CodeIsGo.com

In this blog post, you’ll learn how to protect privileged business transactions that are exposed as APIs by using multi-factor authentication (MFA) or security challenges. These challenges have two components: what you know (such as passwords), and what you have (such as a one-time password token). By using these multi-factor security controls, you can implement step-up authentication to obtain a higher level of security when you perform critical transactions. By Salman Moghal, Mahmoud Matouk, and Ozair Sheikh.

The main points explained in the article:

• Solution architecture
• Identity provider
• Protected backend
• Data design
• Authorizer
• Initiate auth endpoint
• Respond to challenge endpoint
• Deploy and test the step-up authentication solution
• Step-up solution design details

This solution uses several Amazon Cognito API operations to provide step-up authentication functionality. Amazon Cognito applies rate limiting on all API operations categories, and rapid calls that exceed the assigned quota will be throttled. Nice one!

The goal of this post is to get familiar with how memory works in java. We will see how it works in combination with the OS it runs on, how it’s structured and how it functions internally inside a JVM. By Nermin Karapandzic.

The article is split into:

• Heap
• Stack
• Code cache
• How does JVM manage heap
• Garbage collection in more detail
• Phases of garbage collection

Heap memory is used for dynamic allocation of java object and java classes in runtime. Newly created objects are always saved into heap space while the references to these objects are always in stack memory. Good read!

PyTorch has been predominantly used in research and in recent years it has gained tremendous traction in the industry as well due to its ease of use and deployment. By Rajesh Thallam, Vaibhav Singh.

Google Cloud AI Platform is a fully managed end-to-end platform for data science and machine learning on Google Cloud. Leveraging Google’s expertise in AI, AI Platform offers a flexible, scalable and reliable platform to run your machine learning workloads. AI Platform has built-in support for PyTorch through Deep Learning Containers that are performance optimized, compatibility tested and ready to deploy.

Authors then explain:

• Why PyTorch on Google Cloud AI platform?
• Use case and dataset
• Creating a development environment on AI Platform Notebooks
• Creating a Notebook instance with the pre-built PyTorch DLVM image
• Notebook instance with custom container
• Training a PyTorch model on AI Platform training

You will find plenty opf resources for further study in this article. Authors explored Cloud AI Platform Notebooks as a fully customizable IDE for PyTorch model development. We then trained the model on Cloud AI Platform Training service, a fully managed service for training machine learning models at scale. Nice one!

Open-sourced alternative to OpenAI’s gated DALL·E 2 with comparable quality, Stable Diffusion offers something to everyone: end-users can generate images virtually for free, developers can embed the model into their service, ML engineers can investigate and modify the code, and researchers have full leeway to push the state of the art even further. By Iulia Turc.

This article includes all the painful little details author had to figure out, hoping that it saves you time. Here are the high-level steps (we will dive deeper into each one of them below):

• Make sure you have enough GPU quota
• Create a virtual machine with a GPU attached
• Download Stable Diffusion and test inference
• Bundle Stable Diffusion into a Flask app
• Deploy and make your webserver publicly accessible

Since GPUs are still not cheap, Google is running a tight ship when it comes to its GPU fleet, provisioning its limited supply to those who need it the most, and those who are willing to pay. By default, free trial accounts do not have GPU quota. Good read!

Open-source technology can play an important role in tackling the climate emergency by offering greater opportunities for collaboration and shared learning on key issues. By Leigh Mc Gowran.

Technology is already “crucial” for dealing with the climate crisis, but noted some key advantages that an open-source approach offers, particularly in terms of collaboration. We need to be open not just in our collaboration but also in our learnings and results, we need to understand what doesn’t work just as much as what works.

Che spoke about the importance of improving technology to help the environment, including the ways open source can be a benefit when it comes to improving energy efficiency and protecting the wild. Speaking to SiliconRepublic.com, Che said open-source research can be used to help bring “real change” to certain areas such as cloud, edge and devices.

Huawei has been contributing to open-source projects since around 2010, with the level of contributions rising in recent years. The company was the 10th largest contributor to GitHub in 2020, which was a leap from 27th place the year before. Huawei also contributes to Gitee, China’s largest open-source software repository.

Che said there are challenges with bringing people around the world together for open-source collaboration, however. “Different developers may be in different time zones and speak different native languages,” he noted. “They may serve different markets with substantially different requirements. And they may develop their local ecosystems completely differently.” Nice one!

JavaScript is a programming language commonly used for web development, among many other things. It works in conjunction with HTML and CSS to add dynamic functionality to websites. By Annoh Karlgusta.

The article will cover in some depth following:

• How to learn JavaScript faster – an overview
• How to practice coding in JavaScript
• Why you should read the documentation
• Some best practices you can adopt from reading documentation
• How to contribute to open source projects
• How to find projects to contribute to
• Why you should build lots of projects
• Resources that might inspire you to build projects

Practicing is what makes you progress. Whether it’s in music, dancing, singing, playing basketball – or coding. Practicing is really repetitive and can be tiring, but it is what helps us and sets us apart in the long run. It is through the action of practicing and repetition that we are able to be good at all these activities. Coding is not different. Good read!

Directed acyclic graphs (DAGs) serve a wide variety of applications in computer science, biology, sociology, and other fields that involve complex networks. While these graphs often contain a large number of edges, some of the edges might be redundant, making computations unnecessarily expensive and the graph structure harder to understand. By Dominik Braun.

This article demonstrates how a DAG can be built in Go using the graph library and describes the algorithm to remove these redundant edges in detail. Further it explains:

• Transitive reduction
• Building the DAG
• Computing the transitive reduction
• Implementing the algorithm
• Using transitive reduction in your application

Adding numerous edges to a DAG can make the graph unnecessarily complex. However, these graphs can be simplified using a technique called transitive reduction. Good read!

Whether you’re building websites for an ad agency or software for a company, it’s important to understand how to lead your team to success and make your customer happy. Here’s what you need to be an agile PM, also known as a Scrum Master. By Donovan Rittenbach.

There are four essential responsibilities in which all successful agile leaders excel and they include communication, planning, documenting, managing. The article then explains:

• The agile methodology
• Every project has similarities
• Iteration planning
• The sprint
• The iteration demonstration
• The iteration retrospective

Modern project managers prefer agile practices when it comes to developing software. Guided by agile principles, Scrum Masters lead the team through four key phases of development: the iteration planning, a sprint, sprint review and sprint retrospective.

A service mesh is a force multiplier that can do everything from service discovery to zero trust security, load balancing, multi-cloud connectivity, automation, and north-south traffic. Even as service mesh adoption continues to grow, some organizations are still trying to understand the full extent of what a service mesh can and can’t do. By Van Phan.

If the service mesh you choose is cloud-agnostic, you can greatly simplify a multi-cloud architecture. Not only that, but many service mesh products include service discovery, secure service-to-service communication, load-balancing capabilities, and L7 and L4 network management capabilities that include progressive delivery patterns. Further in the article:

• Service discovery
• Zero trust networking
• Load balancing
• Multi-cloud connectivity
• Automation
• North-South traffic control

For the 81% of organizations that are already using multiple clouds, or plan to do so, service meshes can definitely help contain the sprawl of tools. Agnostic service meshes like Consul can provide further tool consolidation with built-in features to connect services between clouds, automate network device updates, and control access to services from external clients. Good read!

FinOps has become an increasingly popular goal of many organizations. It helps to unite financial teams and cloud operations teams across organizations to speak the same language, understand cloud costs and how they can be optimized. By Danielle Cook.

The crawl, walk, run approach maps to the Kubernetes Maturity Model Fairwinds put together and that the Cloud Native Computing Foundation (CNCF) leaned on heavily when producing the Cloud Native Maturity Model. As users adopt Kubernetes, they will take a similar crawl, walk, run approach to the technology, people, process and policy. The financial side should also be part of adoption.

The most important part of the crawl phase is getting your CPU and memory settings right. Open source tools like Goldilocks help identify a baseline for setting Kubernetes resource requests and limits. This is sufficient in small one to three cluster environments where you most likely have a small number of engineers (one or two) managing Kubernetes. Having a tool like Goldilocks is important.

As you are “walking,” the DevOps and platform engineering teams are looking into the cost problem. As you move to the run phase, this changes.

FinOps says organizations in the run phase are all aligned and have adopted a robust model. There are very high goals/KPIs set on the measurement of success and automation is preferred. Good read!