“Securing Microservice APIs: Sustainable and Scalable Access Control” by Matt McLarty, Rob Wilson, and Scott Morrison Identification: “Service consumers and intermediaries must be able to send API request messages that include multiple identities along with optional attributes that detail those identities, and they must be able to accept API requests that include multiple identities and […]Read more "Mini-Book: Securing Microservice APIs"
“Open Source in the Enterprise” by Andy Oram & Zaheda Bhorat Benefits of for using, supporting, and creating open source software: Multiplying the company’s investment: “Evidence that open a project pays off financially comes from a recent report prepared under World Bank auspices (http://bit.ly/2/Favs4). Careful tracing of contributions to their project–a form of geospatial software […]Read more "Mini-Book: Open Source in the Enterprise"
“DevOps Handbook: How to Create World-Class Agility, Reliability, & Security in Technology Organizations” By Gene Kim, Jez Humble, Patrick Debois, & John Willis Two conflicting goals: “Respond to the rapidly changing competitive landscape” “Provide stable, reliable, and secure service to the customer” “organizations adopting DevOps are able to linearly increase the number of deploys per […]Read more "Book: DevOps Handbook"
I had the fortune to listen to Ken Beer and Ryan Treat’s talk on keys and certificates. Here are my notes: Keys Key hierarchy: A technique to improve manageability of a larger number of keys and security by encrypt keys with another set of keys. Envelop encryption: Data keys for applications are encrypted by […]Read more "Talk: Keys on AWS and Certificates"
A friend shared this article and I find it informative. Here are my notes: Steve Burton explained the challenge for engineers to troubleshoot production issues when the logs are filled with a large number of non-critical error messages. Not only this made troubleshooting of critical errors harder, it also has the following additional costs: “Disk storage to […]Read more "Article: “We Crunched 1 Billion Java Logged Errors – Here’s What Causes 97% of Them”"
I had an opportunity to attend Couchbase Day to learn about the product. I’ve included my notes below, link to the presentation slides and other resources. Fail Over If a machine was power off by mistake and bought backup and able to read, it will require lighter weight recovery. This feature is in 3.x Can configure […]Read more "Notes from Couchbase Day"
I find the official documentation on remote logging wasn’t complete. Here are my notes based on various web sites I visited (here, here, and here). Hope this helps! App.gwt.xml You should add the inherits statement below. You should be able to adjust the log level to any of the following: ALL, FINEST, FINER, FINE, CONFIG, INFO, […]Read more "HowTo: Setup GWT remote logging"
SSH tunneling is so useful that I find myself revisiting it again. This post helped me to get started. I would add the -f option to run the command in the background. 5126 is the port I use on my own machine once the tunnel is established. ssh -f -N -L 5126:TARGET_SERVER:22 USER@GATEWAY_SERVER Once the […]Read more "Revisiting SSH Tunneling Tricks"
I need to list all files in a directory tree excluding files with certain text in its names. This thread helped me to create something similar: find . -type f |grep -v ‘/[.svn-base]’ –Read more "Listing files excluding certain names"