This webinar discusses how to tune a ColdFusion environment for high performance. It explains how Webapper works with HOSTING to optimize ColdFusion servers, achieving 50 requests per second across 8 servers with no bottlenecks or slowdowns. Key aspects covered include optimizing Java Virtual Machine settings, configuring appropriate thread pool sizes, and monitoring performance metrics. Attendees are encouraged to contact Webapper or HOSTING for help optimizing their own ColdFusion environments.
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
Once you have your Microservices setup, the most pertinent question is how to I test Microservices and ensure that all the moving parts of this distributed system stay in sync.
The presentation provides testing strategies on how to test Microservices and provides focussed understanding of using Consumer Driven Contracts (CDC) to test Microservices API. Additionally it provides pointers around how to do debug Microservices and trace the performance of individual services.
Please read the following presentations before referencing "Testing Microservices"
1. Introduction to Microservices - https://www.slideshare.net/anilallewar/introduction-to-microservices-78270318
2. Build the Microservices sample application -
https://www.slideshare.net/anilallewar/building-microservices-sample-application
오토스케일링(Auto-scaling)은 AWS 클라우드를 통해 고확장성 서비스와 아키텍처를 구성하는 데 필요한 가장 중요한 요소 중 하나입니다. 이 강연에서는 효과적인 클라우드 인프라 구축을 위해 오토 스케일링을 활용하는 다양한 방법에 대해 자세히 소개해 드립니다.
오토 스케일링 그룹의 구성과 확장 계획에 따른 설정 방법, 오토 스케일링 라이프 사이클과 CloudWatch 및 알림을 이용한 관리 방법, 각종 오토스케일링 모범사례 등을 알아보실 수 있습니다.
The OAuth 2.0 authorization framework enables a third-party
application to obtain limited access to an HTTP service, either on
behalf of a resource owner by orchestrating an approval interaction
between the resource owner and the HTTP service, or by allowing
the third-party application to obtain access on its own behalf.
Once you have your Microservices setup, the most pertinent question is how to I test Microservices and ensure that all the moving parts of this distributed system stay in sync.
The presentation provides testing strategies on how to test Microservices and provides focussed understanding of using Consumer Driven Contracts (CDC) to test Microservices API. Additionally it provides pointers around how to do debug Microservices and trace the performance of individual services.
Please read the following presentations before referencing "Testing Microservices"
1. Introduction to Microservices - https://www.slideshare.net/anilallewar/introduction-to-microservices-78270318
2. Build the Microservices sample application -
https://www.slideshare.net/anilallewar/building-microservices-sample-application
오토스케일링(Auto-scaling)은 AWS 클라우드를 통해 고확장성 서비스와 아키텍처를 구성하는 데 필요한 가장 중요한 요소 중 하나입니다. 이 강연에서는 효과적인 클라우드 인프라 구축을 위해 오토 스케일링을 활용하는 다양한 방법에 대해 자세히 소개해 드립니다.
오토 스케일링 그룹의 구성과 확장 계획에 따른 설정 방법, 오토 스케일링 라이프 사이클과 CloudWatch 및 알림을 이용한 관리 방법, 각종 오토스케일링 모범사례 등을 알아보실 수 있습니다.
Watch the live demo of Apigee's API platform to learn how to:
- easily configure and manage new APIs and enforce security with minimal impact to backend services
- create, manage and monetize API products
- extend API Services to increase flexibility and tailor to business requirements with JavaScript, Java, Python, and Node.js
- provide developers easy, yet secure access to explore, test, and deploy APIs
- use end-to-end visibility across the digital value chain to monitor, measure, and manage success
Describes 3 levels of complexity when implementing a secret management architecture, and presents 2 real world examples.
Technologies used: Hashicorp Vault, Chef Vault, AWS KMS, git-crypt.
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSSIMeetup
https://ssimeetup.org/self-sovereign-identity-why-we-here-christopher-allen-webinar-51/
Internet cryptography and Self-sovereign identity (SSI) pioneer Christopher Allen talks about essential insights and reflections around historical, technological and ethical aspects of Self-Sovereign Identity at the 51st SSIMeetup.org webinar in collaboration with Rebooting the Web of Trust (RWOT) and Alianza Blockchain Iberoamérica as part of the events that took place at RWOT in Buenos Aires (Argentina).
Christopher is an entrepreneur and technologist who specializes in collaboration, security, and trust. As a pioneer in internet cryptography, he’s initiated cross-industry collaborations and co-created industry standards that influence the entire internet. Christopher’s focus on internet trust began as the founder of Consensus Development where he co-authored the IETF TLS internet-draft that is now at the heart of all secure commerce on the World Wide Web. Christopher is co-chair of the W3C Credentials CG working on standards for decentralized identity. Christopher has also been a digital civil liberties and human-rights privacy advisor, was part of the team that led the first UN summit on Digital Identity & Human Rights, and was the producer of a half-dozen iPhone and iPad games, and of Infinite PDF, a non-linear media app.
An introduction to OAuth2 and OpenID Connect intended for a technical audience. This covers terminology, core concepts, and all the core grants/flows for OAuth2 and OpenID Connect
OpenSearch는 배포형 오픈 소스 검색과 분석 제품군으로 실시간 애플리케이션 모니터링, 로그 분석 및 웹 사이트 검색과 같이 다양한 사용 사례에 사용됩니다. OpenSearch는 데이터 탐색을 쉽게 도와주는 통합 시각화 도구 OpenSearch와 함께 뛰어난 확장성을 지닌 시스템을 제공하여 대량 데이터 볼륨에 빠르게 액세스 및 응답합니다. 이 세션에서는 실제 동작 구조에 대한 설명을 바탕으로 최적화를 하기 위한 방법과 운영상에 발생할 수 있는 이슈에 대해서 알아봅니다.
Presentation done at the November meeting of the Sudoers Barcelona group (https://www.meetup.com/sudoersbcn/).
HashiCorp Vault (https://www.vaultproject.io/)
"Vault és una eina per emmagatzemar i gestionar secrets. Veurem què ofereix, com instal·lar-la, utilitzar-la i operar-la, i la nostra experiència."
Comparing Native Java REST API Frameworks - Seattle JUG 2022Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!! What about Helidon?
There are a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, Spring Boot, and Helidon. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Helidon companion post: https://developer.okta.com/blog/2022/01/06/native-java-helidon
GitHub repo: https://github.com/oktadev/native-java-examples
Discussed the general OAuth2 features. Reviewer OAuth2 Roles and Grand Flows
Authorization code grant flow
Implicit grant flow
Resource owner password credentials grant flow
Client credentials grant flow
Reviewed access resource flow and token refresh.
see video: https://www.youtube.com/watch?v=UPsVD-A7gP0
Reaching critical masses with your application systems becomes harder every day. Caching helps to provide low latency and high availability over slow calculation, networks, databases and any other kind of external resource.
Watch the live demo of Apigee's API platform to learn how to:
- easily configure and manage new APIs and enforce security with minimal impact to backend services
- create, manage and monetize API products
- extend API Services to increase flexibility and tailor to business requirements with JavaScript, Java, Python, and Node.js
- provide developers easy, yet secure access to explore, test, and deploy APIs
- use end-to-end visibility across the digital value chain to monitor, measure, and manage success
Describes 3 levels of complexity when implementing a secret management architecture, and presents 2 real world examples.
Technologies used: Hashicorp Vault, Chef Vault, AWS KMS, git-crypt.
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSSIMeetup
https://ssimeetup.org/self-sovereign-identity-why-we-here-christopher-allen-webinar-51/
Internet cryptography and Self-sovereign identity (SSI) pioneer Christopher Allen talks about essential insights and reflections around historical, technological and ethical aspects of Self-Sovereign Identity at the 51st SSIMeetup.org webinar in collaboration with Rebooting the Web of Trust (RWOT) and Alianza Blockchain Iberoamérica as part of the events that took place at RWOT in Buenos Aires (Argentina).
Christopher is an entrepreneur and technologist who specializes in collaboration, security, and trust. As a pioneer in internet cryptography, he’s initiated cross-industry collaborations and co-created industry standards that influence the entire internet. Christopher’s focus on internet trust began as the founder of Consensus Development where he co-authored the IETF TLS internet-draft that is now at the heart of all secure commerce on the World Wide Web. Christopher is co-chair of the W3C Credentials CG working on standards for decentralized identity. Christopher has also been a digital civil liberties and human-rights privacy advisor, was part of the team that led the first UN summit on Digital Identity & Human Rights, and was the producer of a half-dozen iPhone and iPad games, and of Infinite PDF, a non-linear media app.
An introduction to OAuth2 and OpenID Connect intended for a technical audience. This covers terminology, core concepts, and all the core grants/flows for OAuth2 and OpenID Connect
OpenSearch는 배포형 오픈 소스 검색과 분석 제품군으로 실시간 애플리케이션 모니터링, 로그 분석 및 웹 사이트 검색과 같이 다양한 사용 사례에 사용됩니다. OpenSearch는 데이터 탐색을 쉽게 도와주는 통합 시각화 도구 OpenSearch와 함께 뛰어난 확장성을 지닌 시스템을 제공하여 대량 데이터 볼륨에 빠르게 액세스 및 응답합니다. 이 세션에서는 실제 동작 구조에 대한 설명을 바탕으로 최적화를 하기 위한 방법과 운영상에 발생할 수 있는 이슈에 대해서 알아봅니다.
Presentation done at the November meeting of the Sudoers Barcelona group (https://www.meetup.com/sudoersbcn/).
HashiCorp Vault (https://www.vaultproject.io/)
"Vault és una eina per emmagatzemar i gestionar secrets. Veurem què ofereix, com instal·lar-la, utilitzar-la i operar-la, i la nostra experiència."
Comparing Native Java REST API Frameworks - Seattle JUG 2022Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!! What about Helidon?
There are a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, Spring Boot, and Helidon. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Helidon companion post: https://developer.okta.com/blog/2022/01/06/native-java-helidon
GitHub repo: https://github.com/oktadev/native-java-examples
Discussed the general OAuth2 features. Reviewer OAuth2 Roles and Grand Flows
Authorization code grant flow
Implicit grant flow
Resource owner password credentials grant flow
Client credentials grant flow
Reviewed access resource flow and token refresh.
see video: https://www.youtube.com/watch?v=UPsVD-A7gP0
Reaching critical masses with your application systems becomes harder every day. Caching helps to provide low latency and high availability over slow calculation, networks, databases and any other kind of external resource.
ASP.NET Quick Wins - 20 Tips and Tricks To Shift Your Application into High GearKevin Griffin
Out of the box, ASP.NET can do a lot of amazing things. The tools and framework have grown to make mundane tasks, such as minification, simple to implement. Many times by using the framework as we were taught, opportunities to optimize pass us by. The reality is that underneath the covers, there is a whole world of easy tweaks we can implement to help ASP.NET perform at its peak.
In this presentation, we will walk through a slew of tweaks used to make ASP.NET perform in the best way possible. You will leave with a checklist of tasks that will instantly improve the performance of your web application!
Structure your Play application with the cake pattern (and test it)yann_s
A challenge during the development of an application is how to add new functions without compromising existing ones.
Using the Cake Pattern, the application can be structured into logical components, thus minimizing the coupling between them and controlling the effects of changes.
You will learn what this pattern is, and how to introduce it step by step in a Play Application. You will be shown how an application designed that way is easy to test, especially with the Play testing API.
Finally, the talk will describe the common pitfalls of the Cake Pattern and how to avoid them.
Video of the talk: http://www.ustream.tv/recorded/42775808
Sources: https://github.com/yanns/TPA
Sources of the final version: https://github.com/yanns/TPA/tree/master/frontend/TBA_05_final
Developing High Performance and Scalable ColdFusion Applications Using Terrac...Shailendra Prasad
1. How to scale – options (pros and cons)
2. Caching basics (various options available)
3. Recent updates of Open source Ehcache project.
4. Scaling your existing application with Ehcache, Terracotta OSS
5. Advance caching techniques for scaling using Terracotta BigMemory
6. Customer use cases where caching was mission critical
The Performance Engineer's Guide To HotSpot Just-in-Time CompilationMonica Beckwith
Adaptive compilation and runtime in the OpenJDK Hotspot VM offers significant performance enhancements for our tools and applications in Java and other JVM languages. Understanding how it works provides developers with critical information on the Java HotSpot JIT compilation and runtime techniques such as vectorization, compressed OOPs etc., to assist in understanding performance for both client and server applications. We will focus on the internals of OpenJDK 8, the reference implementation for Java SE 8.
A Year in Google - Percona Live Europe 2018Carmen Mason
Taking existing infrastructure to Google Cloud has been a challenge, and our tiny team did it at breakneck speed. We survived that move and have the scars to prove it. We'll review how we got there, and the challenges that we've faced now that we're out of the datacenter. In this lecture, we will talk about the decisions that we've made for our high availability, DR solution, and database hosting.
* CloudSQL vs. Self-managed instance
* IOPS limitations
* ProxySQL
* Both bacon saving and issues that we've had with it.
* IP Aliases
* DR solution
Drupal commerce performance profiling and tunning using loadstorm experiments...Andy Kucharski
Drupal commerce performance profiling by load testing a the kickstarter drupal commerce site on an AWS instance and comparing how the site performa after several well known performance tuning enhancements are applied. We try to compare performance improvements after druapl cache, aggregation, varnish, and nginx reverse proxy.
This presentation was first given at Drupal Mid Camp in Chicago. We used loadstorm and new relic to analyze results.
Simpler, faster, cheaper Enterprise Apps using only Spring Boot on GCPDaniel Zivkovic
Enterprises traditionally think of App Platforms as PCF (Pivotal Cloud Foundry) or Red Hat OpenShift. In reality, public Clouds have evolved into Application Platforms - especially when using Managed Services & Serverless.
• If you are an IT Executive under increased pressure to cut costs, see how better Technology Stack choices – not layoffs or pay cuts, can reduce IT costs + increase business agility (while avoiding vendor lock-in):
• If you are a Developer lost in the sea of the Cloud Computing choices, watch Ray Tsang (Java Champion from GCP) live-code, and you will walk away Cloud-Native :)
See how to stop cannibalization of IT by deploying your good ol' Java Spring Boot Apps directly to Google Cloud Platform - no Servers/PCF/OpenShift/Kubernetes to manage, nor to limit your creativity: https://youtu.be/2B0wWagE0dc
P.S. For more forward-looking Software Developerment topics, join ServerlessToronto.org Meetups, and if you have any questions about the Architectural Patterns discussed, reach out to me to chat.
The average investment to meet cloud compliance obligations is $250,000 per year, and the fees for not complying can be as much as $100,000 a month. So while the investment is worthwhile, many companies are unable to achieve such standards due mainly to budget constraints and a lack of expertise.
Tricia Pattee, VP of Product at HOSTING, Brandon Bennett, VP of Customer Success at Allgress, and Jeff Bennett, CEO of Allgress will discuss the following:
•Public cloud (AWS and Azure) compliance considerations
•Compliance standards and common industry trends
•SecComp cloud best practices
•Factors that contribute to a Compliance Crisis
Check out the accompanying webinar on BrightTalk at: http://bit.ly/2ssFlZc
SQL Server 2016: Just a Few of Our DBA's Favorite ThingsHostway|HOSTING
Join Rodney Landrum, Senior DBA Consultant for Ntirety, a division of HOSTING, as he demonstrates his favorite new features of the latest Microsoft SQL Server 2016 Service Pack 1.
During the accompanying webinar and slides, Rodney will touch on the following:
• A demo of his favorite new features in SQL Server 2016 and SP1 including:
o Query Store
o Database Cloning
o Dynamic Data Masking
o Create or Alter
• A review of Enterprise features that are now available in standard edition
• New information in Dynamic Management Views and SQL Error Log that will make your DBAs job easier.
KPIs: Aligning Your IT and Business ObjectivesHostway|HOSTING
At HOSTING, we understand the importance of setting up success criteria (KPIs) to measure your IT team’s impact (value) in direct partnership with the business. This slideshow which accompanies a live webinar will discuss common problem areas that companies experience when trying to align their IT teams and business departments.
No company is safe from a Ransomware attack (malicious forms of software programmed to steal company data and hold it for "ransom"). However, technology has allowed us to mitigate these attacks by implementing proper recovery systems that can ensure that cyber criminals will never see a dime from your business.
"Cyberhunting" actively looks for signs of compromise within an organization and seeks to control and minimize the overall damage. These rare, but essential, breed of enterprise cyber defenders give proactive security a whole new meaning.
Check out the accompanying webinar: http://www.hosting.com/resources/webinars/?commid=228353
With the widespread use of connected devices, hackers have configured new ways to access your smartphones and laptops, even without you knowing. The Pineapple is a router that stages a fake WIFI access point, compromising the security of any smart device that unknowingly connects to it. During the accompanying webinar, Johan Hybinette, CISO at HOSTING, goes over the following discussion points:
- The technical makeup of the pineapple router
- How the Pineapple hacks into connected devices
- What personal information is at the most risk
- What you can do to protect yourself from this malicious form of identity theft
5 Cloud Migration Experiences Not to Be RepeatedHostway|HOSTING
As a project manager at HOSTING, Kellen Amobi has assisted in many customer data migrations over the years. Kellen shares the top five migration mistakes that companies have made in the past and what experience has taught her about resolving the issues quickly, including:
-Developing realistic project scopes
-Managing timelines
-Avoiding security risks
Caveat Emptor: 10 Questions to Ask a Managed Service Provider Before You SignHostway|HOSTING
Key topics that need to be discussed when partnering with a cloud service provider, including:
-Architecture of cloud-based environments
-Interacting with IT teams
-Compliance
-Migration and Project Management
-Evaluating the customer experience
Join Catherine Roy, Director of PMO at HOSTING, and Kellen Amobi, Project Manager at HOSTING, on June 23 at 3 pm EST for Cloud Migration: Tales from the Trenches – an interactive webinar, in which they will discuss:
-Developing scopes and deadlines for complex projects
-Developing realistic schedules
-How to approach and define problems for c-level and team members
Protecting Against Disaster: Plan for the Inevitable Before it HappensHostway|HOSTING
Brian Frank, Sr. Manager of Technical Delivery at HOSTING, and Melissa Schultz, Project Manager at HOSTING, will be discussing why your organization needs to invest in disaster recovery solutions and how to do it. He will cover:
-DR and business continuity
-Key considerations for business continuity
-Preparing for disasters
-DR testing
-How to implement your DR plan and run book
Don’t Get Caught with An Out of Support MS SQL Server…Hostway|HOSTING
Extended support for SQL Server 2005 ends on April 12, 2016.
This means that if you are still running SQL Server 2005 after April 12, 2016, you will no longer receive security updates. Now is the time to upgrade to SQL Server 2014 and Azure SQL Database to achieve breakthrough performance, maintain security and compliance, and optimize your data platform infrastructure.
Join Rodney Landrum, Senior SQL Server Consultant and Microsoft MVP and Michael McCracken, HOSTING Director of Advanced Solutions, as they discuss key benefits to moving to a SQL Server 2014 and key considerations to take into account when migrating your databases.
Secure media content delivery and consumption is rapidly changing. Today's producers need a platform to securely deliver their media and understand how their customers consume it. Join me, Michael McCracken, Director of Professional Services at HOSTING, Bradley Brown, Founder and President at Intelivideo, and William Krasner, Sales & Business Development at Intelivideo Thursday, February 18th at 3:00pm ET for Content Delivery in an On-Demand Age -- an interactive, one-hour live discussion where we will answer questions like:
•How are your customers consuming media?
•What devices do they watch it on?
•How long do they stick around?
•Are they streaming the content or downloading and watching it later?
•How is the content protected?
High Performance Security: Mitigating DDoS Attacks Without Losing Your EdgeHostway|HOSTING
Join Andy Schroepfer, Chief Strategy Officer at HOSTING, John Cully, Director of Marketing at Exceda, Alex Soares, Integration & Customer Services at Exceda, and Fernando Alves, Akamai Pre & Post Sales at Exceda, for an interactive, one-hour live discussion about how to prepare for — and protect yourself against — distributed denial-of-service (DDoS) attacks.
Key discussion points include:
•2016 DDoS Outlook—are you a target?
•What DDoS costs victims—and perpetrators
•Protection vs mitigation
•Using a CDN as first-line DDoS protection
•Balancing performance with security
•Creating a DDoS action plan
Finding Success with Managed Services in the Azure EnvironmentHostway|HOSTING
Join Microsoft Chief Strategist James Staten and HOSTING VP of Product Sean Bruton for this eye-opening exploration into – and discussion about – the successful union of Azure with managed services to optimize your cloud (and business) performance.
DR in the Cloud: Finding the Right Tool for the JobHostway|HOSTING
VM replication technologies like SRM or Zerto aren’t always the best way to replicate and protect all workloads. For example, most databases have native replication that’s more context-sensitive than hypervisor-based block-level replication. Join me, Darrell Hyde, HOSTING CTO, on November 12, 2015 for DR in the Cloud: Finding the Right Tool for the Job – an interactive webinar where I’ll discuss:
•Common use cases
•Different approaches to DR
•Pros and cons of each approach
Learn how to take control of your data by using advanced encryption, centralized key management and cutting edge access controls and policies. In this session, Imam Sheikh, Dir. Product Management at Vormetric, and Tricia Pattee, HOSTING Product Manager will discuss how to proactively address PCI Compliance in the cloud, protect intellectual property and comply with data privacy and system integrity regulations. Join this informative webinar to learn about HOSTING and Vormetric data encryption security solutions and best practices that have helped leading Fortune 500 businesses protect their sensitive data across their private, public and hybrid cloud environments!
What you'll learn:
• How data encryption helps prevent data breaches
• How to address PCI compliance requirements in the cloud
• How to safeguard cardholder information that is stored in a variety of different databases and versions
• The HOSTING and Vormetric approach to securing data in motion and at rest
Understanding Your Cloud Service Provider’s BAAHostway|HOSTING
Healthcare organizations cite “willingness to sign a BAA” as their top consideration when evaluating cloud service providers (CSPs). But what are you really signing up for when you execute your CSP’s BAA? Are you getting the protection your organization needs? Steve Yoost, General Counsel of HOSTING, discusses how to ensure your BAA safeguards your PHI and meets your HIPAA compliance needs.
Cloud security expert Tricia Pattee discusses where to get the most bang for your security buck. Topics covered include:
-The five most common security mistakes
-Top six areas of security spend
-How to maximize budget – and minimize risk
-Hidden cloud security costs
Azure makes substantial infrastructure capabilities available to you with just a click of a mouse, but this isn't the virtualization stack you are used to. HOSTING VP of Product Sean Brunton, will discuss the gotchas and nuances of the current Azure compute services to help you find success for production applications on Azure
Joel Daly, Founder and EVP of Sales of HOSTING discusses ways in which healthcare CIOs can leverage new business models to realize increased technology efficiencies, enable information-driven decisions and improve patient service.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
2. Housekeeping
• This webinar is being recorded and an on-demand
version will be available at the same URL at the
conclusion of the webinar
• Please submit questions via the button on the upper
left of your viewing panel
• If we don’t get to your question during the webinar,
we will follow up with you via email
• View related resources via the “Attachments”
button in your viewing panel
• On Twitter? Join the conversation: #ColdFusion,
@HOSTINGdotcom
3. We are Webapper
• Co-founded in 2001 by two former
members of Allaire Consulting
Services
• Speakers today:
• Patrick Quinn: Co-Founder, CTO of
Webapper
• Mike McCracken: Director, Professional
Services for HOSTING
9. ‘Splain the session title, please?
• Indy 500
o World’s largest auto race
o We’ve been tuning it @ HOSTING for 5
years
• And, well, ColdFusion is fast!
10. Results
• 50 r/s X 8 ColdFusion servers (at peak)
• Cloud scaling
• Zero bottlenecks (literally)
• Zero slowdowns
• Active/passive data tier (SQL Server)
11. The Webapper Way
• How to tune/troubleshoot a
ColdFusion server
o Empirical
o ~ 5 different data sets (logs, memory/thread
profiling, monitoring tools)
• PASS
• How to prioritize “TNT” problems
12. Today
• Good general settings for ColdFusion
o Memory and thread settings
o The ColdFusion connector!
• Q&A
25. Recommended Thread Settings
• workers.properties:
worker.{instance}.max_reuse_connections=500
worker.{instance}.connection_pool_size=500
worker.{instance}.connection_pool_timeout=60
(Notes: connection_pool_timeout is in seconds;
must be the same as server.xml's connectionTimeout)
Reference: http://blogs.coldfusion.com/post.cfm/tuning-coldfusion-
10-iis-connector-configuration
30. New SOTA ColdFusion Cloud Hosting
• Automatically optimized
• Automatically load-balanced
• Automatically redundant
• Automatically monitored
• Automatic data tier clustering
31. Contact Us
• via Twitter: @IamSigmund
• via Email: patrick@webapper.com
• HOSTING.com Customers:
hosting@webapper.com
• www.coldfusionsupport.net
www.webapper.com
www.seefusion.com
32. Michael McCracken | HOSTING Director, Professional Services
Patrick Quinn | Webapper President and CTO
32
For more information about solutions from HOSTING and Webapper,
please contact us at +1 888 894 4678.
Q&A
Editor's Notes
ACS = world’s first ColdFusion consultancy? ~40 of us in the field as an extension of engineering team.
“PE” (performance engineering services) are our flagship offering (founded in 2001). PE = a continuation of ACS offerings.
Note about this talk: This webinar is a variation on a talk we originally delivered at the ColdFusion Summit in Las Vegas in Oct. 2014.
Apologies to Steve Jobs, but…
...biggest news from Webapper of late is our formal moved into managed services cloud hosting. Still finalizing w/ HOSTING. Coming soon!
More on this later in the presentation.
But, if you’re a HOSTING customer, you get us automatically! We’re the exclusive ColdFusion platform support partner for all HOSTING customers.
We’ve seen a lot of ColdFusion. We know it’s incredibly fast and stable, when you do things the right way.
Our TNT work is very empirical - we typically look at ~5 different data sets when tuning/troubleshooting a server.
We don’t just apply generic settings every time. The settings end up being similar, often, but always based on app- and server-specific data.
Today, however, we’ll try to share some good general settings, averaged over hundreds of engagements and thousands of ColdFusion servers.
-Xms4096m -Xmx4096m - This increases the overall heap size to 6GB and added a start size of the same size.
-XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintHeapAtGC -verbose:gc -Xloggc:webapperGC219.log - These enable verbose GC logging.
-XX:NewRatio=4 -XX:SurvivorRatio=8 - These are added to increase the size of the Young Generation and to relate its size to the overall heap, which will help to reduce the number of shortlived objects getting move to the Old/Tenured generation too soon.
-XX:+UseCompressedOops - This relates directly to Java running on 64 bit systems.
-Xss256k - This resizes the default thread size down to 256k per thread which is typically more efficient in our experience.
-XX:+CMSClassUnloadingEnabled - Use this if you see this entry in your logs, as it indicates suboptimal performance of your existing settings: "Please use CMSClassUnloadingEnabled in place of CMSPermGenSweepingEnabled in the future."
-XX:+UseParNewGC - This changes the Young Generation collector to one more suited to work with the CMS collector.
-XX:+DisableExplicitGC - This will prevent any unnecessary Full GC's from occurring.
-XX:+CMSScavengeBeforeRemark -XX:CMSInitiatingOccupancyFraction=68 -XX:CMSFullGCsBeforeCompaction=1 - These are all enhancements used over the past 2-3 years by our team for 64-bit systems and developed from a lot of analysis and load testing. XX:+UseCMSInitiatingOccupancyOnly and XX:CMSInitiatingOccupancyFraction=68 are typically used together and are used to start the concurrent collection earlier; in this case the collection will start when the Old/Tenured’s heap size reaches 68% used. This should reduce the number of Full GC's. -XX:+CMSScavengeBeforeRemark will force a collection of the New/Young space prior to a CMS remark as this should reduce its size and thereby the time spent in remark.
-XX:+UseConcMarkSweepGC - This changed the garbage collector from the parallel collector to concurrent mark sweep or CMS collector which is better for 64-bit systems.
-XX:PermSize=192m -XX:MaxPermSize=256m - The permanent generation is where ColdFusion stores its classes; we often observe that this space is getting used up quickly, so we add a start size and increase maximum size also.
At Webapper, we have a service that we call The ColdFusion TNT which stands for Tuning and Troubleshooting… and we have a 55-point checklist where we check various settings in the operating system, in the web server and the application server
These are primarily checks for performance and security
For example, we check what ports are open via nmap, and also simple things like hard drive free space
We once had a server go down and we were checking different things, we were pinging it, memory was ok, we can RDP into it and we were checking if the CF and webserver services were up, so what’s going on? it turns out that there’s no more drive space! (Nasty performance bottleneck!)
For IIS, we check things like compression and application pool recycling settings
Also comb through CF Admin optimizations
Thread optimization is a crucial performance aspect of your servers.
To optimize thread settings, there are 3 areas that all work together, 3 areas or POOLS, and are controlled by different things.
First is tomcat’s server xml file…
this is located under each of your instance’s /runtime/conf directory…
so if you have an instance called instance01, it would be under C:\ColdFusion10\instance01\runtime\conf\
this is the tomcat thread pool allotment for the web connector…
there’s also an executor maxthreads setting, and we also set that to the same one, but not for the internal webserver, but for the catalina executor
this is the workers.properties file, which controls the thread pool for IIS.
This is specific to a web connection…
but this file is under the C:\ColdFusion10\config\wsconfig directory then you would see multiple numbered directories under there, depending on how many websites you have connected to ColdFusion
All these settings are referenced in that adobe blogpost
This is CFAdmin’s thread settings, located under Server Settings > Request Tuning.
The way we do it, we can run load tests against the application
and optimize and tune these settings,
or we analyze thread metrics whether via metrics logging, SeeFusion DB logging or FusionReactor logging,
but we analyze the threads and for example
if we see that the max you can get is 50 and you have thread starvation, we raise that limit.
Or if we see that you are already at 250, and your max is 110, then we lower that to 125, just so that we can put those resources back into the stack
but if you don’t have that luxury, just raise the defaults by a factor of 5 or 10
So with the server.xml file, I’ve seen maxThreads where if you change it, it changes the setting in CFAdmin too.
it’s also known as the wsconfig tool… who uses the web server connector…
that’s great… most people during installation would just configure ALL sites to use CF, please don’t do that. Use the webconnector post-installation of ColdFusion
one rule of thumb, please run it as ADMINISTRATOR, even if you are logged in as Administrator
if you are using multiple instances, you HAVE to use the individual directory’s connector
also if you are using clustered instances, you use the webconnector to connect to whatever instance or cluster you want
I mentioned that during installation of CF, to not configure the webserver but to use the connector after installation.
When you do use it, do not use ALL…
do create connections for each website, just so that you have different connector pool settings,
but you do have to aggregate those swimming pool settings into the server.xml…
Here’s a PROTIP… For trouble shooting why CF is not working with your webserver (IIS, Apache), do this...
just click on ADVANCED here and enable VERBOSE LOGGING and you can also set some thread settings there
so now I turn you over back to the everlovable future President of the US 2024, PAT QUINN
Automatically optimized: We of course would create a "gold image" ColdFusion server, with our "Webapper Way" tuning optimizations, and use that as the starting point for new hosting setups.
Automatically load-balanced: In other words, your app/site/stuff automatically runs on multiple servers, and is load balanced.
Automatically redundant: This is the cloud era's version of backups, but, it can and should be smarter, like taking full images as backups, and also making sure any storage media/drives are always redundant, too.
Automatically monitored: A hosting system should be monitoring key metrics, and should auto-failover (using the backups and other redundancies) if problems arise.
Automatic data tier clustering: There's a database services partner to help with/manage this piece.
All of this will be delivered as virtual servers running on top of HOSTING.com’s cloud platform. Our goal is for this to be “point and click easy” to purchase and use.