This one just uses exacto blades. Yahoody likes this. Mar 17, 7. Betty, thank you. That hat gauge is cool, but I'm needing some clarity on it's numbers.
Am I misreading that thing? Mar 17, 8. Thank you all for posting the images thus far! Fletch, that's some great info to know, thank you.
The tollicker in your photo appears to be made of iron or steel. Does that indicate that it should be heated like a vintage iron for use? Also, what exactly to you mean by "puller-downs" and "runner-downs"? I looked closely at that one picture of Jim's workbench that you posted and couldn't figure out what it was that you were talking about.
I'll be PM-ing soon to discuss some more. Betty, I have nearly the same question as Spatterdash: is that gauge set up for Regular Oval dimensions? Thanks again and keep 'em coming! Mar 17, 9. On their web site they have some great photos. Just keep scrolling down Mar 17, Here's more tools and dry goods from my collection.
I think this is an excellent idea for a thread, so I hope you'll forgive me if I respond broadly to term "hat tool" to include non-hand tools and materials, so we all have a thread we can look to for pictures.
I'll respond to the inquiry later tonight about the hat measuring tool. Mar 18, Fletch, the first picture you show aren't tollikers, they are brim irons. That's why the price was so high. Tollikers come in very differnt forms, but almost always wood. I'll try to post some pics tonight after I shut the shop down. This is the only picture I found of a tollicker, on Jimmy Pierce's site.
Thanks for the correction, Art. Betty, keep those pics comin', the more the merrier! Here ya go, Andy: What else do you need to make a hat? Hat Blocks and Accessories: Left to right: 's? I want to try small prototypes of my ideas first. Closeup of the antique doll millinery blocks and brim cutter Hat Displays: Left to right: modern blown glass, 2 wood spindles, 's hand painted hat display Hat Books Many of these are available online as reproductions or FREE downloads from certain websites - very easy to find Millinery Accessories Things you need to make m'lady's hat: Hat veils, fray check for ribbons , feathers, measuring tools, buttons, pins, thread I am missing some other tools that a hatter needs.
Who has a hat stretcher and steamer? Thanks Art, it was listed as a Tolliker on the bay but the ones I was familiar with were shaped like those pictured here in the center and off to the side. They all seem to perform the same function in reinforcing the brim break so I thought it could be used double duty, just hot.
The scientific hat making book also has a brass foot tolliker pictured that look similar to these shown above but it also has some other metal appearing tough to say for sure as they are drawings in black and white tollikers of different design with curved radiuses.
AirforceIndy, the puller down is the boomerang for lack of a better description shaped flat wood piece in the picture of Jim's work bench. It is used to pull the felt down over the block by the brim. There is a good illustration of it's use in the scientific hat making book if needed.
A runner down is a piece of wood with a groove on the end used to push down on the hatting cord as needed to make the felt snug on the block. I am by no means an authority on this stuff but have been feeding voraciously for a few years getting as much info as I can. I am yet unproven and as I have not yet made a hat completely from scratch by hand, take what I say for what you think it is worth. I have reblocked a couple of hats and sewn in new sweatbands only as of yet.
I am waiting for just a few more acquisitions and then I will go for broke making a hat from a raw body. I have picked up some good tips from here, and other places and will share what I do. Real nice stuff Vintage Betty! You will have to post up some pics of your hats when you get them done. Will you do men's hats as well? Nice pics. Take heart Betty, You can probably get that thing working without much effort. The purpose is just to hold the blade away at a set distance from the crown to cut your brim to your desired size.
As long as that knurled nut on back end there pinches that center piece tight enough to hold your desired measurement and loosens to allow you to slide it to begin with, you should be in good shape.
These can be modified to use exacto blades and that sheet metal bottom just keeps the blade from cutting anything its not supposed to. The felt just slides right in between there. Are your adjustment knobs frozen up?
Here is that recent picture of Steve Delk from a newspaper. You can see some of his stuff for making hand made hats. His rounding jack was really old from the 30's or so as well and he was able to get it to accept exacto blades. Sexy Rexy likes this. WOW, with this many pictures going up this quick, this has the makings of a really great thread! Fletch, thank you so much for the pictures; they have been very informative, despite a misunderstanding concerning the name of one item Thanks, Art, for chiming in, and i hope you will be able to contribute even more priceless pearls of wisdom from your years of experience!
VB, your collection of lady's headwear and accessories is astounding; thank you for contributing! That vintage grosgrain is worth a pretty penny in the hatter's world, I'm sure! I managed to get into the wood shop today and cut out the layers of my soon-to-be hatblock. It remains to be seen whether or not said layers will sandwich together well enough to make a solid entity. More to come on that. So now the big question is: Why are we changing things now? In many ways DevOps is a follow-on to the agile development methodology , trying to apply some of those same principles not only to the development cycle, but also to getting that code released early and often.
Security was always intended to be part of that melding between development and operations, but it got overlooked in many cases when teams started doing DevOps. So I tend to talk about "DevSecOps" because I want to explicitly call out that teams need to integrate security thinking into their DevOps life cycle.
Nobody wants that. One of the simple, useful things folks can do is do vulnerability analysis scanning in their continuous integration CI process, during their build process. But at minimum you should be doing this during your build process. Newcomer: Absolutely, especially when it comes to cloud native , but not just for cloud native. When we think about containers and Kubernetes, a best practice is that you never patch a running container.
And why is that? Because a container orchestration solution is designed so that if a running instance of your application goes down, a new instance will automatically be deployed from the container image. You need automation for building, and for security testing, and also ideally, for quality engineering QE testing and user experience UX testing.
That can be easier for greenfield apps than it is for legacy apps. Short: In your opinion, what is the right order of static analysis, dynamic analysis, and all that? Is there a preferred order of the way you do your DevSecOps, or is it really up to the team?
Newcomer: Some kinds of scans make more sense in different places. Those are best run in your container repository -- as soon as you pull it down, scan it. Those scanners are typically good in the build process as well. And then build vulnerability analysis into your CI process. Any type of static analysis scanners have pros and cons.
There are things like Coverity and other solutions that analyze your code for the quality, and to check if there are things like cross-site scripting risks in your code. You want to do those as early as possible as well.
Most of those scanners require some tuning, because you may wind up with false positives. And these types of scanners would ideally be in the CI process as well. And again, this is one of the values of containers and Kubernetes is that you can do this. You can have an OpenShift cluster that looks just like your production cluster. Your development team, your user acceptance team, they can have the same environment with the same constraints.
When we talk "shift left," and when we talk "DevSecOps," we think about "DevSec" as in "what are the security tools that are useful to the developer?
But DevSecOps also means "SecOps," as in "what are the security tools that are useful in operations for containers and Kubernetes?
Short: Which brings us to the question of how do you bridge that DevSec and SecOps divide and have them work together in perfect harmony? So, how do we do that? Newcomer: I think I have to answer both on the tooling and on the people side.
That means when you think about the traditional methods of securing your environment, you need to think about having both your platform and your applications -- your workloads -- as close to being born secure as possible. You also need to have enough automation in place that when problems crop up -- because they will -- you are able to respond quickly. How are you managing deployment of your Kubernetes cluster, and are you prepared to redeploy at any moment should, for example, crypto miners be discovered on your platform?
You really want to take that DevOps approach that is understood to be useful for apps, and you want to do that for your platform too, so you want to think about it in a GitOps -like way. Everything should be " infrastructure as code ," and it should be monitored, assessed and evaluated. Argo CD is actually a really interesting new player that spans both of those.
For a Kubernetes environment, leveraging Argo CD is a great way to go, too. But store your infrastructure -- treat your code, your configs, as if it were source code. Version it, manage it, automate all of that. How do you help the security team that has been siloed to become partners in the process of building your DevOps pipeline for both apps and infrastructure?
One of my favourite customer examples is a team in the federal sector whose Chief of Cybersecurity decided that his team of security architects needed to learn the development process and something about the tools that the developers use. Once they learned those things, they could be much more effective advocates for helping get the process into a place that worked for everybody.
They really needed to shift their thinking, and that takes incentives. Short: What tools would you recommend? What do you think are good tools to run against production, for example? Newcomer: One of the things we do at Red Hat is work closely with our partners to ensure that the solutions are certified to run against OpenShift. That includes the ecosystem of security ISV partners, so when we think about it there are a lot of different categories to look at. One thing to consider is the value for your buck -- can you get a tool that helps you both with the pipeline and at runtime?
There are a number of our certified partners who do that in addition to StackRox -- which is being rebranded as Red Hat Advanced Cluster Security. And many of them have image assurance capabilities just like StackRox does. And then you really want to be looking for runtime analysis capabilities -- behavioral runtime analysis is a great win. OpenShift, out of the box, uses security context constraints, so we have this built-in protection that prevents privileged containers from being deployed to worker nodes by default.
But runtime behavioral analysis is a great addition for the production environment. And then, are there solutions to help you do more with network controls?
Kubernetes has network policies, but you have to figure out how to configure your environment appropriately for that. There are solutions that can auto-suggest network policies for you. Deep audit and monitoring is also key. Out of the box, OpenShift includes auditing on at the host level, API server auditing is on for Kubernetes, but many of our certified partner solutions also add deeper data collection and correlation.
Short: Is there anything you want to mention specifically about StackRox -- now called Red Hat Advanced Cluster Security -- that you think may set it apart?
0コメント