SpringOne Tour - Columbus
by Tad Lamb Jr
SpringOne has smaller conferences at various cities around the U.S. called Tours, and this is a very afforadble option for getting training without taking time and money to travel to a single conference location. Below are the notes that I took from each session.
Day 1
Better Software is Better than Worse Software - Nate Schutta
Overview of Pivotal and why it is value added over open source install
Talked about provisioning environments quickly and deploying small increments often
Drinking from the Stream - Mark Heckler
Messaging Platforms
Spring Cloud Stream - Opinionated abstraction
On top of Kafka, RabbitMQ (?)
Has
- Source (generator)
- Processor
- Sink
Spring Initializer: start.spring.io
Mentioned “Lombok”
Live coded the source, processor and sink in RabbitMQ, then switched to Kafka
Reactive Testing - Mario Gray
CDC’s - Consumer Driven Contracts
Spring Cloud Contract Verifier
Uses WireMock
How to test reactive stream processes
Spring Security 5.1 by Example - Josh Cummings
Jzheaux/spring-security51-reactive-by-example
Started with SecureMail, an intentionally insecure app
Added spring-boot-start-security dependency in mvn
Redirects to login when not authenticated, adds secure headers, among other things
@ControllerAdvice - a hook to get the current user
OAuth
Add spring-boot-starter-oauth2-client dependency
Add auth server, client Id and client secret
Resource server end used spring-boot-starter-resource-server
Need ReactiveClientRegistrationRepository and ServerOAuth2AuthorizationClientRepository
ServerOAuth2AuthorizedClientExchangeFilterFunction
Asking for user gives you your user rather than the Spring Principal that was used for authentication
It provides authentication. Authorization is custom enough that you need to provide that piece yourself
@AuthenticationPrincipal(expression=“claims[user id]”) currentUser <= can turn this into a meta-annotation
@EnableReactiveMethodSecurity
@PostAuthorize to make sure user is not accessing data from another user
Performance discussion
Spring boot devtools - watches for changed code and restarts the server - fast restart since JVM and classes as still loaded
You can get a spring boot app to run in 250MB if you adjust some other memory settings, but there is a trade-off for that. You lose some features.
Spring Boot looks at your class path to see what you might be using. Newer version will not bring in multiple conflicting options. May still be loading things you are not using. Spring-Fu project can help (uses DSL to choose what you want)
Spring component index jar file (indexes at compile time so no runtime scanning needed) free, but not much impact unless the project is huge
Tool: async profiler (use as a java command line argument)
Security
Fuse has scanning of logs and ports and will shut down misconfigurations within minutes
Security team: If you open the packet (Corp man-in-the-middle) then you are susceptible to all the HIPAA regulations
Day 2
The Reactive Revolution - Josh Long
Reactive Spring handles requests in a non-blocking way so you can handle more requests per second on the same hardware
Welcome to the Reactive Revolution:RSocket and Spring Cloud Gateway - Spencer Gibb
RSocket - new protocol to support Reactive programming
- persistent
- bi-directional
- binary
- message-based
- multiplexed
Types of interaction models:
- Request-response
- Fire-and-forget
- Request-stream
- Request-channel
Once the connection is created, the disinction between client and server is lost
This is still in the very early days, but it has potential to be a very efficient protocol with simple discovery.
Plan to use implementation of SWIM
Targeted for late Summer 2019
Four Key Performance Indicators for Every Java App - Jon Schneider
Micrometer - Instrumentation facade
Need:
- spring-boot-starter-actuator
- micrometer-registry-prometheus
L-USE
- Latency
Alert to maximum
Tune to 99% - Utilization process.cpu.usage < 80%
- Saturation jvm.gc.memory.promoted / jvm.gc.memory.allocated < 30% Increasing heap allows more junk to accumulate and garbage collection to take longer
- Errors http.server.requests{outcome != ‘SUCCESS’} / http.server.requests < ERROR BUDGET
How Fast is Spring? - Dave Syer
How much work is Spring doing compared to other code?
Reducing heap size dramatically increases startup time at a certain threshhold (~20MB)
JIT reserves a large amount of memory - can possibly be reduced safely, depending on the application
Tools for measurement
- Benchmarks: JMH
- JUnit and JMH: microbenchmark-runner
- Profiling: async profiler
- GC Pressure: JMC a.k.a. Flight Controller
- Quick metrics for any Spring Boot jar: Benchmark Launcher from dsyer/spring-boot-startup
- Classpath manipulation: Thin Launcher
- Profiling with AspectJ
Comparision of various classpath and packaging choices
Switched to newer Spring version
Removed (to illustrate startup time difference)
- hibernate-validator
- spring-boot-starter-actuator
- spring-boot-starter-json
- spring-boot-starter-logging JVM settings
Speeding things up
- Exclude from classpath if you don’t need it
- Use spring-context-indexer
- Don’t use actuators if you can afford not to
- User Spring 2.1 (or 2.2) and Spring 5.1
- Use explicit spring.config.location
- Switch off jmx
- Use lazy beans
@EnableJpaRepositories(bootstrapMode=BootstrapMode.LAZY) spring.data.jpa.repositories.bootstrap-mode=lazy - Unpack jars rather than using a fat jar
- THESE ARE BIG: Run the JVM -noverify. Also consider -XX:TieredStopAtLevel=1
No need to verify - it will just crash, which it would do anyway - Import autoconfugurations individually
- Use functional bean definition
- Build a native image
- Spring-fu
Little difference between Tomcat, Jetty and Undertow
Number of classes directly affects startup time
JVM Tweaks
- Open J9: CDS -Xquickstart -Xshareclasses -Xscmx128m
- Java 10/11: CDS, AOT - Ahead Of Time compilation (GraalVM)
- Explicit classpath
Use manual configuration (see his blog post)
The future
Thinking Architecturally - Nate Schutta
Talked about adopting new technologies, when it makes sense and when it doesn’t
Rebuilding your entire production infrastructure regularly (hourly?) is a good way to mitigate against hacking
Your Attention, Please: Better Observability for Distributed Systems - John Feminella
John gave many examples illustrating the limits of visual perception. My favorite was this one where we are not able to see all 12 dots at once due to the low contrast.
Another good one was these series of graphs that all have the same 5 statistical values.
The thrust of the talk was to only send alerts on the metrics that require attention, not just because the values are higher than normal.
- Favor metrics that tell a story
- Attention is the scarcest resource
- Always more that could be measured, but not enough attention
Living on the Edge With Spring Cloud Gateway - Cora Iberkleid
Had to leave before this talk
Vendors
Fuse
Perficient
Dynatrace - APM, added AI and self-healing
Solstice - Designers, Product Managers, Engineers
Nexmo - Communications service
Training
I learned from Matt Helmers about some in-depth training called Pivotal PAL
- Takes place in Boulder, CO
- 3 weeks in depth, hands-on training
Subscribe via RSS