Category: MeetUps and Presentations

Hackathon Mauritius 2016

Cyberstorm.mu, a rebranded name from another group due to trademark issue is the first Linux and Open source developers team in Mauritius. A hackathon with the theme – SAD “Search and Destroy” will be organized for 2 consecutive days. Members of Cyberstorm Mauritius will have to fix up the maximum possible bugs on several opensource software including OpenSUSE Linuxther linux distributions.

It takes place on Thurday 28th and Friday 29th of April 2016 hosted by ISVTEC at its own office.

Operation SAD
  • What is operation S.A.D?

Operation S.A.D nick named, search and destroy, is the first Linux hackathon we will be holding in Mauritius to massively fix some security issues in some Opensource software right now, we’ll be dealing with some crypto code which many enterprise, users and embedded appliances are relying upon daily.

  • What is a hackathon?

“In June of 1999, OpenBSD held the first hackathon. In the months leading up to this, either Theo or Niels Provos had coined this new word “hackathon”. “Here also we wish to adhere to that same idea of a hackathon.

  • Is everybody invited in a Hackathon?

Quoting from the ones who coined the word¬†hackathon:“Hackathons attendees come by invitation only. Some new people in the community who show promise are sometimes invited to see if they have what it takes. However, hackathons are not developer training events.”

In 3 days we have to focus in fixing the maximum bugs that we can. Remember this is hopefully going to make some burst of patches from our small island, which is kinda cool ūüôā

Next time somebody says that we didn’t invite the whole world to participate in the hackathon, you can reference to this. Ever wondered how many lines of code you can write if you need to focus on getting others up to speed? If you are a developer and reading this, you will know, this is not about your technical knowledge, but mostly about the entire procedures to get code from nothing up to production. There will be the time for the walk throughs also, but that will be for another project.

  • Why an event when no one is invited to participate?

Not at all, on the 30th of April, we shall have a presentation openned to the public, to talk a bit about what we did during the hackathon, how opensource software development contribution works in general AND forget not, the new changes that have been submitted upstream. We will bring this in a form that Mauritian tech people can understand it.

  • Prizes?

Yes, despite there are rumors by some people who do not quite understand how a hackathon works, we are actually offering some prizes to 3 people who can actually solve a set of challenge we are making. The top 3 highschool students who manages to do them based on our criteria set, will get a small walk-through with us first, and will get each a seat for the hackathon. We are targeting youngsters here, but the learning process, that skillset or instinct needed to make someone a hacker needs to be built with passion and the perfect age is when one is young enough.

  • Who is invited on the 30th?

Members of the IT community in Mauritius or elsewhere is invited to join in on Saturday the 30th of April. We shall update you with the correct information as we go along.

  • More information will be posted
  • Sponsors

All of our thanks goes to ISVTEC who is going to host our hackathon. We can truly recommend ISVTEC for all your managed services needs (please visit their website for details about the long list of services provided). Many thanks to silent sponsors of cyberstorm.mu also who wishes to remain silent


MariaDB and improved security features presentation

If you have been following the MSCC РMauritius Software Craftsmanship Community some weeks back, you would have noticed a forthcoming meetup on MariaDB and improved security features spoken by Joffrey Michaie from OceanDBA and Codarren Velvindron from the cyberstorm Mauritius. Thanks to Jochen Kirstätter (joki) founder of the MSCC who proudly sponsored the event.

mariadb

12784250_10153937032372365_1053507839_n

Joffrey at the MariaDB meet up

1915707_190175371353387_934013232802437990_n

Some craftsmans at the Meet up

1935103_190175328020058_3787078129675559662_n

Codarren explaining Glibc

12801299_190175304686727_3455294414280043217_n

Logan and me from hackers Mauritius

10399406_190175258020065_1829899531834394151_n

Codarren and me from hackers Mauritius

12718230_190175168020074_27057020749688372_n

Can you spot where am i ?

Screenshot from 2016-02-28 00-06-47

Jochen. founder of MSCC

Loading image...Loading image...Loading image...Loading image...Loading image...Loading image...Loading image...

The first part of the presentation started with Joffrey who gave a brief introduction of MariaDB and the importance of its security features. He also laid heavy emphasis on the backup concepts that DBA need to go through. What are most interesting are that there seem two additional services that are coming on from OceanDBA – Backup as a Service and DB as a service.

Other points raised up concerning the importance of backups are to start a clustering solutions, to perform analysis and several tests on the Pre-production or staging servers. Database backups also need to be tested as there can be corrupted zip files. Another interesting issue raised up is about the locking table mechanisms during backups. Other backup strategy and concept were also explained such as:

  • Cold backups – The downtime issues were raised up which according to me does not look practicable unless there is really a specific reason
  • Hot backups – Usually carried out by the MySQLDUMP utility by everyone.
  • Logical backups – Data that are usually backup as tables, views, indexes etc.. and they are mostly human readable statements.¬†logical backups can be performed at the level of database and table.
  • A tool that is completely new to me is the mydumper which can be used to backup terabytes of data.¬†Some interesting arguments raised up are¬†–lock-all-tables –skip-lock-tables and¬†–master-data
  • Binary backups – The binary backup which is the copy of the actual database structure and requires a file system or disk subsystem access. It is one the fastest method to backup and very compatible for mixed MYISAM and INNODB tables.
  • HA (High availability) as the backup – Usually used in clusters and in Galera replication. However, to ensure that there is no data loss, a SAN replication was also recommended for data centers.
  • Time delay replication – This was explained by taking an example, say a one hour delay backup based on the risk management that has been carried out.
  • The Percona tools which can be used alongside MariaDB for backup Analysis.

On the second part of the presentation, Codarren lays emphasis on the security aspects concerning MariaDB in the context of whether to use Glibc or MUSL. Glibc libraries are used on mail servers, SQL servers, forms etc.. Back to the Glibc Ghost vulnerability, an explanation was given by taking a web-based form application where a particular field when filled with malicious information can be used to make calls to Glibc library with the intention to return a specific value. To re-mediate at that situation, same was patched using the function getaddressinfo() This patch lead to another vulnerability. Since today, we can deduce that though Glibc has gone through the various patch, yet, there are more bugs that have been discovered.

A solution was thus proposed to adopt the MUSL library infrastructure. We can see that the MUSL has a clean code policy compared to Glibc. Coddarren laid emphasis on the Alpine Linux operating system which is naturally based on MUSL. The size of Alpine compared to CentOS, Ubuntu, Debian are much smaller. Other issues raised are on the Grsecurity aspect which though is not widely spread are a very important aspect to take into consideration. MUSL looks to be very promising compared to GLIBC. Another analogy is taken from the Docker technology where companies are adapting Alpine Linux in the production environment to escape Glibc.

ice_logo-5dcea9e47b780ff52f75c3c3304d54827f56211e

The third part of the presentation was continued on by Joffrey on the Galera clustering solution. An explanation is given using a schema how replication is being done at the cluster level. Several particular Database schemas were taken for example where a node with a cluster which is slow in terms of network or infrastructure issue where the other servers will have to wait for the request to reach its destinations. Other points mentioned are:

  • Split brain in Galera where human interactions are needed especially where the ratio of the number of nodes have different data from other nodes within the same cluster.¬†
  • The importance of having applications built-in with retrying logic.
  • Galera conflict diagnostic. For example cert.log which is used to log and monitor conflict transactions.
  • Features such as auto-commit mode.
  • Galera load balancing using Haproxy – custom monitoring on cluster size.
  • MariaDB Maxscale which operate at layer 7 persistent connection.
  • Maxadmin command line utility to list servers that are in the cluster

Jochen has also laid emphasis on future meetups and the proposal for members if they could find other suitable environments to carry out more interesting meetups in days to come. No one could deny that they have not learned anything. Indeed, the meet up was really interesting and fruitful. Some stickers were shared having the MariaDB logo which I have already pasted at the back of my Laptop ūüôā


HTTP 2.0 & Web development – LUGM Meetup

The Linux User Group of Mauritius – LUGM carried out a meetup on Saturday the 24th of October 2015 at the University of Mauritius on HTTP 2.0 and Web Development by Loganaden Velvindron on HTTP 2.0 & Web Development. Based on SPDY – “just say speedy”, the HTTP 2.0 was developed by the IETF – Internet Engineering Task Force, to improve user experience, latencies, CDN and various technologies. Logan, start with¬† the presentation on the shortcomings of HTTP 1.1 and lead the audience to a better understanding of the evolution of HTTP 2.0


I do not own copyright to this picture - All rights reserved to Akamai.com
I do not own the copyright to this picture – All rights reserved to Akamai.com

You can view the Video here:

The following points were briefly elaborated:


  • Shortcomings of HTTP 1.1
  • HTTP 2.0 Client support
  • HTTP 2.0 Server side
  • SPDY Highlights
  • Binary Framing
  • Multiplexing
  • Stream Priorities
  • Header Compression
  • Server Push technology and a demo using NodeJS


Create a server with NodeJS – LUGM Meetups

A meet up was carried out today by Yog Lokhesh Ujhoodha today at 12:30 hrs at the University of Mauritius under the banner of the Linux User Group of Mauritius.


The event with the title “How to make a smart server with NodeJs”¬†was announced on Lugm Facebook group as well as on the LUGM mailing list. As a passionate freelance developer, he shared his experience of using NodeJs for a critical production environment.

He started by giving a straightforward explanation to the audience the difference between a web server and a runtime environment in the context of NodeJs. 


11225431_986950471346011_4262715214018075299_n
Yog during the presentation

As you can see on the YouTube video he laid emphasis on the following   topics:

1. A problem statement

2. Web server architectures

3. Building an event-driven web server with NodeJS

4. Distributed load with NodeJs

5. Useful tools and Real life Benchmarks

We ended with some technical questions. Several questions were shot up by our hangout viewers. You can view the video and ask any questions for more clarifications. About 15-20 persons attended the meetup.