SUBSCRIBE TO UI STREET

BLUE OCEAN 1.0

WHAT BLUE OCEAN ACTUALLY IS?

Blue Ocean rethinks the user experience of Jenkins. Designed from the ground up for Jenkins Pipeline, Blue Ocean reduces clutter and increases clarity for every member of the team.

* Sophisticated visualizations of continuous delivery (CD) Pipelines, allowing for fast and intuitive comprehension of pipeline’s status.

* Pipeline editor makes creation of Pipelines approachable by guiding the user through an intuitive and visual process to create a Pipeline.

* Personalization to suit the role-based needs of each member of the team.

* Pinpoint precision when intervention is needed and/or issues arise, Blue Ocean shows where in the pipeline attention is needed, facilitating exception handling and increasing productivity.

* Native integration for branch and pull request enables maximum developer productivity when collaborating on code with others in GitHub and Bitbucket.

STARTING WITH BLUE OCEAN

Below we will show you how to start using Blue Ocean. It will include instructions for installing and configuring the Blue Ocean plugin, and how to switch into and out of the Blue Ocean UI.

INSTALLING
Blue Ocean can be installed in an existing Jenkins environment or can run with Docker.
To start using the Blue Ocean plugin in an existing Jenkins environment, it must be running Jenkins 2.7.x , later:

* Login to your Jenkins server.

* Click Manage Jenkins in the sidebar then Manage Plugins.

* Choose the Available tab and use the search bar to find Blue Ocean.

* Click the checkbox in the Install column.

* Click either Install without restart or Download now and install after restart.

The majority of Blue Ocean requires no additional configuration after installation. Existing Pipelines and Jobs will continue to work as usual. However, when Pipeline is created for the first time, Blue Ocean will ask for permissions to access user repositories in order to create pipelines based on those repositories.

WITH DOCKER

The Jenkins project publishes a Docker container with Blue Ocean built-in every time a new release of Blue Ocean is published. The jenkinsci/blueocean image will be based on the current Jenkins Long-Term Support (LTS) release and is ready for production.

TO START A NEW JENKINS WITH BLUE OCEAN PRE-INSTALLED

* Ensure Docker is installed.

* Run docker run -p 8888:8080 jenkinsci/blueocean:latest.

* Browse to localhost:8888/blue.

STARTING BLUE OCEAN

Once the Blue Ocean is installed in Jenkins environment users can start using Blue Ocean by clicking the Open Blue Ocean in the top navigation bar of the Jenkins web UI. Alternatively, users can navigate directly to Blue Ocean at the /blue URL for their Jenkins environment, for example http://JENKINS_URL/blue.

FINAL WORD

Blue Ocean is an entirely a new, modern, and fun way for developers to use Jenkins that has been built from the ground level to help teams of any size with an approach of Continuous Delivery. It can be installed as a plugin for Jenkins and can be integrated with Jenkins Pipeline. Since the start of the beta at Jenkins World 2016 in September, there are now over 7400+ installations making use of Blue Ocean.

SUBSCRIBE TO UI STREET

ALL YOU NEED TO KNOW ABOUT APACHE HADOOP YARN

All You Need To Know About Apache Hadoop Yarn

YARN is one of the key features in the second-generation of Hadoop 2 version of the Apache Software Foundation’s open source distributed processing framework. Originally described by Apache as a redesigned resource manager, YARN is now characterized as a large-scale, distributed operating system for big data applications.

Back in 2012, YARN became a sub-project of the huge Apache Hadoop project. YARN is a software rewrite that decouples MapReduce’s resource management and scheduling capabilities from the data processing component, which enables the Hadoop to support in a varied processing approach and a broader array of applications. The original manifestation of Hadoop closely paired the Hadoop Distributed File System (HDFS) with the batch-oriented MapReduce programming framework, which handles resource management and job scheduling on Hadoop systems and supports the parsing and condensing of data sets parallelly.

YARN combines a central resource manager that reunites the way applications are used by the Hadoop system resources with node manager agents which monitor the processing operations of individual cluster nodes. Separating HDFS from MapReduce with YARN makes the Hadoop environ ment more suitable for operational applications which can’t wait for batch jobs to finish.

DEVELOPING YARN APPLICATIONS

YARN provides the capabilities to build custom application frameworks on top of Hadoop, users also get new complexity. Building applications for YARN are notably more complex than building traditional MapReduce applications on top of pre-YARN Hadoop because the user needs to develop an ApplicationMaster in ResourceManager which is launched when a client request arrives. The ApplicationMaster has many requirements, including implementation of a number of required protocols to communicate with the ResourceManager (for requesting resources) and NodeManager (to allocate containers). For existing MapReduce users, a MapReduce ApplicationMaster minimizes any new work required, making the amount of work required to deploy MapReduce jobs similar to pre-YARN Hadoop.

YARN allocates the resources within a cluster, performs processing, exposes touchpoints for monitoring the progress of the application, and finally releases resources and does general clean-up when the application is complete. A boilerplate implementation of this life cycle is available under a project called Kitten. Kitten is a set of tools and code that simplifies the development of applications in YARN, allowing the user to focus on the logic of their application and initially ignores the details of negotiation and runs with the constraints of the various entities in a YARN cluster.

FINAL WORD

Although Hadoop continues to grow in the big data market, it has begun an evolution to address yet-to-be-defined large-scale data workloads. YARN is still under active development and may not be suitable for production environments, but YARN provides significant advantages over traditional MapReduce. It permits the development of new distributed applications beyond MapReduce, allowing them to coexist simultaneously with one another in the same cluster. YARN, with its new capabilities and new complexities, will soon be coming to a Hadoop cluster near you.

SUBSCRIBE TO UI STREET

GOOGLE FUSCHIA

Google Fuschia

Google Fuschia

Google is solely developing a new operating system, but here is the thing: it’s unclear at the moment what this operating system is for, including what devices it might power. Explore this article and know about the Google’s new project Fuchsia.

GOOGLE FUCHSIA: WHAT IS IT?

Fuchsia is a developing pile of code. Users can find it on the search giant’s code depository and on GitHub. The code is purportedly the early beginnings of an entirely new operating system, though Google has yet to confirm those details. Curiously, it’s not based on Linux Kernel – the core underpinnings of both Android (Google’s mobile OS) and Chrome OS (Google’s desktop and laptop OS).

GOOGLE FUCHSIA: HOW DOES IT LOOK LIKE?

Fuchsia has already has an early user interface with a card-based design, according to Ars Technica, which posted a video and images of the yet-to-be-announced software. The interface is reportedly called Armadillo. It was first discovered by Kyle Bradshaw at Hotfix.

Unlike Android OS or Chrome OS, both of are based on Linux, Fuchsia is built on Magenta, a new kernel created by Google. Armadillo is built in Google’s Flutter SDK, which is used to create cross-platform code which is capable of running on multiple operating systems. With Armadillo, different cards can be dragged around for use in a split-screen or tabbed interface.

The current thought is that Fuchsia is a new OS that could unify Chrome OS and Android into a single operating system (something that’s been heavily speculated since 2015. Reports have claimed that OS will be released in 2017).

Google’s own documentation describes the software is targeting “modern phones and modern personal computers” with “fast processors” and “non-trivial amounts of RAM.”

Fuchsia is also built on Magenta, a “medium-sized microkernel” based on a project called LittleKernel. The two developers have listed on Fuchsia’s GitHub page – a senior software engineer at Google and a former engineer on Android TV and Nexus Q – are well-known experts in embedded systems.

Furthermore, Google’s documentation notes Magenta supports user modes, graphics rendering, and “capability-based security model”. Although all this points to Fuchsia being an OS for Wi-Fi connected gadgets, Google already has an IoT platform called Android Things. Also, Ars Technica has compiled the Armadillo system UI, and it seems like Fuchsia is intended to be a smartphone or tablet OS.

GOOGLE FUCHSIA: IS IT GOING TO REPLACE ANDROID?

Android is perforated with problems that Google has yet to fix. Firstly, there’s fragmentation caused by hundreds of different devices from dozens of manufacturers using different, tweaked versions of Android rather than the latest, version. Secondly, there’s an update problem. Google has an annual release which is scheduled for Android updates, but it takes about four years for an update to fully flood the ecosystem.

Google could not decide to push Android direct to these devices if any modifications and tinkering has been done – another problem is that Android is based on Linux.

Linux is not only old but it also has many legal issues – and subsequent licensing fees from Android hardware OEMs eat away at profit margins. The Linux kernel was also not originally designed for smartphones and IoT devices, and yet the kernel’s been completely tweaked and loaded onto those devices, creating a prime environment for bugs and vulnerabilities to grow.

FUCHSIA’S CORE CODE IS DESIGNED TO BE LIGHTWEIGHT:

The Magenta kernel can do a lot more than just power a router. Google’s own documentation says the software “targets modern phones and modern personal computers” that use “fast processors” and “non-trivial amounts of RAM.” It notes that Magenta supports a number of advanced features, including user modes and a “capability-based security model.”

This is just speculation for now, and the only real description we have of Fuchsia is what it says at the top of the GitHub page: “Pink + Purple == Fuchsia (a new Operating System).” The question of why the project would be revealed in this way is also confusing, although when it is stressed on the subject, Swetland reportedly said: “The decision was made to build it open source, so it might start from the beginning.”

Well, we’ve certainly got the beginning of Fuchsia, but where it goes next isn’t clear. From what we can see, it’s currently being tested on all sorts of systems. Swetland says it’s “booting reasonably well” on small-form factor Intel PC’s, while another Google developer involved in the project, Travis Geiselbrecht, says they’ll soon have support for the Raspberry Pi 3. At this rate, it looks like Fuchsia will be popping up all over the place.

SUBSCRIBE TO UI STREET

WHAT ARE THE NEW FEATURES INTRODUCED IN JAVA 8?

What are the new features introduced in JAVA 8?

There are dozens of features added to Java 8, the most significant ones are mentioned below :-

Lambda expression − Adds functional processing capability to Java.

Method references − Referencing functions by their names instead of invoking them directly. Using functions as parameter.

Default method − Interface to have default method implementation.

New tools − New compiler tools and utilities are added like ‘jdeps’ to figure out dependencies.

Stream API − New stream API to facilitate pipeline processing.

Date Time API − Improved date time API.

Optional − Emphasis on best practices to handle null values properly.

Nashorn, JavaScript Engine − A Java-based engine to execute JavaScript code.

SUBSCRIBE TO UI STREET

HOW TO ADD A BEAN IN SPRING APPLICATION?

How to add a bean in spring application?

Check the following example −

<?xml version = “1.0” encoding = “UTF-8″?>
<beans xmlns = “http://www.springframework.org/schema/beans”
xmlns:xsi = “http://www.w3.org/2001/XMLSchema-instance”
xsi:schemaLocation = “http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd”>

<bean id = “helloWorld” class = “com.tutorialspoint.HelloWorld”>
<property name = “message” value = “Hello World!”/>
</bean>

</beans>

SUBSCRIBE TO UI STREET

HOW CAN YOU INJECT JAVA COLLECTION IN SPRING?

How can you inject Java Collection in Spring?

Spring offers four types of collection configuration elements which are as follows :-

<list> − This helps in wiring i.e. injecting a list of values, allowing duplicates.

<set> − This helps in wiring a set of values but without any duplicates.

<map>− This can be used to inject a collection of name-value pairs where name and value can be of any type.

<props>− This can be used to inject a collection of name-value pairs where the name and value are both Strings.

SUBSCRIBE TO UI STREET

HOW WILL YOU SECURE JENKINS?

How will you secure Jenkins?

The way to secure Jenkins is mentioned below :-
Ensure global security is on.
Ensure that Jenkins is integrated with company’s user directory with appropriate plugin.
Ensure that Matrix/Project matrix is enabled to fine tune access.
Automate the process of setting rights/privileges in Jenkins with custom version controlled script.
Limit physical access to Jenkins data/folders.
Periodically run security audits on same.
 
 
 
 
 
 
 .
 
 

SUBSCRIBE TO UI STREET

EXPLAIN HOW TO CREATE A BACKUP AND COPY FILES IN JENKINS?

Explain how to create a backup and copy files in Jenkins?

To create a backup, all you need to do is to periodically back up your JENKINS_HOME directory. This contains all of your build jobs configurations, your slave node configurations, and your build history. To create a back-up of your Jenkins setup, just copy this directory. You can also copy a job directory to clone or replicate a job or rename the directory.
 
 
 
 
 
 
 

SUBSCRIBE TO UI STREET

TOP 5 CYBER SECURITY TOOLS

Top 5 Cyber Security Tools

Latest data centres deploy firewalls and managed networking components, but still feel insecure because of hackers. Hence, there is a compelling need for tools that accurately assess network vulnerability. This article brings you the top five assessment tools to address these issues, categorized based on its popularity, functionality, and ease of use.

Vulnerabilities are unfortunately an integral part of every software and hardware system. It can be a bug in the operating system, a loophole in a commercial product, or the misconfiguration of critical infrastructure components which makes systems responsive to attacks.

On the bright side, with the number of attacks increasing, there are now a plenty of tools to detect and stop malware and cracking attempts. The open source world has many such utilities.

Though there are hundreds of tools, in this article we have selected the top five based on the fact that no other tool can really replace them. The primary selection criteria have been the feature set, how widespread the product is within the security community, and simplicity.

Explore this article and know what are the top five cyber-security tools and how it stops the malware.

Wireshark:

The very first step in vulnerability assessment is to have a clear picture of what is happening on the network. Wireshark works in a profligate mode to capture all the traffic of a TCP broadcast domain.

Customized filters can be set to intercept specific traffic; for instance, to capture communication between two IP addresses, or to capture UDP-based DNS queries on the network. Traffic data can be disposed into a capture file, which can be reviewed later. Additional filters can also be set during the review.

If the tester is looking for erratic IP addresses, spoofed packets, unnecessary packet drops, and suspicious packet generation from a single IP address. Wireshark gives a broad and clear picture of what is happening on the network.

However, it does not have its own intelligence, and it should be used as a data provider. Due to its great GUI, any person with even basic knowledge can use it.

Nmap:

This is probably the only tool to remain popular for almost a decade. This scanner is capable of crafting packets and performing scans to a granular TCP level, such as SYN scan, ACK scan, etc. It has in-built signature-checking algorithms to guess the OS and version, based on network responses such as TCP handshake.

Nmap is effective and detects remote devices, and in most cases correctly identifies firewalls, routers, and their make and model. Network administrators can use Nmap to check which ports are open and checks whether it can be exploited further in simulated attacks. The output will be in the form of plain text and verbose. This tool can be scripted to automate ordinary tasks and to grab evidence for an audit report.

Metasploit:

Once scanning is done using the above tools, it’s time to go to the OS and application level. Metasploit is one of the most powerful open source framework that perform detailed scan against a set of IP addresses.

Unlike many other frameworks, it can also be used for anti-forensics. This process can be reversed technically, when a virus attacks using unknown vulnerability, Metasploit can be used to test the patch for it.

As this is a commercial tool, the community edition is free, yet makes no compromises on the feature set.

Aircrack:

The list of network scanners would be incomplete without wireless security scanners. Today’s infrastructure contains wireless devices in the data centre as-well-as in corporate premises to facilitate mobile users. WPA-2 security is believed to be adequate for 802.11 WLAN standards, misconfiguration and the use of weak passwords leave such networks open to attacks.

Aircrack is a suite of software utilities that acts as a sniffer, packet crafter, and as a packet decoder. A targeted wireless network is subjected to packet traffic to capture important details about the underlying encryption. A decryptor is then used to brute-force the captured file, and find out passwords. Aircrack is capable of working on most Linux distros, but the one in BackTrack Linux is highly adopted.

OpenVAS:

The Nessus scanner is one of the famous commercial utility, from which OpenVAS branched out a few years back to remain open source. Though Metasploit and OpenVAS are very similar, there is still a distinct difference.

OpenVAS is split into two major components i.e., 1. A scanner and 2. A manager. A scanner may reside on the target to be scanned and passes the vulnerability information to the manager. The manager collects the inputs from multiple scanners and applies its own intelligence to create a report.

OpenVAS is believed as a stable and reliable tool for detecting the latest security loopholes, and for providing reports and inputs to fix them. An in-built Greenbone security assistant provides a GUI dashboard to list all vulnerabilities and the impacted machines on the network.

  1. Pages:
  3. 1
  4. ...
  5. 21
  6. 22
  7. 23
  8. 24
  9. 25
  10. ...
  11. 56