The Blog

Hardening Apache ZooKeeper security using zkpolicy

Apache ZooKeeper is an open-source server which enables highly reliable distributed coordination. Distributed applications can use it to maintain configuration information, implement naming, provide synchronization and group services. There are numerous applications using ZooKeeper such as HBase, Kafka, YARN, HDFS and Spark.

In this article, we will introduce a newly developed tool that helps to harden the ZooKeeper security by auditing and by applying new policies.

Authored By: Christos Arvanitis, Emil Kleszcz

Published By: CERN IT Streaming and Analytics Services (IT-DB-SAS)

ORDS - Managing APEX static images

In today’s post, we’ll be talking about the possible ways to manage the static images/CSS/JS that come shipped with APEX. They are separate resources (not contained in the DB like some other APEX images) necessary for your APEX applications look and behave the way they’re intended to. If you and your users browse your internet using lynx feel free to skip this one. Otherwise - dig in!

Creating PDFs in APEX after ORDS 19.1

Creating PDFs in APEX after ORDS 19.1

Until 19.1 ORDS provided a built-in printing engine based on Apache FOP which allowed you to download a PDF version of your reports and XLS-FO templates in a very easy manner. However in ORDS 18.4.0 release notes we could find information that this feature is deprecated and will be removed in future release. This is exactly what happened with the release of ORDS 19.2.

So what actually happened? 

This is from Oracle’s release notes of ORDS 19.2:

Distributed Deep Learning for Physics with TensorFlow and Kubernetes

Summary: This post details a solution for distributed deep learning training for a High Energy Physics use case, deployed using cloud resources and Kubernetes. You will find the results for training using CPU and GPU nodes. This post also describes an experimental tool that we developed, TF-Spawner, and how we used it to run distributed TensorFlow on a Kubernetes cluster.


Benefits of a multi-layer system

Designing a multi-layer system is not rocket science, the difficulty can lie in selecting the right technologies. The main concept behind the design is to have better control and fine tuning of the components . This blog post will discuss the benefits & limitations of implementing this type of design and our practical experience gained from using it for the Open Days reservation system, which helped to welcome 75.000 people on our site and was hosted on the Oracle cloud using their cloud services.

Authored By: Viktor Kozlovszky

Published By: CERN IT-DB-DAR

Oracle REST Data Services running on Tomcat - Basic Authentication using JNDI Realm

What do we want to achieve?

We want to protect our REST endpoints using Basic Authentication and authenticate the requests against our users directory (LDAP). We also want to manage the privileges centrally, through the ORDS Roles and Privileges (, so no matter if ORDS runs on Oracle WebLogic or Apache Tomcat, it should behave the same and give access to the same resources.

Internationalization of the 2019 Open Days reservation system

International organisations can have multiple official languages, in these casesusually their workflows/processes are designed to support that. CERN is one of those organisations, it's official languages are French and English. Therefore one of our tasks was to make the Open Days reservation system bilingual. In this article you will read about the choices we made to internationalize the system, what obstacles we faced and what solution we went for.

Authored By: Viktor Kozlovszky, Thomas Løkkeborg

Published By: CERN IT-DB-DAR

Open Days reservation system's high level overview - 2019

The LHC has a schedule of maintenance and performance upgrades. During these longer shutdowns CERN holds its major Open Days events. These allow the general public to visit areas normally restricted and used for research activity. Previous events have seen daily over 35k people visiting. To hold a big impact event successfully, certain preparations and arrangements are necessary. Our team’s responsibility was to deliver a reliable and highly available reservation system. This article gives a high level overview about the work that has been done and links together technical articles written about the Open Days reservation application.

Authored By: Viktor Kozlovszky

Published By: CERN IT-DB-DAR