This is the material for Tampere workshop on 14th May 2018.
How to combine modern technologies such as Java 10, Spring Boot 2, Docker, to create more lightweight and modern microservices - or any services you like.
Presentation Abstract:
Are your applications running on Java 8? Thinking about switching your application to run on Java 11 and wondering about where to start? Come to this session to learn about the most impactful changes that went into Java 11 and what you will need to do to move your application to run on Java 11. Topics will include the removal of APIs (such as Java EE packages) and behavior changes resulting from moving an application from running on Java 8 to running on Java 11. We will also go over tools to use that will help you identify potential issues within your application and how to resolve them.
Video of the presentation: http://www.youtube.com/watch?v=8z3h4Uv9YbE
At LinkedIn, we have started to use the Play Framework to build front-end and back-end services at massive scale. Play does things a little differently: it's a Java and Scala web framework, but it doesn't follow the servlet spec; it's fairly new, but it runs on top of robust technologies like Akka and Netty; it uses a thread pool, but it's built for non-blocking I/O and reactive programming; most importantly, it's high performance, but also high productivity. We've found that the Play Framework is one of the few frameworks that is able to maintain the delicate balance of performance, reliability, and developer productivity. In the Java and Scala world, nothing even comes close. In this talk, I'll share what we've learned so far, including details of rapid iteration with Java and Scala, the story behind async I/O on the JVM, support for real time web apps (comet, WebSockets), and integrating Play into a large existing codebase.
DNUG Webcast: IBM Notes V10 Performance BoostChristoph Adler
IBM Notes Clients mit einer gewissen Portion Performance zu versehen, muss nicht komliziert sein. Diese Session ist bereits für IBM Notes V10 Beta-2 aktualisiert. Komm in den Webcast und finde heraus, welche Stellschrauben, wie weit und in welche Richtung gedreht werden müssen, um IBM Notes maximal optimiert und mit höchster Stabilität nutzen zu können.
Hier werden auch Themen wie z.B. veraltete ODS, Netzwerk-Latenzen und Applikationsperformance behandelt und besprochen, wie man diese messen und beheben kann. Lerne Möglichkeiten das (Start-)Verhalten von IBM Notes Clients zu Analysieren und Best Practices bzgl. „Arbeitsumgebungs- und Verbindungsdokumenten“ anzuwenden und warum die catalog.nsf so wichtig ist.
Verbessere deine IBM Notes Client-Infrastruktur und mache deine Benutzer glücklich, indem du eine bessere Experience (schnellere und stabilere Clients) anbietest. Als Bonus wird Christoph Adler zeigen, wie man den Notes Client Start in virtualisierten Umgebungen (Citrix VMWare) um bis zu 75% beschleunigen kann.
Presentation Abstract:
Are your applications running on Java 8? Thinking about switching your application to run on Java 11 and wondering about where to start? Come to this session to learn about the most impactful changes that went into Java 11 and what you will need to do to move your application to run on Java 11. Topics will include the removal of APIs (such as Java EE packages) and behavior changes resulting from moving an application from running on Java 8 to running on Java 11. We will also go over tools to use that will help you identify potential issues within your application and how to resolve them.
Video of the presentation: http://www.youtube.com/watch?v=8z3h4Uv9YbE
At LinkedIn, we have started to use the Play Framework to build front-end and back-end services at massive scale. Play does things a little differently: it's a Java and Scala web framework, but it doesn't follow the servlet spec; it's fairly new, but it runs on top of robust technologies like Akka and Netty; it uses a thread pool, but it's built for non-blocking I/O and reactive programming; most importantly, it's high performance, but also high productivity. We've found that the Play Framework is one of the few frameworks that is able to maintain the delicate balance of performance, reliability, and developer productivity. In the Java and Scala world, nothing even comes close. In this talk, I'll share what we've learned so far, including details of rapid iteration with Java and Scala, the story behind async I/O on the JVM, support for real time web apps (comet, WebSockets), and integrating Play into a large existing codebase.
DNUG Webcast: IBM Notes V10 Performance BoostChristoph Adler
IBM Notes Clients mit einer gewissen Portion Performance zu versehen, muss nicht komliziert sein. Diese Session ist bereits für IBM Notes V10 Beta-2 aktualisiert. Komm in den Webcast und finde heraus, welche Stellschrauben, wie weit und in welche Richtung gedreht werden müssen, um IBM Notes maximal optimiert und mit höchster Stabilität nutzen zu können.
Hier werden auch Themen wie z.B. veraltete ODS, Netzwerk-Latenzen und Applikationsperformance behandelt und besprochen, wie man diese messen und beheben kann. Lerne Möglichkeiten das (Start-)Verhalten von IBM Notes Clients zu Analysieren und Best Practices bzgl. „Arbeitsumgebungs- und Verbindungsdokumenten“ anzuwenden und warum die catalog.nsf so wichtig ist.
Verbessere deine IBM Notes Client-Infrastruktur und mache deine Benutzer glücklich, indem du eine bessere Experience (schnellere und stabilere Clients) anbietest. Als Bonus wird Christoph Adler zeigen, wie man den Notes Client Start in virtualisierten Umgebungen (Citrix VMWare) um bis zu 75% beschleunigen kann.
My goals have been:
- focusing on several project areas, where you can use jruby successfully
- share the experience that I made using ruby in the last years
- proove that things can be done easier as they are done in typical java projects
Java 9 ships in July, are you ready for Java 9 modules? Java 9 modules (aka Project Jigsaw) is the biggest fundamental change to the Java runtime. Code that use Oracle/Sun private APIs will break. This session will cover the basics of Java 9 modules and also the current state of tooling. The ramifications to existing and legacy applications will be covered along with the steps you’ll need to take to harness the power of modules and write more maintainable systems.
Как мы взломали распределенные системы конфигурационного управленияPositive Hack Days
В лекции речь пойдет о том, как команда исследователей обнаружила и эксплуатировала уязвимости различных систем конфигурационного управления в ходе пентестов. Авторы представят различные инструменты распределенного управления конфигурациями, например Apache ZooKeeper, HashiCorp Consul и Serf, CoreOS Etcd; расскажут о способах создания отпечатков этих систем, а также о том, как использовать в своих целях типичные ошибки в конфигурации для увеличения площади атак.
Java Threads Tutorial | Multithreading In Java Tutorial | Java Tutorial For B...Edureka!
(**** Java Certification Training: https://www.edureka.co/java-j2ee-soa-training ****)
This Edureka tutorial on “Java Threads” will talk about one of the core concepts of Java i.e Java Threads. It will give you a complete insight into how to create, work and synchronize with multiple threads. Through this tutorial you will learn the following topics:
What is a Java Thread?
Thread Lifecycle
Creating a Thread
Main Thread
Multi-Threading
Thread Pool
Check out our Java Tutorial blog series: https://goo.gl/osrGrS
Check out our complete Youtube playlist here: https://goo.gl/gMFLx3
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Still running on Java 8? Tempted by new versions of Java, but afraid too? This material contains some information on what to expect, and what kind of lessons were learned taking multitude of Java 8 projects to Java 9, 10, and 11.
"Container technologies such as Docker are rapidly becoming the de-facto way to deploy cloud applications, and Java is committed to being a good container citizen. This session will explain how OpenJDK fits into the world of containers, specifically how it fits with Docker images and containers.
The session will focus on the production of optimized Docker images containing a JDK. We will introduce technologies such as jlink, that can be used to reduce the size of the created image. The session will explain Alpine/musl support for an effective image and runtime. The session will also talk about and the inclusion of Class Data Sharing (CDS) archives and Ahead of Time (AOT) shared object libraries for improving startup time.
The attendees will learn about the recent work that has gone into OpenJDK for interacting with container resource limitations."
My goals have been:
- focusing on several project areas, where you can use jruby successfully
- share the experience that I made using ruby in the last years
- proove that things can be done easier as they are done in typical java projects
Java 9 ships in July, are you ready for Java 9 modules? Java 9 modules (aka Project Jigsaw) is the biggest fundamental change to the Java runtime. Code that use Oracle/Sun private APIs will break. This session will cover the basics of Java 9 modules and also the current state of tooling. The ramifications to existing and legacy applications will be covered along with the steps you’ll need to take to harness the power of modules and write more maintainable systems.
Как мы взломали распределенные системы конфигурационного управленияPositive Hack Days
В лекции речь пойдет о том, как команда исследователей обнаружила и эксплуатировала уязвимости различных систем конфигурационного управления в ходе пентестов. Авторы представят различные инструменты распределенного управления конфигурациями, например Apache ZooKeeper, HashiCorp Consul и Serf, CoreOS Etcd; расскажут о способах создания отпечатков этих систем, а также о том, как использовать в своих целях типичные ошибки в конфигурации для увеличения площади атак.
Java Threads Tutorial | Multithreading In Java Tutorial | Java Tutorial For B...Edureka!
(**** Java Certification Training: https://www.edureka.co/java-j2ee-soa-training ****)
This Edureka tutorial on “Java Threads” will talk about one of the core concepts of Java i.e Java Threads. It will give you a complete insight into how to create, work and synchronize with multiple threads. Through this tutorial you will learn the following topics:
What is a Java Thread?
Thread Lifecycle
Creating a Thread
Main Thread
Multi-Threading
Thread Pool
Check out our Java Tutorial blog series: https://goo.gl/osrGrS
Check out our complete Youtube playlist here: https://goo.gl/gMFLx3
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Still running on Java 8? Tempted by new versions of Java, but afraid too? This material contains some information on what to expect, and what kind of lessons were learned taking multitude of Java 8 projects to Java 9, 10, and 11.
"Container technologies such as Docker are rapidly becoming the de-facto way to deploy cloud applications, and Java is committed to being a good container citizen. This session will explain how OpenJDK fits into the world of containers, specifically how it fits with Docker images and containers.
The session will focus on the production of optimized Docker images containing a JDK. We will introduce technologies such as jlink, that can be used to reduce the size of the created image. The session will explain Alpine/musl support for an effective image and runtime. The session will also talk about and the inclusion of Class Data Sharing (CDS) archives and Ahead of Time (AOT) shared object libraries for improving startup time.
The attendees will learn about the recent work that has gone into OpenJDK for interacting with container resource limitations."
Modules in Java? Finally! (OpenJDK 9 Jigsaw, JSR376)Mihail Stoynov
This talk is for a very important new feature in Java SE 9. Code named Jigsaw, this feature modularizes the Java SE platform.
The coolest thing we do here is to create a custom JRE
Code: https://bitbucket.org/stybz/jigsaw.sty/
PPT: https://www.slideshare.net/mihailstoynov/modules-in-java-finally-openjdk-jigsaw
Video: https://www.youtube.com/watch?v=W5LeNPtPrqw
Apache Maven supports all Java (JokerConf 2018)Robert Scholte
With the release train we can expect a new version of Java every 6 months. This means that tools like Maven should try to keep with this pace. Especially Java 9 came with some new features, and Maven managed to support these features. Maven found an elegant solution to work with modulepaths and classpaths without any need for developers to specify which jars belongs where.
This session will highlight the most important features developers should know to work with Java 9 and 10, combined with some practical tips and warnings.
The Diabolical Developer's Guide to Surviving Java 9jClarity
The Diabolical Developer presents a pragmatic guide on running and compiling your application on Java 9. There are a lot of new resrtictions due to the Java 9 modular runtime, so make sure you read through carefully before your migration!
Java in 2019 was predicted to be business as usual by many. We have seen new Java releases coming out as planned, AdoptOpenJDK became the main trustful source of binaries and Oracle fighting for the trademark again by preventing the use of javax as namespace. Everything looks like it would be a silent year for Java. But one thing seems obvious. Java's popularity is not gaining any more traction. New language features keep it up to date but people are getting more selective when it comes to implementation choices. Especially in the age of containers and cloud infrastructures. This talk walks you through the why and how of Java in containers. We will talk about image size and development and deployment processes.
Covers the common issues seen when migrating from Java 8 to Java 9. This deck shows simplified examples of the issues and code snippets of how to address them.
A presentation + links on how programming languages like Java and Python play together with Mindwave EEG controller. How you can record and analyze your brainwaves, and control your surroundings with them.
Automate Everything! (No stress development/Tallinn)Arto Santala
Brief story about how to bring much happiness to live using modern technologies and some good engineering principles. To learn more, aim yourself to http://dev.solita.fi/ - or just decide to improve a bit today.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
2. Who am I?
• Arto Santala
• Work as software architect in Solita, producing tailored
solutions to accelerate customer business
• More than 20 years of experience making customers
dreams come true with application of proper technologies
and methodologies
• Guilty of writing a lot of horrible code in the 90’s that
should be burned with fire. Always aiming to improve.
• Passionate about agile and automation. Trying to make
every moment worthy of living.
3. Java 8 as platform
• Java 8 is product of more than 20 years of development. Every
release, more and more have been added, nothing has never
been removed
• Today Java 8 is a heavy platform with a lot of libraries that you
will never need
• Midi instruments, 1995 version of java.util.Date, Corba IIOP, applets,
AWT, …
• Heavier images, larger memory footprint, more attack area for
vulnerabilities
6. Java 10 as platform
• Not such a revolution, just a bit of evolution
• Hard transition from Java 8 to Java 9
• Easy transition from Java 9 to 10 and 11
• GA is out there now – but do note the short support lifetime for both Java 9 and 10
var item1 = ”HELLO”;
var list1 = List.of(item1,”WORLD”);
7. Java 10 + Spring Boot Helloworld
Still fat, but getting better!
Pssst, minimal Java 10 + Apache Spark web services
9. JLINK
jlink --module-path $JAVA_HOME/jmods --verbose --add-modules
java.base,java.logging,java.xml,jdk.unsupported,java.sql,java.naming,java.desktop,java.man
agement,java.security.jgss,java.instrument --compress 2 --no-header-files --output jdk-9-
minimal-osx --no-man-pages
Jlink is a new tool that allows to link modules and even JRE together as a platform specific
executable.
For example, you can generate a custom JRE with just the modules you need to run Spring
Boot, like this:
Much less attack surface, less to update, less disk use, less memory use, faster startup, etc
13. Spring Boot 2
• Spring Boot 1.x is not going to support Java 9 or above, ever
• Spring Boot 2 is out there, with support to Java 9 (and to some extent also
10)
• Easiest to get started with Spring Initializr at https://start.spring.io/
14. Quick (stupid) test
@RestController
public class HelloController {
@RequestMapping(method = RequestMethod.GET)
public Map getGreeting() {
var now = Instant.now();
return Map.of("message", String.format("It's %s", now));
}
}
15. Typical pitfalls with Java 9/10
• package javax.xml.bind.annotation.adapters is not visible
• More and more core modules are missing from core of core, so you need to either add them via
command line switches, or declare module dependencies – or just as dependencies
• --add-modules java.xml.bind
• Illegal reflective access by org.springframework.cglib.core.ReflectUtils
• Java 9/10 is starting to be more precise on accessing non-public APIs, so primarily you should find
libraries that are not accessing internal APIs
• Ironically, with Spring you can make this warning go away by setting –illegal-access=deny
• In some cases. as short-term solution you can also play with --add-
exports $module/$package=$readingmodule and --add-opens $module/$package=$readingmodule to
open up types and members for deep reflection of also private internals
• So mostly, just make sure dependencies and modules are declared properly, and find libraries
that play nicely with Java 9/10/11 and do not leverage the deprecated internals
• In future, more and more modules and packages will go out of core, so get used to this
16. Typical pitfalls with Java 9/10
• IllegalArgumentException at testCompilation/test phase
• Maven compiler/surefire might be using older version of ASM, which can be fixed like this:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.7.0</version>
<configuration>
<release>10</release>
</configuration>
<dependencies>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm</artifactId>
<version>6.1.1</version> <!-- Use newer version of ASM -->
</dependency>
</dependencies>
</plugin>
17. Other non-default (EE) modules
• java.activation with javax.activation package
• java.corba with javax.activity, javax.rmi, javax.rmi.CORBA, andorg.omg.* packages
• java.transaction with javax.transaction package
• java.xml.bind with all javax.xml.bind.* packages
• java.xml.ws with javax.jws, javax.jws.soap, javax.xml.soap, and alljavax.xml.ws.* packages
• java.xml.ws.annotation with javax.annotation package
• Java 11 will remove all these, so it will not be enough to just --add-modules forever, you
need to find the actual libraries and declare as real, external dependencies
18. XML modules will go out from core
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-core</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>com.sun.xml.bind</groupId>
<artifactId>jaxb-impl</artifactId>
<version>2.3.0</version>
</dependency>
19. Evaluating old code
• java --list-modules
• jdeps --jdk-internals -R --class-path 'libs/*' $project
• --illegal-access=$value option, where $value can be:
• permit: Access to all JDK-internal APIs is permitted to code on the class path. For reflective access,
a single warning is issued for the first access to each package. (Default is Java 9, but will be
removed in a future release.)
• warn: Behaves like permit but a warning is issued for each reflective access.
• debug: Behaves like warn but a stack trace is included in each warning.
• deny: The option for those who believe in strong encapsulation:
• All illegal access is forbidden by default.
• jar –file=mylib.jar --describe-modules
• To figure out automatic module name for the .jar
20. Typical pitfalls with Spring Boot 2
• Security module has changed a lot: Now you only get what you declare, unlike previously
when there were a lot of defaults
• Spring Data APIs have changed a lot: Now there’s a lot more of Optional use for return
values, and more descriptive names for methods
• Later version of Flyway, not checksum compatible with old version possibly
• References to old versions of Spring modules, or third party modules that depend on 1.x
versions
21. Docker
• Docker is a lovely way to start experimenting with Java 9/10 without installing it on your
own machine
• docker run -it solita/jdk10
• You can map folders to Docker so you can access files in them, such as .jar files, libraries,
etc – you can also expose ports where services run to host machines
• docker run -it -p 8080:8080 -v `pwd`:/root solita/jdk10
• This is just an example, you can take a look and create your own docker images
• How about two-phased Docker image, one step will build the modular JRE, second will
package your .jar with it?
22. Two-phase dockerfile example
FROM solita/jdk10 as packager
# First stage: JDK 10 with modules required for Spring Boot
RUN /opt/jdk-10/bin/jlink
--module-path /opt/jdk-10/jmods
--verbose
--add-modules
java.base,java.logging,java.xml,jdk.unsupported,java.sql,java.naming,java.desktop,java.management,java.secu
rity.jgss,java.instrument
--compress 2
--no-header-files
--output /opt/jdk-10-minimal
# Second stage, add only our custom jdk9 distro and our app
FROM solita/jdk10
COPY --from=packager /opt/jdk-10-minimal /opt/jdk-10-minimal
COPY target/*.jar /opt/
ENV JAVA_HOME=/opt/jdk-10-minimal
ENV PATH="$PATH:$JAVA_HOME/bin"
EXPOSE 8080
CMD java -jar /opt/*.jar
26. Hackathexerciseon
• Let’s try to build something with all this
• Idea: API for registering thumbs up/thumbs down signals for presentation
• Presentations have a name, and we register thumbs-up/thumbs-down entries for them
• Let’s assume presentations have shorter code that can be used to refer to it.
• Anyone can give as many entries as they like, not limited in this exercise
• API should also let us know total number of thumbs-up/thumbs-down for a presentation, and could
let us know most highly/lowly rated presentations
• Extra exercise:
• Simple UI for pressing thumbs-up/thumbs-down for a presentation
• Another UI for showing outcomes
• Websockets, real-time tracking of +/-
• CI pipeline, AWS Fargate/EKS deployment, self-healing capabilities, go crazy
27. Hackathexerciseon
• So, form small groups, experiment with either larger challenge or some
substeps
• Pull JDK10 docker image, or install JDK 10 locally, try jshell, jlink, syntax
• Create Spring Boot 2.0 initializr project, compile and run with JDK 10
• Create some API and Services, to push it further. Include db?
• Minimize the JDK 10 environment, see if it still runs. How are the resources doing? Can
you measure them? Can you compare them?
• Ask questions, try things, break things