limit agent management burden.
- Rudder is a true and professional open source solution—the team behind Rudder doesn’t believe in the dual-speed licensing approach that makes you reinstall everything and promotes open source as little more than a “demo version.”
Rudder is an established project with several 10000s of node managed, in companies from small to biggest-in-their-field. Typical deployments manage 100s to 1000s of nodes. The biggest known deployment in 2016 is about 7000 nodes.
"D'une programmation objet classique au free monad."
Cette présentation explique le cheminement suivi par le code #Scala au sein de @RudderProject, en partant d'un erzatz de Java vers plus de programmation fonctionnelle et de Développement Dirigé par les Types.
Automating the manual - feedback on including existing systems in configurati...RUDDER
When designing a new infrastructure, weaving configuration management within it is a natural solution nowadays.
However, there are many systems in the wild that are still manually managed, if managed at all; mission critical servers that can’t be shut down, systems that runs proprietary software which depend on out-of-date databases, … They may even have been configured using forgotten conventions (that can be different on different iteration of systems).
Using configuration automation tools on these system can seem like an impossible task, but it is not, and the efforts are really worth the benefits.
This talk will present feedback from a couple of projects I’ve worked on, describing how to manage these “existing, manual and critical” systems automatically, most specifically the reverse engineering of existing systems (compiling all documents, inventorying systems, devising the rules, auditing deviations), and the steps to managing them automatically.
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfJay Das
With the advent of artificial intelligence or AI tools, project management processes are undergoing a transformative shift. By using tools like ChatGPT, and Bard organizations can empower their leaders and managers to plan, execute, and monitor projects more effectively.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Corporate Management | Session 3 of 3 | Tendenci AMS
OSIS 2019 - Qu’apporte l’observabilité à la gestion de configuration ?
1. OSIS 2019
THE OPEN SOURCE
INNOVATION SPRING 2019
@nico_charles
nicolas@rudder.io
Qu’apporte l’observabilité à la
gestion de configuration ?
2. OSIS 2019How are the systems?
Does no error nor change in logs mean success?
Aren’t we missing something?
3. OSIS 2019Definition
Configuration management is a systems
engineering process for establishing and
maintaining consistency of a product [...]
throughout its life.
Configuration_management
“
4. OSIS 2019Let's remember: What does configuration management do?
configuration
target state
feedbackconfiguration
5. OSIS 2019Let's remember: What does configuration management do?
configuration
target state
feedbackconfiguration
feedbackconfiguration
feedbackconfiguration
6. OSIS 2019Main challenges faced nowadays
DEV QA PRODUCTION RECOVERY
DEV SEC OPSMGMT EXTERN
Multiple teams, diluted expertise, harder reporting
Heterogeneous systems, reduced visibility, ease of use and understanding
7. OSIS 2019Getting and understanding the info is complex
Operators, Managers, Experts, APIs have differents needs
Frustration when we need a third party to obtain relevant data
We mistrust what we don’t understand
8. OSIS 2019Getting and understanding the info is complex
Putting errors into perspective:
Error can be expected
Error in production can have catastrophic consequences
9. OSIS 2019Definition (again)
Observability is a measure of how well
internal states of a system can be inferred
from knowledge of its external outputs.
Observability
“
10. OSIS 2019Monitoring VS Observability: having a factual & deep insight
monitoring observabilityVS
11. OSIS 2019Why we need Observability in Configuration Management?
Causality AgencyPerspective
trust and prove
configuration states
provide insights
relevant to different needs
help teams find
the best levers
for their job
A
B
28. OSIS 2019Causality and dependencies of events
Diagnostic on infrastructures is hard
● Many systems
● Dependencies across systems
● Many actors involved
An issue on one component can impact hundred systems
We need to separate the causes from the symptoms
29. OSIS 2019Causality and dependencies of events
Monitoring can only correlate
Events happen on the whole infrastructure
Causes and precedences help root cause analysis
30. OSIS 2019Event sourcing & Tracing
Terminology (Dapper & OpenTracing)
Trace: Description of a “transaction” as it moves through systems
Span: Named and timed operation, piece of workflow (+ tags and logs)
Span context: Trace information that accompanies the transaction
31. OSIS 2019Event sourcing & Tracing
What’s in a span?
Operation name
Start & end timestamps
Tags: Set of key:value
Logs: Set of key:value
SpanContext
32. OSIS 2019Event sourcing & Tracing
Temporal relationships between Spans in a single Trace
https://www.jaegertracing.io/docs/1.9/architecture/
33. OSIS 2019Event sourcing & Tracing
Configuration Management: What would be the traces?
Defining the infrastructure state is a trace
Each changes before validation is a span
Validating results in a change request closes the trace
Computing the nodes configurations is a trace
Computing targets, overrides and generating files are spans
Closes with the serialization of the nodes configurations in database
Each run on an node is a trace
Each configuration check is a span
34. OSIS 2019Event sourcing & Tracing
PARAM
RULE
● Id
DIRECTIVE
● Id
● (Components)
GROUP
● Id
Environmental
context
● Id : . . .
● Generated : . . .
Files
Node configuration
Commit Id
RUN
● Reports
● Reports
● ...
● ...
METADATA
● node id
● config id
● run timestamp
RUN
● Reports
● Reports
● ...
● ...
METADATA
● node id
● config id
● run timestamp
● Signature
Get config
Send configuration
reports
Expected reports
(node id, config id,
timestamp)
Run reports
Historisation
Compliance
historised
Store expected reportsMetadata
● Integrity
● CommitId
● Signature
Config
● For Rule R,
Directive D1,
Component C
Event logs
Change request
Defining state
Trace + Spans
Trace
Run: Trace
Each step: span
Message
bus
Message
bus
35. OSIS 2019Event sourcing & Tracing
Store Traces & Events:
● Integrate with systems in place
● Many tools are compatible with OpenTracing
Correlate with non-observable systems
36. OSIS 2019What to do of these billions events?
Reactive approach
Query, search and analyze traces in case of problems
Proactive approach
Process mining: Machine Learning on these events
Detect unusual behaviours
Outliers
Inconsistencies across systems
38. OSIS 2019
THE OPEN SOURCE
INNOVATION SPRING 2019
@nico_charles
nicolas@rudder.io
Thank you !
Any questions ?
39. OSIS 2019Security?
Events, trace and logs hold critical data
Within a simple system, security can be built-in
AuthN/AuthZ
For distributed system, it’s much harder
Who can see what?
Who defines and enforces the authorizations?
Partial visibility of events/traces
Tags on events for authorizations