投稿時間:2022-03-09 12:30:36 RSSフィード2022-03-09 12:00 分まとめ(38件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
TECH	Engadget Japanese	部屋で。庭で。キャンプで。幅高さ奥行きサイズ自由自在。場所にとらわれない家具「HiNGE（ヒンジ）」	https://japanese.engadget.com/hinge-furniture-024011920.html	場所にとらわれない家具「HiNGEヒンジ」若手クリエイターと建築会社がコラボした、新しい家具の形「つのパーツの組み合わせ」は、収納の可能性を無限大にします幅・高さ・奥行きを好みのサイズにカスタマイズ可能。	2022-03-09 02:40:11
TECH	Engadget Japanese	新旧 iPad Air を仕様比較。M1チップ化で性能向上、フロントカメラ強化	https://japanese.engadget.com/ipad-air-comparosion-022318747.html	ipadair	2022-03-09 02:23:18
IT	ITmedia 総合記事一覧	[ITmedia News] イオンシネマ、座席の間引き販売終了へ　“まん防”地域は半分の座席で継続	https://www.itmedia.co.jp/news/articles/2203/09/news107.html	itmedia	2022-03-09 11:10:00
IT	ITmedia 総合記事一覧	[ITmedia ビジネスオンライン] ヤマダデンキ、Mac・iPadの残価設定ローン開始　初回は半額で提供	https://www.itmedia.co.jp/business/articles/2203/09/news104.html	itmedia	2022-03-09 11:10:00
TECH	Techable（テッカブル）	最強のThunderboltハブ！ CalDigitの「TS4」は18ポート搭載、シングル8Kまたはデュアル4K対応	https://techable.jp/archives/174737	caldigit	2022-03-09 02:00:43
AWS	lambdaタグが付けられた新着投稿 - Qiita	AWS lambda pythonでライブラリを読み込むまで	https://qiita.com/komekome111/items/14919ee24e8871c59cb8	zipファイルをレイヤーの作成画面からアップロード。	2022-03-09 11:28:25
js	JavaScriptタグが付けられた新着投稿 - Qiita	React + TypeScript: Apollo ClientのGraphQLクエリを使ってみる	https://qiita.com/FumioNonaka/items/0c6b711627e3443ff73b	ApolloClientアプリケーションをつくる準備Reactアプリケーションのひな形は、CreateReactAppでつくることにします。	2022-03-09 11:13:35
Ruby	Rubyタグが付けられた新着投稿 - Qiita	GyazoのURLをマークダウン記法に変換する方法	https://qiita.com/zhangyouqiyou/items/78c7c162d437146bad26	gyazo	2022-03-09 11:40:50
AWS	AWSタグが付けられた新着投稿 - Qiita	AWS lambda pythonでライブラリを読み込むまで	https://qiita.com/komekome111/items/14919ee24e8871c59cb8	zipファイルをレイヤーの作成画面からアップロード。	2022-03-09 11:28:25
Docker	dockerタグが付けられた新着投稿 - Qiita	Dockerいろいろ	https://qiita.com/akeyi2018/items/2ea0ce99047430c40217		2022-03-09 11:11:47
技術ブログ	Developers.IO	配列をネストしたJSONをJSON SerDeライブラリで読み込んでフラット化してみた	https://dev.classmethod.jp/articles/flatten-nested-json-with-json-serde/	jsonl	2022-03-09 02:50:48
技術ブログ	Developers.IO	S3に保存したAWS WAFログをAthenaで分析してみた	https://dev.classmethod.jp/articles/analyzing-waflogs-with-athena/	athena	2022-03-09 02:19:49
海外TECH	DEV Community	Deploy JHipster Microservices to GCP with Kubernetes	https://dev.to/jhipster/deploy-jhipster-microservices-to-gcp-with-kubernetes-kk3	Deploy JHipster Microservices to GCP with KubernetesWhen your business or application is successful it needs to scale Not just technology wise but human wise When you re growing rapidly it can be difficult to hire developers fast enough Using a microservices architecture for your apps can allow you to divide up ownership and responsibilities and scale teams along with your code Kubernetes is an open source platform for managing containerized workloads and services Kubernetes traces its lineage directly from Borg Google s long rumored internal container oriented cluster management system Spring Boot and Spring Cloud were some of the pioneering frameworks in Javaland However even they stood on the shoulders of giants when they leveraged Netflix s open source projects to embrace and extend In Netflix OSS announced they d come full circle and adopted Spring Boot Today I d like to show you how to build and deploy with Kubernetes a reactive microservice architecture with Spring Boot Spring Cloud and JHipster Why reactive Because Spring Cloud Gateway is now the default for JHipster gateways even if you choose to build your microservices with Spring MVC Spring Cloud Gateway is a library for building an API Gateway on top of Spring WebFlux It easily integrates with OAuth to communicate between microservices You just need to add a TokenRelay filter spring cloud gateway default filters TokenRelayCAUTION Spring Cloud no longer supports Netflix Zuul An open issue adds Spring MVC Servlet support to Spring Cloud Gateway It s scheduled for implementation before the end of Prerequisites Java Node jsDockerA Google Cloud AccountYou can also watch this tutorial as a screencast A Brief Intro to Kubernetes Ks Kubernetes is an open source project from Google that provides an API for deploying your apps and making them talk with each other It helps automate deployments and updates and manages your apps and services with limited downtime You use Docker containers and YAML to make it all work The YAML can be burdensome but that s where JHipster comes in It can generate the YAML for you Create a Kubernetes Ready Microservices ArchitectureI showed you how to build Reactive Java microservices with Spring Boot and JHipster in a previous post Today I ll show you how to generate Ks deployment descriptors use Spring Cloud Config with Git encrypt your secrets and make it all work on Google Cloud GKE to be specific Start by cloning the JHipster Vue Spring Boot WebFlux reactive microservices project from GitHub git clone cd java microservices examples reactive jhipsterTIP If you just want to see the completed project just cd into the project s jhipster ks directory cd jhipster ksThis project has four directories gateway a Spring Boot Spring Cloud Gateway project configured for OpenID Connect OIDC login It s also configured as an OAuth resource server It contains a front end application built with Vue blog a Spring Boot WebFlux microservice that talks to a Neoj database store a Spring Boot WebFlux microservice that uses MongoDB docker compose a set of Docker files that describe how to run all containers together NOTE The SPA app on the gateway is currently a monolith The JHipster team is still working on micro frontends support If you don t have JHipster installed install it npm i g generator jhipster Generate Kubernetes Deployment DescriptorsNavigate to the reactive jhipster directory Next create a ks directory cd into it and run JHipster s Kubernetes sub generator mkdir kscd ksjhipster ksYou ll be prompted with several questions Answer them as I did below Type of application Microservice applicationRoot directory Which applications lt select all gt Set up monitoring NoWhich applications with clustered databases select storeAdmin password for JHipster Registry Kubernetes namespace demoDocker repository name Command to push Docker image docker pushEnable Istio NoKubernetes service type LoadBalancerUse dynamic storage provisioning YesUse a specific storage class lt leave empty gt NOTE If you don t want to publish your images on Docker Hub leave the Docker repository name blank After I answered these questions my ks yo rc json file had the following contents generator jhipster appsFolders blog gateway store directoryPath clusteredDbApps store serviceDiscoveryType eureka jwtSecretKey NDFhMGYNjF dockerRepositoryName mraible dockerPushCommand docker push kubernetesNamespace demo kubernetesServiceType LoadBalancer kubernetesUseDynamicStorage true kubernetesStorageClassName ingressDomain monitoring no istio false I already showed you how to get everything working with Docker Compose in the previous tutorial So today I d like to show you how to run things locally with Minikube Install Minikube to Run Kubernetes LocallyIf you have Docker installed you can run Kubernetes locally with Minikube Run minikube start to begin minikube cpus startCAUTION If this doesn t work use brew install minikube or see Minikube s installation instructions This command will start Minikube with GB of RAM and CPUs Unfortunately the default which is GB RAM and two CPUs did not work for me You can skip ahead to creating your Docker images while you wait for this to complete After this command executes it ll print out a message and notify you which cluster and namespace are being used Done kubectl is now configured to use minikube cluster and default namespace by defaultTIP You can stop Minikube with minikube stop and start over with minikube delete Create Docker Images with JibNow you need to build Docker images for each app In the gateway blog store directories run the following Gradle command where lt image name gt is gateway store or blog This command should also be in the window where you ran jhipster ks so you can copy them from there gradlew bootJar Pprod jib Djib to image lt docker repo name gt lt image name gt Create Private Docker ImagesYou can also build your images locally and publish them to your Docker daemon This is the default if you didn t specify a base Docker repository name this command exposes Docker images to minikubeeval minikube docker env gradlew Pprod bootJar jibDockerBuildBecause this publishes your images locally to Docker you ll need to make modifications to your Kubernetes deployment files to use imagePullPolicy IfNotPresent name gateway app image gateway imagePullPolicy IfNotPresentMake sure to add this imagePullPolicy to the following files ks gateway ks gateway deployment ymlks blog ks blog deployment ymlks store ks store deployment yml Register an OIDC App for AuthYou ve now built Docker images for your microservices but you haven t seen them running First you ll need to configure Okta for authentication and authorization Before you begin you ll need a free Okta developer account Install the Okta CLI and run okta register to sign up for a new account If you already have an account run okta login Then run okta apps create jhipster Select the default app name or change it as you see fit Accept the default Redirect URI values provided for you JHipster ships with JHipster Registry It acts as a Eureka service for service discovery and contains a Spring Cloud Config server for distributing your configuration settings Update ks registry ks application configmap yml to contain your OIDC settings from the okta env file the Okta CLI just created The Spring Cloud Config server reads from this file and shares the values with the gateway and microservices data application yml spring security oauth client provider oidc issuer uri https lt your okta domain gt oauth default registration oidc client id lt client id gt client secret lt client secret gt To configure the JHipster Registry to use OIDC for authentication modify ks registry ks jhipster registry yml to enable the oauth profile name SPRING PROFILES ACTIVE value prod ks oauthNow that you ve configured everything it s time to see it in action Start Your Spring Boot Microservices with KsIn the ks directory start your engines kubectl apply sh fYou can see if everything starts up using the following command kubectl get pods n demoYou can use the name of a pod with kubectl logs to tail its logs kubectl logs lt pod name gt tail n demoYou can use port forwarding to see the JHipster Registry kubectl port forward svc jhipster registry n demo Open a browser and navigate to http localhost You ll need to sign in with your Okta credentials Once all is green use port forwarding to see the gateway app kubectl port forward svc gateway n demo Then go to http localhost and you should be able to add blogs posts tags and products You can also automate testing to ensure that everything works Set your Okta credentials as environment variables and run end to end tests using Cypress from the gateway directory export CYPRESS EE USERNAME lt your username gt export CYPRESS EE PASSWORD lt your password gt npm run eeProof it worked for me Plain Text Secrets Uggh You may notice that I used a secret in plain text in the application configmap yml file Secrets in plain text are a bad practice I hope you didn t check everything into source control yet Encrypt Your Secrets with Spring Cloud ConfigThe JHipster Registry has an encryption mechanism you can use to encrypt your secrets That way it s safe to store them in public repositories Add an ENCRYPT KEY to the environment variables in ks registry ks jhipster registry yml name ENCRYPT KEY value really long string of random charters that you can keep safeTIP You can use JShell to generate a UUID you can use for your encrypt key jshellUUID randomUUID You can quit by typing exit Restart your JHipster Registry containers from the ks directory kubectl apply sh f Encrypt Your OIDC Client SecretYou can encrypt your client secret by logging into http localhost and going to Configuration gt Encryption If this address doesn t resolve you ll need to port forward again kubectl port forward svc jhipster registry n demo Copy and paste your client secret from application configmap yml or okta env and click Encrypt Then copy the encrypted value back into application configmap yml Make sure to wrap it in quotes You can also use curl curl X POST http admin lt password you set earlier gt localhost config encrypt d your client secretIf you use curl make sure to add cipher to the beginning of the string For example client secret cipher bcdcfadfc Apply these changes and restart all deployments kubectl apply sh fkubectl rollout restart deploy n demoVerify everything still works at http localhost TIP If you don t want to restart the Spring Cloud Config server when you update its configuration see Refresh the Configuration in Your Spring Cloud Config Server Change Spring Cloud Config to use GitYou might want to store your app s configuration externally That way you don t have to redeploy everything to change values Good news Spring Cloud Config makes it easy to switch to Git instead of the filesystem to store your configuration In ks registry ks jhipster registry yml find the following variables name SPRING CLOUD CONFIG SERVER COMPOSITE TYPE value native name SPRING CLOUD CONFIG SERVER COMPOSITE SEARCH LOCATIONS value file central configBelow these values add a second lookup location name SPRING CLOUD CONFIG SERVER COMPOSITE TYPE value git name SPRING CLOUD CONFIG SERVER COMPOSITE URI value name SPRING CLOUD CONFIG SERVER COMPOSITE SEARCH PATHS value config name SPRING CLOUD CONFIG SERVER COMPOSITE LABEL value mainCreate a GitHub repo that matches the URI path and branch you entered In my case I created reactive java ms config and added a config application yml file in the main branch Then I added my spring security values to it and removed them from ks registry ks application configmap yml See Spring Cloud Config s Git Backend docs for more information Deploy Spring Boot Microservices to Google Cloud aka GCP It s nice to see things running locally on your machine but it s even better to get to production In this section I ll show you how to deploy your containers to Google Cloud First stop Minikube if you were running it previously minikube stopYou can also use kubectl commands to switch clusters kubectl config get contextskubectl config use context XXXThe cool kids use kubectx and kubens to set the default context and namespace You can learn how to install and use them via the kubectx GitHub project Create a Container Registry on Google CloudBefore the JHipster release I tested this microservice example with Kubernetes and Google Cloud I found many solutions in Ray Tsang s Spring Boot on GCP Guides Thanks Ray To start with Google Cloud you ll need an account and a project Sign up for Google Cloud Platform GCP log in and create a project Open a console in your browser A GCP project contains all cloud services and resources such as virtual machines network load balancers that you might use TIP You can also download and install the gcloud CLI if you want to run things locally Enable the Google Kubernetes Engine API and Container Registry gcloud services enable container googleapis com containerregistry googleapis com Create a Kubernetes ClusterRun the following command to create a cluster for your apps gcloud container clusters create CLUSTER NAME zone us central a machine type n standard enable autorepair enable autoupgradeI called my cluster reactive ms See GCP s zones and machine types for other options I found the n standard to be the minimum for JHipster You created Docker images earlier to run with Minikube Then those images were deployed to Docker Hub or your local Docker registry If you deployed to Docker Hub you can use your deployment files as is For Google Cloud and its Kubernetes engine GKE you can also publish your images to your project s registry Thankfully this is easy to do with Jib Navigate to the gateway directory and run gradlew bootJar Pprod jib Djib to image gcr io lt your project id gt gatewayYou can get your project ID by running gcloud projects list Repeat the process for blog and store You can run these processes in parallel to speed things up cd blog gradlew bootJar Pprod jib Djib to image gcr io lt your project id gt blogcd store gradlew bootJar Pprod jib Djib to image gcr io lt your project id gt storeTIP You might have to run gcloud auth configure docker for Jib to publish to your GCP container registry Then in your ks deployment yml files add gcr io lt your project id gt as a prefix Remove the imagePullPolicy if you specified it earlier For example containers name gateway app image gcr io jhipster gateway env In the ks directory apply all the deployment descriptors to run all your images kubectl apply sh fYou can monitor the progress of your deployments with kubectl get pods n demo TIP If you make a mistake configuring JHipster Registry and need to deploy it you can do so with the following command kubectl apply f registry ks jhipster registry yml n demokubectl rollout restart statefulset jhipster registry n demoYou ll need to restart all your deployments if you changed any configuration settings that services need to retrieve kubectl rollout restart deploy n demo Access Your Gateway on Google CloudOnce everything is up and running get the external IP of your gateway kubectl get svc gateway n demoYou ll need to add the external IP address as a valid redirect to your Okta OIDC app Run okta login open the returned URL in your browser and sign in to the Okta Admin Console Go to the Applications section find your application and edit it Add the standard JHipster redirect URIs using the IP address For example login oauth code oidc for the login redirect URI and for the logout redirect URI You can use the following command to set your gateway s IP address as a variable you can curl EXTERNAL IP kubectl get svc gateway ojsonpath status loadBalancer ingress ip n demo curl EXTERNAL IP Run open http EXTERNAL IP and you should be able to sign in Great Now that you know things work let s integrate better security starting with HTTPS Add HTTPS to Your Reactive GatewayYou should always use HTTPS It s one of the easiest ways to secure things especially with the free certificates offered these days Ray Tsang s External Load Balancing docs was a big help in figuring out all these steps You ll need a static IP to assign your TLS the official name for HTTPS certificate gcloud compute addresses create gateway ingress ip globalYou can run the following command to make sure it worked gcloud compute addresses describe gateway ingress ip global format value address Then create a ks ingress yml file apiVersion networking ks io vkind Ingressmetadata name gateway annotations kubernetes io ingress global static ip name gateway ingress ip spec rules http paths path pathType ImplementationSpecific backend service name gateway port number Deploy it and make sure it worked kubectl apply f ingress yml n demo keep running this command displays an IP address hint up arrow recalls the last command kubectl get ingress gateway n demoTo use a TLS certificate you must have a fully qualified domain name and configure it to point to the IP address If you don t have a real domain you can use nip io Set the IP in a variable as well as the domain EXTERNAL IP kubectl get ingress gateway ojsonpath status loadBalancer ingress ip n demo DOMAIN EXTERNAL IP nip io Prove it worksecho DOMAINcurl DOMAINTo create a certificate create a ks certificate yml file cat lt lt EOF gt certificate ymlapiVersion networking gke io vkind ManagedCertificatemetadata name gateway certificatespec domains Replace the value with your domain name DOMAIN EOFAdd the certificate to ingress yml metadata name gateway annotations kubernetes io ingress global static ip name gateway ingress ip networking gke io managed certificates gateway certificate Deploy both files kubectl apply f certificate yml f ingress yml n demoCheck your certificate s status until it prints Status ACTIVE kubectl describe managedcertificate gateway certificate n demoWhile you re waiting you can proceed to forcing HTTPS in the next step Force HTTPS with Spring SecuritySpring Security s WebFlux support makes it easy to redirect to HTTPS However if you redirect all HTTPS requests the Kubernetes health checks will fail because they receive a instead of a Crack open SecurityConfiguration java in the gateway project and add the following code to the springSecurityFilterChain method http redirectToHttps redirect gt redirect httpsRedirectWhen e gt e getRequest getHeaders containsKey X Forwarded Proto Rebuild the Docker image for the gateway project gradlew bootJar Pprod jib Djib to image gcr io lt your project id gt gatewayRun the following commands to start a rolling restart of gateway instances kubectl rollout restart deployment gateway n demoTIP Run kubectl get deployments to see your deployment names Now you should get a when you access your domain HTTPie is a useful alternative to curl Update your Okta OIDC app to have https DOMAIN login oauth code oidc as a valid redirect URI Add https DOMAIN to the sign out redirect URIs too Encrypt Your Kubernetes SecretsCongratulations Now you have everything running on GKE using HTTPS However you have a lot of plain text secrets in your Ks YAML files But wait you might say Doesn t Kubernetes Secrets solve everything In my opinion no They re just unencrypted base encoded strings stored in YAML files There s a good chance you ll want to check in the ks directory you created Having secrets in your source code is a bad idea The good news is most people where most people my followers manage secrets externally Matt Raible mraible What s your favorite way to protect secrets in your kubernetesio YAML files PM Apr NOTE Watch Kubernetes Secrets in Minutes if you want to learn more about Kubernetes Secrets The Current State of Secret Management in KubernetesI recently noticed a tweet from Daniel Jacob Bilar that links to a talk from FOSDEM on the current state of secret management within Kubernetes It s an excellent overview of the various options Store Secrets in Git with Sealed Secrets and KubesealBitnami has a Sealed Secrets Apache licensed open source project Its README explains how it works Problem I can manage all my Ks config in git except Secrets Solution Encrypt your Secret into a SealedSecret which is safe to store even to a public repository The SealedSecret can be decrypted only by the controller running in the target cluster and nobody else not even the original author is able to obtain the original Secret from the SealedSecret Store your Kubernetes Secrets in Git thanks to Kubeseal Hello SealedSecret by Aurélie Vache provides an excellent overview of how to use it First you ll need to install the Sealed Secrets CRD Custom Resource Definition kubectl apply f Retrieve the certificate keypair that this controller generates kubectl get secret n kube system l sealedsecrets bitnami com sealed secrets key o yamlCopy the raw value of tls crt and decode it You can use the command line or learn more about base encoding decoding in our documentation echo n lt paste value here gt base decodePut the raw value in a tls crt file Next install Kubeseal On macOS you can use Homebrew For other platforms see the release notes brew install kubesealThe major item you need to encrypt in this example is the ENCRYPT KEY you used to encrypt the OIDC client secret Run the following command to do this where the value comes from your ks registry ks jhipster registry yml file kubectl create secret generic encrypt key from literal ENCRYPT KEY your value here dry run client o yaml gt secrets ymlNext use kubeseal to convert the secrets to encrypted secrets kubeseal cert tls crt format yaml n demo lt secrets yml gt sealed secrets ymlRemove the original secrets file and deploy your sealed secrets rm secrets ymlkubectl apply n demo f sealed secrets yml amp amp kubectl get n demo sealedsecret encrypt key Configure JHipster Registry to use the Sealed SecretIn ks registry ks jhipster registry yml change the ENCRYPT KEY to use your new secret name ENCRYPT KEY valueFrom secretKeyRef name encrypt key key ENCRYPT KEYTIP You should be able to encrypt other secrets like your database passwords using a similar technique Now redeploy JHipster Registry and restart all your deployments kubectl apply sh fkubectl rollout restart deployment n demoYou can use port forwarding to see the JHipster Registry locally kubectl port forward svc jhipster registry n demo Google Cloud Secret ManagerGoogle Cloud has a Secret Manager you can use to store your secrets There s even a Spring Boot starter to make it convenient to retrieve these values in your app For example you could store your database password in a properties file spring datasource password sm my db password This is pretty slick but I like to remain cloud agnostic Also I like how the JHipster Registry allows me to store encrypted secrets in Git Use Spring Vault for External SecretsUsing an external key management solution like HashiCorp Vault is also recommended The JHipster Registry will have Vault support in its next release In the meantime I recommend reading Secure Secrets With Spring Cloud Config and Vault Scale Your Reactive Java MicroservicesYou can scale your instances using the kubectl scale command kubectl scale deployments store replicas n demoScaling will work just fine for the microservice apps because they re set up as OAuth resource servers and are therefore stateless However the gateway uses Spring Security s OIDC login feature and stores the access tokens in the session So if you scale it sessions won t be shared Single sign on should still work you ll just have to do the OAuth dance to get tokens if you hit a different instance To synchronize sessions you can use Spring Session and Redis with JHipster CAUTION If you leave everything running on Google Cloud you will be charged for usage Therefore I recommend removing your cluster or deleting your namespace kubectl delete ns demo to reduce your cost gcloud container clusters delete lt cluster name gt zone us central aYou can delete your Ingress IP address too gcloud compute addresses delete gateway ingress ip global Monitor Your Kubernetes Cluster with KsUsing kubectl to monitor your Kubernetes cluster can get tiresome That s where Ks can be helpful It provides a terminal UI to interact with your Kubernetes clusters Ks was created by my good friend Fernand Galiana He s also created a commercial version called KsAlpha To install it on macOS run brew install ks Then run ks n demo to start it You can navigate to your pods select them with Return and navigate back up with Esc There s also KDash from JHipster co lead Deepu K Sasidharan It s a simple Ks terminal dashboard built with Rust Deepu recently released an MVP of the project If for some reason you don t like CLI s you can try Kubernetic Continuous Integration and Delivery of JHipster MicroservicesThis tutorial doesn t mention continuous integration and delivery of your reactive microservice architecture I plan to cover that in a future post If you have a solution you like please leave a comment Spring on Google Cloud PlatformJHipster uses Docker containers to run all its databases in this example However there are a number of Google Cloud services you can use as alternatives See the Spring Cloud GCP project on GitHub for more information I didn t mention Testcontainers in this post However JHipster does support using them Testcontainers also has a GCloud Module Why Not Istio I didn t use Istio in this example because I didn t want to complicate things Learning Kubernetes is hard enough without learning another system on top of it Istio acts as a network between your containers that can do networky things like authentication authorization monitoring and retries I like to think of it as AOP for containers If you d like to see how to use JHipster with Istio see How to set up Java microservices with Istio service mesh on Kubernetes by JHipster co lead Deepu K Sasidharan Fernand Galiana recommends checking out BPF Berkeley Packet Filter and Cilium Cilium is open source software for transparently providing and securing the network and API connectivity between application services deployed using Linux container management platforms such as Kubernetes Learn More About Kubernetes Spring Boot and JHipsterThis blog post showed you how to deploy your reactive Java microservices to production using Kubernetes JHipster did much of the heavy lifting for you since it generated all the YAML based deployment descriptors Since no one really likes writing YAML I m calling that a win You learned how to use JHipster Registry to encrypt your secrets and configure Git as a configuration source for Spring Cloud Config Bitnami s Sealed Secrets is a nice companion to encrypt the secrets in your Kubernetes deployment descriptors For more information about storing your secrets externally these additional resources might help Kelsey Hightower s Vault on Cloud Run TutorialJames Strachan s Helm Post RendererYou can find the source code for this example on GitHub in our Java microservices examples repository git clone cd java microservices examples jhipster ksSee JHipster s documentation on Kubernetes and GCP if you d like more concise instructions If you enjoyed this post I think you ll like these others as well Reactive Java Microservices with Spring Boot and JHipsterBuild a Secure Micronaut and Angular App with JHipsterFast Java Made Easy with Quarkus and JHipsterHow to Docker with Spring BootSecurity Patterns for Microservice ArchitecturesBuild a Microservice Architecture with Spring Boot and Kubernetes uses Spring Boot If you have any questions please ask them in the comments below To be notified when we publish new blog posts follow us on Twitter or LinkedIn We frequently publish videos to our YouTube channel too Subscribe today A huge thanks goes to Fernand Galiana for his review and detailed feedback	2022-03-09 02:03:04
Apple	AppleInsider - Frontpage News	Compared: New 2022 iPad Air vs 2020 iPad Air	https://appleinsider.com/articles/22/03/08/compared-new-2022-ipad-air-vs-2020-ipad-air?utm_medium=rss	Compared New iPad Air vs iPad AirThe fifth generation iPad Air has launched with an upgrade to M and G support but it may be a tough choice for folks that already own the fourth generation model Here s how the two stack up The new iPad Air has a bunch of new color options Apple s Peek Performance special event had the company reveal an update to the iPad Air bringing it to the fifth generation Sitting between the standard iPad and the iPad Pro the iPad Air offered the styling of the premium model but at a more wallet friendly price For the fifth generation model Apple closes the gap a bit more between the Air and the iPad Pro range at least in terms of specifications Read more	2022-03-09 02:12:52
海外TECH	Engadget	Rivian's price hike leads to a shareholder lawsuit	https://www.engadget.com/rivians-price-hike-leads-to-a-shareholder-lawsuit-024554910.html?src=rss	Rivian x s price hike leads to a shareholder lawsuitRivian is facing a shareholder lawsuit after raising the price of its electric pickup and SUV and subsequently reversing course Protocol has reported The action alleges that Rivian failed to disclose that it would hike the base price of its vehicles by around nor the potential damages that would cause An individual shareholder brought the complaint but is seeking class action status On March st Rivian unveiled the higher pricing that applied to everyone except those who placed the earliest orders including most reservation holders The company did give potential buyers another option as it also introduced dual motor versions of the RT and RS EVs with both starting at the original and prices However neither of those vehicles will be available until and both will have smaller quot standard quot battery packs that deliver less range than the large packs instead of miles Two days later the company reversed the price increases Anyone who reserved before March st will pay the original price and those who cancelled because of the increase can reinstate their orders with the same price and delivery date The company s CEO RJ Scaringe also apologized quot I have made a lot of mistakes since starting Rivian more than years ago but this one has been the most painful quot he said quot I am truly sorry and committed to rebuilding your trust quot Rivian gained a massive billion in funding with investors including Ford and Amazon which owns the largest stake percent The company went public via a regular IPO and not a SPAC merger It had a quot blockbuster debut quot according to CNBC with an initial valuation of billion Early reviews of the RT electric pickup including by Engadget have been positive nbsp	2022-03-09 02:45:54
海外TECH	Engadget	Senator Elizabeth Warren drafts bill to target use of crypto by sanctioned Russians	https://www.engadget.com/senator-elizabeth-warren-drafts-bill-to-target-use-of-crypto-by-sanctioned-russians-020446730.html?src=rss	Senator Elizabeth Warren drafts bill to target use of crypto by sanctioned RussiansSen Elizabeth Warren D MA is preparing a bill in response to fears that Russian nationals may be using cryptocurrency to evade sanctions The draft legislation first reported by NBC would require banks and other financial institutions to both identify customers and transfers to private wallets and regularly report information to the Treasury Department But crypto firms insist that there s no evidence of sanctions evasion on their exchanges “Criminals can use cryptocurrency to move money in the shadows opening a door for Putin amp his cronies to evade economic sanctions Warren wrote in a tweet Tuesday afternoon “I want answers from USTreasury on how they ll ensure crypto doesn t undermine our response to Russia s invasion of Ukraine While the bill s text hasn t been released yet NBC reports that one of the provisions is identical to a proposed Treasury Department rule that requires banks to regularly identify suspicious transactions that it believes is linked to sanctions evasion If passed the legislation would codify the rule Lawmakers are worried that the Treasury Department s Office of Foreign Assets Control lacks the muscle to hunt down crypto criminals A letter by Warren and three other Senate Democrats asks the Treasury Department to list ways it plans to counter sanctions evasions through crypto platforms including how it plans to work with foreign governments The senators also detailed the methods they suspect Russians are using to skirt sanctions including using the dark web to move funds ransomware attacks and the Bank of Russia s new digital ruble In the wake of the passage of the PATRIOT Act required banks and financial institutions to adopt customer identification programs Requiring banks to disclose suspicious transactions into private crypto wallets is not without precedent even if it s disagreeable to some parties The cryptocurrency industry which largely views anonymity or at least lack of government intervention as one of its central tenets understandably is less than enthusiastic While Coinbase Binance and Kraken are cooperating with government officials to make sure individuals targeted by sanctions aren t using their platforms they have refused to ban Russian accounts altogether Crypto platforms also argue that widespread Russian sanctions evasion simply isn t happening One example Coinbase recently announced that it blocked crypto addresses it believed to belong to Russians engaging in illegal activity but also added that it identified the majority of them before nbsp Russia s invasion of Ukraine Furthermore the Coinbase said it didn t notice a surge of new illicit activity following sanctions on Russia Blockchain data platform Chainalysis noted a considerable tick in crypto transactions using the Russian ruble and the Ukrainian hryvnia in the last week of February just as Russia advanced on Ukraine Still the platform was quick to point out that the surge in potentially illicit trading could also be due to average Ukrainian and Russians buying crypto in order to preserve their savings while both fiat currencies lose value	2022-03-09 02:04:46
Cisco	Cisco Blog	Focus on HyperFlex: Sizing A New Cluster Using the Sizer and Profiler Tools	https://blogs.cisco.com/datacenter/focus-on-hyperflex-sizing-a-new-cluster-using-the-sizer-and-profiler-tools	Focus on HyperFlex Sizing A New Cluster Using the Sizer and Profiler ToolsIn this Focus on HyperFlex blog we ll zero in on different aspects of the Cisco HyperFlex HX hyperconverged system and ways to make HX work best for you and your organization This edition will illustrate on how to size a cluster when you might not have all the details of the workload worked out In this situation HyperFlex Profiler is the right approach to learn more about the workloads	2022-03-09 02:44:58
医療系	内科開業医のお勉強日記	COVID-19剖検血栓塞栓3割 ： VTE見逃しが多い？	https://kaigyoi.blogspot.com/2022/03/covid-193-vte.html	つの研究に登録されたCOVID被験者人平均年齢歳では、急性PEが死因の基礎疾患とされた症例はCII。	2022-03-09 02:10:00
ニュース	ジェトロ ビジネスニュース（通商弘報）	トルコ内務省、新型コロナウイルス規制を大幅に緩和	https://www.jetro.go.jp/biznews/2022/03/449e9d770cc39992.html	新型コロナウイルス	2022-03-09 02:50:00
ニュース	ジェトロ ビジネスニュース（通商弘報）	バイデン米大統領、ロシアからのエネルギー禁輸措置を決定	https://www.jetro.go.jp/biznews/2022/03/f6d31b6de5a03ca7.html	禁輸措置	2022-03-09 02:35:00
ニュース	ジェトロ ビジネスニュース（通商弘報）	在英日系企業に聞く新型コロナによる物流混乱の影響、輸送コストは上昇	https://www.jetro.go.jp/biznews/2022/03/41ceda6992a70c31.html	日系企業	2022-03-09 02:15:00
海外ニュース	Japan Times latest articles	China’s fears of an Indo-Pacific NATO are more myth than reality	https://www.japantimes.co.jp/news/2022/03/09/asia-pacific/politics-diplomacy-asia-pacific/china-asia-nato-fears/	China s fears of an Indo Pacific NATO are more myth than realitySoutheast Asia s modern day foreign policy is mostly aimed at avoiding becoming a battleground in great power competitions as occurred during the Vietnam War and other bloody	2022-03-09 11:07:42
ニュース	BBC News - Home	Women's World Cup: Deandra Dottin takes sensational catch against England to dismiss Winfield-Hill	https://www.bbc.co.uk/sport/av/cricket/60672395?at_medium=RSS&at_campaign=KARANGA	Women x s World Cup Deandra Dottin takes sensational catch against England to dismiss Winfield HillWest Indies Deandra Dottin takes a sensational catch to dismiss England s Lauren Winfield Hill at the Women s World Cup	2022-03-09 02:44:31
ビジネス	ダイヤモンド・オンライン - 新着記事	職場での私物スマホの使用、許可すべき理由 - WSJ発	https://diamond.jp/articles/-/298581	許可	2022-03-09 11:13:00
ビジネス	電通報 | 広告業界動向とマーケティングのコラム・ニュース	変化の時代こそ原点回帰。コピーライターが提案する「自分の仕事」の解釈術。	https://dentsu-ho.com/articles/8114	原点回帰	2022-03-09 12:00:00
ビジネス	不景気.com	婦人服販売「アイ・エム・ユー」が破産申請へ、負債23億円 - 不景気.com	https://www.fukeiki.com/2022/03/aiemuyu.html	東京都中央区京橋	2022-03-09 02:11:58
北海道	北海道新聞	片岡仁左衛門さんが休演　歌舞伎座、体調不良で当面の間	https://www.hokkaido-np.co.jp/article/654664/	体調不良	2022-03-09 11:18:00
北海道	北海道新聞	東京原油、１３年半ぶり８万円台　一時突破、世界的に急騰	https://www.hokkaido-np.co.jp/article/654647/	東京商品取引所	2022-03-09 11:01:00
北海道	北海道新聞	ウクライナ、人道危機が悪化　市民退避路、１都市だけ	https://www.hokkaido-np.co.jp/article/654658/	都市	2022-03-09 11:14:00
北海道	北海道新聞	＜北見＞絵本の読み聞かせをする　石田薫雄さん（４８）	https://www.hokkaido-np.co.jp/article/654657/	北見市内	2022-03-09 11:14:00
北海道	北海道新聞	＜洞爺湖＞ユニークな洞爺湖周遊マップを作成　塩野谷絵美さん（４２）	https://www.hokkaido-np.co.jp/article/654652/	観光	2022-03-09 11:13:00
北海道	北海道新聞	＜札幌圏＞むき出しの暴力に怒り　平岡伸志	https://www.hokkaido-np.co.jp/article/654651/	連日	2022-03-09 11:12:00
北海道	北海道新聞	マリー、今年の獲得賞金を寄付へ　ウクライナの子ども支援で	https://www.hokkaido-np.co.jp/article/654650/	獲得賞金	2022-03-09 11:12:00
北海道	北海道新聞	＜旭川＞全国大会でピアノ伴奏務める　大内駿弥さん（２０）	https://www.hokkaido-np.co.jp/article/654648/	全国大会	2022-03-09 11:11:00
北海道	北海道新聞	＜美唄＞「雪んこまつり」にゲスト出演　林はづきさん（１１）	https://www.hokkaido-np.co.jp/article/654649/	美唄	2022-03-09 11:11:00
IT	IT号外	iPhoneやiPadで音声が出なかったり再生できない場合の解決方法。翻訳アプリやLINEのボイスメッセージ、SNS系アプリでもこの不具合が出る可能性あり	https://figreen.org/it/iphone%e3%82%84ipad%e3%81%a7%e9%9f%b3%e5%a3%b0%e3%81%8c%e5%87%ba%e3%81%aa%e3%81%8b%e3%81%a3%e3%81%9f%e3%82%8a%e5%86%8d%e7%94%9f%e3%81%a7%e3%81%8d%e3%81%aa%e3%81%84%e5%a0%b4%e5%90%88%e3%81%ae%e8%a7%a3/	iPhoneやiPadで音声が出なかったり再生できない場合の解決方法。	2022-03-09 02:41:44
マーケティング	AdverTimes	ピープルファーストな経営に向けマーケターができること（田中安人氏×矢野健一氏）	https://www.advertimes.com/20220309/article378820/	野家	2022-03-09 02:37:37
マーケティング	AdverTimes	『君の名は。』『天気の子』……劇判の経験が音楽を広げた（ゲスト：RADWIMPS・野田洋次郎）【前編】	https://www.advertimes.com/20220309/article378805/	foreverdaze	2022-03-09 02:35:17