14 Tuesday Apr 2020
Posted in APIs & microservices, General, Technology
Tags
I presented at an online Meetup on today (Thursday 16th April) with a shortened version of my API technology overview (A quick look at gRPC, GraphQL, REST APIs – Which way to go?). Aside from an early interruption to the event, the evening was an excellent series of speakers covering a number of API centric subjects.
More about the event and future events – https://www.meetup.com/TechItaliaTuscany/events/269621146/
06 Monday Apr 2020
Posted in General, Oracle, Technology
The second part of a two part article about the sort of things an Ace Associate or anyone else in a Technology Advocacy programme such as the Ace & Groundbreakers could approach social media has been published.
You can check out at (http://www.oraworld.org/home/ – page 10)
You can check part 1 (http://www.oraworld.org/home/ – page 15) along with other articles in the 19th edition of OraWorld covering subjects as diverse as Open World, Apex and Spam (read and you’ll understand).
I’d like to thank my colleagues, particularly James Neate for the inspiration behind this article.
15 Sunday Mar 2020
Posted in General, Oracle, Technology
A few weeks ago Oracle announced a new tool for all Oracle cloud users including the Always Free tier. Cloud Shell provides a Linux (Oracle v7.7) environment to freely use ( (within your tenancy’s monthly limits) – no paying for VM or using your limited set of VMs (for free-tier users) or anything like that.
As you can see the Shell can be started using a new icon at the top right (highlighted). When you open the shell for the 1st time, it takes a few moments to instantiate – and you’ll see the message at the top of the console window (also highlighted). The window provides a number of controls which allows you to expand to full screen and back again etc.
The shell comes preconfigured with a number of tools, such as Terraform with the Oracle extensions, OCI CLI, Java and Git, so linking to Developer Cloud or GitHub for example to manage your scripts etc is easy (as long as you know you GIT CLI – cheat sheet here). The info for these can be seen in the following screenshots.
In addition to the capabilities illustrated, the Shell is set up with:
The benefit of all of this is that you can work from pretty much any device you like. It removes the need to manage and refresh security tokens locally to run scripts.
A few things to keep in mind whilst trying to use the Shell:
The shell makes for a great environment to manage and perform infrastructure development from and will be a dream for Linux hard code users. For those who like to be lazy with a visual IDE, there are ways around it (e.g. edit in GitHub) and sync. But power users will be more than happy with vim or vi.
Oracle’s own documentation can be fiound at https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/cloudshellintro.htm
29 Saturday Feb 2020
Posted in APIs & microservices, Books, development, mindmap, Technology
17 Monday Feb 2020
Posted in Dev Meetup, development, General, Oracle, Technology
Tags
@GeertjanW, code, developer, enterprise, framework, javascript, JET, meetup, toolket
Last night was the latest in #OracleDeveloperMeetups in London. The evening’s focus was on JavaScript Frameworks, Toolkits and Web Components. Whilst the event is sponsored by Oracle the focus is very much on the challenges of JavaScript Frameworks.
12 Wednesday Feb 2020
Posted in API Platform CS, APIs & microservices, General, Oracle, Technology
#ACED @mp3monster goes into overtime with this #2MTT on handling special #APIs and edge scenarios when working with Oracle API Platform Cloud Service. Watch!https://t.co/tQ36GFHkbT
— ArchBeatDev (@ArchBeatDev) February 12, 2020
03 Monday Feb 2020
Posted in General, Oracle, Technology
The first part of a two part article about the sort of things an Ace Associate, or anyone else in a Technology Advocacy programme such as the Ace & Groundbreakers could approach social media has been published. Go check it out (http://www.oraworld.org/home/ – page 15) along with other articles in the latest edition of OraWorld covering subjects as diverse as Open World, Apex and Spam (read and you’ll understand).
I’d like to thank my colleagues, particularly James Neate for the inspiration behind this article.
14 Tuesday Jan 2020
Posted in APIs & microservices, General, Oracle, Technology
When it comes to deployment of API Gateways, there are a couple of well-known patterns, that of the Internal Gateway and External Gateway (described in several resources including here).
These two deployments essentially reflect the considerations of offering endpoints up to less secure network segments such as the internet (external gateways) and trusted network zones (internal gateways). But in addition to the physical deployment within a network, these deployments are likely to host APIs with different characteristics, reflecting levels of trust, and emphasis on enterprise decoupling/abstraction (internal) – the reason why APIs are sometimes associated with the idea of SOA 2.0. Compared with security sensitivity, and potentially monetization or at least usage metrics to help protect specific attack vectors.
These deployment patterns can be seen in the following diagram.
Both the internal and external gateways are reflective of interest in the origin of the API traffic. However a rarer 3rd pattern does exist.
This pattern of crops up when you need to consider the ability to manage how internal solutions connect to outside services, for reasons such as:
04 Saturday Jan 2020
Posted in development, General, Technology
Tags
CNCF, deployment, Oracle, Owasp, Security, software, TUF, update framework, updating
To varying degrees, most techies are aware of the security vulnerabilities identified in the OWASP Top 10 (SQL Injection, trying to homebrew Identity management etc), although I still sometimes have conversations where I feel the need to get the yellow 
or red card out. But the bottom line is that these risks are perhaps more appreciated because it is easier to understand external entities attacking seeking direct attacks to disrupt or access information. But there are often subtler and at least more costly to repair attacks such as internal attacks and indirect attacks such as compromising software deployment mechanisms.
This, later attack Is not a new risk, as you can see from the following links, been recognised by the security community for some time (you can find academic papers going back 10+ years looking at the security risks for Yum and RPM for example).
But software is becoming ever more pervasive, we’re more aware than ever that maintaining software to the latest releases means that known vulnerabilities are closed. As a result, we have seen a proliferation in mechanisms to recognise the need to update and deploying updates. 10 years ago, updating frameworks where typically small in number and linked to vendors who could/had to invest in making the mechanisms as a secure as possible – think Microsoft, Red Hat. However we have seen this proliferate, any browser worthy of attention has automated updating let alone the wider software tools. As development has become more polyglot every language has its central repos of framework libraries (maven central, npm, chocolatey ….). Add to this the growth in multi-cloud and emphasis on micro deployments to support microservices and the deployment landscape gets larger and ever more complex and therefore vulnerable.
16 Monday Dec 2019
As is Packt’s tradition, their Christmas book promotion has started. For the next week or two all books and videos are $5 in their ebook/video download format. Including the titles I have co-authored as well as others that I have contributed to as a reviewer.
End-to-End OIC to SAP integration
A blog-post by blog-post journey of a ERP Cloud Solutions Degree Apprentice
from Technology to Music
Demystifying cloud technologies...
Technofunctional Blogs
Business, Technology and more
Personal, design, inspiration, interests.
by Jürgen Kress
Oracle Cloud Stuff
My thoughts on Enterprise Software Technologies...and more.
Achieving business objectives through technology standards
Success & Satisfaction with the Cloud
Thoughts of a lifelong music hoarder...
A Blog for Event and Data Analytics
