EclipseCon_-_A_Java_Developers_Survival_guide_for_the_cloud.pdf

Transcript

1. CONFIDENTIAL designator V0000000 A Java Developer’s survival guide for the

   cloud Shaaf Syed Technical Evangelist 1 @syshaaf @sshaaf linkedin.com/in/shaaf/ shaaf.dev

2. Destination Cloud.. -> Where are you at? Deployment: multi-app, appserver

   App Lifecycle: Months Memory: 1GB+ RAM Startup Time: 10s of sec Deployment: Single App App Lifecycle: Days Memory: 100MBs+ RAM Startup Time: Seconds Deployment: Single App App Lifecycle: minutes/seconds Memory: 100MBs+ RAM Startup Time: Seconds

3. CONFIDENTIAL designator V0000000 3 Runtime

4. • Freely available, high quality OpenJDK binaries (Formally AdoptOpenJDK) •

   All infra, build, test packaging code available as open source • Eclipse Adoptium Working Group ◦ Alibaba Cloud, Azul Systems, Huawei, IBM, Microsoft, New Relic, Red Hat … • Eclipse AQAvit ◦ Quality and branding verification for any Java SE runtime binary • Eclipse Temurin ◦ Build on Linux, Windows, macOS, AIX, Intel, Power, ARM and more. Half billion downloads 350K+ Tests per release 100+ Test machines Assuring enterprise-grade quality

5. Security: Passes known security vulnerability tests. Functional Correctness: Passes key

   OpenJDK, Functional, and Application/Framework tests. Performant: Achieves minimum throughput scores, with published metrics. Scalability and Durability: Meets minimum load and stress testing requirements. Assuring enterprise-grade quality Curated set of quality tests representing cloud-oriented enterprise workloads Ensure OpenJDK builds meet modern workload requirements, including containerized tests AQAvit means Quality Any vendor’s Java SE runtime binary can be tested to the AQAvit level

6. Assuring enterprise-grade quality Run in the Cloud and across multiple

   platforms high performance, enterprise-caliber, cross-platform, open-source licensed, AQAvit-verified and Java SE TCK-certified for general use across the Java ecosystem Half billion downloads 350K+ Tests per release 100+ Test machines Secure Scalable & Durable Performant

7. 7 MicroProfile 5.0 Jakarta JAX-RS 3.0 Jakarta JSON-P 2.0 Jakarta

   CDI 3.0 Config 3.0 Fault Tolerance 4.0 JWT Authentication 2.0 Health 4.0 Metrics 4.0 Open Tracing 3.0 Open API 3.0 = Updated = No change from last release (MicroProfile 4.1) = New Rest Client 3.0 Jakarta JSON-B 2.0 Standalone Context Propagation 1.3 Reactive Streams Operators 2.0 Outside umbrella Reactive Messaging 2.0 GraphQL 1.1 LRA 1.0 Jakarta Annotations 2.0 MicroProfile 5.0

8. MicroProfile Reactive Streams Operators A set of operators to create

   new reactive streams, process the transiting data and consume them with ease Reactive Streams Operators 2.0 - Project page - Spec PDF doc - Spec HTML doc - Technology Compatibility Kit (TCK) Context Propagation 1.3 - Project page - Spec PDF doc - Spec HTML doc - Technology Compatibility Kit (TCK) MicroProfile Reactive Messaging Defines a development model for declaring CDI beans producing, consuming and processing messages. It relies on Reactive Streams Operators and CDI MicroProfile Context Propagation APIs for propagating contexts across units of work that are thread-agnostic MicroProfile Reactive Messaging 2.0 - Project page - Spec PDF doc - Spec HTML doc - Technology Compatibility Kit (TCK) MicroProfile Reactive Capabilities

9. SmallRye • Set of libraries • MicroProfile implementations • Included

   in several framework offerings: ◦ Quarkus ◦ WildFly ◦ JBoss EAP ◦ OpenLiberty ◦ Apache TomEE

10. Jakarta EE 10 Jakarta EE Core Profile, independent individual specification

    development Java SE 11 Multiple Compatible implementations available on the release date Jakarta EE 9 New jakarta namespace Java SE 8 Removal of deprecated specs Jakarta EE 8 javax namespace, New process, New licensing New logo Java EE 8 Eclipse Foundation infrastructure Java EE 8 Oracle infrastructure & JCP process Jakarta EE Sources, TCKs, Docs COPYRIGHT (C) 2022, ECLIPSE FOUNDATION | THIS WORK IS LICENSED UNDER A CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE (CC BY 4.0) | V2021-03 10 Jakarta EE 9.1

11. Eclipse Vert.x Vert.x is a toolkit, not a framework, so

    it is naturally very composable and embeddable. We have no strong opinion on what your application structure should be … Quarkus provides a managed Vertx instance, which you could always directly use, if you have the need for it. – But you typically don’t need to Quarkus is hiding the complexity for you. https://quarkus.io/guides/vertx https://quarkus.io/guides/vertx-ref erence

12. 12 *Memory (RSS) in Megabytes, tested on a single-core machine

    Quarkus + Native (via GraalVM) 12 MB Quarkus + JVM (via OpenJDK) 73 MB Traditional Cloud-Native Stack 136 MB REST* Quarkus - Supersonic subatomic Java

13. 13 Boot + First Response Time (in seconds) Quarkus +

    Native (via GraalVM) 0.016 Seconds REST REST + CRUD Quarkus + JVM (via OpenJDK) 0.943 Seconds Quarkus + Native (via GraalVM) 0.042 Seconds Quarkus + JVM (via OpenJDK) 2.033 Seconds Traditional Cloud-Native Stack 9.5 Seconds Traditional Cloud-Native Stack 4.3 Seconds Time to first response Quarkus - Supersonic subatomic Java

14. 14 Cloud Native, Microservices, Serverless Write your Java apps for

    anywhere..

15. CONFIDENTIAL designator V0000000 15 Development Velocity

16. Do you develop locally or all in the cloud? Creating,

    build, test locally Test / Debug Create / Edit Create PR ...and making changes and testing prior to creating every future PR Inner Loop Everything a developer does ‘locally’

17. But real development doesn’t look like a loop, does it?

    Git main ... ... Developers making changes Automated build Inner Loop The cycle of developers making changes, testing, and finally committing back to Git Outer Loop Automation and bringing feedback from build and production back to the developer

18. 18 Demo

19. 19 A cohesive platform for optimized developer joy: • Zero

    config, live reload in the blink of an eye • Based on standards, but not limited • Unified configuration • Streamlined code for the 80% common usages, flexible for the 20% • No hassle native executable generation • *Continuous testing Quarkus - Faster development loop . Developer Joy

20. - Most services you require during development provide a Dev

    Service environment via the extension - Example services are: - Databases - AMQP - Kafka - Keycloak - Redis, MongoDB - RabbitMQ - Vault - Infinispan - Elasticsearch Quarkus enhances inner-loop

21. - DevServices require a working Docker Desktop environment (or a

    running Podman Desktop) - Benefits? - Focus on what you need and implement it - Don’t worry about local installation of PostgreSQL, Kafka… this comes for free - Speed up in Dev - Configuration via application.properties - Use %prod.quarkus… to define the location of the service in Quarkus PROD environments - Use ${ENV_NAME} to build your value https://quarkus.io/guides/dev-services Quarkus Dev Services

22. CONFIDENTIAL designator V0000000 22 Security

23. Securing applications across clouds 23 SSO Identity Brokering OpenID Connect

    SAML v2 Kerberos OpenLDAP Active Directory User Store User Federation Social

24. A cloud workload protection platform and cloud security posture management

    to enable you to “shift left” Build (Shift left) Secure supply chain Extend scanning and compliance into development (DevSecOps) Deploy Secure infrastructure Leverage built-in Kubernetes CSPM to identify and remediate risky configurations Run Secure workloads Maintain and enforce a “zero-trust execution” approach to workload protection Securing supply chain and DevSecOps

25. Red Hat Container Catalog: Java Applications More about the Container

    Health Index DEV UNIT TEST CODE QUAL SEC SCAN INT TEST QA UAT PROD -Cucumber -Arquillian -Junit -Sonarqube -Coverity RHACS (image and deploy checks Red Hat Container Catalog Automated Quality with Red Hat RAPID Approval (automated/manual) Trusted repos registry.redhat.io RHACS (runtime detection) Private registry - Artifactory - Nexus Coding - IDE plugins - Snyk RHACS (Admission Controller) IMAGE BUILD Securing your software supply chain

26. CI/CD Output Example - Image check with Enforcement On

27. 27 CI/CD Output Example - Deploy check

28. CONFIDENTIAL designator V0000000 28 Observability

29. What your user story? Correlate different signals (e.g. metrics, logs,

    and tracing) to build a holistic troubleshooting experience Source: https://grafana.com/blog/2018/12/12/loki-prometheus-inspired-open-source-logging-for-cloud-natives/ Time between “1.” and “Fix!” should be as minimal as possible.

30. CONFIDENTIAL designator V0000000 30 GitOps

31. Treat everything as code Git is the single source of

    truth Auto-reconcile ops through Git workflows Capturing and tracing any change to clusters through Git history Visibility and Audit Review changes beforehand, detect configuration drifts, and take action Drift detection Reliably and consistently configure multiple clusters and apps Multi-cluster consistency Enhanced Security and GitOps

32. GitOps Workflow for application delivery Pull Tekton pipelines and tasks

    Git Event Application Git Repository Configs Git Repository Image Registry Sync Pull/Push Release Application Dev(s) Stage(s) Prod(s) Advanced Cluster Security DevSecOps Advanced Cluster Management Pull Images CD CI Scale Manage Lifecycle Compliance

33. Eclipse Adoptium & OpenJDK Panel Time: 25 Oct 2022 -

    11:45 to 25 Oct 2022 - 12:20 Room: Silchersaal Speaker(s): George Adams (Microsoft Corp.) Tim Ellison (Red Hat, Inc.) Shelley Lambert (Red Hat, Inc.) Eclipse Theia - News and Noteworthy! Time: 25 Oct 2022 - 12:30 to 25 Oct 2022 - 13:05 Room: Seminarraum 5 Speaker: Thomas Mäder Eclipse SDV: What 's Happened since Last Year? Time: 26 Oct 2022 - 10:00 to 26 Oct 2022 - 10:35 Room: Seminarraum 5 Speaker(s): Daniel Krippner (Robert Bosch GmbH) Harald Ruckriegel (Red Hat, Inc.) Thomas Fleischmann (CARIAD SE) Eclipse JKube - What's up, Doc? Time: 26 Oct 2022 - 10:45 to 26 Oct 2022 - 11:20 Room: Silchersaal Speaker: Marc Nuri How I Learned to Stop Worrying and Love the SBOM Time: 26 Oct 2022 - 10:45 to 26 Oct 2022 - 11:20 Room: Schubartsaal Speaker: Shelley Lambert Theia Architecture Overview Time: 26 Oct 2022 - 14:30 to 26 Oct 2022 - 15:05 Room: Schubartsaal Speaker: Thomas Mäder Rust: Embedded, Async, All the Way. Time: 26 Oct 2022 - 17:00 to 26 Oct 2022 - 17:35 Room: Wilhelm-Krämer-Zimmer Speaker(s): Ulf Lilleengen & Jens Reimann Run your favorite IDE on Kubernetes Time: 27 Oct 2022 - 09:45 to 27 Oct 2022 - 10:20 Room: Schubartsaal Speaker(s): Ilya Buziuk & David Kwon * Innovating MicroProfile with Quarkus and SmallRye Time: 27 Oct 2022 - 11:30 to 27 Oct 2022 - 12:05 Room: Silchersaal Speaker: Martin Štefanko Speaking sessions

34. Resources from the presentation 34 Developer Sandbox How do I

    get started? • Quarkus.io • Dev Services (video) • Remote dev • Quarkus Insights • Continuous testing • Source code: demo app • Quarkus for Spring Developers E-Book https://developers.redhat.com/developer-sandbox IDC Red Hat Quarkus Lab Validation Quarkus.io

35. linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat 35 Red Hat is the world’s

    leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you