SlideShare a Scribd company logo
Mario-Leander Reimer, QAware GmbH
mario-leander.reimer@qaware.de
Cloud-native Java EE-volution
Cloud Native Night Munich
München, 06. November 2017
2
Can we evolve existing enterprise applications into the
cloud with reasonable effort?
Containerization
12-Factor App Principles
Microservices
Cloud-native Apps
Monolithic Deployment
Traditional Infrastructure
A <<System / Plattform>>
IO Business Applications (BDR)
A <<Ext. System>>
Saferpay
A <<System>>
SMTP.MUC
A <<System>>
SOFAK
Berechtigter Dritter (PKW),
Berechtigter Dritter (Motorrad)
A <<System>>
P-CODE (BDR)
A <<Subsystem>>
Tuner APP (BDR)
A <<Subsystem>>
VIN Decoder (BDR)
A <<System>>
ITSM SUITE
OSMC User Security Context
A <<System>>
Integrierte Web-Applikation
B2I Security Context
B2I Security Context
A <<System>>
OSMC (BDR)
H <<System>>
Fahrzeug
H <<System>>
Fahrzeuginterface (PTT)
I <<System>>
LAAS
A <<System>>
AOS (BDR)
A <<Subsystem>>
AOS-TS (BDR)
B2I Security Context
A <<System>>
B2I-UA (BDR)
A <<Ext. System>>
BZAFS
A <<System>>
Group Directory
A <<System>>
APRIL (BDR)
A <<System>>
Integr. Client-Appl.
OSS Tech Security Context
(OSS Client Zertifikat)
A <<System>>
externes System
B2I-UB DB
AOS-TS DB
OSMC DB
AOS DB
P-CODE DB
B2I Security Context
I <<Execution Unit>>
OpenShift CNAP
A <<System>>
Billing Service
A <<System>>
Payment Service
A <<System>>
Process Service
A <<Ext. System>>
ASBC
A <<Ext. System>>
SAP (EAI/TBB)
3
Hyperscale, Antifragility and Continuous Delivery are the
driving motivations for the evolution of our systems.
Systemverbund
Berechtigte Dritte (BDR)
Stand R1711
4
Hyperscale, Antifragility and Continuous Delivery are the
driving motivations for the evolution of our systems.
Stateless Mule ESB
No UI, No Database
A <<System>>
APRIL (BDR)
5
Hyperscale, Antifragility and Continuous Delivery are the
driving motivations for the evolution of our systems.
StatefulWebapp
JEE6: JSF, EJB3, JPA
A <<System>>
B2I-UA (BDR)
6
Hyperscale, Antifragility and Continuous Delivery are the
driving motivations for the evolution of our systems.
StatefulWebapp
Spring MVC, JPA
A <<System>>
OSMC (BDR)
Facts. We need to establish a single source of truth for a
reliable forecast of resources, time and effort.
7
Questionnaire
What is the complexity of the application?
Which GF ML version is used?
Which technology stack is used by X?
….
Software Analysis
Static code analysis with Windup
Architecture analysis with S101
Proof of Concepts
Migration of APRIL
Migration of B2I-UA
QAware Know How
Experience from other migrations
Time Sheets
Veteran Team
The essential Design Principles for Cloud Native
Apps act as guidelines for the required changes.
8
Design for Distribution: Containers; microservices; API driven development.
Design for Performance: Responsive; concurrent; resource efficient.
Design for Automation: Automated Dev & Ops tasks.
Design for Resiliency: Fault-tolerant and self-healing.
Design for Elasticity: Scales dynamically and reacts to stimuli.
Design for Delivery: Short roundtrips and automated provisioning.
Design for Diagnosability: Cluster-wide logs, metrics and traces.
9
Favor a gradual transition instead of big bang migration
to reduce and handle technological risks involved.
Loosely coupled microservices.
Scales dynamically based on load.
Level 3: Cloud Native
Fault tolerant and resilient design.
Metrics and monitoring built-in.
Level 2: Cloud Resilient
Adheres to the 12-factor app principles.
Cloud friendly app server runtime.
Level 1: Cloud Friendly
Executed as self-contained image.
Runs on virtualized HW and file system.
Level 0: Cloud Ready
https://www.opendatacenteralliance.org/docs/architecting_cloud_aware_applications.pdf
Delivery
Software Industrialization is a key requirement for
successful DevOps and Continuous Delivery.
11
High degree of automation for laborious and
repetitive tasks is mandatory
Better software quality through a optimized
and streamlined tool chain
More productivity and satisfaction of the
development teams
Better efficiency and competitiveness
Usage of the Agile Tool Chain (ATC)
Migration of all BDR repositories from SVN to Git
with full history within 1 week
Migration of all existing Jenkins build jobs tothe
new build infrastructure
More improvements to come …
The evolution of the associated build tool chain enables
short roundtrips and efficient feature development.
12
Drastically reduced build times for a higher
developer productivity and quality
Use common sense. Only migrate if you suffer
from excessive build times.
https://www.slideshare.net/QAware/von-maven-zu-gradle-in-45-minuten-81244540
Our Continuous Integration & Deployment Pipeline.
13
Distribution
FROM payara/micro:173
# copy the WAR file into deployments directory
COPY target/april-bdr-runtime-1.5.0-SNAPSHOT.war /opt/payara/deployments/
USER root
RUN mkdir -p /april/logs && chown -R payara:payara /april
USER payara
ENTRYPOINT ["java", "-server", "-Dcom.bmw.mastersolutions.gf.domain.dir=/april",
"-Dcom.bmw.iap.april.gf.project.data.shared=/april/data",
"-Dcom.bmw.mastersolutions.gf.project.logs=/april/logs",
"-jar", "/opt/payara/payara-micro.jar"]
CMD ["--deploymentDir", "/opt/payara/deployments", "--noCluster"]
Simple Dockerfile for Payara Micro.
15
version: ‘2’
services:
april-bdr-runtime:
build: .
image: "april-bdr-runtime:1.5.0"
volumes:
- ./src/test/glassfish/data:/april/data
- ./target/glassfish/logs:/april/logs
ports:
- "8080:8080"
A docker-compose.yml for building and running locally.
16
Use volumes to mount
local host directories
into the container
FROM payara/server-full:173
COPY *.asadmin /tmp/
RUN $AS_ADMIN start-domain $PAYARA_DOMAIN && 
$AS_ADMIN $AS_ADMIN_LOGIN multimode --file /tmp/jvm_options.asadmin && 
$AS_ADMIN $AS_ADMIN_LOGIN multimode --file /tmp/payara_optimization.asadmin && 
$AS_ADMIN stop-domain $PAYARA_DOMAIN
COPY target/april-bdr-runtime-1.5.0-SNAPSHOT.war $DEPLOY_DIR
RUN ${PAYARA_PATH}/generate_deploy_commands.sh
# RUN $AS_ADMIN start-domain --dry-run --postbootcommandfile $DEPLOY_COMMANDS $PAYARA_DOMAIN
COPY start-domain.sh $PAYARA_PATH/start-domain.sh
ENTRYPOINT $PAYARA_PATH/start-domain.sh
More sophisticated Dockerfile for Payara Server.
17
Industrialized migration of all deployment artifacts for a
quick, easy and unified containerization.
18
BMW Staging Tool
XML Files
kompose
OpenShift Deployment
YAML Files
Dockerfile +
docker-compose.yml
go2cnap
Local Development Cloud DeploymentTraditional Deployment
Performance
resources:
# CPU is specified in units of cores
# Memory is specified in units of bytes
# required resources for a Pod to be scheduled and started
requests:
memory: "128Mi"
cpu: "1"
# the Pod will be restarted if limits are exceeded
# so be careful not to set them too low!
limits:
memory: "1Gi"
cpu: "2"
Define Resource Constraints carefully.
20
-XX:+UnlockExperimentalVMOptions
-XX:+UseCGroupMemoryLimitForHeap
-server
-Xmx320m -Xss256k -XX:MaxMetaspaceSize=160m -XX:CompressedClassSpaceSize=32m
# Do not use G1GC
-XX:+UseConcMarkSweepGC -XX:+UseParNewGC -XX:NewRatio=1 -XX:+CMSParallelRemarkEnabled
# Use for small heaps on 64-bit VMs
-XX:+AggressiveOpts
-XX:+UseCompressedOops -XX:+UseCompressedClassPointers -XX:+UseStringDeduplication
# optional
-XX:+UnlockDiagnosticVMOptions -XX:NativeMemoryTracking=summary
Tune your JVM!
21
Since jdk8_131
Extra memory settings
GC tuning.
Fancy tuning.
Diagnostics.
Configuration
apiVersion: v1
kind: ConfigMap
metadata:
name: april-aos-runtime-config
data:
april-aos.properties: |
com.bmw.iap.april.jwt.secret=some-secret
osmc.username=april
osmc.url=https://osmc-int.bmwgroup.net
...
april-feature-togglz.properties: |
WRITE_TEXT5_TO_SOFAK_INVOICES=false
...
log4j2.xml: |
<?xml version="1.0" encoding="UTF-8"?>
<Configuration monitorInterval="60">
<Appenders> ... </Appenders>
<Loggers> ... </Loggers>
</Configuration>
23
Use ConfigMaps, Secrets and Volumes to provide file
based configuration data to your deployments.
spec:
containers:
- name: april-aos-runtime
image: 'april-aos-runtime:1.5.0'
imagePullPolicy: Always
ports:
- containerPort: 8080
volumeMounts:
- mountPath: /april/data
name: april-aos-runtime-config-vol
volumes:
- name: april-aos-runtime-config-vol
configMap:
name: april-aos-runtime-config
Use Apache DeltaSpike for some extra configuration
features as well as other CDI extension magic.
24
DeltaSpike consists of a number of portable CDI extensions that provide useful features for Java
application developers.
Set of ready-to-use modules, including a core module and a number of optional modules for providing
additional enterprise functionality to your applications.
Core module with type-safe project stages and powerful interface based configuration mechanism
Data and JPA module enhanced JPA experience with declarative queries, reducing boilerplate to a
minimum
Security module for intercept and security checking on method calls.
Test-Control module for writing CDI-based tests easily
@Configuration(prefix = "some.", cacheFor = 30, cacheUnit = TimeUnit.SECONDS)
public interface SomeConfiguration {
@ConfigProperty(name = "url")
String url();
@ConfigProperty(name = "timeout", defaultValue = "30000")
long timeout();
}
Diagnosability
# container will receive requests if probe succeeds
readinessProbe:
httpGet:
path: /admin/ping
port: 8080
initialDelaySeconds: 30
timeoutSeconds: 5
# container will be killed if probe fails
livenessProbe:
httpGet:
path: /admin/healthcheck
port: 8080
initialDelaySeconds: 60
timeoutSeconds: 10
Liveness and Readiness Probes for Metrics endpoints.
26
<!--
http://metrics.dropwizard.io/3.1.0/manual/servlets/
-->
<servlet>
<servlet-name>adminServlet</servlet-name>
<servlet-class>
com.codahale.metrics.servlets.AdminServlet
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>adminServlet</servlet-name>
<url-pattern>/admin/*</url-pattern>
</servlet-mapping>
27
Retrofitting metrics, health and admin endpoints using
the Dropwizard Metrics library in 30 minutes.
<dependencies>
<dependency>
<groupId>io.dropwizard.metrics</groupId>
<artifactId>metrics-core</artifactId>
<version>${metrics.version}</version>
</dependency>
</dependencies>
Usage of Dropwizard Metrics to retrofit metrics,
health and admin endpoints
Easy integration with any JEE7 application
Definition of Custom Health Checks
Used as Liveness und Readiness Probes
Resiliency
29
Retrofitting resiliency using Netflix Hystrix is easy.
Use Netflix Hystrix for the resilient (synchronous) call of any external system
Circuit Breaker and Bulk Heading implementation
Easy integration with any JEE7 application
Can be used easily with Jersey Client for REST Calls
Can be integrated easily with JSR 236 Concurrency API via HystrixConcurrencyStrategy
Integrates seemlessly with Dropwizard Metrics
<dependencies>
<dependency>
<groupId>com.netflix.hystrix</groupId>
<artifactId>hystrix-core</artifactId>
<version>${hystrix.version}</version>
</dependency>
</dependencies>
Go Microprofile.
Alternatively, just use the MicroProfile 1.2 APIs.
31
Elasticity
<hazelcast>
<properties><property name="hazelcast.discovery.enabled">true</property></properties>
<network>
<join> <!-- deactivate normal discovery -->
<multicast enabled="false"/>
<tcp-ip enabled="false" />
<!-- activate the Kubernetes plugin -->
<discovery-strategies>
<discovery-strategy enabled="true" class="com.hazelcast.kubernetes.HazelcastKubernetesDiscoveryStrategy">
<properties>
<!-- configure discovery service API lookup -->
<property name="service-name">MY-SERVICE-NAME</property>
<property name="service-label-name">cluster01</property>
<property name="service-label-value">true</property>
<property name="namespace">MY-KUBERNETES-NAMESPACE</property>
</properties>
</discovery-strategy>
</discovery-strategies>
</join>
</network>
</hazelcast>
https://github.com/hazelcast/hazelcast-kubernetes
33
Microservices
35
Cloud-native Application Development:
Components all along the software lifecycle.
DESIGN BUILD RUN
1:1 ?:1
Complexity unit
Data integrity unit
Coherent and cohesive feature unit
Decoupled unit
Planning & Assignment unit
Knowledge unit
Development unit
Integration unit
Release unit
Deployment unit
Runtime unit (crash, slow-down, access)
Scaling unit
36
Dev Components Ops Components?:1
System
Subsystems
Components
Services
Current starting point
DecompositionTrade-Offs
Microservices
Nanoservices
Macroservices
Monolith
+ More flexible to scale
+ Runtime isolation (crash, slow-down, …)
+ Independent releases, deployments, teams
+ Higher utilization possible
− Distribution debt: Latency
− Increasing infrastructure complexity
− Increasing troubleshooting complexity
− Increasing integration complexity
Logical view on the package structure of APRIL.
37
38
„Decomposing the Monolith“
Base Runtime (Mule ESB 3.7)
Monitoring
Finance
Adapter
Logging
Cert
Adapter
Vehicle
Adapter
Commercial
Adapter
Security
APRIL Runtime
Tracing
…
Portal
Adapter
B2I
Adapter
Session
Adapter
Log
Adapter
Score
Adapter
Legacy
Adapter
Togglz
FASTA
Adapter
All the business components with
their REST and SOAP interfaces are
contained in one single humongous
deployment unit.
Cross-cutting components
39
„Decomposing the Monolith“
Base Runtime (Mule ESB 3.7)
Monitoring
B2I
Adapter
Logging
User
Adapter
Portal
Adapter
Integration
Adapter
Security
APRIL AOS Deployment
Tracing
… Base Runtime (Mule ESB 3.7)
Monitoring Logging
Commercial
Adapter
Security
APRIL Commercial
Deployment
Tracing
Base Runtime (Mule ESB 3.7)
Monitoring Logging
Vehicle
Adapter
Security
APRIL Vehicle
Deployment
Tracing
Base Runtime (Mule ESB 3.7)
Monitoring Logging
Finance
Adapter
Security
APRIL Finance
Deployment
Tracing
Base Runtime (Mule ESB 3.7)
Monitoring
Score
Adapter
Logging
FASTA
Adapter
Cert
Adapter
OSS Legacy
Adapter
Security
APRIL Client Deployment
Tracing
…
One deployment unit per
system context
Transform: extract a portion of the existing functionality into
a new and modern system.
Coexist: both systems coexist for some time. Calls agains
the old functionality are diverted.
Eliminate: old functionality will be removed from legacy
system once no more clients are using it.
Ideal for Web- and API-Monoliths.
Slightly problematic for Non-RESTful URL structures.
Stepwise evolution of legacy systems and Cloud-native
reconstruction using the Strangler Pattern.
40https://martinfowler.com/bliki/StranglerApplication.html
High level overview after the reconstruction.
41
Process
MQseries
OTP
APRIL
Payment
OpenShift
Billing
Payment
APRIL
UI
B&P
B2ILAAS EAI/SAP
Saferpay
OSMC
Cloud-native Java EE-volution
QAware GmbH München
Aschauer Straße 32
81549 München
Tel.: +49 (0) 89 23 23 15 – 0
Fax: +49 (0) 89 23 23 15 – 129 github.com/qaware
linkedin.com/qaware slideshare.net/qaware
twitter.com/qaware xing.com/qaware
youtube.com/qawaregmbh

More Related Content

PPTX
CICD Pipeline - AWS Azure
PDF
Everything-as-code: DevOps und Continuous Delivery aus Sicht des Entwicklers.
PDF
Ich brauche einen Abstraktions-Layer für meine Cloud
PDF
A Hitchhiker's Guide to Cloud Native API Gateways
PDF
A Hitchhiker's Guide to Cloud-Native API Gateways
PDF
DevOps Spain 2019. Beatriz Martínez-IBM
PDF
Pivotal Cloud Foundry 2.1: Making Transformation Real Webinar
PDF
Red Hat multi-cluster management & what's new in OpenShift
CICD Pipeline - AWS Azure
Everything-as-code: DevOps und Continuous Delivery aus Sicht des Entwicklers.
Ich brauche einen Abstraktions-Layer für meine Cloud
A Hitchhiker's Guide to Cloud Native API Gateways
A Hitchhiker's Guide to Cloud-Native API Gateways
DevOps Spain 2019. Beatriz Martínez-IBM
Pivotal Cloud Foundry 2.1: Making Transformation Real Webinar
Red Hat multi-cluster management & what's new in OpenShift

What's hot (20)

PDF
High-Performance FAAS with Nuclio
PDF
Cloud-Native Fundamentals: Accelerating Development with Continuous Integration
PPTX
DevOps to DevSecOps Journey..
PDF
CI/CD on Google Cloud Platform
PPTX
Azure DevOps
PDF
Leveraging Gradle @ Netflix (Madrid GUG Feb 2, 2021)
PPTX
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
PPTX
Enable DevSecOps using JIRA Software
PDF
GitOps & the deployment branching models - DevOps D-day Marseille 2021
PPTX
Cloud Native with Kyma
PDF
Spring and Pivotal Application Service - SpringOne Tour - Boston
PDF
Secure Architecture and Programming 101
PPTX
Azure DevOps - Version Controlling with Git
PDF
DevOps Spain 2019. David Cañadillas -Cloudbees
PPTX
Vulnerability Discovery in the Cloud
PDF
Cloud Native Engineering with SRE and GitOps
PDF
Fully Orchestrating Applications, Microservices and Enterprise Services with ...
PDF
Pivotal Cloud Foundry 2.5: A First Look
PDF
PKS: The What and How of Enterprise-Grade Kubernetes
PDF
Workshop Azure DevOps | Docker | Azure Kubernetes Services
High-Performance FAAS with Nuclio
Cloud-Native Fundamentals: Accelerating Development with Continuous Integration
DevOps to DevSecOps Journey..
CI/CD on Google Cloud Platform
Azure DevOps
Leveraging Gradle @ Netflix (Madrid GUG Feb 2, 2021)
Cloud Native Transformation (Alexis Richardson) - Continuous Lifecycle 2018 ...
Enable DevSecOps using JIRA Software
GitOps & the deployment branching models - DevOps D-day Marseille 2021
Cloud Native with Kyma
Spring and Pivotal Application Service - SpringOne Tour - Boston
Secure Architecture and Programming 101
Azure DevOps - Version Controlling with Git
DevOps Spain 2019. David Cañadillas -Cloudbees
Vulnerability Discovery in the Cloud
Cloud Native Engineering with SRE and GitOps
Fully Orchestrating Applications, Microservices and Enterprise Services with ...
Pivotal Cloud Foundry 2.5: A First Look
PKS: The What and How of Enterprise-Grade Kubernetes
Workshop Azure DevOps | Docker | Azure Kubernetes Services
Ad

Similar to Cloud-native Java EE-volution (20)

PDF
Tools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
PPTX
Are you ready for cloud-native Java?
PDF
The App Evolution
PPTX
App Development Evolution: What has changed?
PPTX
PPTX
Modern application development with oracle cloud sangam17
PDF
Pivotal CloudFoundry on Google cloud platform
PDF
Java one 2015 - v1
PDF
Javantura v4 - Support SpringBoot application development lifecycle using Ora...
PDF
Pivotal Cloud Foundry: A Technical Overview
PPTX
"The Cloud Native Enterprise is Coming"
PDF
Cloud-native .NET-Microservices mit Kubernetes @BASTAcon
PPTX
The App Evolution
PPTX
App Development Evolution: What has changed?
PDF
Pivotal Cloud Foundry: A Technical Overview
PDF
Lattice: A Cloud-Native Platform for Your Spring Applications
PDF
JVMs in Containers
PDF
Kubernetes Native Java and Eclipse MicroProfile | EclipseCon Europe 2019
PDF
Kubernetes Native Java and Eclipse MicroProfile | EclipseCon Europe 2019
PPTX
Bring the Action: Using GraalVM in Production
Tools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
Are you ready for cloud-native Java?
The App Evolution
App Development Evolution: What has changed?
Modern application development with oracle cloud sangam17
Pivotal CloudFoundry on Google cloud platform
Java one 2015 - v1
Javantura v4 - Support SpringBoot application development lifecycle using Ora...
Pivotal Cloud Foundry: A Technical Overview
"The Cloud Native Enterprise is Coming"
Cloud-native .NET-Microservices mit Kubernetes @BASTAcon
The App Evolution
App Development Evolution: What has changed?
Pivotal Cloud Foundry: A Technical Overview
Lattice: A Cloud-Native Platform for Your Spring Applications
JVMs in Containers
Kubernetes Native Java and Eclipse MicroProfile | EclipseCon Europe 2019
Kubernetes Native Java and Eclipse MicroProfile | EclipseCon Europe 2019
Bring the Action: Using GraalVM in Production
Ad

More from QAware GmbH (20)

PDF
QAware_Mario-Leander_Reimer_Architecting and Building a K8s-based AI Platform...
PDF
Frontends mit Hilfe von KI entwickeln.pdf
PDF
Mit ChatGPT Dinosaurier besiegen - Möglichkeiten und Grenzen von LLM für die ...
PDF
50 Shades of K8s Autoscaling #JavaLand24.pdf
PDF
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
PPTX
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
PDF
Down the Ivory Tower towards Agile Architecture
PDF
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
PDF
Make Developers Fly: Principles for Platform Engineering
PDF
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
PDF
Was kommt nach den SPAs
PDF
Cloud Migration mit KI: der Turbo
PDF
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
PDF
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
PDF
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
PDF
Kubernetes with Cilium in AWS - Experience Report!
PDF
50 Shades of K8s Autoscaling
PDF
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
PDF
Service Mesh Pain & Gain. Experiences from a client project.
PDF
50 Shades of K8s Autoscaling
QAware_Mario-Leander_Reimer_Architecting and Building a K8s-based AI Platform...
Frontends mit Hilfe von KI entwickeln.pdf
Mit ChatGPT Dinosaurier besiegen - Möglichkeiten und Grenzen von LLM für die ...
50 Shades of K8s Autoscaling #JavaLand24.pdf
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Down the Ivory Tower towards Agile Architecture
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
Make Developers Fly: Principles for Platform Engineering
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
Was kommt nach den SPAs
Cloud Migration mit KI: der Turbo
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Kubernetes with Cilium in AWS - Experience Report!
50 Shades of K8s Autoscaling
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Service Mesh Pain & Gain. Experiences from a client project.
50 Shades of K8s Autoscaling

Recently uploaded (20)

PPTX
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
PPT
Quality review (1)_presentation of this 21
PPTX
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
PPTX
Logistic Regression ml machine learning.pptx
PDF
Galatica Smart Energy Infrastructure Startup Pitch Deck
PDF
Recruitment and Placement PPT.pdfbjfibjdfbjfobj
PDF
Mega Projects Data Mega Projects Data
PPTX
Business Ppt On Nestle.pptx huunnnhhgfvu
PPTX
Introduction to Basics of Ethical Hacking and Penetration Testing -Unit No. 1...
PPTX
The THESIS FINAL-DEFENSE-PRESENTATION.pptx
PPTX
A Quantitative-WPS Office.pptx research study
PPTX
Supervised vs unsupervised machine learning algorithms
PPTX
climate analysis of Dhaka ,Banglades.pptx
PDF
.pdf is not working space design for the following data for the following dat...
PDF
Fluorescence-microscope_Botany_detailed content
PPTX
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
PPTX
05. PRACTICAL GUIDE TO MICROSOFT EXCEL.pptx
PPTX
iec ppt-1 pptx icmr ppt on rehabilitation.pptx
PPT
Miokarditis (Inflamasi pada Otot Jantung)
PDF
Clinical guidelines as a resource for EBP(1).pdf
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
Quality review (1)_presentation of this 21
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
Logistic Regression ml machine learning.pptx
Galatica Smart Energy Infrastructure Startup Pitch Deck
Recruitment and Placement PPT.pdfbjfibjdfbjfobj
Mega Projects Data Mega Projects Data
Business Ppt On Nestle.pptx huunnnhhgfvu
Introduction to Basics of Ethical Hacking and Penetration Testing -Unit No. 1...
The THESIS FINAL-DEFENSE-PRESENTATION.pptx
A Quantitative-WPS Office.pptx research study
Supervised vs unsupervised machine learning algorithms
climate analysis of Dhaka ,Banglades.pptx
.pdf is not working space design for the following data for the following dat...
Fluorescence-microscope_Botany_detailed content
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
05. PRACTICAL GUIDE TO MICROSOFT EXCEL.pptx
iec ppt-1 pptx icmr ppt on rehabilitation.pptx
Miokarditis (Inflamasi pada Otot Jantung)
Clinical guidelines as a resource for EBP(1).pdf

Cloud-native Java EE-volution

  • 1. Mario-Leander Reimer, QAware GmbH mario-leander.reimer@qaware.de Cloud-native Java EE-volution Cloud Native Night Munich München, 06. November 2017
  • 2. 2 Can we evolve existing enterprise applications into the cloud with reasonable effort? Containerization 12-Factor App Principles Microservices Cloud-native Apps Monolithic Deployment Traditional Infrastructure
  • 3. A <<System / Plattform>> IO Business Applications (BDR) A <<Ext. System>> Saferpay A <<System>> SMTP.MUC A <<System>> SOFAK Berechtigter Dritter (PKW), Berechtigter Dritter (Motorrad) A <<System>> P-CODE (BDR) A <<Subsystem>> Tuner APP (BDR) A <<Subsystem>> VIN Decoder (BDR) A <<System>> ITSM SUITE OSMC User Security Context A <<System>> Integrierte Web-Applikation B2I Security Context B2I Security Context A <<System>> OSMC (BDR) H <<System>> Fahrzeug H <<System>> Fahrzeuginterface (PTT) I <<System>> LAAS A <<System>> AOS (BDR) A <<Subsystem>> AOS-TS (BDR) B2I Security Context A <<System>> B2I-UA (BDR) A <<Ext. System>> BZAFS A <<System>> Group Directory A <<System>> APRIL (BDR) A <<System>> Integr. Client-Appl. OSS Tech Security Context (OSS Client Zertifikat) A <<System>> externes System B2I-UB DB AOS-TS DB OSMC DB AOS DB P-CODE DB B2I Security Context I <<Execution Unit>> OpenShift CNAP A <<System>> Billing Service A <<System>> Payment Service A <<System>> Process Service A <<Ext. System>> ASBC A <<Ext. System>> SAP (EAI/TBB) 3 Hyperscale, Antifragility and Continuous Delivery are the driving motivations for the evolution of our systems. Systemverbund Berechtigte Dritte (BDR) Stand R1711
  • 4. 4 Hyperscale, Antifragility and Continuous Delivery are the driving motivations for the evolution of our systems. Stateless Mule ESB No UI, No Database A <<System>> APRIL (BDR)
  • 5. 5 Hyperscale, Antifragility and Continuous Delivery are the driving motivations for the evolution of our systems. StatefulWebapp JEE6: JSF, EJB3, JPA A <<System>> B2I-UA (BDR)
  • 6. 6 Hyperscale, Antifragility and Continuous Delivery are the driving motivations for the evolution of our systems. StatefulWebapp Spring MVC, JPA A <<System>> OSMC (BDR)
  • 7. Facts. We need to establish a single source of truth for a reliable forecast of resources, time and effort. 7 Questionnaire What is the complexity of the application? Which GF ML version is used? Which technology stack is used by X? …. Software Analysis Static code analysis with Windup Architecture analysis with S101 Proof of Concepts Migration of APRIL Migration of B2I-UA QAware Know How Experience from other migrations Time Sheets Veteran Team
  • 8. The essential Design Principles for Cloud Native Apps act as guidelines for the required changes. 8 Design for Distribution: Containers; microservices; API driven development. Design for Performance: Responsive; concurrent; resource efficient. Design for Automation: Automated Dev & Ops tasks. Design for Resiliency: Fault-tolerant and self-healing. Design for Elasticity: Scales dynamically and reacts to stimuli. Design for Delivery: Short roundtrips and automated provisioning. Design for Diagnosability: Cluster-wide logs, metrics and traces.
  • 9. 9 Favor a gradual transition instead of big bang migration to reduce and handle technological risks involved. Loosely coupled microservices. Scales dynamically based on load. Level 3: Cloud Native Fault tolerant and resilient design. Metrics and monitoring built-in. Level 2: Cloud Resilient Adheres to the 12-factor app principles. Cloud friendly app server runtime. Level 1: Cloud Friendly Executed as self-contained image. Runs on virtualized HW and file system. Level 0: Cloud Ready https://www.opendatacenteralliance.org/docs/architecting_cloud_aware_applications.pdf
  • 11. Software Industrialization is a key requirement for successful DevOps and Continuous Delivery. 11 High degree of automation for laborious and repetitive tasks is mandatory Better software quality through a optimized and streamlined tool chain More productivity and satisfaction of the development teams Better efficiency and competitiveness
  • 12. Usage of the Agile Tool Chain (ATC) Migration of all BDR repositories from SVN to Git with full history within 1 week Migration of all existing Jenkins build jobs tothe new build infrastructure More improvements to come … The evolution of the associated build tool chain enables short roundtrips and efficient feature development. 12 Drastically reduced build times for a higher developer productivity and quality Use common sense. Only migrate if you suffer from excessive build times. https://www.slideshare.net/QAware/von-maven-zu-gradle-in-45-minuten-81244540
  • 13. Our Continuous Integration & Deployment Pipeline. 13
  • 15. FROM payara/micro:173 # copy the WAR file into deployments directory COPY target/april-bdr-runtime-1.5.0-SNAPSHOT.war /opt/payara/deployments/ USER root RUN mkdir -p /april/logs && chown -R payara:payara /april USER payara ENTRYPOINT ["java", "-server", "-Dcom.bmw.mastersolutions.gf.domain.dir=/april", "-Dcom.bmw.iap.april.gf.project.data.shared=/april/data", "-Dcom.bmw.mastersolutions.gf.project.logs=/april/logs", "-jar", "/opt/payara/payara-micro.jar"] CMD ["--deploymentDir", "/opt/payara/deployments", "--noCluster"] Simple Dockerfile for Payara Micro. 15
  • 16. version: ‘2’ services: april-bdr-runtime: build: . image: "april-bdr-runtime:1.5.0" volumes: - ./src/test/glassfish/data:/april/data - ./target/glassfish/logs:/april/logs ports: - "8080:8080" A docker-compose.yml for building and running locally. 16 Use volumes to mount local host directories into the container
  • 17. FROM payara/server-full:173 COPY *.asadmin /tmp/ RUN $AS_ADMIN start-domain $PAYARA_DOMAIN && $AS_ADMIN $AS_ADMIN_LOGIN multimode --file /tmp/jvm_options.asadmin && $AS_ADMIN $AS_ADMIN_LOGIN multimode --file /tmp/payara_optimization.asadmin && $AS_ADMIN stop-domain $PAYARA_DOMAIN COPY target/april-bdr-runtime-1.5.0-SNAPSHOT.war $DEPLOY_DIR RUN ${PAYARA_PATH}/generate_deploy_commands.sh # RUN $AS_ADMIN start-domain --dry-run --postbootcommandfile $DEPLOY_COMMANDS $PAYARA_DOMAIN COPY start-domain.sh $PAYARA_PATH/start-domain.sh ENTRYPOINT $PAYARA_PATH/start-domain.sh More sophisticated Dockerfile for Payara Server. 17
  • 18. Industrialized migration of all deployment artifacts for a quick, easy and unified containerization. 18 BMW Staging Tool XML Files kompose OpenShift Deployment YAML Files Dockerfile + docker-compose.yml go2cnap Local Development Cloud DeploymentTraditional Deployment
  • 20. resources: # CPU is specified in units of cores # Memory is specified in units of bytes # required resources for a Pod to be scheduled and started requests: memory: "128Mi" cpu: "1" # the Pod will be restarted if limits are exceeded # so be careful not to set them too low! limits: memory: "1Gi" cpu: "2" Define Resource Constraints carefully. 20
  • 21. -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -server -Xmx320m -Xss256k -XX:MaxMetaspaceSize=160m -XX:CompressedClassSpaceSize=32m # Do not use G1GC -XX:+UseConcMarkSweepGC -XX:+UseParNewGC -XX:NewRatio=1 -XX:+CMSParallelRemarkEnabled # Use for small heaps on 64-bit VMs -XX:+AggressiveOpts -XX:+UseCompressedOops -XX:+UseCompressedClassPointers -XX:+UseStringDeduplication # optional -XX:+UnlockDiagnosticVMOptions -XX:NativeMemoryTracking=summary Tune your JVM! 21 Since jdk8_131 Extra memory settings GC tuning. Fancy tuning. Diagnostics.
  • 23. apiVersion: v1 kind: ConfigMap metadata: name: april-aos-runtime-config data: april-aos.properties: | com.bmw.iap.april.jwt.secret=some-secret osmc.username=april osmc.url=https://osmc-int.bmwgroup.net ... april-feature-togglz.properties: | WRITE_TEXT5_TO_SOFAK_INVOICES=false ... log4j2.xml: | <?xml version="1.0" encoding="UTF-8"?> <Configuration monitorInterval="60"> <Appenders> ... </Appenders> <Loggers> ... </Loggers> </Configuration> 23 Use ConfigMaps, Secrets and Volumes to provide file based configuration data to your deployments. spec: containers: - name: april-aos-runtime image: 'april-aos-runtime:1.5.0' imagePullPolicy: Always ports: - containerPort: 8080 volumeMounts: - mountPath: /april/data name: april-aos-runtime-config-vol volumes: - name: april-aos-runtime-config-vol configMap: name: april-aos-runtime-config
  • 24. Use Apache DeltaSpike for some extra configuration features as well as other CDI extension magic. 24 DeltaSpike consists of a number of portable CDI extensions that provide useful features for Java application developers. Set of ready-to-use modules, including a core module and a number of optional modules for providing additional enterprise functionality to your applications. Core module with type-safe project stages and powerful interface based configuration mechanism Data and JPA module enhanced JPA experience with declarative queries, reducing boilerplate to a minimum Security module for intercept and security checking on method calls. Test-Control module for writing CDI-based tests easily @Configuration(prefix = "some.", cacheFor = 30, cacheUnit = TimeUnit.SECONDS) public interface SomeConfiguration { @ConfigProperty(name = "url") String url(); @ConfigProperty(name = "timeout", defaultValue = "30000") long timeout(); }
  • 26. # container will receive requests if probe succeeds readinessProbe: httpGet: path: /admin/ping port: 8080 initialDelaySeconds: 30 timeoutSeconds: 5 # container will be killed if probe fails livenessProbe: httpGet: path: /admin/healthcheck port: 8080 initialDelaySeconds: 60 timeoutSeconds: 10 Liveness and Readiness Probes for Metrics endpoints. 26
  • 27. <!-- http://metrics.dropwizard.io/3.1.0/manual/servlets/ --> <servlet> <servlet-name>adminServlet</servlet-name> <servlet-class> com.codahale.metrics.servlets.AdminServlet </servlet-class> </servlet> <servlet-mapping> <servlet-name>adminServlet</servlet-name> <url-pattern>/admin/*</url-pattern> </servlet-mapping> 27 Retrofitting metrics, health and admin endpoints using the Dropwizard Metrics library in 30 minutes. <dependencies> <dependency> <groupId>io.dropwizard.metrics</groupId> <artifactId>metrics-core</artifactId> <version>${metrics.version}</version> </dependency> </dependencies> Usage of Dropwizard Metrics to retrofit metrics, health and admin endpoints Easy integration with any JEE7 application Definition of Custom Health Checks Used as Liveness und Readiness Probes
  • 29. 29 Retrofitting resiliency using Netflix Hystrix is easy. Use Netflix Hystrix for the resilient (synchronous) call of any external system Circuit Breaker and Bulk Heading implementation Easy integration with any JEE7 application Can be used easily with Jersey Client for REST Calls Can be integrated easily with JSR 236 Concurrency API via HystrixConcurrencyStrategy Integrates seemlessly with Dropwizard Metrics <dependencies> <dependency> <groupId>com.netflix.hystrix</groupId> <artifactId>hystrix-core</artifactId> <version>${hystrix.version}</version> </dependency> </dependencies>
  • 31. Alternatively, just use the MicroProfile 1.2 APIs. 31
  • 33. <hazelcast> <properties><property name="hazelcast.discovery.enabled">true</property></properties> <network> <join> <!-- deactivate normal discovery --> <multicast enabled="false"/> <tcp-ip enabled="false" /> <!-- activate the Kubernetes plugin --> <discovery-strategies> <discovery-strategy enabled="true" class="com.hazelcast.kubernetes.HazelcastKubernetesDiscoveryStrategy"> <properties> <!-- configure discovery service API lookup --> <property name="service-name">MY-SERVICE-NAME</property> <property name="service-label-name">cluster01</property> <property name="service-label-value">true</property> <property name="namespace">MY-KUBERNETES-NAMESPACE</property> </properties> </discovery-strategy> </discovery-strategies> </join> </network> </hazelcast> https://github.com/hazelcast/hazelcast-kubernetes 33
  • 35. 35 Cloud-native Application Development: Components all along the software lifecycle. DESIGN BUILD RUN 1:1 ?:1 Complexity unit Data integrity unit Coherent and cohesive feature unit Decoupled unit Planning & Assignment unit Knowledge unit Development unit Integration unit Release unit Deployment unit Runtime unit (crash, slow-down, access) Scaling unit
  • 36. 36 Dev Components Ops Components?:1 System Subsystems Components Services Current starting point DecompositionTrade-Offs Microservices Nanoservices Macroservices Monolith + More flexible to scale + Runtime isolation (crash, slow-down, …) + Independent releases, deployments, teams + Higher utilization possible − Distribution debt: Latency − Increasing infrastructure complexity − Increasing troubleshooting complexity − Increasing integration complexity
  • 37. Logical view on the package structure of APRIL. 37
  • 38. 38 „Decomposing the Monolith“ Base Runtime (Mule ESB 3.7) Monitoring Finance Adapter Logging Cert Adapter Vehicle Adapter Commercial Adapter Security APRIL Runtime Tracing … Portal Adapter B2I Adapter Session Adapter Log Adapter Score Adapter Legacy Adapter Togglz FASTA Adapter All the business components with their REST and SOAP interfaces are contained in one single humongous deployment unit. Cross-cutting components
  • 39. 39 „Decomposing the Monolith“ Base Runtime (Mule ESB 3.7) Monitoring B2I Adapter Logging User Adapter Portal Adapter Integration Adapter Security APRIL AOS Deployment Tracing … Base Runtime (Mule ESB 3.7) Monitoring Logging Commercial Adapter Security APRIL Commercial Deployment Tracing Base Runtime (Mule ESB 3.7) Monitoring Logging Vehicle Adapter Security APRIL Vehicle Deployment Tracing Base Runtime (Mule ESB 3.7) Monitoring Logging Finance Adapter Security APRIL Finance Deployment Tracing Base Runtime (Mule ESB 3.7) Monitoring Score Adapter Logging FASTA Adapter Cert Adapter OSS Legacy Adapter Security APRIL Client Deployment Tracing … One deployment unit per system context
  • 40. Transform: extract a portion of the existing functionality into a new and modern system. Coexist: both systems coexist for some time. Calls agains the old functionality are diverted. Eliminate: old functionality will be removed from legacy system once no more clients are using it. Ideal for Web- and API-Monoliths. Slightly problematic for Non-RESTful URL structures. Stepwise evolution of legacy systems and Cloud-native reconstruction using the Strangler Pattern. 40https://martinfowler.com/bliki/StranglerApplication.html
  • 41. High level overview after the reconstruction. 41 Process MQseries OTP APRIL Payment OpenShift Billing Payment APRIL UI B&P B2ILAAS EAI/SAP Saferpay OSMC
  • 43. QAware GmbH München Aschauer Straße 32 81549 München Tel.: +49 (0) 89 23 23 15 – 0 Fax: +49 (0) 89 23 23 15 – 129 github.com/qaware linkedin.com/qaware slideshare.net/qaware twitter.com/qaware xing.com/qaware youtube.com/qawaregmbh