24 November 2014

DOAG 2014 Impressions

I am writing this blog from a coffee shop in Nuremberg, having just attended DOAG 2014 at the Nuremberg Conference Center. This was my second time talking at the DOAG conference and it seemed even busier than last time. DOAG is the German Oracle User Group, and the crowd at its annual conference is a wide mix of software developers, product managers and sales from a wide range of companies using the whole spectrum of Oracle products.

As last year, the sessions were mostly in German, and while my German is good enough to have a simple conversation with someone when we are both trying to keep things simple and easy to understand, it isn't up to the level required to follow a complex technical session (I did try, attending an interesting looking session on Identity Propagation in Oracle Fusion Middleware, but I only managed to follow about 10% of what was said). The number of english language sessions in the middleware track was limited (just 12) and many of these clashed with each other, which was a shame. However the sessions I did manage to attend were interesting.

There was a definite focus on Oracle SOA Suite, BPM and OSB talks this time around, with many of them being roadmap outlines presented by the Oracle product management teams (unfortunately heavily caveated with Oracle's safe harbour statement preventing me discussing the plans here). There were a few interesting how-to talks, one on how to use the user messaging service in SOA suite to notify users of items of interest, and another on integrating Oracle Event Processing and SOA suite. OEP is a product that I can see becoming more widely used as organisations seek to identify and act on patterns in the event streams generated by their SOA Suite applications.

My presentation was on the Thursday (luckily in the afternoon, giving people time to recover from the community party the night before) and was well attended, with two thirds of the seats taken. The topic was using WLST to create WebLogic domains (see slides below), and the audience was a mix of people who have already started down this road and wanted advice on best practices, through to people who had no experience of WLST. I had some interesting conversations with people after the presentation, and it was good to see so many people who want to take devops to its logical conclusion and include domain builds in their continuous build and integration suites.

I hope to be back for DOAG 2015, and already have some ideas for presentations that people may find interesting. If DOAG can continue to expand the english language agenda (and schedule the english language sessions in a track so that they don't clash) it has the potential to draw people from all around Europe.

21 November 2014

JavaOne 2014 - Impressions

It is a while since I have been to JavaOne, in fact I have not been since the Oracle acquisition of Sun and the move of JavaOne from the Moscone Centre to the Hilton, so my first observations are that it was a lot smaller than the old JavaOne, with less "tracks" and of those, less were focussed on the deep down technical aspects and more of them were focussed on development frameworks. However, of the sessions that I attended, there were definitely some useful bits of information.

The most interesting session I attended (other than my own, which I will talk about later) was on the SAP JVM, which is a fork of hotspot but with added features to improve supportability and diagnostics. One of the most interesting changes was that they have added a lot of information to the "core" exceptions that are often seen. So, for example an IO exception gives more details about the file that was being accessed, a ClassNotFound exception will tell you which classloader it was that failed to find the class, etc. They have also added a lot of information to thread dumps, so each thread can have additional "annotation" information associated with it, and they use this to record the user that the thread is working on behalf of, the amount of IO that has been done, and any URLs the thread is currently working with. All of this adds up to a really nice looking JVM which is unfortunately (due to licensing restrictions) only available for SAP applications. If SAP can find a way to overcome these restrictions (perhaps forking OpenJDK rather than HotSpot) I would have no hesitation in recommending that our customers consider this as their default JVM choice.

One of the other interesting sessions I attended was on Shenandoah, the garbage collector being written by Red Hat (don't worry too much, its being written by ex-sun employees who used to work on hotspot). Shenandoah is a low pause garbage collector that is looking to give lower and more consistent pauses than those offered by G1, although the motivating factor for Red Hat seems to be "because we can" and they didn't have a good set of acceptance criteria for when they would consider it ready. It is still in early stages at the moment, and while it does deliver low pauses, it has a significant overhead to performance, as to allow compaction of live memory they have introduced a "read barrier" check to all reads, which significantly slows down JVM performance. It is certainly an interesting project, but without a set of real performance figures, or customers that want to use Shenandoah (they were asking for customers to help them test it at the talk, as so far they have no real users testing it). I think it will struggle to achieve much significe. There were a number of Azul engineers at the talk who seemed to have tried all this before and decided it wasn't the most effective approach.

The most interesting talk was obviously mine ;) I was running a lab on JMX, which was "sold out" to 60 attendees, and I thoroughly enjoyed it. While I have given talks before I have never done so in front of an audience that was so engaged, and so receptive to the message I was giving. It was great to see developers that wanted to add monitoring to their application before things went wrong, and were getting excited about what to me is one of the best APIs in Java (but to most developers is of no interest whatsoever).

The exhibition area was smaller than it used to be, but there were a surprising number of monitoring products around, most of them though seem to be coming at things from an end-to-end transaction monitoring approach - adding a request ID to the incoming request and propagating it all the way down into the database, then giving you timings of how long each process took. The odd thing was that none of these tools incorporated the existing JMX metrics exposed by containers into this approach, and talking to the people on the stands, none of them understood why that would be a useful thing to do. There were a couple of other interesting monitoring tools, but the one that really caught my eye was HeapStats http://icedtea.classpath.org/wiki/HeapStats (developed by NTT), which is more of a problem identification tool than monitoring. HeapStats provides real-time monitoring of the heap contents to look for problems, it seems an interesting approach, and while the tool is far from being polished it certainly shows promise.
Unfortunately this still leaves me in the position that none of the monitoring tools around fit what I feel a good Java monitoring tool should do - the ones that are trendy at the moment are gathering good information if you want to know why one particular transaction is slow in the database, but if the problem is that your AJAX requests are exhausting your mod_jk thread pool then you aren't going to see that, and you really need to.

I'd like to return to JavaOne next year, when hopefully there will be some deeper dive technical sessions, and with any luck, some of the monitoring tools will do both transaction tracing and JMX monitoring.

'Through the JMX Window' - Hands-on-Lab by Matt Brasier

18 November 2014

A GlassFish Alternative with Teeth - Get Voxxing

At last weeks Devoxx, a brand new knowledge sharing platform was unveiled, going by the name of Voxxed!

With links to Parleys and Devoxx, Voxxed plays host to the latest tech news, webinars, opinion pieces, interviews with the hottest names in tech and much more!

The site is packed with interesting information from articles such as 'JavaEE and the EWoks' by Murat Yener to 'The Internet of things Magic Show!' with Stephen Chin

Steve Millidge, Founder and Director of C2B2 Consulting and Payara did an interview with Voxxed in order to give a broader explanation Payara:

'A GlassFish Alternative with Teeth'

In recent months, Middleware specialist C2B2 has turned its attention the Java EE application server, developing a new solution named Payara, which is designed to push GlassFish “upstream.” Here, C2B2 Founder and Director Steve Milldge introduces this badass new solution.

Voxxed: Why was it so important to you to create a replacement for GlassFish when there are a number of Java EE solutions out there?

Steve: GlassFish is a great application server so by no means are we trying to replace it! When Oracle announced last year that they would no longer provide commercial support for GlassFish, we sat back and watched as numerous industry bloggers labelled GlassFish as ‘dead’ and ‘reduced to a toy’.

In our opinion this couldn’t be further from the truth and what most bloggers failed to mention was that Oracle announced that they will continue to release updates of GlassFish and it will remain the Reference Implementation for JavaEE. To us, this doesn’t sound like Oracle are looking to ‘kill’ GlassFish at all...

Click here to continue reading the full article

Remember, keep an eye out for more Payara and C2B2 news and Get Voxxing!

11 November 2014

Disabling SSLv3 in GlassFish 4.1

With the hubbub caused by the Poodle security flaw still hanging around, and its potential seriousness to several systems, now is a good time to instruct everyone on how to disable SSLv3 and plug a security hole. As you can see from the title, I’ll be covering how to do this in GlassFish 4.1, specifically, I will show you how to do this through the admin console, using the CLI, and by changing the domain configuration file.

31 October 2014

Administering GlassFish with the CLI

It’s always a good time to brush up on the basics, and with the recent release of GlassFish 4.1, and the announcement of Payara Server, it’s an even better time. With that in mind, I'm going to go through a few of the things you can do with the GlassFish CLI. The Command Line Interface (CLI) is a means of controlling GlassFish from the command line (or terminal, if you prefer) allowing you to start, stop, or edit the server in a number of ways. Whilst to some the administration console is the go-to for any administration that needs to be done, the CLI can be a potentially quicker and easier way of performing any administration tasks, particularly when dealing with headless servers (a server without a GUI).

13 October 2014

MIDDLEWARE INSIGHT - C2B2 Newsletter Issue 19


Featured News


GlassFish is here to stay. We heard it from the Oracle - read more
JavaOne Keynotes Available for Streaming - read more  


  JAVAONE 2014


JavaOne Keynotes Available for Streaming - see more at Java.net 
Final Keynotes Reflect Back, Move Forward - read more on the Oracle blog 
Oracle Shares Key Updates on Java Platform, Enterprise Edition, Introduces GlassFish Server Open Source Edition 4.1 at JavaOne 2014 - read more on MarketWatch 
JavaOne 2014 in Depth - read the article by Peter Pilgrim 
JavaOne 2014 Observations by Proxy - read more by Dustin Marx
The highlights of Java EE 8 - read more on the ServerSide 
Life around the Java Hub - read more on the Oracle Blog
User Group Sunday Kicks Things Off - read more on the Oracle Blog 



GlassFish Server Open Source Edition 4.1 Released! – find out more 
GlassFish is here to stay. We heard it from the Oracle. – read more by Steve Millidge
Alternative Logging Frameworks for Application Servers: GlassFish - read more on the C2B2 Blog 
London GUG event: Testing Java EE Applications Using Arquillian & GlassFish by Reza Rahman – find out more and register 
Payara - The New Fish on the Block, 24/7 GlassFish support - find out more 
2014 Duke's Choice Award Winners – read more on the Oracle Blog 
Java Magazine – read the latest issue here 
Apache Tomcat 7.0.56 has arrived - read more on Jaxenter 
5 JAX London sessions every developer should see - read more on Jaxenter 
Jsr107 come, code, cache, compute! -  see Steve Millidge’s JavaOne slides here ; see the code on GitHub 
Java EE 8 will not include Configuration JSR for Java EE applications – find out more here 
Apache Tomcat 8: What It Is, What You Need To Know - read more on the Pivotal Blog 
Apache Warns of Tomcat Remote Code Execution Vulnerability – read more on the Threat Post 
Devoxx 2014 Schedule is now available to view – find out more
Reducing the frequency of GC pauses - seemingly an easy task? – read more on The Server Side 
How to Get the Most Out of a Tech Conference - read more on the Oracle Blog 
TomEE Security Episode 1: Apache Tomcat and Apache TomEE Security Under the Covers –read more on the Tomitribe Blog 



Welcome the New Oracle WebLogic Server 12.1.3 Release – read more by Emin Askerov 
Top 5 Oracle Mobile Application Foundation (MAF) Videos - read more on the Oracle Blog 
Is Oracle doing enough for Java 9? - read more on Jaxenter.com 
Early Access release of JDK 9 available - read more on Jaxenter.com 
Alternative Logging Frameworks for Application Servers: WebLogic – read more on the C2B2 Blog 
New Features and Changes in BPM 12c – read the article by David Winters 
Getting the most out of WLDF Part 4: The Monitoring Dashboard – read the article by Mike Croft 



Continuous Delivery with Docker, Jenkins, JBoss Fuse and OpenShift PaaS – read more on the Java Code Geeks 
How to solve impossible business resource planning problems – read more on Eric Schabell’s blog 
Red Hat Launches Red Hat Cloud for Government to Help Agencies Build Strategies to Address Cloud Challenges - read more on the Business Wire 
Configuring RBAC in JBoss EAP and Wildfly, Part One - read more on the C2B2 Blog 
Alternative Logging Frameworks for Application Servers: WildFly - read the article by Andrew Pielage 
Securing JBoss EAP 6 - Implementing SSL - read the article by Arvind Anandam 
4 Foolproof Tips Get You Started With JBoss BRMS 6.0.3 – read more on Dzone
Use Byteman in JBoss Fuse / Fabric8 / Karaf – read the article by Paolo Antinori 
OpenShift v3 Platform Combines Docker, Kubernetes, Atomic and More - read more on the OpenShift Blog 



Hazelcast raises $11 million in funds for further NoSQL expansion - read more on Jaxenter.com  
Beginner’s Guide To Hazelcast Part 1- read the article by Daryl Mathison 
JSR-000107 JCACHE - Java Temporary Caching API Compatible Implementations – find out more on the JCP website 
Running Tabular Reports with Coherence 12.1.3 Reporter - read more on the Oracle blog 
In-Memory Data Grids: Why market needs them? - listen to the podcast with VPs here 
New eBook: In-Memory Data Grids for Dummies – find out more on the Oracle Blog 

1 October 2014

GlassFish is here to stay. We heard it from the Oracle.

We are at JavaOne 2014 and one of the key reasons for me to attend was to catch up on the future of GlassFish. So on Sunday I went along to the GlassFish community update at the Moscone Center to consult with the Oracle on the future of GlassFish.
The reason I go to JavaOne is to hear the definitive view on GlassFish and JavaEE futures from the people that make the decisions. There's no other conference you can say that about.

On the stand there were 4 Oracle guys who make the decisions on GlassFish.
John Clingan - Product Manager for JavaEE and GlassFish; Mike Lehman - Product Manager for Cloud Application Framework; Cameron Purdy - VP Development; Reza Rahman - Evangelist for JavaEE and GlassFish.

What I saw was that there is a roadmap for GlassFish out until JavaOne 2016 as JavaEE8 develops with GlassFish 5 being the reference implementation for JavaEE 8. GlassFish 5 will aim to be released as the final draft for JavaEE 8 hit the JCP.

Cameron spoke about GlassFish being a key Research and Development platform with much of the technology created in GlassFish to support the JavaEE specifications finding its way into WebLogic with GlassFish having a key role in the evolution of JavaEE far into the future. Many of the key JavaEE specification developers are working on GlassFish as part of their JSR work and that is a huge investment.

John reiterated that Quality, stability and security are still important. The team continue to work to ensure that GlassFish passes all the JSR Compatibility Test Suites and any issues will be fixed. In fact the key priorities for the recent 4.1 release were Java 8 support, stability and quality. Also much of the work invested into GlassFish for JavaEE 8 support will be shareable with WebLogic.

Mike spoke about how collaboration and community is core to GlassFish and JavaEE development. Much of the learning and innovation brought into GlassFish as part of JavaEE 8 is key to Oracle bringing JavaEE 8 compliance to WebLogic faster with shared componentry envisaged between the 2 application servers e.g. Eclispelink, Tyrus and Jersey all being shared components.

On the topic of community participation in GlassFish and JavaEE Cameron emphasised the success of the adopt a JSR programme and encouraged everybody to get involved in the JavaEE 8 JSRs which will start to kick off now. Mike reiterated that the results of the JavaEE survey fed directly into the priority list of JavaEE 8 so community involvement is key to JavaEE 8. John reiterated that GlassFish development is very much open for contributions, just sign the Oracle Contributor Agreement and away you go, with no barriers. Also FishCAT has been a core quality project and show stopper bugs were identified and fixed in GlassFish 4.1 via the community FishCAT programme.

All in all, in my opinion, the outlook from these top Oracle executives was very positive and the future of GlassFish looks to be a platform for rapid innovation in the latest JavaEE 8 goodies combined with providing developers with a quality open source platform for JavaEE.

I came away not only reassured that GlassFish has a future but also that it may have an exciting future.