Think Week – With More Than A Little Help From My Friends

IBM Think starts tomorrow for me in Las Vegas.  So obviously here I am in a LV hotel room drinking lots of water, trying to plan the sessions I want to see, when I’m going to be free and and then sign up for several of the labs.  This year as well as my technical sessions on Tuesday and Wednesday,  I will be moderating and contributing to several “soft skills” sessions that are not about technology but about how we work.

Thank you in advance to all the people shown below for joining the panels.  Here’s where I’ll be this week.

Technical Sessions

Monday 19th @ 1.30pm
A Guide To Single Sign-On for IBM Collaboration Solutions
Mandalay Bay South, Level 2 Surf B
Single sign-on, single identity and even password synchronization—in this session, we will take you through all the options available to minimize or eradicate logins across IBM’s Collaboration Solutions (ICS); whether it is a Domino web server, IHS, Notes client, Traveler, Sametime, Connections or Verse, on-premises or cloud. The discussion will cover security certificates, password synchronization, IWA, SPNEGO and SAML Federation. I will explain what you can (and can’t) do, and how to do it.

Tuesday 20th @ 2.30pm
Deep Dive: What’s New in Notes, Sametime and Verse On-Premises for Users and Administrators
Mandalay Bay South, Level 2 Surf B
with Ram Krishamurthy of HCL
Join this session to understand the recent advancements in capabilities for mail users and administrators. Learn about what to expect with Notes, Verse and Sametime Chat V10 on the server, on the desktop and on mobile devices.

Soft Skills Sessions

Sunday 18th
User Community Day including IBM Champion Day @ MGM Conference Centre

10.35 (#9219)
How to create, maintain and change a personal brand

11.15  (#9268)
How to become a different kind of Champion – reaching across the aisle
with Wannes Rams of Ramsit and Social Connections

11.35 (#9241)
Roundtable on managing the noise and home working
with Florian Vogler of Panagenda
Sandra Buehler and Andreas Ponte of Belsoft AG
Rob Novak of Snapps

Monday 19th @ Mandalay Bay Conference Centre

9am
Think Academy Soft Skills Pop Up – Remote/Home Working: Creating a Balance
with Adam Brown of ISW
Sandra Buehler of Belsoft AG
Julian Robichaux of Panagenda
In this presentation the panel will share ideas around how to best manage remote working (if you miss working directly with a team), home working (over committing and temptations) and working for customers on different timezones. There are many approaches we all use and we can learn from each other which ones would work best. There are also many tools available to both manage tasks and time and stay engaged with others but which ones prove the most useful for different types of work.

Tuesday 20th @ Mandalay Bay Conference Centre

11am
Think Academy Soft Skills Pop Up – Managing the Noise
with Theo Heselmans of XCeed & Engage UG
Francie Tanner and Tony Holder of Panagenda
Maria Nordin of Infoware Solutions & Social Connections
Many of us are in multiple real time chats in Watson Workspace in Slack in Skype in Sametime i addition to all the online forums we need to at least monitor if not participate in. How can we best manage all the noise generated around us whilst we work and how can we contribute effectively. Also aimed at owners of those communities, what is it reasonable to expect of participants and how do you stop people from failing to join in just because they blinked at the wrong time and missed a discussion.

Wednesday 21st @ Mandalay Bay Conference Centre

9am
Think Academy Soft Skills Pop Up – The Imposter Syndrome
with Maria Nordin of Infoware Solutions & Social Connections
Jon Schultz of Prominic
Tony Holder of Panagenda
Impostor syndrome affects nearly everyone in one way or another and results in feeling intermittently underqualified or even out of place in our work. No matter how successful you are there are multiple ways it can sneak up on you. In this session hear and learn from our panelists about how they each deal with different with their own aspects of it. 

I will also be joining some of the round table discussioms taking place at the IBM Champion desk @ Mandalay Bay Conference Centre Bayside D including one on GDPR on Tuesday @ 1.30pm

 

That Scream You Just Heard? Thanks Apple

<still screaming>

I take screenshots probably 30x a day every day. Sometimes to a file (CMD-SHIFT-4) and sometimest to the clipboard (CMD-CTRL-SHIFT-4). Imagine my delight when I got my new Macbook Pro and discovered I could add the “screenshot” icon to my touchbar.  No more key combinations, just press the touch bar.  After presssing the touch bar it shows me options of clipboard, desktop, documents etc and remembers what I last used.

What a great feature.  Until it wasn’t.

Apparently Apple “thought” that those touchbar settings should always and with no warning override the keyboard options.  Here I was in a presentation this morning taking about 100 screenshots (laptop closed using external monitor) CMD-SHIFT-4 only to discover none of them NONE OF THEM were on my file system because apparently Apple now use the touchbar settings (which I can’t see with the laptop closed) to override any keyboard settings.

There’s no excuse for that terrible assumptive UI behaviour.  None.  Hopefully this saves someone else the same pain and I’ll revert to using Skitch where I need to be certain.

Champions Expertise – Security

The topic for this month’s Champions Expertise presentations is “Security” so I thought it would be a nice idea to share a few highlights from the presentation I will be giving at Think 2018 in Las Vegas in a few weeks on that subject.  This is “A Guide To Single Sign-On for IBM Collaboration Solutions” and hopefully even this shortened version (6 minutes instead of 40) is of interest.

Of course I also hope to see you at my presentation on Monday 19th March (Mandalay Bay South, Level 2 – Surf B).

 

Macbook and Me

Last week I changed to a new Macbook Pro 13in with touchbar.  I had my doubts but it was the only model with the disk and RAM I needed.  I planned to just ignore the features I didn’t think I’d use (especially anything touch related as I was fairly sure dirty or greasy fingers would render it useless).

Favourite things about my Mac week 1:

  1. Touch ID to login and access admin settings.  I enabled multiple fingers and added some fingerprints for other people too.  It does require a full password entry every 48hrs (I think) even if I don’t restart but I’m fine with that
  2. I enabled filevault which encrypted my entire disk.  There were issues with earlier versions of filevault and using time machine so I had avoided it but the more recent versions (in the past 12 months or so) have been stable and there seems to be little latency on encrypting / decrypting.  The main change is that now I have to login after boot to unlock the disk rather than login after the OS loads.  It’s an almost unnoticeable change but I opted to also increase my password to a very lengthy phrase since there’s little point encrypting a disk with a flimsy password.
  3. USB C. I thought I’d hate the loss of my magsafe connector for power, the number of times I’ve tripped over my own cable and the magsafe popped off rather than drag the Mac to the ground. The new Mac has 4 USB C ports which can be used for anything including charging and I find being able to plug the power into any of 2 ports either side of my Mac is so much easier than being forced to plug it into one side and means I’m less likely to get tangled up in my own cables.
  4. Love my Touchbar – LOVE.IT.I know a lot of people hate it so clearly its appeal is closely tied to how people work. I’m very much a keyboard person, I prefer keyboard shortcuts to any mouse action for instance and with the Touchbar I can configure it to display what I find useful in each application.  I have done that in some examples below and am completely addicted
    Finder

    Finder. I’ve added the “share” icon which allows me to Airdrop items (the touchbar changes to photos of people I can airdrop to) as well as quickview and delete., The best feature is that I can add the screenshot icon to my default touchbar. I screenshot all day and the key combination is hard to get working in a VM

    Safari

    Safari shows me all open tabls I can touch to move between them as well as opening a new tab and I added the history toggle because I go there all the time

    Windows10Parallels

    The touchbar even works in Windows 10 running in a Parallels VM where I use the explorer icon all the time to open Windows explorer. I would get rid of Cortana but it’s in the default set

    Keynote

    Keynote mode 1: When writing a presentation I can change the page size move through slides and indent / outdent

    KeynotePresenter

    Keynote mode 2: when presenting I can see a timer and the upcoming slides I can touch to move backwards and fowards. I think I’m going to use this a lot

On the other hand I also bought a new iPad mini to replace my 4 year old iPad.  I bought the mini because I didn’t want to go bigger with an iPad to a pro.  My old iPad worked fine other than freezing in iBooks, being slow and restarting itself regularly.  My new iPad restored from a backup of my old one exhibits the same behaviour. I think it’s going back.

 

Creative Ideas For Docker (and Domino)

In an earlier post I mentioned that I have been working on new technology projects since the end of last year and I wanted to share here what I’m doing as well as plan to keep you updated on my progress if only to keep pressure on myself.   I have been working with, and speaking about, Docker and containers for the past year and it was good news to hear that IBM will now support Docker as a platform for Domino (as of 9.0.1 FP10). http://www-01.ibm.com/support/docview.wss?uid=swg22013200

Good news, but only a first start.  Domino still needs to be installed and run in its entirety inside a container although the data would / could be mapped outside.  Ideally in a microservices model Domino would be componentised and we could have separate containers for the router task, for amgr, for updall, etc, so we could build a server to the exact scale we needed.  However that is maybe in the future, right now there’s a lot we can do and two projects in particular I’m working on to solve existing issues.

Issue 1: A DR-Only Domino Cluster Mate

It’s a common request for me to design a Domino infrastructure that includes clustered servers but with at least one server at a remote location, never to be used unless in a DR situation.  The problem with that in a Domino world is also Domino’s most powerful clustering feature, there is an assumption that if a server is in a cluster then it is equally accessible to the users as any other server in the cluster and, if it’s not busy and the server the user tries to connect to is busy, the user will be pushed to the not-busy server.   That’s fine if all the cluster servers are on equal bandwidth or equally accessible, but a remote DR-only server that should only be accessed in emergency situations should not be part of that failover process.   It’s a double edged sword – we want the DR server to be part of the cluster so it is kept up to date in real time and so users can fail over to it without any configuration changes or action on their part.  We don’t want users failing over to it until we say so.

I tend to tackle this by designing the DR server to have a server_availability_threshold=100 which marks it as “busy” and prevents and client failover if the other servers are online.  It works ‘ish’ but someone has to disable that setting to ensure all users failover neatly when needed and it isn’t unusual to have a few users end up on there regardless.

So what can Docker do for me?

I don’t see that much value in a standard Domino image for docker in my world.  When I build a Domino server it tends to have a unique configuration and set of tasks so although it would be nice, my goal in deploying Domino under docker is very different. It is to create identical containers running identical versions of Domino with identical names e.g Brass/Turtle and Brass/Turtle. Both containers will point to external data stores (either in another container or a file system mount). Both will be part of a larger Domino cluster.  Both will have the same ip address.  Obviously both can’t be online at the same time so one will be online and operating as part of the cluster and only if that server or container goes down would the other container – at another location – activate. In that model we have passive / active DR on a Domino server that participates fully in workload balancing and failover.  I don’t have to worry about tuning the Domino server itself because the remote instance will only be active if the local instance isn’t.   I would use Docker clustering (both swarm and kubernetes can do this) to decide to activate the second container.

In principle I have this designed but I have lots of questions I need to test.  Not least deciding the location of the data.  Having a data container, even a clustered data container would be the simplest method.   That way the Domino container(s) would reference the same data container(s) however Domino is very demanding of disk resources and docker data containers don’t have much in the way of file system protection so I need to test both performance and stability.  This won’t work if the data can be easily corrupted.   The other idea is to have a host-based mount point but of course that could easily become inaccessible to the remote Domino container.  I have a few other things that I am testing but too long to go into in this post.  More on that later.

Issue 2: Domain Keys Indentified Mail for Domino

In its simplest explanation, DKIM requires your sending SMTP server to encrypt part of the message header and have a public key published in your DNS file that enables the receiving server to decrypt it, thereby confirming it did actually originate from your server.  It’s one of the latest attempts to control fraudelent emails and, combined with SPF records, constitutes requirements for DMARC certification.

The DKIM component of DMARC is something Domino does not support either inbound or outbound.  It may do in the future but it doesn’t right now and I am increasingly getting asked for DMARC configurations.  Devices like Barracuda can support inbound DMARC checking but not outbound DMARC encryption. The primary way I recommend doing that now is to deploy Postfix running OpenDKIM as a relay server between Domino and the outside world, your mail can then be “stamped” by that server as it leaves.

My second docker project therefore is to design and publish an image of postfix + OpenDKIM that can be used by Domino (or any SMTP server).

More on these as I progress.

 

Producing A Champions Expertise Presentation (since you asked)

A few people have asked how I created the Champions Expertise presentation on containerisation that I published last week.  There are lots of Champions out there keen to produce their own next month so hopefully this helps someone.

I wanted a structured presentation with my voice overlayed describing each slide. I deliberately didn’t want video / my face on screen alongside the presentation.  That’s good because it’s a pain in the bum to do but mostly I find that having a talking head is distracting people from reading slides. That’s may not be true to everyone but not having video is my personal preference.

Equipment:

Macbook Pro (2014)

Keynote 7.3.1

BeatsX headphones connected via bluetooth.
I find having a good headset ensures there is no bleed or sound in from the surrounding space and these are the best headphones I’ve ever owned, plus they are really fast to charge so rarely run down.

Rehearsing:

I use Keynote on my Mac but Powerpoint does the same thing.  I wrote the presentation including speaker notes for myself , the speaker notes contained the key points I wanted to make sure I didn’t miss when going through each slide.  I try not to write too many speaker notes because I end up reading those instead of presenting so my notes are usually one word prompts.

Once I finished writing I ran through it in presenter mode which shows me a clock countdown as well as the speaker notes. That way I can get comfortable with what I am saying so it flows better when recorded.  I was aiming to run for 10 minutes talking quickly which, in my opinion, is a good length for wanting people to watch online.  I rehearsed 3 times but then I’m a committed over preparer, I suspect most people would rehearse less or not at all.

Recording:

So now I’m ready to record.  Keynote (and Powerpoint) has a feature called “Record Slideshow” when I choose that I go into presenter mode and have a “record button”. The clever thing is that the audio is recording as part of each slide not as a separate file.  I can stop anytime and pick up the recording again or clear a particular part of the recording and do over.  I chose to do it all in one hit.  My secret weapon was to ask someone to sit near me so I could present to them rather than into thin air. I felt that made me sound more natural (hopefully) and it was certainly easier to get into the flow. It did mean I ended up stumbling when he asked me a question part way in but that’s OK, it highlighted where I wasn’t being clear enough so I fixed the slide and started over

Publishing:

Once I was happy with the slides and audio I just saved the file and uploaded it (80MB) to my blog. I could have shrunk it down more and had lower quality, certainly with only audio it wouldn’t have made a lot of difference and I may go back and do that. My blog was also cross posted to twitter and linkedin

And that’s it.  If you have either Keynote or Powerpoint and a decent headset then it’s very easy.  I hope you enjoyed listening and look forward to more expertise presentations next month.

An Introduction To Docker From MWLUG 2017

Last week I attended and presented at MWLUG in Alexandria, VA.  This was my third MWLUG event and the biggest so far.    Lots of great and varied content, I even went to a couple of developer sessions, thanks to Richard Moy and the rest of the MWLUG team for putting on another great show.  Next year the conference is getting a new name and a new location in Ann Arbor MI.

This session has been changed from the one I gave previously to reflect changes in Docker storage and networking behaviour.