Update from Capgemini/blog-private@5eb3358

_posts/2015-05-06-apollo.md

@@ -39,7 +39,7 @@ For further documentation on Apollo components see the docs on GitHub [https://g
 We think Apollo fits nicely into the following use cases -
 
 * Build your own internal platform as a service (PAAS) leveraging Docker container runtimes
-* Large scale Continuous Integration using the Jenkins Mesos framework. The folks at [Ebay have already done this in production](http://www.ebaytechblog.com/2014/04/04/delivering-ebays-ci-solution-with-apache-mesos-part-i/) and we're looking to provide the Jenkins framework as a Docker container plugin to Apollo soon.
+* Large scale Continuous Integration using the Jenkins Mesos framework. The folks at [eBay have already done this in production](http://www.ebaytechblog.com/2014/04/04/delivering-ebays-ci-solution-with-apache-mesos-part-i/) and we're looking to provide the Jenkins framework as a Docker container plugin to Apollo soon.
 * Manage and distribute your big data workloads. There are a number of big data processing frameworks built on Mesos, such as [Spark](http://spark.incubator.apache.org/) and [Storm](https://github.com/mesosphere/storm-mesos). Again we're looking to provide these pluggable to Apollo in the future.
 
 If you manage to get any of the above or other Mesos frameworks working on Apollo, please think about contributing that back via a [pull request](https://github.com/Capgemini/Apollo/pulls)

_posts/2015-09-18-delivering-at-devoxx.md

@@ -14,7 +14,7 @@ My initial concept came from a small set of technical problems that had been ann
 
 Then fast-forward to my next project, we were building an ASP.NET MVC project which needed to communicate with a SOAP service – easy, right? Just create a SOAP client in ASP.NET? Wrong. The SOAP service was written in an old version of Apache Axis, and some of the types represented in the WSDL represented Java classes without definition and assumed a Java client! Yuck.
 
-My final irritation was yet another one of those bugs where somebody has unwittingly loaded an entire database into memory through a misplaced Hibernate call and incorrectly-defined loading policies. For the X hundredth time I wondered whether we were really gaining anything from abstracting the power of the database and insulating developers from the complexity of mapping state to in-memory objects. A good long winge with a DBA friend of mine suggested that I was not alone in this muse! And a brief google search for “ORM anti pattern” confirmed it.
+My final irritation was yet another one of those bugs where somebody has unwittingly loaded an entire database into memory through a misplaced Hibernate call and incorrectly-defined loading policies. For the X hundredth time I wondered whether we were really gaining anything from abstracting the power of the database and insulating developers from the complexity of mapping state to in-memory objects. A good long whinge with a DBA friend of mine suggested that I was not alone in this muse! And a brief google search for “ORM anti pattern” confirmed it.
 
 It was about this point that Java team lead [Andrew Harmel-Law](https://twitter.com/al94781) suggested that we submit some papers for the upcoming Devoxx conference. I had my recent bug-bears in mind and wondered about creating a paper called “Modern Antipatterns”, until I googled it and discovered it was the title of a hilarious poor-working-practices speech from a previous Devoxx. So I had to rethink. What was it about the two problems I’d hit? What did they have in common? Well, they were both things that made sense at the time, but were for whatever reason outdated in today’s architectures. This concept of patterns in time led me to my title: “Technical Archaeology – unearthing the dinosaur antipatterns in modern distributed architecture stacks”. Bingo! So, I submitted the title with a list of three “antipatterns” (Singleton, Same Origin Policy and Object Relational Modelling) and a very brief explanation, and forgot about the whole thing.
 

_posts/2016-01-26-docker-ci-workflows.md

@@ -29,11 +29,11 @@ So let's cover the different workflows and some possible use cases.
   - High frequency commits with small team, but with a lot of deploys based on features. Only signed off artifact to be put into registry.
 
 
-These are the main use cases for build and deploy but what about setting some quality gates and security. [Project Nautilus](http://www.slideshare.net/Docker/official-repos-and-project-nautilus) will scan your containers for vulnerabilties, but is this too late, if its already in your registry or running on a machine somewhere or a new piece of functionality didn't work as you abandoned all those years of testing your application for this wonderful world of containers.
+These are the main use cases for build and deploy but what about setting some quality gates and security. [Project Nautilus](http://www.slideshare.net/Docker/official-repos-and-project-nautilus) will scan your containers for vulnerabilities, but is this too late, if its already in your registry or running on a machine somewhere or a new piece of functionality didn't work as you abandoned all those years of testing your application for this wonderful world of containers.
 
 So here is an opinionated workflow for docker, let's say we are developing a NodeJS application with Angular frontend. We make a change in the application, run any linting, style and unit checks locally, as part of some githooks, then we commit to a branch. This then runs the same linting, style and unit checks just in case we missed anything locally, this shall be our first quality gate. We then want to check to see if any of the code or node modules are vulnerable, for this we can use [retire.js](http://retirejs.github.io/retire.js/). We should then make sure the application tests have good code coverage, one of the better tools for this is [codeclimate](http://codeclimate.com/). 
 
-We now want to make sure my application works end to end as well, so we run the grunt:e2e task we have setup to run my [protractor](https://angular.github.io/protractor/#/) tests against [saucelabs](http://saucelabs.com/). If that passes, we can then build the container, but first we might want to run a [docker lint](https://github.com/lukasmartinelli/hadolint) test to make sure this won't throw any errors, as well as a [Docker Label Validator](https://github.com/garethr/docker-label-inspector) test to make sure that any labels we have included are valid. So now we are ready to build the container but what if we have unnecessarily added some vulnerable packages to the application, we can't be responsible for keeping up with all the security warnings that come out these days. So we run a vulnerability scanner which checks the container against OWASP and CVE databases for any vulnerabilties, much the same as the [Project Nautilus](http://www.slideshare.net/Docker/official-repos-and-project-nautilus), [CoreOS Clair](https://github.com/coreos/clair), [TwistLock](https://www.twistlock.com/product/vulnerabilitymanagement/) and many other companies and open source projects are doing these days. For now we have decided to use [Lynis](https://cisofy.com/lynis/). This article [Docker Security Tools: Audit and Vulnerability Assessment](http://blyx.com/2015/12/01/docker-security-tools-audit-and-vulnerability-assessment/), covers off most of the toolset out there in this space.
+We now want to make sure my application works end to end as well, so we run the grunt:e2e task we have setup to run my [protractor](https://angular.github.io/protractor/#/) tests against [saucelabs](http://saucelabs.com/). If that passes, we can then build the container, but first we might want to run a [docker lint](https://github.com/lukasmartinelli/hadolint) test to make sure this won't throw any errors, as well as a [Docker Label Validator](https://github.com/garethr/docker-label-inspector) test to make sure that any labels we have included are valid. So now we are ready to build the container but what if we have unnecessarily added some vulnerable packages to the application, we can't be responsible for keeping up with all the security warnings that come out these days. So we run a vulnerability scanner which checks the container against OWASP and CVE databases for any vulnerabilities, much the same as the [Project Nautilus](http://www.slideshare.net/Docker/official-repos-and-project-nautilus), [CoreOS Clair](https://github.com/coreos/clair), [TwistLock](https://www.twistlock.com/product/vulnerabilitymanagement/) and many other companies and open source projects are doing these days. For now we have decided to use [Lynis](https://cisofy.com/lynis/). This article [Docker Security Tools: Audit and Vulnerability Assessment](http://blyx.com/2015/12/01/docker-security-tools-audit-and-vulnerability-assessment/), covers off most of the toolset out there in this space.
 
 So we have gone through a Docker quality gate and can breathe easier now we have a greater sense of confidence our container is both tested and secure. But let's take this a bit further because we want a seriously secure and performant container. So we run something like [docker-slim](https://github.com/cloudimmunity/docker-slim) over it, to minimise the container size, as a bonus it will also generate a apparmor and seccomp profile for your container.
 

_posts/2016-02-25-the-thing-about-things.md

@@ -78,7 +78,7 @@ For me, I'm not so sure that bridges are as hassle-free as Mat makes out. In cur
 ## What could Possibly Go Wrong?
 
 Mat covered another fascinating and super-important area in his talk - security. In IoT world, maybe ultra-compatibility is not a good thing. Some of the most amazing bugs and disasters have come from the fact that everybody is driving their Things from the same cloud. Similar, I suppose, to having just one giant internet banking system for everybody. Great when it works – owners of Tesla cars wake up to find new and exciting changes to their automobiles such as the sudden ability to self park! But. There are bound to be some security issues and leaks, and the impact of these is huge. Mat talked about how many hotels use connected devices with no security whatsoever, so if you have the right transmission device you can randomly unlock doors and change heating settings to your heart’s content. Might not seem like much of an intrusion, but how many times do you have to flick a heater on and off before it catches fire?
-Another example Mat mentioned was that of Nest, which is the US equivalent of British Gas Hive, rolling out an automatic update to everybodys’ heating systems which resulted in every system in Minnesota failing to work for FOUR DAYS. In the depths of winter. It’s probably simply a factor of the low uptake of Nest amongst the elderly that prevented many, many deaths from occurring. 
+Another example Mat mentioned was that of Nest, which is the US equivalent of British Gas Hive, rolling out an automatic update to everybody's heating systems which resulted in every system in Minnesota failing to work for FOUR DAYS. In the depths of winter. It’s probably simply a factor of the low uptake of Nest amongst the elderly that prevented many, many deaths from occurring. 
 
 Seems a wise choice to follow Mat’s advice when architecting an IoT solution, and to use your own secure cloud. 
 

_posts/2016-03-04-understanding-and-addressing-our-waste.md

@@ -96,7 +96,7 @@ It's also a good idea but not always practical to run a root-cause analysis on w
 An application takes 20 minutes to build and deploy locally and you need to do this to see any change you make (even if it's a HTML change - bit of a dramatisation as there are normally workarounds).
 
 #### What is the "real" problem?
-The problem may feel like a number of things e.g. a redesign of our system is needed (this may be our root cause), the sympton we see is that when a developers makes a change, it takes 20 minutes to see if it renders as expected on the UI. However the real problem here is that the developer keeps getting distrupted, so they are likely to get frustrated if this happens constantly as it's delaying them completing a task.
+The problem may feel like a number of things e.g. a redesign of our system is needed (this may be our root cause), the symptom we see is that when a developers makes a change, it takes 20 minutes to see if it renders as expected on the UI. However the real problem here is that the developer keeps getting disrupted, so they are likely to get frustrated if this happens constantly as it's delaying them completing a task.
 
 #### Is the problem within our remit/interest to fix?
 Yes, both within in our remit and interest to fix.

_posts/2017-06-02-will-this-Meteor-hit.md

@@ -31,7 +31,7 @@ This is very appealing and would obviously save a lot of time, but should we con
 #### A powerful, large ecosystem of packages
 > Use popular frameworks and tools, right out-of-the-box.
 
-As an open-source platform, Meteor does have a collaborative community base. As we'll discuss later, the package system implemented in every Meteor installation provides a simple and effective way of incorporating modules, addons, plugins (or whatever else you would like to call them) into a site by using a simple CLI. I'm always in favour of not having to re-invent the wheel everytime I write code.
+As an open-source platform, Meteor does have a collaborative community base. As we'll discuss later, the package system implemented in every Meteor installation provides a simple and effective way of incorporating modules, addons, plugins (or whatever else you would like to call them) into a site by using a simple CLI. I'm always in favour of not having to re-invent the wheel every time I write code.
 
 ## Application Structure
 With Meteor being a full-stack JavaScript platform, one would imagine there is code to manage both front-end and back-end requests/responses. Now how is this achieved? Let's take a look at the typical file structure a Meteor application must follow:
@@ -191,7 +191,7 @@ It's rather easy to find a wide range of resources, tutorials and even books for
 ### IDE's & Tools
 Many Integrated Development Environments (IDE) have started to incorporate working with Meteor with new plugins and tools. You can see some of these below:
 
-#### JetBrains Webstorm 9
+#### JetBrains WebStorm 9
 WebStorm 9 [integrates with Meteor](https://www.jetbrains.com/webstorm/help/using-meteor.html) including automatic recognition of Meteor projects, coding assistance, running and debugging apps.
 
 #### Atom

_posts/2017-12-13-core-x-platform.md

@@ -36,7 +36,7 @@ Well, a key concept in .NET Core (not the .NET Framework) is side-by-side. It me
 
 ### Example
 
-Below is a short walk through to create a new cross platform .NET Core Web Api. You will need to download and install the [NET Core SDK](https://www.microsoft.com/net/download) and [Visual Studio Code](https://code.visualstudio.com/download) (probably in that order). You will also need [OmniSharp](https://github.com/OmniSharp/omnisharp-vscode) which is the engine that powers C# in Visual Studio Code, but you dont need to download that explictly, VS Code will do that for you (more on that later). I have tested the following on a Mac, Ubuntu 16.04 and Windows. These steps are the same across all three and that highlights an important point - a consistent tooling experience across all platforms.
+Below is a short walk through to create a new cross platform .NET Core Web Api. You will need to download and install the [NET Core SDK](https://www.microsoft.com/net/download) and [Visual Studio Code](https://code.visualstudio.com/download) (probably in that order). You will also need [OmniSharp](https://github.com/OmniSharp/omnisharp-vscode) which is the engine that powers C# in Visual Studio Code, but you dont need to download that explicitly, VS Code will do that for you (more on that later). I have tested the following on a Mac, Ubuntu 16.04 and Windows. These steps are the same across all three and that highlights an important point - a consistent tooling experience across all platforms.
 
 Once the .NET Core SDK has been installed, open a terminal window (or PowerShell). Note that if you are using PowerShell replace the '&&' with a ';' to chain up commands. 
 

_posts/2018-02-23-blockchain-ux.md

@@ -9,7 +9,7 @@ comments: true
 share: true
 ---
 
-Here in the [Applied Innovation Exchange](https://appliedinnovationexchange.com/) we get to be part of some pretty excellent events. One notable example is ["Capgemini Week of Innovation Networks"](https://medium.com/applied-innovation-exchange/capgeminis-week-of-innovation-networks-cwin-kick-off-at-the-aie-ase-london-dda138951833) (CWIN) which happened in November 2017 on the 8th floor of our Holborn office. As part of this 5 start-ups were invited to pitch their businesses to the attendees, set up stands, demo their application or work and be involved with a round table/panel question time.
+Here in the [Applied Innovation Exchange](https://appliedinnovationexchange.com/) we get to be part of some pretty excellent events. One notable example is ["Capgemini Week of Innovation Networks"](https://medium.com/applied-innovation-exchange/capgeminis-week-of-innovation-networks-cwin-kick-off-at-the-aie-ase-london-dda138951833), which happened in November 2017 on the 8th floor of our Holborn office. As part of this 5 start-ups were invited to pitch their businesses to the attendees, set up stands, demo their application or work and be involved with a round table/panel question time.
 
 I loved hearing about the innovations and the way they were using technology to solve old problems such as payroll, inaccessible banks for the developing work and privacy in big data. I had a great conversation with one start-up about the challenges of rolling out a [Blockchain](https://en.wikipedia.org/wiki/Blockchain) platform, which got me thinking: what's the most difficult thing about putting some Blockchain in production?