JIRA and Confluence are important tools for managing projects and exchanging knowledge in many companies. Since they contain sensitive information, operating them as securely as possible is a must. In this two-part series about the security in Atlassian products we explain general principles of safeguarding JIRA and Confluence and give advice based on best practices. The first part focuses on network and server security and security aspects concerning the installation and basic configuration.
The existence of hundreds of different Linux distributions causes a challenge for software producers: How to provide a product for Linux as one single build only, but at the same time maximize the number of supported distributions? In this article, we first discuss a variety of approaches to tackle this portability issue and their applicability to one of our closed-source products. Then we explain our choice for a build and publication scheme that involves the Linux Standard Base (LSB), a collection of standards provided and maintained by the Linux Foundation. Finally, we share our experiences with this LSB approach in production, including insights on its practicability as well as on inherent problems.
In this first blog post of our series on Atlassian tools and 3rd-party plugins for Atlassian tools, we’ll have a close look on how to do test management in JIRA. You will get an insight in first thoughts and ideas when organizing tests and which main requirements are the bottom-line for test management in JIRA. After this we will show which types of test management plugins are available for JIRA. We will have a closer look on the specific functions of two representative examples and compare them with each other. And finally we will give you some hints on how to find the right plugin for your tests.
The revenue gained with Big Data solutions rose by 66% up to 73.5 billion euro world-wide and 59% up to 6.1 billion in Germany over the past year. One of the core technologies used is Hadoop which creates the base for a broad and rich eco-system containing distributed databases, data and graph processing libraries, query and workflow engines and much more. In one of our former blog posts, we have described how we use Hadoop for storing log messages. Since then, a lot has happened in the Hadoop universe and ecosystem. With the start of our new Big Data series, we want to cover those changes and show best practices in the Big Data world.
In the previous post I have shown that the GarbageFirst (G1) collector in Java 7 (and also 8ea) does a reasonable job but cannot reach the GC throughput of the “classic” collectors as soon as old generation collections come about. This article focuses on G1’s ability to control the duration of GC pauses. To this end, I refined my benchmark from the previous tests and also ran it with a huge heap size of 50 GB for which G1 was designed. I learnt that G1’s control of GC pauses is not only costly but, unfortunately, also weaker than expected.
As mentioned in a first post of this series, Oracle’s GarbageFirst (G1) collector has been a supported option in Java 7 for some time. This post examines in more detail the performance of the G1 garbage collector compared to the other collectors available in the Hotspot JVM. I used benchmark tests for this purpose instead of a real application because they can be executed and modified more easily. I found surprising strengths and weaknesses in several of Hotspot’s garbage collectors and even disclose a fully-fledged bug.
The Fat Controller is a parallel execution handler that repeatedly runs other programs, a bit like cron and Apache Daemon. It is simple to use yet has some nice features that makes it a great tool for simple and complex background processing tasks. The software is Open Source and licensed under GNU GPL v3.
I recently had the opportunity to test and tune the performance of several shop and portal applications built with Java and running on the Sun/Oracle JVM, among them some of the most visited in Germany. In many cases garbage collection is a key aspect of Java server performance. In the following article we take a look at the state-of-the-art advanced GC algorithms and important tuning options and compare them for diverse real-world scenarios.
Do you also spend sleepless nights because you have saved the passwords of your users in clear text or near-clear text (MD5)? We will show you a simple method how you can smoothly migrate your password database to a much more secure format. The transition is transparent to the users and instant, i.e. as soon as you have implemented the process, your passwords are safe. If you still store your passwords in an insecure format, you should convert them to a secure format as soon as possible. Do it now!
This article describes how we configured and used the Varnish web cache for the popular German online shop www.lidl.de. Varnish gave us a tremendous performance boost. With this new caching setup, we easily achieve request rates of several thousand pages per second, which are quite common during marketing campaigns like special offers.
This second part of our blog series continues with the topic of direct involvement of customers and gives some practical examples of when, where and how to introduce and include your customer into JIRA. We will then discuss two of mgm’s proven real-world workflows and use them as case studies about appropriate modes for successful customer participation. You will also learn about our recommended ways of keeping the complexity of huge JIRA projects from the customer.
This two-part series shows how JIRA can be used for other things than just bug tracking and presents mgm’s experiences with embracing JIRA in nearly all parts of traditional and agile project lifecycles, resulting in a number of customized, optimized JIRA workflows and processes. In this first part, I will give you an overview of challenges we faced over the years and how we adapted JIRA to meet them. You will get a taste of the vast variety of uses we have found for JIRA and understand why we decided to use only one tool instead of many.
By coding the page state into the URL, even single-page web applications can support deep bookmarks and the browser’s back button. The most accepted approach is to utilize the location hash, i.e. the local part of the URL. This article explains this technique and what pitfalls you should be aware of, based on my team’s experience from building an AJAX interface for Solr. You will also learn about the HTML5 History API, which is a second, more modern technique.
For the e-commerce business, it is very important to have a valid and correct address base. Sending packages to incorrect addresses causes significant losses, since packages are not delivered and sent back. In the case of the Kickz online shop, we faced exactly this problem. Thus, we thought about how to improve and force users to enter correct addresses. Learn how we used Google’s Geocoding service to solve this problem.
This last part of the series, we focus on successful database schema evolution with LiquiBase. You will learn about LiquiBase features that we find most useful in our projects. This article also gives a roundup of our best practices and tips, like how to include custom SQL and stored procedures and how to use LiquiBase with different DBMS products.