Daily Tech Digest - July 25, 2017

10 Old-School IT Principles That Still Rule

The technology you buy is a long-term commitment on your part. You need it to be a long-term commitment on the supplier’s part, too. To play it safe, IT used to buy from big vendors. Now? Not only can open source be just as safe, sometimes you can get it from IBM or other big vendors. Not every open source technology has a broad enough base of support, but many do. If PHP, for example, will do the job, would you look at Java twice given its awful security track record? And yet Java is supported (perhaps “provided” would be more accurate) by Oracle, one of the biggest software companies in the world. This isn’t entirely new, either. The open-source-like SHARE library dates to the 1970s, after all.

Embrace the heat: Data center tips for summer operations

It’s not quite as blistering as that hot yoga class, but data center managers wrestling with their energy bills should seriously consider embracing the heat and asking techs to bring their shorts to work. Running data centers in the 80 to 82 degree Fahrenheit range as opposed to 70 degree or below can save up to two percent per degree, per bill. That’s a significant cost savings, especially if we’re talking a full 10 degree swing. Even during peak workloads, your data center should be able to take the heat. It may seem to go against conventional wisdom, but running a server “hot,” or operating that data center in a high temperature ambient (HTA) state, boosts the inlet temperature of that unit but still sticks well below component specifications. This is another way allowing crafty (and probably now sweaty) data center managers to keep their cooling costs under control.

Understand the multicloud management trade-off

In order to make multicloud work best for an enterprise you need to place a multicloud management tool, such as a CMP (cloud management platform) or a CSB (cloud services broker) between you and the plural clouds. This spares you from having to deal with the complexities of the native cloud services from each cloud provider. Instead you deal with an abstraction layer, sometimes called a “single pane of glass” where you are able to leverage a single user interface and sometimes a single set of APIs to perform common tasks among the cloud providers you’re leveraging. Tasks may include provisioning storage or compute, auto-scaling, data movement, etc.  While many consider this a needed approach when dealing with complex multicloud solutions, there are some looming issues.

Network transformation is the next big IT initiative

To support the ever-growing data needs of the end-users, agencies must enhance their network infrastructure. However, in the current environment of IT budget cuts procuring high-performance routers and firewalls are not feasible for many agencies. They must therefore explore other avenues to enhance their network infrastructure and capacity. Software-defined networking offers a potential solution for agencies that are looking to modernize their network environment without incurring much capital investment. Leveraging the principles of compute and storage virtualization, SDN allows agencies to virtualize their network infrastructure and services. Similar to data center virtualization where applications run on virtual machines, SDN enables network services (routing, firewall and WANX) to run on virtual machines hosted on general-purpose hardware.

Tweaking Internet Explorer to only use TLS 1.2

Out of the box, IE 11 conforms to the current standard, which is that it supports TLS 1.0, 1.1 and 1.2. This should be true on any up-to-date copy of Windows 7, 8.1 or 10. The nice thing about Internet Explorer is that the configuration options for supported TLS versions are right where they should be. As shown above, they can be found with: Tools -> Internet Options -> Advanced tab. Among the advanced options, they are at the very bottom. Changing these options is even easier than finding them. There is a simple, obvious, checkbox for each version of SSL and TLS that you would like to include or exclude. Compare this to Firefox, where you had to know the secret handshake to remove support for TLS 1.0 and 1.1. After limiting IE11 to just TLS1.2, the Qualys SSL Client Test should confirm that the tweaking actually works.

The paranoid Android traveler’s data-protection checklist

Changes to Android in more recent releases have bolstered security, so if you are traveling with an older device that does not support Nougat, you may want to seriously consider a hardware upgrade. Among other improvements, Nougat introduced new — and potentially more secure — device and file encryption; newer devices should have adequate hardware to handle encryption effectively (more details below). These tips are in roughly increasing order of difficulty and complexity, with the simplest and quickest first. In general, these tips involve a tradeoff between security and ease of use (making it harder to search your device can also make it a little harder for you to use it). So you may want to use some of these options only when traveling.

Cashing in on the Internet of Things

The practical (or impractical) reality of smart connected products in the home suggested there was a need for them to work together, so key industry players began to jockey for dominance. This pertained to the communications standards, as well as the ultimate command and control platforms ranging from Apple HomeKit to Amazon Echo to Google Home, Samsung SmartThings, and others. The Allseen Alliance (primarily driven by Qualcomm) got involved to broker standards for consumer IoT as well. And while the focus today in most elements of IoT is still largely on smart connected products, the progression to product systems is clearly happening. Larger players, like GE and Hitachi, bringing forward solutions like GE/Predix and Hitachi Lumada, further demonstrate this. 

10 Essential Performance Tips For MySQL

The best way to understand how your server spends its time is to profile the server’s workload. By profiling your workload, you can expose the most expensive queries for further tuning. Here, time is the most important metric because when you issue a query against the server, you care very little about anything except how quickly it completes. The best way to profile your workload is with a tool such as MySQL Enterprise Monitor’s query analyzer or the pt-query-digest from the Percona Toolkit. These tools capture queries the server executes and return a table of tasks sorted by decreasing order of response time, instantly bubbling up the most expensive and time-consuming tasks to the top so that you can see where to focus your efforts. Workload-profiling tools group similar queries together, allowing you to see the queries that are slow, as well as the queries that are fast but executed many times.

Don’t let cybercrime hold your innovation to ransom

It’s no secret that innovation is vital to stay ahead of the competition. However, it cannot come at the expense of business continuity. As a result, modern IT systems have to be more complex. While businesses work hard to make them as robust as possible, when you’re constantly innovating that complexity introduces an element of fragility and unpredictability that can be difficult to manage. The best way for CIOs to achieve these objectives is to effectively create and deploy innovative business services that are built on the organisations existing IT foundation and layered with new delivery models and platforms. In practice, it’s bridging the old and the new, enabling an organisation to innovate faster at a lower risk. Thankfully, without the need to rip and replace legacy applications.

Big Data Ingestion: Flume, Kafka, and NiFi

Flume is a distributed system that can be used to collect, aggregate, and transfer streaming events into Hadoop. It comes with many built-in sources, channels, and sinks, for example, Kafka Channel and Avro sink. Flume is configuration-based and has interceptors to perform simple transformations on in-flight data. It is easy to lose data using Flume if you’re not careful. For instance, choosing the memory channel for high throughput has the downside that data will be lost when the agent node goes down. A file channel will provide durability at the price of increased latency. Even then, since data is not replicated to other nodes, the file channel is only as reliable as the underlying disks. Flume does offer scalability through multi-hop/fan-in fan-out flows. For high availability (HA), agents can be scaled horizontally.

Quote for the day:

"Fear causes hesitation and hesitation will cause your worst fears to come true." -- Patrick Swayze