Samba was used as a gateway to provide access to OpenAFS, a distributed filesystem, in order to build an inexpensive centralized storage system capable of handling terabytes of data transparently across a WAN. The gateway architecture provided scalability through load balancing and support for roaming users. Identity management was centralized using Kerberos authentication and LDAP. Performance testing showed Samba providing read and write speeds of 25,000-45,000 blocks per second. The solution met the goals of low cost storage scaling to terabytes with transparent access across networks.
s the culmination of ten years' work, the Samba Team has created the first compatible Free Software implementation of Microsoft’s Active Directory protocols.
LDAP, Kerberos, DNS, and all other essential services that are required for Active Directory are natively supported by Samba4.
Samba4 doesn't have only Active Directory functions, but it has also many other incredible features like smb3 protocol implementation, ctdb (cluster) functionality and much more.
The presentation will describe the supported scenarios of Samba 4 as an Active Directory DC and also, discusses the developments in the File Server, in particular the components of SMB2, SMB3 and CTDB.
A webinar that looks into the new features that the Windows Server 2016 will offer in the DNS, DHCP and IPv6 space.
Showcase of some of the new stuff using the latest tech preview and the aim is to give administrators a quick overview of the Windows Server 2016 and enough information to decide if early adoption is worthwhile.
Load Balancing MySQL with HAProxy - SlidesSeveralnines
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
It goes without saying that DNS is only as secure as its servers. To ensure the successful and secure operation of a DNS server, secure configuration is paramount.
The new BIND 9 version 9.11 is a major version of the popular DNS server, released in August by ISC.
In this webinar Mr. Carsten Strotmann will demonstrate new features such as:
- Catalog Zones,
- dnssec-keymgr, new *rndc* functions
- CDS/CDNSKEY auto generation
- Negative Trust Anchor
- DNS cookies
-Refuse “any”
-and more.
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
Docker Networking presentation at ONS2016.
Docker Macvlan and Ipvlan Networking Drivers Experimental Readme:
github.com/docker/docker/blob/master/experimental/vlan-networks.md
Kernel requirements for Ipvlan mode is v4.2+, Macvlan mode is v3.19.
If using Virtualbox to test with, use NAT mode interfaces unless you have multiple MAC addresses working in your setup. Use the 172.x.x.x subnet and gateway used by the VBox NAT network. Vmware Fusion works out of the box.
Here is a screenshot of a VirtualBox NAT interface:
https://www.dropbox.com/s/w1rf61n18y7q4f1/Screenshot%202016-03-20%2001.55.13.png?dl=0
s the culmination of ten years' work, the Samba Team has created the first compatible Free Software implementation of Microsoft’s Active Directory protocols.
LDAP, Kerberos, DNS, and all other essential services that are required for Active Directory are natively supported by Samba4.
Samba4 doesn't have only Active Directory functions, but it has also many other incredible features like smb3 protocol implementation, ctdb (cluster) functionality and much more.
The presentation will describe the supported scenarios of Samba 4 as an Active Directory DC and also, discusses the developments in the File Server, in particular the components of SMB2, SMB3 and CTDB.
A webinar that looks into the new features that the Windows Server 2016 will offer in the DNS, DHCP and IPv6 space.
Showcase of some of the new stuff using the latest tech preview and the aim is to give administrators a quick overview of the Windows Server 2016 and enough information to decide if early adoption is worthwhile.
Load Balancing MySQL with HAProxy - SlidesSeveralnines
Agenda:
* What is HAProxy?
* SQL Load balancing for MySQL
* Failure detection using MySQL health checks
* High Availability with Keepalived and Virtual IP
* Use cases: MySQL Cluster, Galera Cluster and MySQL Replication
* Alternative methods: Database drivers with inbuilt cluster support, MySQL proxy, MaxScale, ProxySQL
It goes without saying that DNS is only as secure as its servers. To ensure the successful and secure operation of a DNS server, secure configuration is paramount.
The new BIND 9 version 9.11 is a major version of the popular DNS server, released in August by ISC.
In this webinar Mr. Carsten Strotmann will demonstrate new features such as:
- Catalog Zones,
- dnssec-keymgr, new *rndc* functions
- CDS/CDNSKEY auto generation
- Negative Trust Anchor
- DNS cookies
-Refuse “any”
-and more.
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
Docker Networking presentation at ONS2016.
Docker Macvlan and Ipvlan Networking Drivers Experimental Readme:
github.com/docker/docker/blob/master/experimental/vlan-networks.md
Kernel requirements for Ipvlan mode is v4.2+, Macvlan mode is v3.19.
If using Virtualbox to test with, use NAT mode interfaces unless you have multiple MAC addresses working in your setup. Use the 172.x.x.x subnet and gateway used by the VBox NAT network. Vmware Fusion works out of the box.
Here is a screenshot of a VirtualBox NAT interface:
https://www.dropbox.com/s/w1rf61n18y7q4f1/Screenshot%202016-03-20%2001.55.13.png?dl=0
This is a followup to our Docker networking tutorial. This slidedeck describes the options for deploying Docker container in a multi-host cluster environment. We introduce the LorisPack toolkit for connecting and isolating pods of containers deployed across multiple hosts.
Keeping DNS server up-and-running with “runitMen and Mice
A traditional Unix/Linux init system like SystemV-Init or BSD rc does start a DNS server process on server boot, but it does not restart the service in case of an abnormal termination. Modern init replacements like systemd provide process supervision, but bring extra complexities and possible stability and security issues.
This webinar demonstrates an alternative, open source process supervision system called “runit”.
“runit” is lean and fast and sticks to the Unix tradition to do one thing, and do that right.
In this webinar you will learn how to manage DNS server processes such as BIND 9, Unbound and NSD from runit.
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
In this talk, Madhu Venugopal will present Docker Networking & Service Discovery features shipped in 1.11 and new Experimental Vlan network drivers introduced in 1.11.
Why Managed Service Providers Should Embrace Container TechnologySagi Brody
This talk will demonstrate the importance and value for Managed Service Providers (MSPs) and cloud providers of building their business models around the management of containers. It will also explore the various container technologies being used today and why one might be utilized over another. The object is not to give a technical discussion on the subject, but rather to cover the benefits of Linux containers and how their use can be incorporated into strategies for future business planning and development.
Part 3 - Local Name Resolution in Linux, FreeBSD and macOS/iOSMen and Mice
The focus of this webinar will be to take a deeper look into this local name-resolution system and the implementations for other Unix systems like Linux and FreeBSD. Linux’s new über-Daemon “systemd” supports both mDNS and the Windows LLMNR (Link-Local-Multicast-Name-Resolution). We will also show how well a Systemd-Linux behaves in heterogenous networks running both Windows and macOS.
How Networking works with Data Science HungWei Chiu
Introduce the basic concept of networking model, including the OSI model and TCP/IP model.
Also introduce basic ideas/function in networking, such as routing, classification, security..etc
Breda Development Meetup 2016-06-08 - High AvailabilityBas Peters
Infrastructure and software failures are a pain and unfortunately sometimes unavoidable. Luckily, they don't always have to result in downtime for your application or service. High Availability (HA) to the rescue!
Libnetwork update at Moby summit June 2017Docker, Inc.
Libnetwork provides a native Go implementation for connecting containers
The goal of libnetwork is to deliver a robust Container Network Model that provides a consistent programming interface and the required network abstractions for applications.
Galera cluster for MySQL - Introduction SlidesSeveralnines
This set of slides gives you an overview of Galera, configuration basics and deployment best practices.
The following topics are covered:
- Concepts
- Node provisioning
- Network partitioning
- Configuration example
- Benchmarks
- Deployment best practices
- Galera monitoring and management
This is a followup to our Docker networking tutorial. This slidedeck describes the options for deploying Docker container in a multi-host cluster environment. We introduce the LorisPack toolkit for connecting and isolating pods of containers deployed across multiple hosts.
Keeping DNS server up-and-running with “runitMen and Mice
A traditional Unix/Linux init system like SystemV-Init or BSD rc does start a DNS server process on server boot, but it does not restart the service in case of an abnormal termination. Modern init replacements like systemd provide process supervision, but bring extra complexities and possible stability and security issues.
This webinar demonstrates an alternative, open source process supervision system called “runit”.
“runit” is lean and fast and sticks to the Unix tradition to do one thing, and do that right.
In this webinar you will learn how to manage DNS server processes such as BIND 9, Unbound and NSD from runit.
Docker Meetup: Docker Networking 1.11, by Madhu VenugopalMichelle Antebi
In this talk, Madhu Venugopal will present Docker Networking & Service Discovery features shipped in 1.11 and new Experimental Vlan network drivers introduced in 1.11.
Why Managed Service Providers Should Embrace Container TechnologySagi Brody
This talk will demonstrate the importance and value for Managed Service Providers (MSPs) and cloud providers of building their business models around the management of containers. It will also explore the various container technologies being used today and why one might be utilized over another. The object is not to give a technical discussion on the subject, but rather to cover the benefits of Linux containers and how their use can be incorporated into strategies for future business planning and development.
Part 3 - Local Name Resolution in Linux, FreeBSD and macOS/iOSMen and Mice
The focus of this webinar will be to take a deeper look into this local name-resolution system and the implementations for other Unix systems like Linux and FreeBSD. Linux’s new über-Daemon “systemd” supports both mDNS and the Windows LLMNR (Link-Local-Multicast-Name-Resolution). We will also show how well a Systemd-Linux behaves in heterogenous networks running both Windows and macOS.
How Networking works with Data Science HungWei Chiu
Introduce the basic concept of networking model, including the OSI model and TCP/IP model.
Also introduce basic ideas/function in networking, such as routing, classification, security..etc
Breda Development Meetup 2016-06-08 - High AvailabilityBas Peters
Infrastructure and software failures are a pain and unfortunately sometimes unavoidable. Luckily, they don't always have to result in downtime for your application or service. High Availability (HA) to the rescue!
Libnetwork update at Moby summit June 2017Docker, Inc.
Libnetwork provides a native Go implementation for connecting containers
The goal of libnetwork is to deliver a robust Container Network Model that provides a consistent programming interface and the required network abstractions for applications.
Galera cluster for MySQL - Introduction SlidesSeveralnines
This set of slides gives you an overview of Galera, configuration basics and deployment best practices.
The following topics are covered:
- Concepts
- Node provisioning
- Network partitioning
- Configuration example
- Benchmarks
- Deployment best practices
- Galera monitoring and management
Технологии работы с дисковыми хранилищами и файловыми системами Windows Serve...Виталий Стародубцев
##Что такое Storage Replica
##Архитектура и сценарии
##Синхронная и асинхронная репликация
##Междисковая, межсерверная, внутрикластерная и межкластерная репликация
##Дизайн и проектирование Storage Replica
##Нововведения в Windows Server 2016 TP5
##Графический интерфейс управления, и другие возможности - демонстрация и планы развития
##Интеграция Storage Replica с Storage Spaces Direct
План вебинара:
##Что такое Storage Spaces Direct?
##Сценарии использования Storage Spaces.
##Описание минимальных требований для Storage Spaces.
##Как настроить Windows Server 2016 Spaces Direct для работы с локальными дисками сервера?
##Что такое Storage Replica?
##Разница подходов синхронной и асинхронной репликации.
##Какие технологии репликации для каких задач использовать (DFS-R, Hyper-V Repica, SQL AlwaysOn, Exchange DAG) - и как это комбинируется с новыми возможностями Windows Server 2016?
##Что такое ReFS и чем она отличается в Server 2016 от предыдущих изданий ОС?
##Что даёт использование ReFS для виртуальных машин Hyper-V. Сценарии и возможности.
##Общие изменения Storage технологий в Windows Server 2016.
AC&NC provides full product line up of Network Attached Storage (NAS) systems that are all built for reliability and ease of use. AC&NC also offers combined NAS and Storage Area Networks (SAN) into a single system, allowing for a consolidated storage and network environment.
Focused intently on storage without distractions of tape backup or bundled servers, AC&NC manufacturers in-house and delivers complete solutions in 24-48 hours from in-stock JetStor RAID, iSCSI, FC, NAS / Unified, All Flash and JBOD SAS systems that set the bar for performance.
NoSql day 2019 - Floating on a Raft - Apache HBase durability with Apache RatisAnkit Singhal
In a world with a myriad of distributed storage systems to choose from, the majority of Apache HBase clusters still rely on Apache HDFS. Theoretically, any distributed file system could be used by HBase. One major reason HDFS is predominantly used are the specific durability requirements of HBase's write-ahead log (WAL) and HDFS providing that guarantee correctly. However, HBase's use of HDFS for WALs can be replaced with sufficient effort.
This talk will cover the design of a "Log Service" which can be embedded inside of HBase that provides a sufficient level of durability that HBase requires for WALs. Apache Ratis (incubating) is a library-implementation of the RAFT consensus protocol in Java and is used to build this Log Service. It cover the design choices of the Ratis Log Service, comparing and contrasting it to other log-based systems that exist today. Next, It'll cover how the Log Service "fits" into HBase and the necessary changes to HBase which enable this. Finally, it discusses how the Log Service can simplify the operational burden of HBase.
Floating on a RAFT: HBase Durability with Apache RatisDataWorks Summit
In a world with a myriad of distributed storage systems to choose from, the majority of Apache HBase clusters still rely on Apache HDFS. Theoretically, any distributed file system could be used by HBase. One major reason HDFS is predominantly used are the specific durability requirements of HBase's write-ahead log (WAL) and HDFS providing that guarantee correctly. However, HBase's use of HDFS for WALs can be replaced with sufficient effort.
This talk will cover the design of a "Log Service" which can be embedded inside of HBase that provides a sufficient level of durability that HBase requires for WALs. Apache Ratis (incubating) is a library-implementation of the RAFT consensus protocol in Java and is used to build this Log Service. We will cover the design choices of the Ratis Log Service, comparing and contrasting it to other log-based systems that exist today. Next, we'll cover how the Log Service "fits" into HBase and the necessary changes to HBase which enable this. Finally, we'll discuss how the Log Service can simplify the operational burden of HBase.
Pisa is a decentralized block storage distribution and replication framework with the specific goal of simplifying the development of storage back-end services in a distributed environment. Main chararistics of the project are the message security, self-organization cluster and simple setup. Pisa is a subproject of RestFS project and the talk will explain our experience acquired with the development of this subcomponent and the decisions taken in the design of the framework.
The RestFS is an experimental project to develop an open-source distributed filesystem for large environments. It is designed to scale up from a single server to thousand of nodes and delivering a high availability storage system with special features for high i/o performance and network optimization for work better in WAN environment.
One of the new challenges of IT today is the "Big Data", to solve this problem many solutions are available on the market and some new paradigms have appeared.
In most of these new paradigms the Message Queue covers an important part, more than the past.
This is a small introduction to the use of Messaging Middleware and an overview of the main open source products available.
The RestFS is an experimental project to develop an open-source distributed filesystem for large environments. It is designed to scale up from a single server to thousand of nodes and delivering a high availability storage system with special features for high i/o performance and network optimization for work better in WAN environment. The Restfs is pure-python, but several of the libraries that it depends upon use C extensions (sometimes for speed, sometimes to interface to pre-existing C libraries). The Project is on the beginning stage, with some technology previews released.
Storage is one of the most important part of a data center, the complexity to design, build and delivering 24/forever availability service continues to increase every year. For these problems one of the best solution is a distributed filesystem (DFS) This talk describes the basic architectures of DFS and comparison among different free software solutions in order to show what makes DFS suitable for large-scale distributed environments. We explain how to use, to deploy, advantages and disadvantages, performance and layout on each solutions. We also introduce some Case Studies on implementations based on openAFS, GlusterFS and Hadoop finalized to build your own Cloud Storage.
High performance for a Web server that receive a large numbers of requests is critical success factor for a web site, but in many cases the Web server is only “tip of the iceberg” of a very large heterogeneous systems, with lots of components and technologies. This talk present best practices to design an high availability and high performance web site. The presentation will cover load balancing, Web server acceleration, and efficient management of dynamic data, that can be adopted by any sites to improve performance and availability. We also describe common mistake implemented in the web application framework that create performance limitations and bottleneck. The presentation will describe how to define monitors metrics of the service , that are the “eyes” of operation departments, and the implementation of the “red button”
Using automation you can make your home easier and cheaper to run and more secure. In the session we will see hardware options, architectural layouts, softwares, examples on customizations and extensions. The presentation will also cover specific problems on multimedia (UPNP AV) and integrations with existing home devices, mobile and internet services. At the end of the session you will be able to design your home and customize the software for your specific needs, in this way you can lie on your sofa and keep everything under control.
Disaster recovery and business continuity planning are processes which help organizations prepare for disruptive events. The talk explains the basic concepts of business continuity, giving a brief overview on the business continuity plan and more detail informations (technical) on how to setup a Disaster Recovery site . We show two different approaches for creating a disaster recovery (DR) site, one the based on operating system layer and one based on the right design of the applications . The common elements on the two approaches are network design, data replication, monitoring system and system/configuration management. All these elements can be implemented with open source software, we explain advantages and disadvantages, performances and layouts on each solutions.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
3. Goals
Project Goal
Primary goal of the project was to design and build
an inexpensive storage system
Requirements:
Handle terabytes of data
Transparent to final user
Working in WAN environment
Good level of scalability
Page 3
4. Solution
Considerations
Centralize Storage (hardware solution)
SAN
Blockdevice interface
Performance
NAS
Filesystem interface
Shared filesystem
Distributed Filesystem (software solution)
Filesystem interface
Single file system across multiple computer nodes
Page 4
5. Solution
Considerations
Big Server vs Small Server (Google Techs)
Small number of inexpensive fileservers
provides similar performance to client side
Increase in capacity are inexpensive
Better manageability and redundancy.
Page 5
6. Solution
Storage Price
Terabyte Cost (SAS/FB) Components NAS SAN DFS
14k euro NAS/SAN
4k euro DFS Storage1.5 Tb with 52.000 52.000
10 disks (110/150)
Disks Size Storage 14TB 200.000 200.000
143 vs 300 SAS/FB reduce 30% 100 disks (110/150)
Disks Type 3 Server Storage 9.000
250/500 SATA Disk reduce >50% 500Gb (SAS)
14 Server Storage 56.000
1Tb (SAS)
Installation
4 FB interface 1.600
Software 2 Switch FB 6.000
2 Server Gw 2.000 2.000
Discount 2 Switch Gb 1.200 1.200 1.200
TOTAL for 1.5 Tb 53.200 62.800 12.200
Administration
TOTAL for 14 Tb 201.200 210.800 59.200
Page 6
7. Solution
Solution
Distributed Filesystem
AFS
Free available and stable
Support of large installations (>200TB with 40 milion Files)
More then 20 platforms are supported
Aggressive Roadmap ($350,000 per year from CSG)
Samba (Gateway)
AFS windows client uses internal file server emulation (slow)
Clientless
Fast and stable
User Identity
Heimdal Kerberos Autentichation (SSO)
KA emulation
LDAP backend
2b protocol (large kerberos ticket)
Openldap
Centralize storage
User administration scripts (custom provisioning)
Page 7
8. Solution
AFS Features
Transparent Access and Uniform Namespace
Cell
Partitions and volumes
Mount Points
In-use volume moves
Scalability
Client Caching
Replication
Load balance among servers while data is in use
Security
Authentication and secure communication
Authorization and flexible access control
System Management
Single system interface
Administration tasks without system outage
Delegation
Backup
Page 8
10. Gateway Configuration
Enable AFS in Samba
Compile Options
Enable KA server emulation
--with-fake-kaserver
Enable AFS ACL mapping
--with-vfs-afsacl
Don’t use AFS clear text password switch (old not supported)
--with-afs
Setting Samba Trusting (undocumented)
Obtain KeyFile from AFS fileserver (/usr/afs/etc/)
Import an OpenAFS KeyFile into secrets.tdb:
net afs key AFSKeyFile
Custom script for AFSKeyFile sync (Key rotation)
Useful command (undocumented)
Impersonate user, create a token for user@cell:
net afs impersonate <user> <cell>
Page 10
11. Gateway Configuration
smb.conf
Mapping Domain User<-> Pts
Single domain/unique identification:
afs username map = %u@zero.it
Multiple domain/duplicated identification
Store DOMAIN+user:
afs username map = %D+%u@zero.it
Store the SID in pt server:
afs username map = %s@zero.it
Enable AFS share
afs share = yes
Page 11
12. Gateway Configuration
smb.conf locking
Access only from samba server
Samba default
Access only from samba and local gw
Disable oplocks , level2 oplocks ..
Only with Byte-range locking on AFS client (AFS>1.5.X)
Access from all system
Enable strict locking option (mandatory lock)
Page 12
13. Gateway Configuration
Samba scalability and HA
Primary server HA (DFS Root)
Heartbeat
VIP associated to primary Samba Server
Transparent Access (MSDFS)
No compile option required
Enable DFS on Primary Samba server
host msdfs = yes
Samba Scalability
DFS Proxy,
Share redirection
Name resolved with DNS (link is FQDN)
(ex. msdfs proxy = gw1.intranet.zeropiu.itshare)
DFS root ,
Directory link
Fault tolerance
(ex. ln –s msdfs:server1share1,server2share1 share1)
Page 13
14. Gateway Configuration
Identity Storage
Heimdal integration
Compile
Enable ldap backend (--with-openldap)
Configuration
Enable ldap backend
Enable 2b token for Kerberos V integration
Only if have old client: enable-kaserver / afs3-salt
LDAP
Openldap 2.3 (SASL EXTERNAL)
Extending Schema (Samba,hdb ..)
nss_switch with ldap support
PAM
PAM Kerberos V integration
Page 14
15. Integration Tools
Identity Administration
Custom user administration script (iauser.pl)
Unix user (ldap)
Samba user (ldap)
Kerberos user (ldap)
Pt server user
Volume and mount point
Groups administration script (iagroup.pl)
Create unix group (ldap)
Create samba group (ldap)
Create pt server group
Syncronization administration script (ptsSync.pl)
Synchronization user from ldap to pt server
Page 15
16. Performance
Test Enviroment
Hardware
3 FileServer Linux
2 GB of RAM, 3GHz Xeon processor
2x36Gb SAS RAID 1 for operating system partition
4x 143GB SAS RAID5 storage
2 Server Gateway Linux
2 GB of RAM, 3GHz Xeon dual processor
2x36Gb SCSI RAID 1 for operating system partition
Software
Samba 3.22
OpenAFS 1.4.2
IOzone 3.8
Page 16
22. Result
Benefit
Reduced cost
Reduced storage cost 40.000 Euro (1.5TB Storage)
Reduced down time
Increase performance
Client side
Simplify System Administration task
Data accessible from everywhere
High security level (kerberos base)
Single sign-on
Disaster recovery (Volume replication)
Page 22
23. Next
Under Testing
OpenAFS
Lock subsystem, support AFS 1.5.X (Byte range)
Windows client, support AFS 1.5.X
Inode interface
Socket communication vlserver/fileserver
Memory cache
Disable fsync on write (AFS 1.5.X + patch)
WebDav
Samba
Cluster
External project (www.beolink.org)
Ptserver with ldap backend (ptsldap)
Web Administration interface (AFS Manager)
Page 23