What Questions Do Programmers Ask About Configuration as Code?

•Download as PPTX, PDF•

0 likes•275 views

Presented at RCoSE2018. Summary: When working with tools like Puppet, programmers ask a lot of questions related to syntax, feasibility, and security. Despite advancements in Puppet, some fundamental challenges such as feasibility, installation, and security persist. Preprint: https://akondrahman.github.io/papers/rcose2018_cac.pdf.

Data & Analytics

What Questions Do Programmers Ask
About Configuration as Code?
Akond Rahman, Asif Partho, Patrick
Morrison, and Laurie Williams
aarahman@ncsu.edu
https://akondrahman.github.io/

Definition: Continuous Deployment
2
Continuous
Integration
Integrate software
changes regularly
Continuous
Deployment
Integrate software
changes regularly
Automatically
deploy software
changes rapidly

Motivation: Configuration as Code (CaC)
3
Ansible Chef Puppet

Definition: Configuration as Code (CaC)
4
…
…
Use of CaC

Objective
• To help current and potential configuration as
code (CaC) adoptees in identifying the
challenges related to CaC through an analysis
of questions asked by programmers on a major
question and answer website.
5

Research Questions
• RQ1: What questions do programmers ask about
configuration as code?
• RQ2: How many answers do configuration as code
(CaC)-related question categories yield? How many
questions with unsatisfactory answers do CaC-related
question categories yield?
• RQ3: How many views do question categories related to
configuration as code yield?
• RQ4: What temporal trends do the question categories
related to configuration as code exhibit?

Methodology
Stack Overflow
Dataset
Identify
Tags
Extract
Content
Card
Sorting
Empirical
Analysis

Answer to RQ1: What questions do
programmers ask about configuration as code?
• Syntax error
• Provisioning
• Feasibility
• Installation
• Filesystem
• Security
• Data Separation
• Troubleshooting
• Network
• Environment Variables
• Testing
• Template
• Dependencies
• Database
• Resource Ordering
• Daemon Services

Answer to RQ2: How many answers do
configuration as code-related question
categories yield?
• Min: 1.0 (Network and Security), Max: 1.4 (Template)
• Top three categories
– Template (1.4)
– Resource Ordering (1.3)
– Feasibility (1.3)

Answer to RQ2: How many questions with
unsatisfactory answers do configuration as
code related question categories yield?
• Min 34.2% (Template), Max: 61.7% (Installation)
• Top three categories
– Installation (61.8%)
– Security (59.3%)
– Data Separation (56.0%)

Answer to RQ3: How many views do question
categories related to configuration as code yield?
• Min: 569.3 (Daemon Services), Max: 2558.0 (Template)
• Top Three Categories
– Template (2558.0)
– Security (1546.0)
– Provisioning (1356.1)

Answer to RQ4: What temporal trends do the
question categories related to configuration as
code exhibit?

Answer to RQ4: What temporal trends do the
question categories related to configuration as
code exhibit?
Increasing Decreasing Consistent
Syntax Error Feasibility Provisioning
Installation Filesystem
Data Separation Security
Network Troubleshooting
Environment
Variables
Template
Testing Database
Dependencies Resource Ordering
Daemon Services

Limitations
• Selection of Q&A website
• Selection of CaC tools
• Bias in identifying question categories

Implications
• Specialized IDEs for CaC
– Syntax, dependencies, clarification on tutorials
• Training in CaC
– Equip programmers with CaC-specific knowledge:
security, provisioning, and network
• Future research
– Why programmers face challenges
– Connection between questions and code quality

Summary
aarahman@ncsu.edu
akondrahman
https://akondrahman.github.io/
Contact
Answer to RQ4: What temporal trends do the
question categories related to configuration as
code exhibit?
Answer to RQ1: What questions do
programmers ask about configuration as code?
• Syntax error
• Provisioning
• Feasibility
• Installation
• Filesystem
• Security
• Data Separation
• Troubleshooting
• Network
• Environment Variables
• Testing
• Template
• Dependencies
• Database
• Resource Ordering
• Daemon Services
Motivation: Configuration as Code (CaC)
3
Ansible Chef Puppet

Background
case $::operatingsystem {
‘CentOS’: {
exec { "install iptables":
command => "/bin/yum install iptables -y",
creates => "/sbin/iptables";
}
}
default: {
fail("cannot install on $::operatingsystem")
}
}
https://puppet.com/company/press-room/media-kit 18

Defects in infrastructure as code (IaC) scripts can have serious consequences for organizations who adopt DevOps. By identifying which characteristics of IaC scripts correlate with defects, we can identify anti-patterns, and help software practitioners make informed decisions on better development and maintenance of IaC scripts, and increase quality of IaC scripts. The goal of this paper is to help practitioners increase the quality of IaC scripts by identifying characteristics of IaC scripts and IaC development process that correlate with defects, and violate security and privacy objectives. We focus on characteristics of IaC scripts and IaC development that (i) correlate with IaC defects, and (ii) violate security and privacy-related objectives namely, confidentiality, availability, and integrity. For our initial studies, we mined open source version control systems from three organizations: Mozilla, Openstack, and Wikimedia, to identify the defect-related characteristics and conduct our case studies. From our empirical analysis, we identify (i) 14 IaC code and four churn characteristics that correlate with defects; and (ii) 12 process characteristics such as, frequency of changes, and ownership of IaC scripts that correlate with defects.

Source Code Properties of Defective Infrastructure as Code Scripts

Akond Rahman

Characterizing Defective Configuration Scripts Used for Continuous Deployment

Akond Rahman

The Intersection of Security and DevOps

Alert Logic

BlueHat v18 || Dep for the app layer - time for app sec to grow up

BlueHat Security Conference

Arshan Dabirsiaghi, Contrast Security Matt Austin, Contrast Security Nothing in the security industry has moved the needle like Data Execution Prevention and it's sister protections like ASLR. The availability of secure APIs, the training of developers around the world, and the efforts of security practitioners all produced practically nothing compared to the practical gains produced by DEP, ASLR and other "automatic" protections provided by the tool chain and OS itself. Where is the equivalent in the Application Layer? Can we use these same techniques and approaches to stop SQL Injection and Deserialization attacks? Can we give developers a "secure stack by default" for any application? In this talk we'll show you the promising results of our research into this space using binary instrumentation, including the release of free tools that developers can use to protect their applications today from several bug classes, instantly, and without any code changes.

Integrate Security into DevOps - SecDevOps

Ulf Mattsson

1.Security Controls Must Be Programmable and Automated Wherever Possible 2.Implement a Simple Risk and Threat Model for All Applications 3.Scan Custom Code, Applications and APIs 4.Scan for OSS Issues in Development 5.Treat Scripts/Recipes/Templates/Layers as Sensitive Code 6.Measure System Integrity and Ensure Correct Configuration at Load 7.Use Whitelisting on Production Systems, Including Container-Based Implementations 8.Assume Compromise; Monitor Everything; Architect for Rapid Detection and Response 9.Lock Down Production Infrastructure and Services 10.Tokenization and Payment Processing

The adoption of container native and cloud native development practices presents new operational challenges. Today’s microservice environments are polyglot, distributed, container-based, highly-scalable, and ephemeral. To understand your system, you need to be able to follow the life of a request across numerous components distributed in multiple environments. Without the proper tools it can feel impossible to determine a root cause of an issue. This requires a new approach to operations. We will review a series of open source observability tools for logging, monitoring, and tracing to help developers achieve operational excellence for running container-based workloads.

Open source cloud native security with threat mapper

LibbySchulze

The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...

WhiteSource

You Build It, You Secure It: Introduction to DevSecOps

Sumo Logic

Object Broker Infrastructure for Wide Area Networks

Vaidas Brundza

Automating Open Source Security: A SANS Review of WhiteSource

WhiteSource

End-to-End Security Analytics with the Elastic Stack

Elasticsearch

WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...

WhiteSource

Automate Your Container Deployments Securely

DevOps.com

Operations seeking to make their apps and APIs both performant and available to their users must bake effective application security tooling into their processes and infrastructure configurations. How can development and operations teams release at increasing velocity with app protection built into their CI/CD pipeline? A true next-generation, holistic web application and API protection platform does just that: operations teams can integrate security into their workflows and ensure new infrastructure and app code released to production is both effective and secure in any environment from cloud using containers to datacenters to a hybrid of these. Join application security expert Aneel Dadani from Signal Sciences to learn how your team can automate, deploy at scale safely while gaining layer 7 visibility in production environments. Attendees will learn: What constitutes effective application security within the context of cloud adoption and an ever expanding threat landscape How development teams can gain visibility into how their apps and APIs are being used in production and what vulnerabilities may exist that they overlooked How DevOps teams can scale their application footprint to meet demand while securing your codebase in production How to inspect request traffic at the API gateway or the ingress

Combining Logs, Metrics, and Traces for Unified Observability

Elasticsearch

BlueHat v18 || Improving security posture through increased agility with meas...

BlueHat Security Conference

David Hurley, Microsoft Bryan Jeffrey, Microsoft Naveed Ahmad, Microsoft Speed Kills. If you cannot detect and remediate the attacker before they have achieved their objective, you lose. The sooner you detect your attacker along the kill chain, the better your chance to disrupt and thwart attacks. The M365 Vanquish system leverages open source technologies like Spark on Azure HDI clusters and Siphon/Kafka to deliver detections and alerts in minutes at scale for M365. Signals are generated from an on-box agent, HostIDS (developed by ODSP Protect), as well as Windows security events which are sent to Vanquish for processing in the cloud. Detection processing is not tightly coupled to workload service resources. Implementation of new detections is not tied to the deployment of workload services they are monitoring. This removes the risk of changes in security detection processing impacting production services and allows increased agility in detection creation, processing and deployment. We’ll show examples from the ‘Red October’ pen test of how this agility allows incident specific detections to be created, deployed, and delivering results as an incident is in progress. Additionally, enabling M365 wide IOC (Indicator of Compromise) detections can be added in seconds. We’ll show recent pen test examples of how adding incident specific command and control IPs can provide scope and insight into attacker movement. Dynamic signal filtering capabilities across all of M365 can be added in seconds to allow focus. Another key factor in enabling agility is being able to validate quickly that changes to the system work as intended. With usage of Attackbot (the M365 Red Team attack generation tool), Vanquish continuously measures detection effectiveness across M365 services with automated real attack signal allowing us to validate that detections continue to work. By measuring rather than attesting to effectiveness, you can to quickly identify regressions when they occasionally happen and have confidence that your detections are up and working. Agility is also a key factor in our machine learning based detections. M365 Vanquish has model training and promotion fully automated. Training and promotion of new models happens constantly, with measurements of effectiveness detecting AttackBot and historical attacks gatekeeping the promotion of new models. By automating this process end to end, we have confidence that we are always armed with the best possible models. Signals are evaluated and scored in real time against the most recent model. This enables high fidelity, low latency urgent alerting within minutes of attacker activity. We’ll show you examples of pen test activity that produced urgent alerts within minutes! By designing detection systems that ensure agility with measurable effectiveness, you can improve your security posture with confidence that is not misplaced.

Why should developers care about container security?

Eric Smalling

Automate threat detections and avoid false positives

Elasticsearch

Get full visibility and find hidden security issues

Elasticsearch

Automatize a detecção de ameaças e evite falsos positivos

Elasticsearch

Just-in-time Detection of Protection-Impacting Changes on WordPress and Media...

Amine Barrak

DSAPA.pdf

Luis Pena

What's hot

WhiteSource Webinar What's New With WhiteSource in December 2018

WhiteSource

The Intersection of Security & DevOps

Alert Logic

2019 04-04-dev secops-software supply chain_fst-2

Cameron Townshend

Application Security Logging with Splunk using Java

Robert Grupe, CSSLP CISSP PE PMP

Find Out What's New With WhiteSource May 2018- A WhiteSource Webinar

WhiteSource

ADDO Open Source Observability Tools

Mickey Boxell

Open source cloud native security with threat mapper

LibbySchulze

The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...

WhiteSource

You Build It, You Secure It: Introduction to DevSecOps

Sumo Logic

Object Broker Infrastructure for Wide Area Networks

Vaidas Brundza

Automating Open Source Security: A SANS Review of WhiteSource

WhiteSource

End-to-End Security Analytics with the Elastic Stack

Elasticsearch

WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...

WhiteSource

Automate Your Container Deployments Securely

DevOps.com

Combining Logs, Metrics, and Traces for Unified Observability

Elasticsearch

BlueHat v18 || Improving security posture through increased agility with meas...

BlueHat Security Conference

Why should developers care about container security?

Eric Smalling

Automate threat detections and avoid false positives

Elasticsearch

Get full visibility and find hidden security issues

Elasticsearch

Automatize a detecção de ameaças e evite falsos positivos

Elasticsearch

What's hot (20)

WhiteSource Webinar What's New With WhiteSource in December 2018

The Intersection of Security & DevOps

2019 04-04-dev secops-software supply chain_fst-2

Application Security Logging with Splunk using Java

Find Out What's New With WhiteSource May 2018- A WhiteSource Webinar

ADDO Open Source Observability Tools

Open source cloud native security with threat mapper

The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...

You Build It, You Secure It: Introduction to DevSecOps

Object Broker Infrastructure for Wide Area Networks

Automating Open Source Security: A SANS Review of WhiteSource

End-to-End Security Analytics with the Elastic Stack

WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...

Automate Your Container Deployments Securely

Combining Logs, Metrics, and Traces for Unified Observability

BlueHat v18 || Improving security posture through increased agility with meas...

Why should developers care about container security?

Automate threat detections and avoid false positives

Get full visibility and find hidden security issues

Automatize a detecção de ameaças e evite falsos positivos

Synthesizing Continuous Deployment Practices in Software Development

Recently uploaded

一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理

dwreak4tg

原版定制【微信:41543339】【(BCU毕业证书)伯明翰城市大学毕业证】【微信:41543339】成绩单、外壳、offer、留信学历认证（永久存档真实可查）采用学校原版纸张、特殊工艺完全按照原版一比一制作（包括：隐形水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠，文字图案浮雕，激光镭射，紫外荧光，温感，复印防伪）行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备，十五年致力于帮助留学生解决难题，业务范围有加拿大、英国、澳洲、韩国、美国、新加坡，新西兰等学历材料，包您满意。【我们承诺采用的是学校原版纸张（纸质、底色、纹路），我们拥有全套进口原装设备，特殊工艺都是采用不同机器制作，仿真度基本可以达到100%，所有工艺效果都可提前给客户展示，不满意可以根据客户要求进行调整，直到满意为止！】【业务选择办理准则】一、工作未确定，回国需先给父母、亲戚朋友看下文凭的情况，办理一份就读学校的毕业证【微信41543339】文凭即可二、回国进私企、外企、自己做生意的情况，这些单位是不查询毕业证真伪的，而且国内没有渠道去查询国外文凭的真假，也不需要提供真实教育部认证。鉴于此，办理一份毕业证【微信41543339】即可三、进国企，银行，事业单位，考公务员等等，这些单位是必需要提供真实教育部认证的，办理教育部认证所需资料众多且烦琐，所有材料您都必须提供原件，我们凭借丰富的经验，快捷的绿色通道帮您快速整合材料，让您少走弯路。留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才留信网服务项目： 1、留学生专业人才库服务（留信分析） 2、国（境）学习人员提供就业推荐信服务 3、留学人员区块链存储服务 → 【关于价格问题（保证一手价格）】我们所定的价格是非常合理的，而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子我给客户的都是第一手的代理价格，因为我想坦诚对待大家不想跟大家在价格方面浪费时间对于老客户或者被老客户介绍过来的朋友，我们都会适当给一些优惠。选择实体注册公司办理，更放心，更安全！我们的承诺：客户在留信官方认证查询网站查询到认证通过结果后付款，不成功不收费！

一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理

ahzuo

UIUC毕业证offer【微信95270640】☀《伊利诺伊大学|厄巴纳-香槟分校毕业证购买》GoogleQ微信95270640《UIUC毕业证模板办理》加拿大文凭、本科、硕士、研究生学历都可以做,二、业务范围： ★、全套服务：毕业证、成绩单、化学专业毕业证书伪造《伊利诺伊大学|厄巴纳-香槟分校大学毕业证》Q微信95270640《UIUC学位证书购买》 (诚招代理)办理国外高校毕业证成绩单文凭学位证,真实使馆公证（留学回国人员证明）真实留信网认证国外学历学位认证雅思代考国外学校代申请名校保录开请假条改GPA改成绩ID卡 1.高仿业务:【本科硕士】毕业证,成绩单（GPA修改）,学历认证（教育部认证）,大学Offer,,ID,留信认证,使馆认证,雅思,语言证书等高仿类证书； 2.认证服务: 学历认证（教育部认证）,大使馆认证（回国人员证明）,留信认证（可查有编号证书）,大学保录取,雅思保分成绩单。 3.技术服务：钢印水印烫金激光防伪凹凸版设计印刷激凸温感光标底纹镭射速度快。办理伊利诺伊大学|厄巴纳-香槟分校伊利诺伊大学|厄巴纳-香槟分校毕业证offer流程： 1客户提供办理信息：姓名生日专业学位毕业时间等（如信息不确定可以咨询顾问：我们有专业老师帮你查询）； 2开始安排制作毕业证成绩单电子图； 3毕业证成绩单电子版做好以后发送给您确认； 4毕业证成绩单电子版您确认信息无误之后安排制作成品； 5成品做好拍照或者视频给您确认； 6快递给客户（国内顺丰国外DHLUPS等快读邮寄） -办理真实使馆公证（即留学回国人员证明） -办理各国各大学文凭（世界名校一对一专业服务,可全程监控跟踪进度） -全套服务：毕业证成绩单真实使馆公证真实教育部认证。让您回国发展信心十足！（详情请加一下文凭顾问+微信:95270640）欢迎咨询！的鬼地方父亲的家在高楼最底屋最下面很矮很黑是很不显眼的地下室父亲的家安在别人脚底下须绕过高楼旁边的垃圾堆下八个台阶才到父亲的家很狭小除了一张单人床和一张小方桌几乎没有多余的空间山娃一下子就联想起学校的男小便处山娃很想笑却怎么也笑不出来山娃很迷惑父亲的家除了一扇小铁门连窗户也没有墓穴一般阴森森有些骇人父亲的城也便成了山娃的城父亲的家也便成了山娃的家父亲让山娃呆在屋里做作业看电视最多只能在门口透透气间

原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样

u86oixdj

学校原件一模一样【微信：741003700 】《(swinburne毕业证书)斯威本科技大学毕业证》【微信：741003700 】学位证，留信认证（真实可查，永久存档）原件一模一样纸张工艺/offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原。 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 【主营项目】一.毕业证【q微741003700】成绩单、使馆认证、教育部认证、雅思托福成绩单、学生卡等！二.真实使馆公证(即留学回国人员证明,不成功不收费) 三.真实教育部学历学位认证（教育部存档！教育部留服网站永久可查）四.办理各国各大学文凭(一对一专业服务,可全程监控跟踪进度) 如果您处于以下几种情况： ◇在校期间，因各种原因未能顺利毕业……拿不到官方毕业证【q/微741003700】 ◇面对父母的压力，希望尽快拿到； ◇不清楚认证流程以及材料该如何准备； ◇回国时间很长，忘记办理； ◇回国马上就要找工作，办给用人单位看； ◇企事业单位必须要求办理的 ◇需要报考公务员、购买免税车、落转户口 ◇申请留学生创业基金留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

一比一原版(UofS毕业证书)萨省大学毕业证如何办理

v3tuleee

原版定制【微信:41543339】【(UofS毕业证书)萨省大学毕业证】【微信:41543339】成绩单、外壳、offer、留信学历认证（永久存档真实可查）采用学校原版纸张、特殊工艺完全按照原版一比一制作（包括：隐形水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠，文字图案浮雕，激光镭射，紫外荧光，温感，复印防伪）行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备，十五年致力于帮助留学生解决难题，业务范围有加拿大、英国、澳洲、韩国、美国、新加坡，新西兰等学历材料，包您满意。【我们承诺采用的是学校原版纸张（纸质、底色、纹路），我们拥有全套进口原装设备，特殊工艺都是采用不同机器制作，仿真度基本可以达到100%，所有工艺效果都可提前给客户展示，不满意可以根据客户要求进行调整，直到满意为止！】【业务选择办理准则】一、工作未确定，回国需先给父母、亲戚朋友看下文凭的情况，办理一份就读学校的毕业证【微信41543339】文凭即可二、回国进私企、外企、自己做生意的情况，这些单位是不查询毕业证真伪的，而且国内没有渠道去查询国外文凭的真假，也不需要提供真实教育部认证。鉴于此，办理一份毕业证【微信41543339】即可三、进国企，银行，事业单位，考公务员等等，这些单位是必需要提供真实教育部认证的，办理教育部认证所需资料众多且烦琐，所有材料您都必须提供原件，我们凭借丰富的经验，快捷的绿色通道帮您快速整合材料，让您少走弯路。留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才留信网服务项目： 1、留学生专业人才库服务（留信分析） 2、国（境）学习人员提供就业推荐信服务 3、留学人员区块链存储服务 → 【关于价格问题（保证一手价格）】我们所定的价格是非常合理的，而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子我给客户的都是第一手的代理价格，因为我想坦诚对待大家不想跟大家在价格方面浪费时间对于老客户或者被老客户介绍过来的朋友，我们都会适当给一些优惠。选择实体注册公司办理，更放心，更安全！我们的承诺：客户在留信官方认证查询网站查询到认证通过结果后付款，不成功不收费！

Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...

John Andrews

SlideShare Description for "Chatty Kathy - UNC Bootcamp Final Project Presentation" Title: Chatty Kathy: Enhancing Physical Activity Among Older Adults Description: Discover how Chatty Kathy, an innovative project developed at the UNC Bootcamp, aims to tackle the challenge of low physical activity among older adults. Our AI-driven solution uses peer interaction to boost and sustain exercise levels, significantly improving health outcomes. This presentation covers our problem statement, the rationale behind Chatty Kathy, synthetic data and persona creation, model performance metrics, a visual demonstration of the project, and potential future developments. Join us for an insightful Q&A session to explore the potential of this groundbreaking project. Project Team: Jay Requarth, Jana Avery, John Andrews, Dr. Dick Davis II, Nee Buntoum, Nam Yeongjin & Mat Nicholas

Malana- Gimlet Market Analysis (Portfolio 2)

TravisMalana

Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...

Subhajit Sahu

Techniques to optimize the pagerank algorithm usually fall in two categories. One is to try reducing the work per iteration, and the other is to try reducing the number of iterations. These goals are often at odds with one another. Skipping computation on vertices which have already converged has the potential to save iteration time. Skipping in-identical vertices, with the same in-links, helps reduce duplicate computations and thus could help reduce iteration time. Road networks often have chains which can be short-circuited before pagerank computation to improve performance. Final ranks of chain nodes can be easily calculated. This could reduce both the iteration time, and the number of iterations. If a graph has no dangling nodes, pagerank of each strongly connected component can be computed in topological order. This could help reduce the iteration time, no. of iterations, and also enable multi-iteration concurrency in pagerank computation. The combination of all of the above methods is the STICD algorithm. [sticd] For dynamic graphs, unchanged components whose ranks are unaffected can be skipped altogether.

【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】

NABLAS株式会社

Adjusting OpenMP PageRank : SHORT REPORT / NOTES

Subhajit Sahu

For massive graphs that fit in RAM, but not in GPU memory, it is possible to take advantage of a shared memory system with multiple CPUs, each with multiple cores, to accelerate pagerank computation. If the NUMA architecture of the system is properly taken into account with good vertex partitioning, the speedup can be significant. To take steps in this direction, experiments are conducted to implement pagerank in OpenMP using two different approaches, uniform and hybrid. The uniform approach runs all primitives required for pagerank in OpenMP mode (with multiple threads). On the other hand, the hybrid approach runs certain primitives in sequential mode (i.e., sumAt, multiply).

一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理

74nqk8xf

毕业原版【微信:41543339】【(Coventry毕业证书)考文垂大学毕业证】【微信:41543339】成绩单、外壳、offer、留信学历认证（永久存档真实可查）采用学校原版纸张、特殊工艺完全按照原版一比一制作（包括：隐形水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠，文字图案浮雕，激光镭射，紫外荧光，温感，复印防伪）行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备，十五年致力于帮助留学生解决难题，业务范围有加拿大、英国、澳洲、韩国、美国、新加坡，新西兰等学历材料，包您满意。【我们承诺采用的是学校原版纸张（纸质、底色、纹路），我们拥有全套进口原装设备，特殊工艺都是采用不同机器制作，仿真度基本可以达到100%，所有工艺效果都可提前给客户展示，不满意可以根据客户要求进行调整，直到满意为止！】【业务选择办理准则】一、工作未确定，回国需先给父母、亲戚朋友看下文凭的情况，办理一份就读学校的毕业证【微信41543339】文凭即可二、回国进私企、外企、自己做生意的情况，这些单位是不查询毕业证真伪的，而且国内没有渠道去查询国外文凭的真假，也不需要提供真实教育部认证。鉴于此，办理一份毕业证【微信41543339】即可三、进国企，银行，事业单位，考公务员等等，这些单位是必需要提供真实教育部认证的，办理教育部认证所需资料众多且烦琐，所有材料您都必须提供原件，我们凭借丰富的经验，快捷的绿色通道帮您快速整合材料，让您少走弯路。留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才留信网服务项目： 1、留学生专业人才库服务（留信分析） 2、国（境）学习人员提供就业推荐信服务 3、留学人员区块链存储服务 → 【关于价格问题（保证一手价格）】我们所定的价格是非常合理的，而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子我给客户的都是第一手的代理价格，因为我想坦诚对待大家不想跟大家在价格方面浪费时间对于老客户或者被老客户介绍过来的朋友，我们都会适当给一些优惠。选择实体注册公司办理，更放心，更安全！我们的承诺：客户在留信官方认证查询网站查询到认证通过结果后付款，不成功不收费！

原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样

u86oixdj

学校原件一模一样【微信：741003700 】《(Deakin毕业证书)迪肯大学毕业证学位证》【微信：741003700 】学位证，留信认证（真实可查，永久存档）原件一模一样纸张工艺/offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原。 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 【主营项目】一.毕业证【q微741003700】成绩单、使馆认证、教育部认证、雅思托福成绩单、学生卡等！二.真实使馆公证(即留学回国人员证明,不成功不收费) 三.真实教育部学历学位认证（教育部存档！教育部留服网站永久可查）四.办理各国各大学文凭(一对一专业服务,可全程监控跟踪进度) 如果您处于以下几种情况： ◇在校期间，因各种原因未能顺利毕业……拿不到官方毕业证【q/微741003700】 ◇面对父母的压力，希望尽快拿到； ◇不清楚认证流程以及材料该如何准备； ◇回国时间很长，忘记办理； ◇回国马上就要找工作，办给用人单位看； ◇企事业单位必须要求办理的 ◇需要报考公务员、购买免税车、落转户口 ◇申请留学生创业基金留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

Criminal IP - Threat Hunting Webinar.pdf

Criminal IP

The affect of service quality and online reviews on customer loyalty in the E...

jerlynmaetalle

06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...

Timothy Spann

06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Data and AI Discussion on Vector Databases, Unstructured Data and AI https://www.meetup.com/unstructured-data-meetup-new-york/ This meetup is for people working in unstructured data. Speakers will come present about related topics such as vector databases, LLMs, and managing data at scale. The intended audience of this group includes roles like machine learning engineers, data scientists, data engineers, software engineers, and PMs.This meetup was formerly Milvus Meetup, and is sponsored by Zilliz maintainers of Milvus.

Everything you wanted to know about LIHTC

Roger Valdez

做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样

axoqas

原版定制【Q微信:741003700】《(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书》【Q微信:741003700】成绩单、雅思、外壳、留信学历认证永久存档查询，采用学校原版纸张、特殊工艺完全按照原版一比一制作（包括：隐形水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠，文字图案浮雕，激光镭射，紫外荧光，温感，复印防伪）行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备，十五年致力于帮助留学生解决难题，业务范围有加拿大、英国、澳洲、韩国、美国、新加坡，新西兰等学历材料，包您满意。【业务选择办理准则】一、工作未确定，回国需先给父母、亲戚朋友看下文凭的情况，办理一份就读学校的毕业证【Q微信741003700】文凭即可二、回国进私企、外企、自己做生意的情况，这些单位是不查询毕业证真伪的，而且国内没有渠道去查询国外文凭的真假，也不需要提供真实教育部认证。鉴于此，办理一份毕业证【微信741003700】即可三、进国企，银行，事业单位，考公务员等等，这些单位是必需要提供真实教育部认证的，办理教育部认证所需资料众多且烦琐，所有材料您都必须提供原件，我们凭借丰富的经验，快捷的绿色通道帮您快速整合材料，让您少走弯路。留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才【关于价格问题（保证一手价格）】我们所定的价格是非常合理的，而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子我给客户的都是第一手的代理价格，因为我想坦诚对待大家不想跟大家在价格方面浪费时间对于老客户或者被老客户介绍过来的朋友，我们都会适当给一些优惠。

一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理

oz8q3jxlp

原版定制【微信:41543339】【(Deakin毕业证书)迪肯大学毕业证】【微信:41543339】成绩单、外壳、offer、留信学历认证（永久存档真实可查）采用学校原版纸张、特殊工艺完全按照原版一比一制作（包括：隐形水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠，文字图案浮雕，激光镭射，紫外荧光，温感，复印防伪）行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备，十五年致力于帮助留学生解决难题，业务范围有加拿大、英国、澳洲、韩国、美国、新加坡，新西兰等学历材料，包您满意。【我们承诺采用的是学校原版纸张（纸质、底色、纹路），我们拥有全套进口原装设备，特殊工艺都是采用不同机器制作，仿真度基本可以达到100%，所有工艺效果都可提前给客户展示，不满意可以根据客户要求进行调整，直到满意为止！】【业务选择办理准则】一、工作未确定，回国需先给父母、亲戚朋友看下文凭的情况，办理一份就读学校的毕业证【微信41543339】文凭即可二、回国进私企、外企、自己做生意的情况，这些单位是不查询毕业证真伪的，而且国内没有渠道去查询国外文凭的真假，也不需要提供真实教育部认证。鉴于此，办理一份毕业证【微信41543339】即可三、进国企，银行，事业单位，考公务员等等，这些单位是必需要提供真实教育部认证的，办理教育部认证所需资料众多且烦琐，所有材料您都必须提供原件，我们凭借丰富的经验，快捷的绿色通道帮您快速整合材料，让您少走弯路。留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才留信网服务项目： 1、留学生专业人才库服务（留信分析） 2、国（境）学习人员提供就业推荐信服务 3、留学人员区块链存储服务 → 【关于价格问题（保证一手价格）】我们所定的价格是非常合理的，而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子我给客户的都是第一手的代理价格，因为我想坦诚对待大家不想跟大家在价格方面浪费时间对于老客户或者被老客户介绍过来的朋友，我们都会适当给一些优惠。选择实体注册公司办理，更放心，更安全！我们的承诺：客户在留信官方认证查询网站查询到认证通过结果后付款，不成功不收费！

The Building Blocks of QuestDB, a Time Series Database

javier ramirez

Talk Delivered at Valencia Codes Meetup 2024-06. Traditionally, databases have treated timestamps just as another data type. However, when performing real-time analytics, timestamps should be first class citizens and we need rich time semantics to get the most out of our data. We also need to deal with ever growing datasets while keeping performant, which is as fun as it sounds. It is no wonder time-series databases are now more popular than ever before. Join me in this session to learn about the internal architecture and building blocks of QuestDB, an open source time-series database designed for speed. We will also review a history of some of the changes we have gone over the past two years to deal with late and unordered data, non-blocking writes, read-replicas, or faster batch ingestion.

Adjusting primitives for graph : SHORT REPORT / NOTES

Subhajit Sahu

Graph algorithms, like PageRank Compressed Sparse Row (CSR) is an adjacency-list based graph representation that is Multiply with different modes (map) 1. Performance of sequential execution based vs OpenMP based vector multiply. 2. Comparing various launch configs for CUDA based vector multiply. Sum with different storage types (reduce) 1. Performance of vector element sum using float vs bfloat16 as the storage type. Sum with different modes (reduce) 1. Performance of sequential execution based vs OpenMP based vector element sum. 2. Performance of memcpy vs in-place based CUDA based vector element sum. 3. Comparing various launch configs for CUDA based vector element sum (memcpy). 4. Comparing various launch configs for CUDA based vector element sum (in-place). Sum with in-place strategies of CUDA mode (reduce) 1. Comparing various launch configs for CUDA based vector element sum (in-place).

Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...

Subhajit Sahu

Abstract — Levelwise PageRank is an alternative method of PageRank computation which decomposes the input graph into a directed acyclic block-graph of strongly connected components, and processes them in topological order, one level at a time. This enables calculation for ranks in a distributed fashion without per-iteration communication, unlike the standard method where all vertices are processed in each iteration. It however comes with a precondition of the absence of dead ends in the input graph. Here, the native non-distributed performance of Levelwise PageRank was compared against Monolithic PageRank on a CPU as well as a GPU. To ensure a fair comparison, Monolithic PageRank was also performed on a graph where vertices were split by components. Results indicate that Levelwise PageRank is about as fast as Monolithic PageRank on the CPU, but quite a bit slower on the GPU. Slowdown on the GPU is likely caused by a large submission of small workloads, and expected to be non-issue when the computation is performed on massive graphs.

Recently uploaded (20)

一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理

一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理

原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样

一比一原版(UofS毕业证书)萨省大学毕业证如何办理

Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...

Malana- Gimlet Market Analysis (Portfolio 2)

Algorithmic optimizations for Dynamic Levelwise PageRank (from STICD) : SHORT...

【社内勉強会資料_Octo: An Open-Source Generalist Robot Policy】

Adjusting OpenMP PageRank : SHORT REPORT / NOTES

一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理

原版制作(Deakin毕业证书)迪肯大学毕业证学位证一模一样

Criminal IP - Threat Hunting Webinar.pdf

The affect of service quality and online reviews on customer loyalty in the E...

06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...

Everything you wanted to know about LIHTC

做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样

一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理

The Building Blocks of QuestDB, a Time Series Database

Adjusting primitives for graph : SHORT REPORT / NOTES

Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...

What Questions Do Programmers Ask About Configuration as Code?

1. What Questions Do Programmers Ask About Configuration as Code? Akond Rahman, Asif Partho, Patrick Morrison, and Laurie Williams aarahman@ncsu.edu https://akondrahman.github.io/

2. Definition: Continuous Deployment 2 Continuous Integration Integrate software changes regularly Continuous Deployment Integrate software changes regularly Automatically deploy software changes rapidly

3. Motivation: Configuration as Code (CaC) 3 Ansible Chef Puppet

4. Definition: Configuration as Code (CaC) 4 … … Use of CaC

5. Objective • To help current and potential configuration as code (CaC) adoptees in identifying the challenges related to CaC through an analysis of questions asked by programmers on a major question and answer website. 5

6. Research Questions • RQ1: What questions do programmers ask about configuration as code? • RQ2: How many answers do configuration as code (CaC)-related question categories yield? How many questions with unsatisfactory answers do CaC-related question categories yield? • RQ3: How many views do question categories related to configuration as code yield? • RQ4: What temporal trends do the question categories related to configuration as code exhibit?

7. Methodology Stack Overflow Dataset Identify Tags Extract Content Card Sorting Empirical Analysis

8. Answer to RQ1: What questions do programmers ask about configuration as code? • Syntax error • Provisioning • Feasibility • Installation • Filesystem • Security • Data Separation • Troubleshooting • Network • Environment Variables • Testing • Template • Dependencies • Database • Resource Ordering • Daemon Services

9. Answer to RQ2: How many answers do configuration as code-related question categories yield? • Min: 1.0 (Network and Security), Max: 1.4 (Template) • Top three categories – Template (1.4) – Resource Ordering (1.3) – Feasibility (1.3)

10. Answer to RQ2: How many questions with unsatisfactory answers do configuration as code related question categories yield? • Min 34.2% (Template), Max: 61.7% (Installation) • Top three categories – Installation (61.8%) – Security (59.3%) – Data Separation (56.0%)

11. Answer to RQ3: How many views do question categories related to configuration as code yield? • Min: 569.3 (Daemon Services), Max: 2558.0 (Template) • Top Three Categories – Template (2558.0) – Security (1546.0) – Provisioning (1356.1)

12. Answer to RQ4: What temporal trends do the question categories related to configuration as code exhibit?

13. Answer to RQ4: What temporal trends do the question categories related to configuration as code exhibit? Increasing Decreasing Consistent Syntax Error Feasibility Provisioning Installation Filesystem Data Separation Security Network Troubleshooting Environment Variables Template Testing Database Dependencies Resource Ordering Daemon Services

14. Limitations • Selection of Q&A website • Selection of CaC tools • Bias in identifying question categories

15. Implications • Specialized IDEs for CaC – Syntax, dependencies, clarification on tutorials • Training in CaC – Equip programmers with CaC-specific knowledge: security, provisioning, and network • Future research – Why programmers face challenges – Connection between questions and code quality

16. Summary aarahman@ncsu.edu akondrahman https://akondrahman.github.io/ Contact Answer to RQ4: What temporal trends do the question categories related to configuration as code exhibit? Answer to RQ1: What questions do programmers ask about configuration as code? • Syntax error • Provisioning • Feasibility • Installation • Filesystem • Security • Data Separation • Troubleshooting • Network • Environment Variables • Testing • Template • Dependencies • Database • Resource Ordering • Daemon Services Motivation: Configuration as Code (CaC) 3 Ansible Chef Puppet

17. Backup

18. Background case $::operatingsystem { ‘CentOS’: { exec { "install iptables": command => "/bin/yum install iptables -y", creates => "/sbin/iptables"; } } default: { fail("cannot install on $::operatingsystem") } } https://puppet.com/company/press-room/media-kit 18

Editor's Notes

17 companies
17 companies
Identify Challenges Insights on development platforms related to CaC development Identify functionalities that practitioners want
Creates: creates => # A file to look for before running the command...

What Questions Do Programmers Ask About Configuration as Code?

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to What Questions Do Programmers Ask About Configuration as Code?

Similar to What Questions Do Programmers Ask About Configuration as Code? (20)

More from Akond Rahman

More from Akond Rahman (8)

Recently uploaded

Recently uploaded (20)

What Questions Do Programmers Ask About Configuration as Code?

Editor's Notes