Securing systems through an air gap is an idea goes back decades, and through the 50s to as recently as the 2000s the idea that you could safely and successfully run and maintain systems by simply not connecting to a network protects them from vulnerabilities may have been true. But in the last ten or more years, I would argue it is a fallacy, that can lull people into a false sense of security and therefore more likely to take more risks (or at least not be as careful as we should be). This idea is a well established piece of psychology with modern cars (here for example). This is known as Risk Compensation (also more here) or an aspect of behaviour adaptation.
Whilst this is rather theoretical, perhaps we should illustrate in practical terms why it is both a fallacy, and in the modern day simply impractical.
Another Spring means another excellent Oracle EMEA PaaS Forum for Oracle partners. Every Year Juergen Kress organizes the event, finding really nice venues to host several hundred people over four and half days.
The event is split into several parts, Monday afternoon normally involves Oracle Ace’s presenting on best practices, insights on applying the various technologies etc. For me this meant presenting on the London Developer Meetup, looking at how it worked, what has been successful, and what hasn’t. For those know have read my blogs on the subject (here) will know about our Drone initiative.
Then Tuesday is a single stream day where Juergen has managed to pull in SVPs and Senior Product Managers from around the globe to provide a high-level view of what has been going on with their products. For anyone consulting in the Oracle domain, this is incredibly useful. For example, there is a clear strategy coalescing around AI and Machine Learning both as a service proposition to users, but also how these technologies are being made available and used within other products. Other areas such as OIC and SOA CS have stability and maturity, and the road map is about maximising connectivity with the newer products.
But before the sessions start, Juergen starts with opening remarks, and demos’ something engaging. In previous years this has been things like Digital Assistants/Chatbots and so on. This year, we have been fortunate to be an active contributor by demoing the drone through the use of APIs and talking about the ideas. The dry runs of the demo on Monday went without a problem, but when it came to the main show, the drone was a little uncooperative – we think because the air-con had really kicked in. But importantly, even not achieving the desired result, the message of engagement made it home.
Wednesday is split into streams with in-depth sessions from the different Product Managers, he amount of insight gained from these sessions is tremendous, some of which is very much protected by safe harbour statements or not for public disclosure such is the honest and open discussions. The day closes with an Ace Director initiative which demonstrates the application of Oracle Cloud products to a plausible use case, and Luis Weir (Capgemini Oracle CTO) is part of. This session has become something of a tradition now.
The day’s business concludes awards, and for a second year the UK Capgemini team have taken home two awards for APIs and PaaS Contribution.
The final two days are then a choice of Hackerthon or 1/2 day training sessions on different products with the relevant Product Managers, and an excellent opportunity to pick the brains of the presenters as well as get hands-on experience with the different products.
The week isn’t without it’s social and networking activities of course …
I have been working my way through Building Evolutionary Architectures by Neal Forward, Rebecca Parsons and Patrick Kua. Three senior and respected members of Thoughtworks (also the home of Martin Fowler). Having read and listened to Neal and Rebecca’s presentations and writing I had expected a deeply thought-provoking read, but have to admit to being disappointed. There are some good points without a doubt, but the book pretty much focuses on one idea, the application of fitness functions. But I’m not convinced it warrants several hundred pages of a book as a result the point does at times feel laboured.
There are some arguments made, that leaves me thinking that there is a view that the only answer is microservices in the conventional model of Kubernetes, Docker etc, which I agree is a powerful paradigm to allow solutions to evolve, but it isn’t a silver bullet and not always right in every case (if you have a team lacking the underlying appreciation of the goals, or put in to place in an ad-hoc manner (see Chris Richardson‘s work) it isn’t going to help.
Alongside this, there is little said about the interface definition for microservices (typically APIs of one form or another). Whilst mention of leaky abstractions are made, the material illustrations such as code lead API definitions are omitted (risk being, code changes, the API changes and the impact cascades).
What surprised me the most is the on more than one occasion the books points to ERPs not being sufficiently customisable. Yet, anyone working with ERPs will tell you that ERPs are at their best when you use them to leverage industry best practices rather than crowbar them to fit unconventional ways of operating. If you’re a manufacturer, is fiscal reporting part of your differentiator; probably not, so why not take best practice OOTB.
As usual, I have mind mapped things as I read through the book. The dynamic/interactive version is here, the image (but not in full detail) is below.
Last night we ran the latest of the Oracle Developer Meetups in London. This time Luis Weir presented on GraphQL, which got an very engaged discussion about the strengths and weaknesses of GraphQL, in-depth points about how the error paths should be handled among many other things.
The presentation material Luis used is based upon his Devoxx session earlier this year and can be seen here:
After a insightful and thought provoking presentation on GraphQL the Drones with APIs project had its latest update. Providing a lot of laughter to the evening’s proceedings. Including demonstration of flying the drone using REST APIs published via a gateway and Go back-end. This included the DroneDash presenting a visual presentation of the commands being issues via REST, as seen here:
The new Oracle API Platform makes it possible to deploy different versions of your APIs to different gateway instances. When you you’re managing the Development API Policies through all the different stages of the lifecycle (Design to Production) from a single management tier such a capability is essential. This is further challenged by the fact that each save of you API Definition creates a new iteration (the term used to identify each saved ‘version’ of the API)
However it does lead the challenge from a management perspective of knowing which iterations are running on each Gateway.. you can get the information from the current UI but it requires multiple steps to get the information. The UI also lends itself more to the design processes today than perhaps the more dense information views that a operational report might warrant.
I’m sure that over time these views will come, but today we can solve the problem by taking advantage of the fact that the product lives by its own ‘mission’ by offering a very rich set of APIs. As a result it becomes possible to actually build your own views. To that end I have written a Groovy script which will go through each API that can be seen and retrieves the iteration deployed to each logical gateway.
In terms of running the script you obviously need Groovy installed. It expects 3 parameters which are:
It seems that it becoming common for people to write a personal review of the year. If you’re old school Christmas Card sort then it gets printed and put in the card. If you’re a bit more hip then it’s a Facebook post. For those trendier than that, who knows?
Anyway, I thought I’d use my blog to reflect on what has happened and what we hope to be upto in 2018.
So the big headlines for us …
1st book published as a co-author about ICS, started another book project which should be finished in 2018.
Packt have been talking to me about another book project (even though my contribution to book 2 not yet finished!) Have to admit what is being suggested is intriguing and a bit different
Then there was the UKOUG Journey to the Cloud event. Having been postponed because of venue flooding it was good to see this happen. Not to mention it being one of s number of events I have presented at this year.
We attended and presented at the Oracle EMEA Partner Conference for the 1st time and presented with my co-author on ICS.
Contributions to supporting the UKOUG as part of a SIG committee member, reviewed for Oracle Scene. Being involved in a SIG committee also meant helping plan the conference.
Writing hasn’t just been about the books, we continue to write our own blog posts, content for Oracle-integration.cloud plus several journals including Oracle Technology Network,
Presenting at Oracle Open World for the 1st time, and signing copies of our book on ICS
Promoted from an Oracle Ace Associate to a full Oracle Ace.
So where will 2018 take us, well somethings we’re confident of …
I have relocated my mindmaps to a new location – WiseMapping which presents the maps in a far more consumable manner than XMind. I’ve setup the links to now bounce through bitly so if things move again the links wont break. The maps available can be found using the following links:
Recently I’ve given some time over to catching up on some reading. Which has included Walter Isaacson’s tremendous book Innovators. I picked this up more because I liked Walter’s approach to the Steve Job’s biography. I thought this was going to be more focused on individuals and how they brought through new technology innovations. But actually it is a very good potted history of the development of modern computing. Whilst I work in IT and thought I knew key contributors, from Babbage, Lovelace to von Neumann and Turing. I was rather surprised at how many signficiant contributors I didnt know, or only vaguely aware of. For example the work of Douglas Engelbart who pretty much lead the design for the mouse. What about Vint Cerf who made key contributions to TCP/IP? Stephen Crocker who was responsible for the RFC that we all associate with the IETF now?
Not only is the history interesting, the book looks at the dynamics of innovation and how much innovation comes from the individuals working away on their own and having a eureka moment compared to that constant dialogue between people which sounding off each other lead to new ideas? The later is beautifully illustrated with the development of the transistor and the work of John Baarden and Walter Brattain. It’s interesting that as the history moves into the pre-internet era that more and more of advancements are a result of collective effort, but also recognised as such. I wonder whether that is because technologies made collaboration easier, or the effects of socio-cultural developments that meant people recognised the collaborative efforts?
I’d recommend this book to anyone who is interested in IT has developed or even just interested in the interplay of personalities and events such as World war II that influenced scientific advancement.
When I read a technical book from cover to cover I usually build a mind map so that I can use it as a memory jogger in the future if I need to return to get key points such as arguments or facts. With the ferstive break I have had time to finish reading Sam Newman’s Building Microservices. The following is a static image, but clicking on it can take you the dynamic site provided through WiseMapping, it does take a moment or two as the map is large (or click here).
Many of the points made in this excellent book are true to software design and development generally, but given a Microservices spin. For example, monitoring and security should be incorporated into any good design.