HDE BLOG

コードもサーバも、雲の上

34th Monthly Technical Session (MTS) Report

34th Monthly Technical Session (MTS) was held on May 19th, 2017. MTS is a knowledge sharing event, in which HDE members present some topics and have QA sessions, both in English.

f:id:bagus-rahman:20170609161151j:plain

The moderator of the 34th MTS was Jeffrey-san.

f:id:bagus-rahman:20170609154717j:plain

The first topic was "Glancing through the Scope" by David-san. He was quite involved in our company's data warehouse project. At one point, he was interested in analyzing the data to get some insights. By creating graphs of various attributes of the data, he discovered interesting insights.

Furthermore, David-san also formulated some essential questions in the process, such as "How do we provide value to our customers?", "How do we measure those values?", and "How are our customers using our services?". He also added that we should use our data effectively in building our product. Hopefully, doing so will allow us to better understand the value we provide to our customers.

f:id:bagus-rahman:20170609155713j:plain

The second topic was "Ever-Evolving Threat Landscape" by Jeff Multz-san from SecureWorks. He has 14 years of experience under his belt, and SecureWorks itself is positioned in the Leaders quadrant of Gartner's 2017 Magic Quadrant for Managed Security Services, Worldwide.

Jeff Multz-san explained SecureWorks' capabilities in solving security issues. SecureWorks provide managed security services, threat intelligence, security & risk consulting, incident response, and cloud security. In other words, SecureWorks helps organizations predict, prevent, detect, and respond to security issues. This is made possible by SecureWorks' intelligence-driven information security solutions.

Jeff Multz-san also taught us about Japan's threat landscape. He named several factors that will potentially cause security issues in Japan, such as payment card industry, MyNumber, and Tokyo 2020.

Jeff Multz-san also shared some of his experiences in solving security issues in various organizations in Japan. He told some really good advices in this part, such as "It's easier to keep attackers out than getting them out later" and "Be diligent; watch your networks 24/7/365".

f:id:bagus-rahman:20170609155757j:plain

The third topic was "Using NFS via AWS Storage Gateway" by Okubo-san. AWS Storage Gateway is a service which connects on-premise software appliance with cloud-based storage. AWS Storage Gateway enables on-premises applications to seamlessly, securely, and transparently use storage in AWS cloud.

Since November 2016, AWS Storage Gateway has provided a file interface to objects in Amazon S3 buckets. This feature, now more commonly known as File Gateway, enables storing and retrieval of Amazon S3 objects through standard file storage protocols, such as NFS. In addition, since February 2017, AWS Storage Gateway has supported running File Gateway virtual machine in Amazon EC2.

Okubo-san had been investigating File Gateway to determine whether he can use it in the project he's working on. File Gateway performs quite well. On the other hand, deploying File Gateway on Amazon EC2 requires the instance size to be at least xlarge. Furthermore, AWS hasn't offered a redundancy solution for File Gateway. Despite these caveats, using File Gateway will indeed reduce cost. In fact, the cost reduction of using File Gateway is proportional to the storage size. Because of this advantage, Okubo-san is considering of using File Gateway in the project he's working on.

f:id:bagus-rahman:20170609155828j:plain

The fourth topic was a report of Microsoft Build 2017 by Ogawa-san and Iskandar-san. Ogawa-san explained the highlights of the keynotes. Among the first day keynote topics, he was interested in implementations of Cognitive Services (AI for workplace safety and intelligent meetings) and Azure Cloud Shell and mobile portal. He also took note of other first day announcements, such as Visual Studio for Mac, Azure Database Migration Service, MySQL & PostgreSQL as a service, and many others.

Among the second day keynote topics, he was interested in Windows 10 Fall Creators Update, new apps on the Windows Store, and motion controllers for mixed reality. He also took note of other second day announcements, such as Story Remix, Fluent Design System, and OneDrive Files On-Demand, and many others.

Afterwards, Iskandar-san continued by introducing us to Azure services. Cognitive Services is a collection of APIs, SDKs, and services with which developers can easily add intelligent features into their applications. Bot Framework is a platform for building, connecting, testing, and deploying bots. In combination, Cognitive Services (such as LUIS) and Bot Framework can be utilized to develop an intelligent bot.

Iskandar-san also shared what he learned about IoT. Azure is providing IoT-related services such as IoT Edge, IoT Hub, Azure Stream Analytics. By attending Microsoft Build 2017, he was able to learn various use cases of these services. He also taught us about other important IoT concepts, such as IoT device lifecycle and IoT security.

f:id:bagus-rahman:20170609155909j:plain

The fifth topic was "Struggling with MongoDB" by Takahashi-san. MongoDB is used in the project he's working on, for its performance, scalability, and flexibility. However, some performance issues were discovered, such as ones that are related to concurrency control.

All of this resulted in Takahashi-san searching for alternatives to MongoDB. He had investigated Google BigQuery, Amazon Elasticsearch Service, Amazon CloudSearch, and Amazon Athena, among others.

Interestingly, MongoDB had worthwhile improvements of its own. Acquiring WiredTiger allowed MongoDB to offer features such as document-level concurrency, data/index compression, and memory management. Therefore, Takahashi-san decided to stick with MongoDB and utilize those features.

f:id:bagus-rahman:20170609155943j:plain

The sixth topic was "JWT vs Goa" by Tanabe-san. This topic is a continuation of Shihan-san's from the 32nd MTS, about utilizing Goa for APIs of HDE service that they are both working on. As Tanabe-san put it, Shihan-san's topic left some homework. One of those homework was API authentication, especially using JSON Web Token (JWT).

JWT is an open standard of securely transmitting information between parties as a JSON object. Goa provides a security middleware for JWT. Unfortunately, it lacked some features that Tanabe-san needed, such as support for PS256 algorithm, support for service-to-service token without expiration, and support for role-based access control. Therefore, he decided to integrate his existing security middleware for JWT into Goa. He demonstrated the integration process and listed several issues that he would like to solve in the future.

f:id:bagus-rahman:20170609160009j:plain

As usual, we had a party afterwards :)