Skip navigation
2016

bart.jpgI wanted to start the weekly editorial out this week around "open" vs "open source".  Nicholas Gerasimatos, Cloud Evangelist, wrote an article The difference between ‘open’ and ‘open source’Open referring to an Open API that is freely available but closed source and proprietary. As Nicholas indicates, “open” alone may not be enough to give you the interoperability and flexibility that an organization is seeking.  Open Source could be the better option for the organization as it adheres to open standards, the source code is freely available and the solution can be modified  without violating a license.  The JBoss Community and the projects provide the source code for the ability to easily make modifications required to meet an organizations business needs.

 

This is a good segway into a decision on the Google vs Oracle Copyright suit.  Google won a jury verdict that kills Oracle Corp.’s claim to a $9 billion slice of the search giant’s Android phone business and may give comfort to programmers who write applications that run across different platforms without a license.  Schmidt told jurors that, based on his “many years of experience” with Java, he believed Google was permitted to use the APIs without a negotiated license, as long as the company relied on its own code. Sun promoted them as “free and open,” and not sold or licensed separately from Java, he said.

 

Now on to the happenings in our open source community!


Releases

 

  • Keycloak 1.9.5.Final Released -  We've increased the default password hashing intervals to 20000. Yes, you read that right. We've actually recommended using 20000 for a while now, but the default was only 1. This is a clear trade-off between performance and how secure passwords are stored. With 1 password hashing interval it takes less than 1 ms to hash a password, while with 20000 it takes tens of ms.  For the full list of resolved issues check out JIRA and to download the release go to the Keycloak homepage.
  • Teiid 9.0 CR1 Released - Teiid 9.0 CR1 is now available.  This is a very large release compared to most with 238 issues addressed so far.
  • Wildfly Swarm 1.0.0 CR1 - CLI Support, Enhanced standalone.xml support, SwarmTool, Resource Adapter archives, JPA fraction with PostgreSQL, Examples with WildFly Camel, Datasource configuration settable by properties
  • Hibernate Search version 5.6.0.Beta1 - The Elasticsearch integration made significant progress with over 60 task resolved.

 

Open Source Champions


 

Red Hat Cloud Suite

 

red-hat-cloud-suite-infographic-v2-1050x562.gifhttps://allthingsopen.com/2016/04/20/red-hat-cloud-suite-modernizing-development-and-operations/

Eric Schabell, Red Hat Evangelist, shared a article and video on the Red Hat Cloud Suite.  The original article authored by James Labocki, Red Hat Product Marketing Manager, the original article can be found at AllThingsOpen.com.  With the release of the Red Hat Cloud Suite there are a few interesting use cases that we wanted to present that showcase solutions using this product.  The article and video walks you through one of these use cases.The application showcased is a microservices application that leverages JBoss middleware technologies on top of the Red Hat Cloud Suite infrastructure.


Red Hat Cloud Suite is an integrated solution for developing container based applications on massively scalable infrastructure with all the management required to operate both. With OpenShift Enterprise, organizations can build microservices based applications allowing for greater change velocity. Also, they can reduce friction between development and operations by using a continuous integration and deployment pipeline for release. Red Hat OpenStack Platform allows organizations to deliver massively scalable public-cloud like infrastructure based on OpenStack to support container based applications. Finally, Red Hat CloudForms provides seamless management of OpenShift and OpenStack along with other major virtualization, private, and public cloud infrastructures. Best of all, these are all built from leading open source communities without a line of proprietary code – ensuring access to the greatest amount of innovation. It also comes with access to Red Hat’s proactive operations offering, Red Hat Insights allowing you to compare your environment with the wisdom of thousands of solved problems and millions of support cases.

 

Microservices


  • Christian Posta, Principal Middleware Architect, shared two articles with us this week:
    • Why Microservices should be event driven: Autonomy vs Authority - I’ve been working on a series of articles showing how to build microservices using an event-driven approach (which IMHO is the only real way to build microservices or… any complex distributed architecture). I’ll explore DDD, CQRS, Event-sourcing, even streaming, complex-event processing and more. I’m using a reference monolith applicationbased on Java EE that uses all the typical Java EE technology and dives deep into what makes it tick, what drawbacks it has, and how to evolve it to a microservices architecture. I’ll show implementation details all the way from containers (Docker, Kubernetes) to the JVM layer (Spring Boot and WildFly Swarm) to the application architecture (events, commands, streaming, raw events, aggregates, aggregate roots, transactions, CQRS, etc). Hopefully it will be ready for my Red Hat Summit talk in San Francisco in June! Follow me on twitter @christianposta for updates on this project.
    • 3 easy things to make your microservices more resilient - One of the advantages of building distributed systems as microservices is the ability of the system as a whole to withstand faults and unexpected failures of components, networks, compute resources, etc. These systems are resilient even in the face of faults. The idea behind this resiliency seems simple: if our monolith fails, everything for which it’s responsible fails along with it; so let’s break things into smaller chunks so we can withstand individual pieces of our app failing without affecting the entire system.
  • Gary Brown shared with us the Monitoring Microservices for Application Performance, Distributed Tracing and Business Transactions - Although distributed systems and the concept of services have been around for a long time, the current trend towards microservices has added some new dimensions to the management problem.  The architectural approach leads to business applications comprised of a larger number of simple interacting services, each focused on specific business capabilities, and being responsible for their own data management. This has the benefit of allowing each service to be independently deployable, generally using automated continuous delivery. When used in a cloud environment, it facilitates dynamic scaling of individual services as required, and enables parts of the business application to be upgraded independently with minimal impact, allowing faster turnaround for fixing bugs and adding new features.  The downside of this dynamic, scalable and flexible architecture is being able to understand how your business application is operating, and when necessary tracing the execution path of a particular invocation through the multitude of services potentially geographically distributed.

 

Fuse

 

Paolo Antinori shared with us Dynamic Blueprint Files with JEXL -  In this post I’ll show how to add a little bit of inline scripting in your Apache Aries Blueprint xml files. I wouldn’t call it necessarely a best practice, but I have always had the idea that this capability might be usueful; probably I started wanting this when I was forced to use xml to simulate imperative programming structures like when using Apache Ant.

 

 

Thanks for being a part of the JBoss Community and stay tuned for the next Weekly Editorial! 


shadowsoft-logo.png

Kenneth Peeples, Shadow-Soft Director of Technical Services

kpeeples@shadow-soft.com

@ossmentor

www.shadow-soft.com


Welcome back everyone to another week at JBoss! As always some amazing work has happened this past week. We have a couple of blog and video updates, releases and upcoming conferences!

Releases

Our talented engineers have busily been turning caffeine into software with the end results being five new releases!

  • Forge 3.2.0 - This release features command inheritance, a Roaster upgrade and support for custom JPA @Id and @Version names
  • Hibernate OGM 5.0.0.Final - You can now use Redis (tech Preview), MongoDB Driver 3, Cassandra 2.2 new data types, Infinispan 8 and @PostLoad events are now supported. Great work team!
  • Byteman 3.0.6 - This release will be a stepping stone for 3.0.7 useful for those running Hawklar BTM.
  • Infinispan 9.0.0.Alpha2 (and 8.2.2.Final) - Not to be out done, the Infinispan team cranked out two releases this week! 8.2.2.Final fixes 57 issues. The new Alpha release of 9.0.0 fixes 138 issues and includes support for JDBC cache stores using upsert (a long awaited for issue), SNI support for HotRod, and Lucene query caching, as well as others.
A very well deserved congratulations to everyone working hard at shipping these bits!

 

Events

 

The Hibernate group is participating in a Q&A event in London on May 24th. See Meetup for more information. June 16-18 is JBCNConf in Barcelona! Drools and jBPM will be there showcasing Drools with a hands on session and jBPM in a "Knowledge Driven Microservices" presentation. Of course Red Hat Summit and DevNation are getting closer and you can expect to see more news about these as the events draw closer.

 

Blogs

 

To finish us out this week Eric Schabell and Christina Lin have been hard at work completing more in their blog series about Fuse, OpenShift and Red Hat Cloud Suite! Read up on these series below:

 

Welcome to another edition of the JBoss Weekly Editorial where we bring you up to speed with all that has been happening across the JBoss Communities.

 

Is Oauth2 secure enough ?

 

This week, we have debated a lot around Oauth2 after the publication of this post "Introducing TAuth: Why OAuth 2.0 is bad for banking APIs and how we're fixing it". This article suggests that OAuth2 is broken because client authentication is not strong enough. But as mentioned by Stian Thorgersen, there is nothing which prevent to authenticate the client using just an id and secret but any http based authentication mechanism (Basic, Digest) is permitted. Moreover, it is important when the architect designs the solution that he/she reviews the different possibilities offered to reenforce the security of the platform like mutual TLS, Token Expiration, Token introspection to intercept and revoke the client if required. Oauth2 like TLS and SSL are sometimes complex to use or to position correctly within a project and this is the reason why we are working hard to develop the project Keycloak in order to simplify the management of such SSO Architecture !

 

Evangelist's Corner


- Healthcare Demo by Christina Lin using Camel, HLT Dataformat & Mciroservices technology

- When JRubyFx meets Hawkular and help to design the GUI by Heiko Rupp

- Setup a Vacation Request Process using jBPM by Eric Schabell



Conferences, Events


Don't miss these incoming events where our fabulous coders will talk about :


- Infinispan at GeeCon 2016

- Camel, Microservices, Fabric8, Security, Apiman, Vert.x at JBCNConf 2016

- OpenShift, Mobile, Push Notification, HTTP/2, CDI at RivieraJUG 2016

 

Releases, release, releases ....

 

 

I hope this week's editorial has provided you with something of interest, please join us again next week when we will bring you more news from JBoss and the JBoss Communities.

Welcome another edition of the JBoss Weekly Editorial.  We begin this month's series of Editorials with a request for help from our friends behind the Red Hat Developers site.  Red Hat Developers are working to create a new developer community and need your help in order to shape it, they will be running monthly surveys to learn about the topics that interest you in order to help deliver content that you will find interesting and worth reading.  These surveys will not take very long to complete, usually taking up about a minute or so of your time, so please help to shape this community by providing feedback.  You can head over to this month's survey to begin or, if you are feeling more adventurous, you may even decide to join the many community members who are already contributing to the site.

 

Running JBoss HR Employee Rewards project in the Cloud

 

In his App Dev Cloud Stack series Eric Schabell has been making a strong case for why application developers shouldn't be ignoring their stack.  He has discussed the various layers that are involved, also including the use of the Container Development Kit and some example applications.  In this week's post Eric takes this a step further by walking us through a more complicated example of an application running within the Cloud, in this case an HR employee rewards example based on JBoss BPM.

 

Camel in Action 2 - Work in Progress

 

It has been over a year since Claus and Jonathan began writing an update to the popular Camel in Action book and while they have made significant progress over the year there is still a lot of work that remains to be done.  The current effort has already exceeded the page count of the original book however Claus and Jonathan have much more to give, extending the topics in the book to cover many new areas that are now included within the camel ecosystem.  If you are interested in Camel then consider signing up for the Early Access Program, any feedback you can provide will go a long way to help in the development of the book.

 

JBoss Out and About

 

Kris Verlaenen recently attended bpmNext 2016, a conference that focusses on Business Process Management software such as jBPM.  Kris has already written a series of posts discussing the presentations and demos that were given during the conference, he now concludes this series with some impressions that he was left with after all was finished.

 

Heiko Rupp will soon be attending ManageIQ Design Summit 2016 to give a presentation discussing the current status of Red Hat Middleware monitoring with RHQ and Hawkular, an update on the efforts underway to integrate with ManageIQ and more information about the direction in which the integration efforts are heading.

 

New Releases

 

 

That's all the news we have for you this week.  Please consider helping our friends over at the Red Hat Developers site and remember to join us next week when we will bring you more news from around our Communities.