How to write custom execution modules for Saltstack and put credentials and other secrets into your Python code. The presentation reviews the use of Salt Pillars as well as the Salt API
Webinar: PostgreSQL continuous backup and PITR with BarmanGabriele Bartolini
How can you achieve an RTO of 5 minutes for the backups of your PostgreSQL databases? And what about RPO=0 for zero data loss backups?
This webinar gave an answer to those questions, by providing an overview of Disaster Recovery of PostgreSQL databases with Barman, covering its major features.
Barman, Backup and Recovery Manager for PostgreSQL, is an open source tool that was conceived by 2ndQuadrant about 10 years ago and released open source in 2012 under GNU GPL 3.
It is now one of the most popular backup and recovery tools in the PostgreSQL ecosystem.
Video available at https://resources.2ndquadrant.com/en/webinar-postgresql-continuous-backup-and-pitr-with-barman
Presentation at Strata Data Conference 2018, New York
The controller is the brain of Apache Kafka. A big part of what the controller does is to maintain the consistency of the replicas and determine which replica can be used to serve the clients, especially during individual broker failure.
Jun Rao outlines the main data flow in the controller—in particular, when a broker fails, how the controller automatically promotes another replica as the leader to serve the clients, and when a broker is started, how the controller resumes the replication pipeline in the restarted broker.
Jun then describes recent improvements to the controller that allow it to handle certain edge cases correctly and increase its performance, which allows for more partitions in a Kafka cluster.
DTrace and SystemTap are dynamic tracing frameworks available for Solaris and Linux respectively. This session will give an overview of the static DTrace probes available in both Drizzle and MySQL and show numerous examples of scripts that utilize these probes. Mixing dynamic and static probes will also be discussed.
Troubleshooting common oslo.messaging and RabbitMQ issuesMichael Klishin
This talk focuses on troubleshooting of common oslo.messaging and RabbitMQ issues in OpenStack environments. Co-presented at the OpenStack Summit Austin in April 2016.
Operating PostgreSQL at Scale with KubernetesJonathan Katz
The maturation of containerization platforms has changed how people think about creating development environments and has eliminated many inefficiencies for deploying applications. These concept and technologies have made its way into the PostgreSQL ecosystem as well, and tools such as Docker and Kubernetes have enabled teams to run their own “database-as-a-service” on the infrastructure of their choosing.
All this sounds great, but if you are new to the world of containers, it can be very overwhelming to find a place to start. In this talk, which centers around demos, we will see how you can get PostgreSQL up and running in a containerized environment with some advanced sidecars in only a few steps! We will also see how it extends to a larger production environment with Kubernetes, and what the future holds for PostgreSQL in a containerized world.
We will cover the following:
* Why containers are important and what they mean for PostgreSQL
* Create a development environment with PostgreSQL, pgadmin4, monitoring, and more
* How to use Kubernetes to create your own "database-as-a-service"-like PostgreSQL environment
* Trends in the container world and how it will affect PostgreSQL
At the conclusion of the talk, you will understand the fundamentals of how to use container technologies with PostgreSQL and be on your way to running a containerized PostgreSQL environment at scale!
고승범(peter.ko) / kakao corp.(인프라2팀)
---
카카오에서는 빅데이터 분석, 처리부터 모든 개발 플랫폼을 이어주는 솔루션으로 급부상한 카프카(kafka)를 전사 공용 서비스로 운영하고 있습니다. 전사 공용 카프카를 직접 운영하면서 경험한 트러블슈팅과 운영 노하우 등을 공유하고자 합니다. 특히 카프카를 처음 접하시는 분들이나 이미 사용 중이신 분들이 많이 궁금해하는 프로듀서와 컨슈머 사용 시의 주의점 등에 대해서도 설명합니다.
Webinar: PostgreSQL continuous backup and PITR with BarmanGabriele Bartolini
How can you achieve an RTO of 5 minutes for the backups of your PostgreSQL databases? And what about RPO=0 for zero data loss backups?
This webinar gave an answer to those questions, by providing an overview of Disaster Recovery of PostgreSQL databases with Barman, covering its major features.
Barman, Backup and Recovery Manager for PostgreSQL, is an open source tool that was conceived by 2ndQuadrant about 10 years ago and released open source in 2012 under GNU GPL 3.
It is now one of the most popular backup and recovery tools in the PostgreSQL ecosystem.
Video available at https://resources.2ndquadrant.com/en/webinar-postgresql-continuous-backup-and-pitr-with-barman
Presentation at Strata Data Conference 2018, New York
The controller is the brain of Apache Kafka. A big part of what the controller does is to maintain the consistency of the replicas and determine which replica can be used to serve the clients, especially during individual broker failure.
Jun Rao outlines the main data flow in the controller—in particular, when a broker fails, how the controller automatically promotes another replica as the leader to serve the clients, and when a broker is started, how the controller resumes the replication pipeline in the restarted broker.
Jun then describes recent improvements to the controller that allow it to handle certain edge cases correctly and increase its performance, which allows for more partitions in a Kafka cluster.
DTrace and SystemTap are dynamic tracing frameworks available for Solaris and Linux respectively. This session will give an overview of the static DTrace probes available in both Drizzle and MySQL and show numerous examples of scripts that utilize these probes. Mixing dynamic and static probes will also be discussed.
Troubleshooting common oslo.messaging and RabbitMQ issuesMichael Klishin
This talk focuses on troubleshooting of common oslo.messaging and RabbitMQ issues in OpenStack environments. Co-presented at the OpenStack Summit Austin in April 2016.
Operating PostgreSQL at Scale with KubernetesJonathan Katz
The maturation of containerization platforms has changed how people think about creating development environments and has eliminated many inefficiencies for deploying applications. These concept and technologies have made its way into the PostgreSQL ecosystem as well, and tools such as Docker and Kubernetes have enabled teams to run their own “database-as-a-service” on the infrastructure of their choosing.
All this sounds great, but if you are new to the world of containers, it can be very overwhelming to find a place to start. In this talk, which centers around demos, we will see how you can get PostgreSQL up and running in a containerized environment with some advanced sidecars in only a few steps! We will also see how it extends to a larger production environment with Kubernetes, and what the future holds for PostgreSQL in a containerized world.
We will cover the following:
* Why containers are important and what they mean for PostgreSQL
* Create a development environment with PostgreSQL, pgadmin4, monitoring, and more
* How to use Kubernetes to create your own "database-as-a-service"-like PostgreSQL environment
* Trends in the container world and how it will affect PostgreSQL
At the conclusion of the talk, you will understand the fundamentals of how to use container technologies with PostgreSQL and be on your way to running a containerized PostgreSQL environment at scale!
고승범(peter.ko) / kakao corp.(인프라2팀)
---
카카오에서는 빅데이터 분석, 처리부터 모든 개발 플랫폼을 이어주는 솔루션으로 급부상한 카프카(kafka)를 전사 공용 서비스로 운영하고 있습니다. 전사 공용 카프카를 직접 운영하면서 경험한 트러블슈팅과 운영 노하우 등을 공유하고자 합니다. 특히 카프카를 처음 접하시는 분들이나 이미 사용 중이신 분들이 많이 궁금해하는 프로듀서와 컨슈머 사용 시의 주의점 등에 대해서도 설명합니다.
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...HostedbyConfluent
Active-Active, Active-Passive, and stretch clusters are hallmark patterns that have been the gold standard in Apache Kafka® disaster recovery architectures for years. Moving to Kubernetes requires unpacking these patterns and choosing a configuration that allows you to meet the same RTO and RPO requirements.
In this talk, we will cover how Active-Active/Active-Passive modes for disaster recovery have worked in the past and how the architecture evolves with deploying Apache Kafka on Kubernetes. We'll also look at how stretch clusters sitting on this architecture give a disaster recovery solution that's built-in!
Armed with this information, you will be able to architect your new Apache Kafka Kubernetes deployment (or retool your existing one) to achieve the resilience you require.
Broken benchmarks, misleading metrics, and terrible tools. This talk will help you navigate the treacherous waters of Linux performance tools, touring common problems with system tools, metrics, statistics, visualizations, measurement overhead, and benchmarks. You might discover that tools you have been using for years, are in fact, misleading, dangerous, or broken.
The speaker, Brendan Gregg, has given many talks on tools that work, including giving the Linux PerformanceTools talk originally at SCALE. This is an anti-version of that talk, to focus on broken tools and metrics instead of the working ones. Metrics can be misleading, and counters can be counter-intuitive! This talk will include advice for verifying new performance tools, understanding how they work, and using them successfully.
Computing Performance: On the Horizon (2021)Brendan Gregg
Talk by Brendan Gregg for USENIX LISA 2021. https://www.youtube.com/watch?v=5nN1wjA_S30 . "The future of computer performance involves clouds with hardware hypervisors and custom processors, servers running a new type of BPF software to allow high-speed applications and kernel customizations, observability of everything in production, new Linux kernel technologies, and more. This talk covers interesting developments in systems and computing performance, their challenges, and where things are headed."
Running MariaDB in multiple data centersMariaDB plc
MariaDB is often deployed in multiple data centers for high availability and/or disaster recovery. Tim Tadeo, Senior Sales Engineer, walks through real-world use cases and the topologies customers have created to leverage multiple data centers. He also discusses important considerations and how to address them, as well as more advanced options such as dedicated binlog servers for cross–data center replication.
In this webinar, we will discuss about the basic concept of routing, try to understand how the router work, how the routing table is used to forward packets, and how to implement them with mikrotik router. we review some prior knowledge before. after attending this webinar, we expect you understand how the packet is forwarded on router.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
How Netflix Tunes EC2 Instances for PerformanceBrendan Gregg
CMP325 talk for AWS re:Invent 2017, by Brendan Gregg. "
At Netflix we make the best use of AWS EC2 instance types and features to create a high performance cloud, achieving near bare metal speed for our workloads. This session will summarize the configuration, tuning, and activities for delivering the fastest possible EC2 instances, and will help other EC2 users improve performance, reduce latency outliers, and make better use of EC2 features. We'll show how we choose EC2 instance types, how we choose between EC2 Xen modes: HVM, PV, and PVHVM, and the importance of EC2 features such SR-IOV for bare-metal performance. SR-IOV is used by EC2 enhanced networking, and recently for the new i3 instance type for enhanced disk performance as well. We'll also cover kernel tuning and observability tools, from basic to advanced. Advanced performance analysis includes the use of Java and Node.js flame graphs, and the new EC2 Performance Monitoring Counter (PMC) feature released this year."
KMIP stands for key management interoperability protocol. Provides simple binary and TTLV variant protocol to manage various cryptographic key cycles for enterprise needs viz., for enterprise applications, data encryption etc.
syzkaller is an unsupervised, coverage-guided Linux syscall fuzzer.
The presentation covers basic of operation of the fuzzer, gives tutorial on how to run it and how to extend it to fuzz new drivers.
Intelligent, Automatic Restarts for Unhealthy Kafka Consumers on Kubernetes w...HostedbyConfluent
At Cloudflare we are big Kafka adopters and we run Kafka at a massive scale. We deploy our microservices leveraging Kafka on Kubernetes and we have have some interesting experience on how to keep the latter operational to avoid downtime. To do so, we implemented our own Intelligent Smart Health checks for microservices leveraging Kafka. This has allowed our services to be much more self-healing, meaning there is much less manual intervention required. Before we used to get paged when applications got stuck and this also led to different incidents that were also customer impacting. We've implemented this in go, using the Shopify/sarama package but the same concepts can be adopted in different programming languages.
IPv6 Segment Routing is a major IPv6 extension that provides a modern version of source routing that is currently being developed within the Internet Engineering Task Force (IETF). We propose the first open-source implementation of IPv6 Segment Routing in the Linux kernel. We first describe it in details and explain how it can be used on both endhosts and routers. We then evaluate and compare its performance with plain IPv6 packet forwarding in a lab environment. Our measurements indicate that the performance penalty of inserting IPv6 Segment Routing Headers or encapsulat- ing packets is limited to less than 15%. On the other hand, the optional HMAC security feature of IPv6 Segment Routing is costly in a pure software implementation. Since our implementation has been included in the official Linux 4.10 kernel, we expect that it will be extended by other researchers for new use cases.
Presented at ANRW'17 https://irtf.org/anrw/2017/program.html on behalf of David Lebrun
Vladimir Rodionov (Hortonworks)
Time-series applications (sensor data, application/system logging events, user interactions etc) present a new set of data storage challenges: very high velocity and very high volume of data. This talk will present the recent development in Apache HBase that make it a good fit for time-series applications.
SaltConf15 Presentation on Salt Stack High Availability
Links to github repository containing code: https://github.com/wcannon/saltconf2015
Solution 3 has been implemented and is in the github repository.
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...HostedbyConfluent
Active-Active, Active-Passive, and stretch clusters are hallmark patterns that have been the gold standard in Apache Kafka® disaster recovery architectures for years. Moving to Kubernetes requires unpacking these patterns and choosing a configuration that allows you to meet the same RTO and RPO requirements.
In this talk, we will cover how Active-Active/Active-Passive modes for disaster recovery have worked in the past and how the architecture evolves with deploying Apache Kafka on Kubernetes. We'll also look at how stretch clusters sitting on this architecture give a disaster recovery solution that's built-in!
Armed with this information, you will be able to architect your new Apache Kafka Kubernetes deployment (or retool your existing one) to achieve the resilience you require.
Broken benchmarks, misleading metrics, and terrible tools. This talk will help you navigate the treacherous waters of Linux performance tools, touring common problems with system tools, metrics, statistics, visualizations, measurement overhead, and benchmarks. You might discover that tools you have been using for years, are in fact, misleading, dangerous, or broken.
The speaker, Brendan Gregg, has given many talks on tools that work, including giving the Linux PerformanceTools talk originally at SCALE. This is an anti-version of that talk, to focus on broken tools and metrics instead of the working ones. Metrics can be misleading, and counters can be counter-intuitive! This talk will include advice for verifying new performance tools, understanding how they work, and using them successfully.
Computing Performance: On the Horizon (2021)Brendan Gregg
Talk by Brendan Gregg for USENIX LISA 2021. https://www.youtube.com/watch?v=5nN1wjA_S30 . "The future of computer performance involves clouds with hardware hypervisors and custom processors, servers running a new type of BPF software to allow high-speed applications and kernel customizations, observability of everything in production, new Linux kernel technologies, and more. This talk covers interesting developments in systems and computing performance, their challenges, and where things are headed."
Running MariaDB in multiple data centersMariaDB plc
MariaDB is often deployed in multiple data centers for high availability and/or disaster recovery. Tim Tadeo, Senior Sales Engineer, walks through real-world use cases and the topologies customers have created to leverage multiple data centers. He also discusses important considerations and how to address them, as well as more advanced options such as dedicated binlog servers for cross–data center replication.
In this webinar, we will discuss about the basic concept of routing, try to understand how the router work, how the routing table is used to forward packets, and how to implement them with mikrotik router. we review some prior knowledge before. after attending this webinar, we expect you understand how the packet is forwarded on router.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
How Netflix Tunes EC2 Instances for PerformanceBrendan Gregg
CMP325 talk for AWS re:Invent 2017, by Brendan Gregg. "
At Netflix we make the best use of AWS EC2 instance types and features to create a high performance cloud, achieving near bare metal speed for our workloads. This session will summarize the configuration, tuning, and activities for delivering the fastest possible EC2 instances, and will help other EC2 users improve performance, reduce latency outliers, and make better use of EC2 features. We'll show how we choose EC2 instance types, how we choose between EC2 Xen modes: HVM, PV, and PVHVM, and the importance of EC2 features such SR-IOV for bare-metal performance. SR-IOV is used by EC2 enhanced networking, and recently for the new i3 instance type for enhanced disk performance as well. We'll also cover kernel tuning and observability tools, from basic to advanced. Advanced performance analysis includes the use of Java and Node.js flame graphs, and the new EC2 Performance Monitoring Counter (PMC) feature released this year."
KMIP stands for key management interoperability protocol. Provides simple binary and TTLV variant protocol to manage various cryptographic key cycles for enterprise needs viz., for enterprise applications, data encryption etc.
syzkaller is an unsupervised, coverage-guided Linux syscall fuzzer.
The presentation covers basic of operation of the fuzzer, gives tutorial on how to run it and how to extend it to fuzz new drivers.
Intelligent, Automatic Restarts for Unhealthy Kafka Consumers on Kubernetes w...HostedbyConfluent
At Cloudflare we are big Kafka adopters and we run Kafka at a massive scale. We deploy our microservices leveraging Kafka on Kubernetes and we have have some interesting experience on how to keep the latter operational to avoid downtime. To do so, we implemented our own Intelligent Smart Health checks for microservices leveraging Kafka. This has allowed our services to be much more self-healing, meaning there is much less manual intervention required. Before we used to get paged when applications got stuck and this also led to different incidents that were also customer impacting. We've implemented this in go, using the Shopify/sarama package but the same concepts can be adopted in different programming languages.
IPv6 Segment Routing is a major IPv6 extension that provides a modern version of source routing that is currently being developed within the Internet Engineering Task Force (IETF). We propose the first open-source implementation of IPv6 Segment Routing in the Linux kernel. We first describe it in details and explain how it can be used on both endhosts and routers. We then evaluate and compare its performance with plain IPv6 packet forwarding in a lab environment. Our measurements indicate that the performance penalty of inserting IPv6 Segment Routing Headers or encapsulat- ing packets is limited to less than 15%. On the other hand, the optional HMAC security feature of IPv6 Segment Routing is costly in a pure software implementation. Since our implementation has been included in the official Linux 4.10 kernel, we expect that it will be extended by other researchers for new use cases.
Presented at ANRW'17 https://irtf.org/anrw/2017/program.html on behalf of David Lebrun
Vladimir Rodionov (Hortonworks)
Time-series applications (sensor data, application/system logging events, user interactions etc) present a new set of data storage challenges: very high velocity and very high volume of data. This talk will present the recent development in Apache HBase that make it a good fit for time-series applications.
SaltConf15 Presentation on Salt Stack High Availability
Links to github repository containing code: https://github.com/wcannon/saltconf2015
Solution 3 has been implemented and is in the github repository.
The open source configuration management and automation framework Chef is used to configure, deploy and manage many large public and private installations of OpenStack and supports a wide variety of integration opportunities. Chef for OpenStack is a project based on the healthy exchange of code, ideas and documentation for deploying and operating OpenStack with Chef.
There is a tremendous amount of Chef-related activity in the OpenStack ecosystem. With involvement from AT&T, IBM, Rackspace, SUSE and many others there is an active community of collaboration between users, developers and operators. In addition to operating OpenStack, Chef provides integrations for deploying applications on top of OpenStack (and other cloud) deployments, including specialized tooling for testing and continuous integration environments.
OpenStack is a large and complex ecosystem, this session will highlight the resources available for operators, as well as the evolution and layout of the project and the roadmap going forward.
Using MCollective with Chef - cfgmgmtcamp.eu 2014Zachary Stevens
It's time to move beyond SSH for infrastructure management.
MCollective is an awesome orchestration framework.
Chef is an awesome configuration management tool.
Contrary to popular belief, they work great together.
Speaker notes available here: https://dl.dropboxusercontent.com/u/369373/cfgmgmtcamp.eu%202014%20-%20Chef%20%26%20MCollective.pdf
Understanding salt modular sub-systems and customizationjasondenning
Overview of the modular sub-systems in SaltStack, and basics for writing custom execution modules and state modules for Salt. Presented to the Portland SaltStack Users Group (http://www.meetup.com/Portland-SaltStack-Users-Group/) by me (Jason Denning) on 04/21/2015.
SaltConf14 - Saurabh Surana, HP Cloud - Automating operations and support wit...SaltStack
Using SaltStack to automate enterprise IT operations and support capabilities is not as well documented as the more traditional SaltStack use cases. This session will show how the HP Cloud team runs a secure and reliable SaltStack automation environment by writing Salt states and modules to simplify day-to-day operations and support while extending SaltStack capabilities through dynamic states and modules. The talk will also show how to protect sensitive information and safe guard against user errors.
Introduction of using Hashicorp Vault with your NodeJS Application. How to store your secrets when using a cloud application in nodejs. Meetup in Austin Texas May 2019 (https://www.meetup.com/austinnodejs/events/srwjzqyzhbtb/)
Nagios Conference 2014 - Mike Merideth - The Art and Zen of Managing Nagios w...Nagios
Mike Merideth's presentation on The Art and Zen of Managing Nagios with Puppet.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
Similar to Writing Custom Saltstack Execution Modules (20)
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
2. WHAT IS SALTSTACK
• System for remote execution of commands and configuration management
• Server/client model
• Built for parallel execution, scalability and security
• Written in Python
• Open source https://github.com/saltstack/salt
3. SALT EXECUTION MODULES
• Python functions called by the Salt Master to be executed on targeted minions
• Salt is prepackaged with modules to
• Restart services
• Install packages
• Transfer files
• Etc
• https://docs.saltstack.com/en/latest/ref/modules/all/index.html#all-salt-modules
5. EXAMPLE #1
• Make the module available to execute on the desired minion or minions
• salt ‘<minion id(s)>' saltutil.sync_modules
• Execute the module
• salt ‘<minion id(s)>’ salt_presentation.first_test
6. EXAMPLE RECAP
• Python file in /srv/salt/_modules on the Salt Master
• Defined function that handles module logic or lack thereof
• Plaintext credentials in code in two locations!!
• Salt master in /srv/salt/_modules/salt_presentation.py
• Salt minion in /var/cache/salt/minion/extmods/modules/salt_presentation.py
7. WAYS TO PASS SECRETS IN PYTHON
• Use separate settings.py or similar with credentials and import them
• Use environment variables on the host and os.environ.get()
• Create a hidden file on the host and use a ConfigParser
• Use argparse and command line arguments to parameterize credentials
• Accept secrets from user input each time code is run
8. WHERE THESE METHODS FALL SHORT
• Not designed for remote execution
• Add little in the way of security if an attacker gains access to the host executing the
code
• May not be easily repeatable (ie; requiring user input every run through)
9. SALT PILLARS
• Designed for data that needs to be securely sent only to targeted minions
• Stored in memory on the targeted minions
• Can be encrypted on the Salt master for extra security
• Provides code portability since they’re great for variable or arbitrary data
• Just a Python dictionary
15. EXAMPLE RECAP
• Removed hard coded credentials from source code and from host running our code
• Credentials are passed only to targeted minion(s)
• Only have credentials on the Salt master
16. OTHER WAYS SALT LETS US PASS SECRETS
• Salt-API
• Run on the Salt-master
• API calls to run Salt modules from any other host on the network
• Pass pillar kwargs to state.apply module
• External Pillars
• Pull Pillar data from sources such as Postgres, HTTP API requests, and more
• https://docs.saltstack.com/en/latest/topics/development/external_pillars.html
17. EXAMPLE #3
• Setup and start the salt-api on the Salt Master
• https://docs.saltstack.com/en/latest/ref/netapi/all/salt.netapi.rest_cherrypy.html#a-rest-
api-for-salt
• Create a Salt state on the master to run our execution module
18. EXAMPLE #3
• Choose a host that has network access to the Salt master
• Call the Salt Api to execute the state against the targeted minion(s) from this host
• Curl
• Python with Requests
• etc
20. EXAMPLE #3
• Executing the previous python code results in the execution module running against
the ‘ubuntu’ minion
21. EXAMPLE RECAP
• Provided further segregation of secrets from source code
• Added flexibility to run Salt commands from other applications and hosts
• Can allow other users to run Salt commands without having root access to the Salt
master
22. SALT IN THE REAL WORLD
• Pull Nessus scans from multiple network environments into a centralized location
for auditing
• Gather data from hosts on multiple networks and store it in a database
• Configure Splunk communications to use custom SSL certificates and certificate
verification
• Create self-healing infrastructure
