deft/2021-W21.org

• 2021-W21
  • 2021-05-25 Tuesday
    • IN-PROGRESS Show Invite during Creation page prompt
  • 2021-05-26 Wednesday
    • MEETING Wanderson Ferreira
      • Presentation
      • Demo time
      • Questions from Wanderson
  • 2021-05-27 Thursday
    • CHAT Jyoti Posture/Yana
    • IN-PROGRESS Irina 1-1 prep
      • What to talk about?
      • Presentation (History first mine then the Team and the Product)
      • Advices
      • Day to Day
      • What am I relevant about, when should you reach out?
      • Team spirit
      • Expected work
      • Work organization/schedule
  • 2021-05-28 Friday
    • IN-PROGRESS enable/disable orgs
    • MEETING Weekly Engineering
      • Namrata CDF
        • Scale
        • Planning Framework
        • CDF
        • Cross-Functional Feature Teams
        • Why Feature Teams
    • IN-PROGRESS PR to fix scope=
    • IN-PROGRESS fix redirect url contstruction

2021-W21

2021-05-25 Tuesday

IN-PROGRESS Show Invite during Creation page prompt   work

CLOCK: [2021-05-25 Tue 11:02]–[2021-05-26 Wed 17:43] => 30:41

[2021-05-25 Tue 11:02]

ref

2021-05-26 Wednesday

MEETING Wanderson Ferreira   work meeting

CLOCK: [2021-05-26 Wed 17:43]–[2021-05-26 Wed 19:13] => 1:30

[2021-05-26 Wed 17:43]

Presentation

Wanderson

Traditional background into science, started a PhD. Then doing real work.

Algorithm, deep learning. Development for 7/8 years.

Best effort in frontend show. 5 to 6 years work in Clojure.

Demo time

Screen share.

Prepare questions:

• testing
• core/async
• succeed/fail rop improve organization; using let syntax because binding (>>=) expect a name (do notation)

Questions from Wanderson

TZ pb

2021-05-27 Thursday

CHAT Jyoti Posture/Yana   work chat

CLOCK: [2021-05-27 Thu 08:40]–[2021-05-27 Thu 09:21] => 0:41

[2021-05-27 Thu 09:08]

IN-PROGRESS Irina 1-1 prep   work

CLOCK: [2021-05-27 Thu 09:21]–[2021-05-27 Thu 10:51] => 1:30 CLOCK: [2021-05-27 Thu 08:46]–[2021-05-27 Thu 08:40] => 0:22

[2021-05-27 Thu 08:46]

ref

What to talk about?

1. My personal history with Cisco (presentation) personality/env, etc…
2. when/where I will be the more helpful to you
3. generic welcome advices (the team, SecureX/CTRl, SBG, Cisco)
4. what my day-to-day work looks like
5. what am I relevant for, when should you reach out?
6. the team spirit/ambiance
7. The expected work
8. Work organisation/schedule

• Know more about my work:

There is a 1h30 pres from previous week where I presented IROH-Auth to the larger team.

Presentation (History first mine then the Team and the Product)

1. Ph.D. Machine Learning
2. Post Ph.D. Machine Learning
3. Work for Airfrace (Perl/scripts/web/)

4. Join Vigiglobe via Guillaume (our wives worked together)

   1. Social Media Analytics, hire Matt, then G2
   2. lot of pressure, fullstack dev + machine learning
   3. rewrite in Clojure (lot of pressure)
   4. bad management (SCRUM hell), wrong decisions, lot of pressure
5. Guillaume join Cisco in January, and I join in April.

6. Recruited by Craig & Dean. Craig is the mastermind

   1. small team of 8 people, go to Calgary we are the center of attention (the future!). Meet Al Huger.
   2. first year work on CTIA (CTIM)
   3. Cisco Threat Response (CTR); names IROH/Visibility/CTR work on new abstractions / tk-store, inspect, modules, iroh-auth, admin interface, scripts, help ops.
   4. IROH-Auth: => login via AMP (SAML with Guillaume) (no user in DB)
   5. IROH-Auth: => login via Threatgrid (OpenId Connect client)
   6. IROH-Auth: => become OAuth2 provider (grants: client credentials, authorization code, implicit) User in DB
   7. Huge amount of support to help other team integrate with OAuth2.
   8. make implicit grant deprecated
   9. SSE Integration (big deal, difficult with many teams) House made integration (user auth hooks, pass tokens by side channels) Matthieu implication
   10. Orbital (they use our JWT)
   11. IROH-Auth: => become an OIDC provider (IROH-Auth can be used as an IdP)
   12. SecureX (previously called Platform, …) Very deep change in IROH-Auth underlying architecture/business logic. 8 month of intense work. Main change, user have only one idp-mapping and now have multiple idp-mappings. Mainly you can login via different login buttons and different identities into the same user inside SecureX.
   13. Ambrose then Victor join the team
   14. Craig & Dean resign both; this is huge, reorg even though it was prepared for one year. So, Jyoti is put on top of Guillaume, her team (Rob, Ag, Mark) merge with our team. Namrata / Elias replace Dean/Craig.

Advices

1. Evaluation: Your main evaluation dimension will be added user value.

   • Cisco promote and encourage their employees, if you are useful you will be rewarded.
   • If you are helpful to other Cisco employees, this will also be visible
   • If you help to make the internal system work, this will be more difficult to sell to your manager. So my advice, have a 80/20 maximum about; 80% working on visible to your manager stuff, 20% on the necessary/fun stuff.
2. Use Cisco resources, ask for it (I have an iMac for example, which is completely out of the normal things to get), do not be afraid to reach other people at Cisco. Note, I am not the best one to follow on this one ;)
3. Try to use start-page, more and more people use it, I think this is a pretty good starting point (mothership/work.html). The frequency at which you will use these links (in 1 year from now) will be a good way to evaluate if you are on the right track.
4. Do not fear to reach out to other people in other room/teams everyone will be friendly and helpful, this is in fact one of the most important hidden skill at Cisco.
5. Try to be aware about the CoC (chain of command), because it is not clearly enforced does not mean it doesn't exists.
6. If you have any issue/problem technical/human/HR anything don't wait, be vocal about it
7. If you would like to work on something don't let your manager(s) guess for your ask them.
8. Depending on your tasks you could be overwhelmed by communication channels (chat, mail, webexes), be prepared to handle this and have

Day to Day

1. Open emacs, check my todo list

2. Morning tours:

   • open webex teams, chat morning tour (from 10min to 8h, generally 30min) I frenquently have messages in the morning from Jyoti and other team from India, East Europe.
   • open mails (from 5min to 30min)
   • check the agenda webex invitations
   • Check my PRs (if someone has made some review, work on it)
   • Check opened PR for review (from 5min to 8h, generally I try to stay under 2h/day)
   • check chat in "the Frenchies" (we try to avoid it more and more)
3. After the tour, check the updated agenda, the new todos, organize the day/priorities work on it (if I can). Number of chat interuption from 10h-16h is generally about 4 notifications.

4. During my afternoon (>16h, the US wakes up)

   • If no chat interruption continue the work until 18h/19h and stop my day.
   • Frequently one to three meetings, frequently during release weeks impromptu webex/chat with QA team.
   • If chat interruption, stop my work (unless my work is both urgent and need deep concentration) and focus on the chat. Generally from 16->19h30. Sometime a bit exceptionnally, work from 08:30pm->01:00am

What am I relevant about, when should you reach out?

• IROH-Auth: login, OAuth2, OpenID connect, OAuth2 clients, User/Org/Client management, scopes
• API Security: scopes, how to use them, organize, etc…
• TK-Store: access different DB with interfaces. Has been butchered a bit by Matthieu with its cache interface, he is aware about it.
• Inspect: extract observables (IP, url, hashes, etc…) from raw text
• Response: in Module system (iroh-int); now it is more Matthieu
• Admin interface: hidden but very important
• Structured logs (via Riemann/ES): helped get data for management: now should be moved to G2 (but I am still relevant for kibana access, how to log in our code, still missing structured log, but we are close)

• Code architecture:

  • first decided to use lein-monolith (terrible but best from other terrible choices), then removed it recently. Take a look at CONTRIBUTING.md. Made tk-tests see rationale, etc…
  • let-either in iroh-int (monads, etc..)
  • tk-store is structured with the flaws from stores in CTIA
  • defwebservice to centralize how our webservices work

TODO Team spirit

TODO Expected work

TODO Work organization/schedule

2021-05-28 Friday

IN-PROGRESS enable/disable orgs   work

CLOCK: [2021-05-28 Fri 18:39]–[2021-05-31 Mon 11:06] => 64:27

[2021-05-28 Fri 18:39]

ref

Why Feature Teams

MEETING Weekly Engineering   work meeting

CLOCK: [2021-05-28 Fri 17:03]–[2021-05-28 Fri 18:39] => 1:36

[2021-05-28 Fri 17:03]

CI of the feature team.

Security Training with multiple levels.

Namrata CDF

Continuous Delivery Framework / Feature Teams

Scale

Grow in term of capacity, structure to manage. Cross-functional feature teams.

Planning Framework

1. Cross functional planning
2. Alignment to strategy
3. Objective prioritization
4. Deliver deep business-value

CDF

Quaterly / 12 Weeks / 3 Month

Month 1: Commited Month 2: Probable Month 3: Stretch

• Continuous Planning
• Coninuous Execution
• Prodcut Strategic Initiatives
• Technology Investments
• Maintenance

Cross-Functional Feature Teams

having representation for all the functions. Developers of all kinds (backend/UI/UX/ops/etc…) They all need to be involved from planning all the way to delivery.

Why Feature Teams

decentralized, sense of ownership. Deeper business value, limiting WIP.

IN-PROGRESS PR to fix scope=   work

CLOCK: [2021-05-28 Fri 10:11]–[2021-05-28 Fri 17:03] => 6:52

[2021-05-28 Fri 10:11]

ref

IN-PROGRESS fix redirect url contstruction   work

CLOCK: [2021-05-28 Fri 07:39]–[2021-05-28 Fri 10:11] => 2:32

[2021-05-28 Fri 07:39]