OraWorld – With Great APIs …
21 Monday Jun 2021
Posted in APIs & microservices, General, Oracle, Technology
The Air Gap a Security Fallacy?
12 Saturday Jun 2021
Posted in General, Technology
Tags
Securing systems through an air gap is an idea goes back decades, and through the 50s to as recently as the 2000s the idea that you could safely and successfully run and maintain systems by simply not connecting to a network protects them from vulnerabilities may have been true. But in the last ten or more years, I would argue it is a fallacy, that can lull people into a false sense of security and therefore more likely to take more risks (or at least not be as careful as we should be). This idea is a well established piece of psychology with modern cars (here for example). This is known as Risk Compensation (also more here) or an aspect of behaviour adaptation.
Whilst this is rather theoretical, perhaps we should illustrate in practical terms why it is both a fallacy, and in the modern day simply impractical.
Continue readingNew and coming to a screen near you soon
31 Monday May 2021
Last night saw the final chapter of Logging in Action with Fluentd go back to my editor. The next step is that Chapter (and others I hope) will go to MEAP, so early readers not only get the final chapter, but also the raft of improvements we’ve made. Along with that, the manuscript goes for a full peers review. Once that’s back, its time for a round of edits as I address the feedback then into copy editing and Manning sign off review.
As you might have guessed, we’ve kept busy with an article in the 25th edition of OraWorld. This follows Part 1 talking about GraphQL with a look at considerations for API Security.
In addition to that we’re working on a piece around automation of OCI management activities such as setting up developers, allowing them a level of freedom to experiment without accidentally burning through all your credits by spinning up Exadata servers or 500 node Kubernetes clusters.
We might even have some time to write more about APIs and integration.
Restriction on custom logging for OCI always free
26 Wednesday May 2021
Posted in Cloud, General, Oracle, Technology
Tags
alwaysFree, logging, OCI, shape, VM
OCI Always Free compute node has a restriction that isn’t clearly documented or obvious when you go to a instantiate such compute resources. That restriction is the absence of OCI Custom logging. This is a little surprising given that this capability is based on Fluentd and the compute footprint needed by Fluentd is so small. In the following screen shot, as you can see when configuring the compute, there is no reason to believe you can’t use OCI Logging for custom logs.
But when you go to configure the custom logging on your running compute, you can see that the feature is disabled with the message about the restriction. It would have been nice, to have the warning on the creation phase, as if I’d manually setup the VM then went to switch on OCI Logging knowing where I’d deployed my applications, I’d have wasted time in the setup.
Solution, use one of the AMD Flex or Previous Generation to minimize the footprint to your needs.
UPDATE 09th June 2021
We’ve been told that the this constraint has been addressed. In addition Oracle also introduced the new Ampere offering which allows for nodes with a form factor of upto 4 OCPU and 24GB of RAM using the new ARM chips. You can also use variations on this such as 4x 1 OCPU 6GB RAM
Creating screenshots of application shells – easing the writing process
24 Monday May 2021
Posted in General, Technology
If you hadn’t noticed, I have been involved with writing several books as well as various blogs and journal contributions. One of the challenges when it comes to books particularly is when wanting to share a screenshot of a shell/console Window, be that a Linux shell (bash, ZSH, korn etc) Windows cmd or PowerShell.
Blog Post on Oracle.com and more
19 Wednesday May 2021
Posted in General, Oracle, Technology
Tags
blog, book, Capgemini, conference, Fluentd, IaaS, manning, monitoring, OCI, Oracle, WorldFestival
We recently received an invite to write a guest blog post for Oracle. We’re please to say it has gone live, and can be found at https://blogs.oracle.com/cloud-infrastructure/oracle-cloud-infrastructure-logging-and-alert-rapid-smoke-testing-of-config-and-alerts. A little different to my typical posts. Hope you find it interesting.
World Festival Conference
We’ve also scored another success, this time we’ve been invited to speak at WorldFestival in August, this is an online conference organized by the same team behind DeveloperWeek. This is the first time outside of an Oracle linked event where I’ve been amongst the first few named speakers, so proud of that. The conference looks really interesting as it looks beyond just core developer themes with conference tracks on Space & Transportation, Smart Cities, Robotics, Digital Health to name a few of the 12 streams. Worth checking out.
DeveloperWeek Europe 2021 – APIs more than just a Payload definition
27 Tuesday Apr 2021
Posted in APIs & microservices, General, Technology
Tags
So this week the big Developer Week Europe conference is running online at the moment. I got to present today. It was a relatively short session, with an unfortunate brief interruption of a smoke alarm. My presentations is here …
OraWorld Magazine – Latest Edition
09 Tuesday Mar 2021
Posted in APIs & microservices, General, Oracle, Technology
The latest edition of OraWorld has become available to today. With its blend of insight into the Oracle community, and Oracle technologies from database to modern apps. I have to own up and say, I mention the magazine not only because of the beautifully crafted independent insights, but also it includes an article from myself. Taking a look at GraphQL what it is and how recent new Oracle product features could make a big difference to the GraphQL adoption opportunities.
The next edition should include a follow up article to this focussing on API security considerations.
Extracting Dependencies and Versions for a Node Solution
15 Monday Feb 2021
Posted in development, NodeJS Cloud, Technology
We have had a requirement from a customer to be able define every package including dependencies within a Node solution (as it happens Apollo GraphQL), not only the complete download path but the version numbering as well. There are many ways to solve this problem. But here is an elegant(?) and portable answer. To ensure that we don’t get pollution from a global node space we created a project package in an empty folder using:
npm init --yesThis defaults all the package,json settings which for our requirements is fine. Then in the same location its npm install <product from the npm registry to pull> e.g. for Apollo GraphQL:
npm install apollo-server graphql
This will bring down to your npm project all the dependencies putting them in the node_modules child folder. We’re now in a position to retrieve all the details of the packages, their dependencies and version information. This can be done by using the command:
npm list --jsonWhat does it take to write a tech book?
14 Sunday Feb 2021
Tags
I wrote a blog after completing my first book with Robert van Mölken about what was involved. That post can be seen here. It focussed on the processes with Packt and how Robert and I worked to try to ensure the book felt consistent despite the two of us writing.
Writing Logging In Action was a solo project for a different publisher. It seems like an opportunity to share some fresh insights.
Time and Effort
Surprisingly the time between signing the contract and the manuscript being completed ready to go through the final production process didn’t vary hugely roughly 15-18 months. The final steps of preparing to go to print did take longer, in part down to the number of extra steps taken by Manning to ensure the book was polished. Upon reflection, I think that is at least partly down to the fact you need the chapters to need to flow, particularly when one chapter leads directly to the next. So you do get periods of respite until your co-author has got sufficiently far enough with their writing to enable you to start the next part. Writing solo, as soon as one chapter is completed you’re into the next, so no periods of respite.
When it comes to the amount of actual time involved. That is different, I didn’t keep track exactly. But knowing what I typically did each week and roughly how many quiet periods I had I think it works out to be 300 hours give or take 50 hours. That sounds a lot, but then if you look at it as 1 hour per page it doesn’t seem too significant.
Using Time and Self Discipline
The way time is used has been a little different, when co-authoring you have to allow time for coordinating and supporting each other, peer-reviewing writing pushing each other along in terms of keeping to plan. The Manning development team are pretty good at keeping you moving without it feeling like you’re being chased, and will provide constructive and supportive feedback. But your co-authors will know the subject matter very well and know what your best work is like, so are able to challenge you when peer-reviewing the work. When we wrote the API book, I remember one of my colleagues reviewing a chapter and coming back saying it was a solid chapter, but I know you have explained these ideas more clearly. When I went back over the chapter, I could see what they meant. As a result a better book.
The bottom line is it can be difficult to bring a critical eye to your own work, particularly soon after have written it. But you do need that self-discipline when working on your own. This is where the Manning editorial team really stood out.
The book is published, that’s the end?
It is easy to think that’s the end of things, and certainly in terms of solid writing it is. But after all the invested effort in writing it. You might as well help promote the book and take advantage of the reputation of being a published author. This means presenting on the subject of your book. The book will provide a level of credentials & credibility to the subject you’ve written about. Despite being an introvert (which is why I take pleasure in the writing process) getting through the pre-presentation nerves, feelings of imposter syndrome once on stage and talking about your subject can be a rush, particularly as you finish. The personal payoff from presenting can come after the event, when someone who has seen your presentation says to you afterwards, that really helped me, or they really enjoyed or found the presentation thought-provoking.
If presenting is too much then these days there are other paths available, such as writing articles for journals, participating in podcasts. Having participated in several podcasts if you have a good host, this can be good fun.
What do I get out of writing?
The benefit of royalties certainly won’t replace a typical developer’s salary, unless you’re really lucky. Even with mainstream publications, only a small proportion of authors are successful enough for it to become their day job. But, there are indirect benefits. If you want something to put your CV above many others – then a book will really help. This is often why a lot of freelancers write books – it helps provide credibility over others. There is no doubt that my writing has made a difference to a change in job. I suspect that joining Capgemini and my next move has been a lot easier because of it. Not to mention, I’ve known clients like the idea that within the team they’ve engaged are people with credibility beyond just the supplier. Depending upon your employer, the marketing value for them to employ you (or me) as an author (and by implication an SME) add differentiation as well.
Writing solo again?
I’ve heard technical book authors say, never again once they’ve been published. A few I know have written multiple books. Given the experience, I think co-authoring is easier. But the gratification of completing a solo effort is so much greater.
The technical book landscape is shifting, technology cycles seem to be accelerating (or is it that I’ve reached an age where time seems to go by so much quicker) which is impacting a book’s shelf life. The ability to provide, receive and expect more interactive engagement is evolving – LiveBooks, Katacoda etc. The need to consume smaller pieces across multiple sources is growing as we need to build new skills, but don’t want to start from scratch (as I described here for example).
There is no doubt I’ll get involved in another book project. But a solo writing project will probably be smaller so we can shorten that development cycle.
Phil (aka MP3Monster)'s Blog 
You must be logged in to post a comment.