Attending de:code 2017 in Tokyo / de:code 2017 参加レポート

After a big conference Microsoft Build 2017 at Seattle, Washington in US in the beginning of May (my colleagues had written a report of Build), Microsoft also held another conference, de:code 2017, at The Prince Park Tower Tokyo in Japan for 2 days from May 23 to May 24, 2017. I would like to share my experience of attending it.

去る5月上旬にシアトルにて行われたMicrosoft Build 2017 (Buildについては同僚が参加レポートを書いてくれています)から約2週間後、ザ・プリンス パークタワー東京にてde:code 2017が開催されました。今回これに参加してきたので、体験して来たことを参加レポートとして共有したいと思います。


de:code is an annual conference held by Microsoft, which is aimed for developers same as Build. However, unlike Build, this conference is more focused on Japan’s market and Japanese developer communities. This focus is reflected in its contents. So I would like to focus on the difference between Build and de:code in this report. If you want to know more details about de:code, videos are now available.

de:codeはBuildと同じくマイクロソフト公式の開発者向けカンファレンスではあるのですが、より日本の市場や開発者コミュニティの志向を反映したようなコンテンツでした。最大8トラック並行で様々なセッションがあり、詳細はde:codeの公式ブログにて確認できます。また、Channel 9にて動画も公開されています。


36th Monthly Technical Session (MTS) Report

36th Monthly Technical Session (MTS) was held on July 21st, 2017. MTS is a knowledge sharing event, in which HDE members present some topics and have QA sessions, both in English.


The moderator of the 36th MTS was Iskandar-san.


The first topic was "Machine Learning: Intuition" by Nutt-san. He mainly focused on supervised learning. There are two phases of supervised learning, training and testing. Given input-output pairs, a good mapping from input to output is identified in the training phase. This mapping is used to predict new inputs in the testing phase. A predictor should have the smallest error possible on test data (not training data).

Nutt-san also emphasized that supervised learning works on the base of correlation, not causation. A predictor correlates input to output without knowing about causation, so we have to select input features carefully.

Nutt-san also explained the difference between deductive reasoning and inductive reasoning. To put it simply, in deductive reasoning, a conclusion is reached by applying general rules. On the other hand, in inductive reasoning, a conclusion is reached by extrapolating specific cases. Deductive reasoning is always correct, while inductive reasoning is not always correct. Machine learning is a kind of inductive reasoning. In relation to this, he reminded us that no algorithm works best for all supervised learning problem.


The second topic was "Spurious" by Fukutomi-san. Threads are utilized quite extensively in a project he was working on. Threads are usually executed concurrently and share resources. Sometimes, multiple threads accessing the same resources is not preferable due to concurrency issues.

In Java, one way to solve this is to synchronize threads. Another way is to utilize guarded blocks, which involves methods such as wait() and notify(). Unfortunately, there was a problem when Fukutomi-san was working with guarded blocks. It turned out that a thread can also wake up without being notified, interrupted, or timing out. This is called a spurious wakeup. He worked around this limitation by utilizing a true_wakeup flag.


The third topic was an explanation of a new component of an HDE service by Ogawa-san. He began by explaining the role of the new component in the HDE service. Then, he explained the technologies involved in the development of the new component. He developed the component using C++14 and Windows API, and he developed the installer program using C# 7 and .NET Framework 4.6.

Ogawa-san had to use C++ due to the component's relationship with Windows' Local Security Authority Subsystem Service (LSASS). High-level features can not be used in core operating system processes such as LSASS. In his opinion, reporting events to the Event Viewer from C++ code is not ideal. He also explained his approaches to unit test and continuous integration.


The fourth topic was "Security Assessment with Amazon Inspector" by Jeffrey-san. Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.

Jeffrey-san explained how to use the service. First, Amazon Inspector AWS Agents are installed in the target Amazon EC2 instances. Second, Amazon Inspector Assessment Targets, which are collections of EC2 instances to be scanned, are defined. Third, Amazon Inspector Assessment Templates, which defines the standardized tests to be applied on the assessment targets, are created. Finally, the assessment is run.

Amazon Inspector handles the analysis and even generates its reports. Alternatively, findings from Amazon Inspector can also be retrieved via APIs. This allows users to generate and format their own summarized or detailed reports.

Some pros to using Amazon Inspector are AWS nativity, low cost (30 cents per AWS Agent per assessment), and it is a good option for analysis of infrastructure vulnerabilities. Some cons to using Amazon Inspector are the limitation to EC2 instances and some benchmarks only work for certain operating systems.


The fifth topic was "But Will It Compile in Space!?" by Ignaty-san. He was one of our Global Internship Program (GIP) participants. This topic is a look at the effects of space radiation on electronics. There are several major radiation sources in space, such as solar wind, Van Allen Belts, changes with solar weather, and cosmic rays.

Radiation in space is much harsher than radiation on Earth. At such harsh levels, radiation can cause several kinds of damage to electronics. It can induce single-event effects which result in data degradation, calculation or logic errors, and any number of malfunctions. It can also cause gradual component degradation, which results in certain components failing entirely.

There are some ways to mitigate the effects of space radiation on electronics. The classic solution is radiation hardening. This essentially means components are made from more durable materials, which is expensive. Other solutions consists of avoiding radiation belts, shielding electronic components, designing fault-tolerant software and utilizing redundant components.


The sixth topic was "The Sweets and Bitters of React Native" by Rachel-san. She was also one of our GIP participants. React Native is a framework for building native apps using React. The motivation behind it is the desire to write mobile apps with the same logic as web apps, while achieving native behavior, without sacrificing performance. It reuses React logic in app development, is a bridge to native APIs, and executes JavaScript on the background thread.

Some pros to using React Native are easy to pick up for web developers, provides shared logic and code base for iOS and Android, gets rid of heavy IDEs, provides hot reloading, and easy to combine with native codes. Some cons to using React Native are knowledge of mobile native platform is required, relies on third-party libraries and documentations, frequent release cycles, and many ongoing problems due to its relative immaturity.


The seventh topic was "TensorFlow - Machine Learning without PhD" by Dovile-san. She was also one of our GIP participants. TensorFlow is an open-source software library for machine intelligence. TensorFlow offers lots of speed with less computing power, uses data flow graphs for numerical computations ,and provides API for Java, C++, Python, and Go. Other TensorFlow-related features include TensorBoard for visualization and TensorFlow Research Cloud for computational resource.

Dovile-san demonstrated the usage of TensorFlow to build artificial neural networks. Given the MNIST database of handwritten digits, the task is to train a model to look at images and predict what digits they are. Using TensorFlow, she defined the number and shape of the layers of the neural network. She also specified the learning rule and error measure calculation.


As usual, we had a party afterwards :)


builderscon tokyo 2017 参加レポート (セッション/コーヒーカップ裏話/当日スタッフ/懇親会) #builderscon

2017/08/03から2017/08/05までの3日間開催されたbuilderscon tokyo 2017に、弊社エンジニア複数名がスポンサー企業枠または当日スタッフとして参加しました。


  • 気になったセッションのレポート
    • The Evolution of PHP at Slack HQ
    • 真のコンポーネント粒度を求めて
    • Factory Class
  • コーヒーカップ裏話
  • 当日スタッフ
  • 懇親会



35th Monthly Technical Session (MTS) Report

35th Monthly Technical Session (MTS) was held on June 16th, 2017. MTS is a knowledge sharing event, in which HDE members present some topics and have QA sessions, both in English.


The moderator of the 35th MTS was Shihan-san.


The first topic was "Introduction of React from Angular User" by Shinohara-san. He had been using Angular most of the time, but his most recent project required him to use React instead. He mentioned that Angular is a framework, while React is a library. Despite this difference, the two are often compared. Shinohara-san compared the two of them with the help of TodoMVC. He also explained some features of React, such as JSX, props, and state.


The second topic was "Statistics Analysis Framework 'ROOT'" by Kusumoto-san. Root is a data analysis framework developed by CERN. It deals with big data processing, statistical analysis, visualization, and storage.

Kusumoto-san had used ROOT several years ago, for research in university. He explained some of ROOT features, such as visualizing data as histograms and trees. He also demonstrated the various types of histogram that ROOT provides.


The third topic was "Stylish Python" by Jonas-san. He suggested several ideas about project structure, code style, and best practices.

Regarding project structure, one of Jonas' ideas were putting code under src/ directory. Some benefits of doing this are preventing imports from the root directory and requires developer to have a functioning setup.py to work locally. The latter helps finding packaging bugs and makes using entry points easier.

Regarding code style, Jonas proposed many ideas based on PEP 8. He covered indentation, line length, imports, naming, class method order, literals, type hints, and function definitions.

Regarding best practices, Jonas recommended how to write setup.py, how to define dependencies, using iterators, using enums, and using sentinels. He also recommended using several third-party libraries, such as pytest and attrs.


The fourth topic was a report of Open Source Summit Japan 2017 by Xudong-san. Open Source Summit Japan is an annual conference event held by The Linux Foundation. This year's event is a combination of LinuxCon, ContainerCon, and CloudOpen. Every day, there were around 10 time slots with 4 concurrent sessions in each time slot. The number of attendees was about 600.

Xudong-san attended sessions about Kubernetes, AArch64 architecture support for servers, container security, non-root containers / user namespace containers, and Red Hat's and Microsoft's product promotion sessions, among others. Attending Open Source Summit Japan 2017 made him realize several things. First is the increasing interest and support of Kubernetes, related to services and products such as Google Cloud Platform, Microsoft Azure, and Red Hat OpenShift. Second is the fact that container security is still a big issue.


The fifth topic was "Our Culture is Our Brand" by Kenny-san. This topic came from his participation in Customer Experience Management 2017. It was held in Sydney and more than 70 companies were a part of the event. Some of these companies are Google, Microsoft, and Australia Post, among others.

In Kenny-san's opinion, 'culture' is the most important concept out of all the concepts that were frequently discussed in the event. Culture is important in achieving customer success and engagement. Both are important in our effort to become a world-class IT company.

Kenny-san defined culture as things that connect us, things that we share even as we continue to grow. These things are belief, purpose, value, and passion. The more things we share, the stronger our culture is. In a company context, culture helps us to get and keep the best people, helps us to build teamwork and improve performance, gives us competitive advantage, and gives us meaning, passion, and love for our work.

These far-reaching effects of culture led Kenny-san to believe that our culture is our brand. Therefore, we have to develop good culture. It consists of strong belief, clear vision, good value, good environment, and good behavior, among others. Good culture leads to employee engagement. In turn, employee engagement leads to customer success and engagement.


The sixth topic was "Cloud Gaming" by Kelvin-san. He was one of our Global Internship Program (GIP) participants. He began by introducing the concept of cloud gaming, which follows a client-server model. The client sends user commands, the server does all the processing, and the client receives the resulting video stream.

Kelvin-san described his own cloud gaming setup, which utilizes an Amazon EC2 g2.2xlarge instance and Parsec. According to him, such a setup is quite expensive, as it costs him 80 cents per hour. He also mentioned other commercial cloud gaming solutions, such as PlayStation Now, GeForce NOW, and LiquidSky.

Kelvin-san also explained the pros and cons of cloud gaming. Some of its pros are the fact that it is essentially Gaming as a Service (GaaS), developers don't have to worry about DRM, developers have full control over software and hardware, and customers enjoy high availability and low setup time. Some of its cons are its dependence to internet connection, the fact that it is a single point of failure, zero possibility for consumers to mod games, and consumers don't really own games.


The seventh topic was "Intro to Apache Spark" by Weiting-san. She was also one of our Global Internship Program participants. Apache Spark is an open-source cluster computing system. It is often utilized as an engine for large-scale data processing. Some benefits of Spark are its speed (100 times faster than Hadoop MapReduce in memory, or 10 times faster on disk), its API (for Java, Scala, Python, and R), its libraries (SQL and DataFrames, Spark Streaming, MLib, and GraphX), and it runs everywhere.

Weiting-san also explained some of the main concepts of Spark. Resilient Distributed Datasets (RDDs) are fault-tolerant collections of elements that can be operated on in parallel. They are read-only and distributed over a cluster of machines. RDDs support two types of operations, which are transformations and actions. Transformations create a new dataset from an existing one. Actions return a value to the driver program after running a computation on the dataset. Working with RDDs generally involves creating an RDD from a data source, applying transformations (e.g. map) to an RDD, and applying actions (e.g. reduce) to an RDD.


The eighth topic was "Klassify and Kluster: Machine Learning Essentials" by Jay-san. He was also one of our Global Internship Program participants. He explained two problems in machine learning, which are classification and clustering. Classification is the problem of identifying a class to which a new observation belongs. This is done based on a collection of observations whose class membership is known. On the other hand, clustering is the task of grouping a set of objects in such a way that objects in the same cluster are more similar to each other than to those in other clusters.

Jay-san also taught us some learning algorithms to solve those problems. Regarding classification, he explained k-Nearest Neighbors algorithm (k-NN). k-NN classifies an observation based on a majority vote of its neighbors. An observation is assigned to the class most common among its k nearest neighbors. Regarding clustering, he explained k-means clustering algorithm. It aims to partition n observations into k clusters. Each object belongs to the cluster with the nearest mean. He also presented the performance of both learning algorithms on the Iris Flower Data Set.


As usual, we had a party afterwards :)


Attending Microsoft Build 2017 in Seattle

Hello, this blog post might be a bit unusual since it is written by 2 persons. We are Iskandar and Ogawa from the cloud product development team. In this occasion, we would like to share our experience attending Microsoft Build 2017.

Microsoft Build is an annual conference held by Microsoft, which is aimed for developers. The venue for this year event is located at Seattle, Washington, and the event runs for 3 days from May 10 to May 12, 2017. From Japan, we joined this event via an organized PTS tour and there were more than 50 participants. This event was also our first time visiting Seattle, so we were excited to take a quick look around the Emerald City!



34th Monthly Technical Session (MTS) Report

34th Monthly Technical Session (MTS) was held on May 19th, 2017. MTS is a knowledge sharing event, in which HDE members present some topics and have QA sessions, both in English.


The moderator of the 34th MTS was Jeffrey-san.


The first topic was "Glancing through the Scope" by David-san. He was quite involved in our company's data warehouse project. At one point, he was interested in analyzing the data to get some insights. By creating graphs of various attributes of the data, he discovered interesting insights.

Furthermore, David-san also formulated some essential questions in the process, such as "How do we provide value to our customers?", "How do we measure those values?", and "How are our customers using our services?". He also added that we should use our data effectively in building our product. Hopefully, doing so will allow us to better understand the value we provide to our customers.


The second topic was "Ever-Evolving Threat Landscape" by Jeff Multz-san from SecureWorks. He has 14 years of experience under his belt, and SecureWorks itself is positioned in the Leaders quadrant of Gartner's 2017 Magic Quadrant for Managed Security Services, Worldwide.

Jeff Multz-san explained SecureWorks' capabilities in solving security issues. SecureWorks provide managed security services, threat intelligence, security & risk consulting, incident response, and cloud security. In other words, SecureWorks helps organizations predict, prevent, detect, and respond to security issues. This is made possible by SecureWorks' intelligence-driven information security solutions.

Jeff Multz-san also taught us about Japan's threat landscape. He named several factors that will potentially cause security issues in Japan, such as payment card industry, MyNumber, and Tokyo 2020.

Jeff Multz-san also shared some of his experiences in solving security issues in various organizations in Japan. He told some really good advices in this part, such as "It's easier to keep attackers out than getting them out later" and "Be diligent; watch your networks 24/7/365".


The third topic was "Using NFS via AWS Storage Gateway" by Okubo-san. AWS Storage Gateway is a service which connects on-premise software appliance with cloud-based storage. AWS Storage Gateway enables on-premises applications to seamlessly, securely, and transparently use storage in AWS cloud.

Since November 2016, AWS Storage Gateway has provided a file interface to objects in Amazon S3 buckets. This feature, now more commonly known as File Gateway, enables storing and retrieval of Amazon S3 objects through standard file storage protocols, such as NFS. In addition, since February 2017, AWS Storage Gateway has supported running File Gateway virtual machine in Amazon EC2.

Okubo-san had been investigating File Gateway to determine whether he can use it in the project he's working on. File Gateway performs quite well. On the other hand, deploying File Gateway on Amazon EC2 requires the instance size to be at least xlarge. Furthermore, AWS hasn't offered a redundancy solution for File Gateway. Despite these caveats, using File Gateway will indeed reduce cost. In fact, the cost reduction of using File Gateway is proportional to the storage size. Because of this advantage, Okubo-san is considering of using File Gateway in the project he's working on.


The fourth topic was a report of Microsoft Build 2017 by Ogawa-san and Iskandar-san. Ogawa-san explained the highlights of the keynotes. Among the first day keynote topics, he was interested in implementations of Cognitive Services (AI for workplace safety and intelligent meetings) and Azure Cloud Shell and mobile portal. He also took note of other first day announcements, such as Visual Studio for Mac, Azure Database Migration Service, MySQL & PostgreSQL as a service, and many others.

Among the second day keynote topics, he was interested in Windows 10 Fall Creators Update, new apps on the Windows Store, and motion controllers for mixed reality. He also took note of other second day announcements, such as Story Remix, Fluent Design System, and OneDrive Files On-Demand, and many others.

Afterwards, Iskandar-san continued by introducing us to Azure services. Cognitive Services is a collection of APIs, SDKs, and services with which developers can easily add intelligent features into their applications. Bot Framework is a platform for building, connecting, testing, and deploying bots. In combination, Cognitive Services (such as LUIS) and Bot Framework can be utilized to develop an intelligent bot.

Iskandar-san also shared what he learned about IoT. Azure is providing IoT-related services such as IoT Edge, IoT Hub, Azure Stream Analytics. By attending Microsoft Build 2017, he was able to learn various use cases of these services. He also taught us about other important IoT concepts, such as IoT device lifecycle and IoT security.


The fifth topic was "Struggling with MongoDB" by Takahashi-san. MongoDB is used in the project he's working on, for its performance, scalability, and flexibility. However, some performance issues were discovered, such as ones that are related to concurrency control.

All of this resulted in Takahashi-san searching for alternatives to MongoDB. He had investigated Google BigQuery, Amazon Elasticsearch Service, Amazon CloudSearch, and Amazon Athena, among others.

Interestingly, MongoDB had worthwhile improvements of its own. Acquiring WiredTiger allowed MongoDB to offer features such as document-level concurrency, data/index compression, and memory management. Therefore, Takahashi-san decided to stick with MongoDB and utilize those features.


The sixth topic was "JWT vs Goa" by Tanabe-san. This topic is a continuation of Shihan-san's from the 32nd MTS, about utilizing Goa for APIs of HDE service that they are both working on. As Tanabe-san put it, Shihan-san's topic left some homework. One of those homework was API authentication, especially using JSON Web Token (JWT).

JWT is an open standard of securely transmitting information between parties as a JSON object. Goa provides a security middleware for JWT. Unfortunately, it lacked some features that Tanabe-san needed, such as support for PS256 algorithm, support for service-to-service token without expiration, and support for role-based access control. Therefore, he decided to integrate his existing security middleware for JWT into Goa. He demonstrated the integration process and listed several issues that he would like to solve in the future.


As usual, we had a party afterwards :)

33rd Monthly Technical Session (MTS) Report

33rd Monthly Technical Session (MTS) was held on April 14th, 2017. MTS is a knowledge sharing event, in which HDE members present some topics and have QA sessions, both in English.


The moderator of the 33rd MTS was Michael-san.


The first topic was "AWS Service Update Summary 2017 Q1 (January - March)" by Mitsuharu Hamba-san from AWS. Recently, 5 new AWS services were introduced.

AWS Batch enables users to run batch computing jobs on AWS. AWS Batch provisions resources based on the requirement of batch jobs. Users don't need to do provisioning tasks, such as managing servers or installing batch computing software, by themselves.

Amazon Cloud Directory is a directory store in AWS. Unlike traditional directory solutions, Amazon Cloud Directory allows users to create directories with hierarchies that span multiple dimensions. However, Amazon Cloud Directory is not a directory service for IT administrators who want to manage or migrate their directory infrastructure. Amazon Cloud Directory is a directory store first and foremost, and it is not designed to support some features their directory does, such as authentication and policy frameworks.

Amazon Chime is a communications service. Amazon Chime supports online meeting, video conference, call, chat, and content sharing, both inside and outside an organization. Amazon Chime is secure and works seamlessly across Android, iOS, Mac, and Windows devices.

AWS Organizations enables policy-based management for multiple AWS accounts. Furthermore, with AWS Organizations, users can control access to AWS services, automate AWS account creation and management, and consolidate billing across multiple AWS accounts.

Amazon Connect is a self-service, cloud-based contact center service. Amazon Connect is based on the same contact center technology used by Amazon. With Amazon Connect, users can set up a cloud-based contact center in minutes. Amazon Connect also makes it easy for users to design contact flows, manage agents, and track performance metrics.

Besides those new AWS services, Hamba-san also introduced various updates of the existing AWS services. He also invited us to participate in AWS Summit Tokyo 2017.


The second topic was "Try to Eliminate Toil with CodePipeline" by Doi-san. The book Site Reliability Engineering defines toil as the kind of work tied to running a production service that tends to be manual, repetitive, automatable, tactical, devoid of enduring value, and that scales linearly as a service grows.

Doi-san feels that there's a toil in the deployment process of the project he's working on. He needs to check every change in the infrastructure that he's about to make. According to Doi-san, this process doesn't have a well-defined procedure, is prone to human error, and wastes time.

AWS CodePipeline is a continuous integration and continuous delivery service with which users can model, visualize, and automate the steps required to release software. Furthermore, AWS CodePipeline also allows users to establish a consistent release process, incorporate AWS services and third-party tools into a pipeline, and others.

Doi-san had been interested in utilizing AWS CodePipeline for quite some time, and finally it was released in Tokyo region. He demonstrated how users can utilize AWS CodePipeline and showed us how the service changed the deployment process of the project he's working on.


The third topic was "Let's Try Azure" by Kodama-san. In the 32nd MTS, Mami Konishi-san and Drew Robinsons-san from Microsoft introduced Microsoft Azure to us. Afterwards, Kodama-san went ahead and prepared a Microsoft Azure environment for our development team.

Kodama-san explained Microsoft Azure hierarchy. From top to bottom, the hierarchy consists of Directory, Subscription, Resource Group, and Resource. Directory (Azure Active Directory) is where users are registered. Subscription is a billing unit. Resource Group is a container that holds related resources for an Azure solution. Resource is a manageable item that is available through Azure, such as VM, database, etc. The associations between the hierarchy elements are all one-to-many. For example, a Directory can be associated to multiple Subscriptions, but a Subscription must be associated to exactly one Directory. Kodama-san then proposed some rules regarding our Microsoft Azure hierarchy.

Kodama-san introduced some Microsoft Azure services, such as Azure Container Service and Cognitive Services. He then made a sample solution of analyzing logs using various Microsoft Azure services. He also recommended forums where members of our development team can ask questions about Microsoft Azure.

He concluded the session by reminding everyone of Microsoft Build 2017. There may be announcements about Microsoft Azure in the event.


The fourth topic was "Serverless HTML Form Using Customers Mail Cloud" by Chia-Chun-san. He was our Global Internship Program (GIP) participant. Serverless HTML Form is the application he had been working on during his internship. He implemented with the intentions of learning how to develop an application with serverless architecture, showing the extent of Customers Mail Cloud's capabilities, and identifying the ways Customers Mail Cloud can be integrated with other cloud computing services.

There are several requirements of Serverless HTML Form. First, the application should have a static webpage, with which users will be able to send emails. Second, after a user sends an email, the application should send confirmation emails to the user and their manager. Third, the application should be serverless.

Chia-Chun-san actually implemented two versions of Serverless HTML Form. The first version worked well, but it had problems about email status. Even if an email couldn't be sent (e.g. because of typos in the email address), Serverless HTML Form would still regard the email as being successfully sent. In other words, users couldn't receive the email, and they wouldn't be able to know its status (e.g. is still being sent, failed to be sent, is sent to the wrong address, etc.).

The second version solved this issue by utilizing Customers Mail Cloud's features. The second version's architecture consists of Amazon S3, Amazon API Gateway, AWS Lambda, Amazon DynamoDB, and Customers Mail Cloud. Chia-Chun-san also explained the second version's workflow and message flow. He also shared some important things he had discovered during the second version's implementation. Finally, he demonstrated how to utilize the second version of Serverless HTML Form.


As usual, we had a party afterwards :)