SlideShare a Scribd company logo

QCon 2017 - Java/JVM com Docker em produção: lições das trincheiras

Leonardo Zanivan
Leonardo Zanivan

This document discusses best practices for running Java applications in Docker containers in production environments. It covers common problems like out of memory errors and slow performance due to the JVM not being aware of Linux cgroups. Specific issues addressed include setting appropriate JVM memory and CPU limits based on the container restrictions, using named volumes for disk I/O, and configuring garbage collection and thread pools. It also provides an overview of tooling like Maven/Gradle plugins for building Docker images and schedulers like Docker Swarm and Kubernetes for container orchestration.

Technology
1 of 24
Download to read offline
Java/JVM com Docker em produção: lições das trincheiras Leonardo Zanivan panga@apache.org
Why Docker Container? Review:
Why Docker Container? ● Environments (dev, test, UAT, prod) ● Productivity (onboarding, develop, test) ● Single Responsibility Principle ● DevOps or Dev + Ops ● Economies of $cale
Use Cases ● Pokemon GO (1000+ nodes) ● "X" Messaging (1000+ containers) ● Uber Docker Host (~300 containers)
JVM + Containers (docker, rkt, runC) ● Memory ● CPU ● Disk I/O ● Network
JVM Memory on Container ● Common problems: ○ OOM Killer ○ OutOfMemory error ○ High memory usage
JVM Memory on Container Cause #1: Java Max Heap Size not defined (-Xmx) ● JVM default MaxHeapSize = Total host memory / 4 ● JVM isn't aware of cgroups! (JDK 9 has an experimental flag) Example: total host memory = 32GB max container memory = 1GB default heap size = 8GB
JVM Memory on Container Cause #2: Container Memory < Java Memory (Heap+Stack) ● Java max heap isn't the max amount of memory used ● Use a 0.7 factor of Java Max Heap to Container Example: max container memory = 1GB wrong max heap size = 1GB ok max heap size = 700MB
JVM Memory on Container Cause #3: No SWAP partition ● Your local machine has SWAP, but production not! ● Default container SWAP limit on Docker is 2*memory Example: max container memory = 1GB max container swap = 2GB max jvm heap size = 2GB
JVM Memory on Container Cause #4: Default Garbage Collector ● Always specify a Garbage Collector (JDK < 9) ● Default GC doesn't scale, is slow and consume more RAM Solution: CMS = -XX:+UseConcMarkSweepGC G1 = -XX:+UseG1GC
JVM CPU on Container ● Problem: Slow GC performance, bad lambda parallelism ● Cause: JVM isn't aware of cgroups! Example: total host cores = 8 max container cores = 1 max jvm cores = 8
JVM CPU on Container ● Solution: Set appropriate JVM properties -XX:ParallelGCThreads=<max_container_cores> -XX:ConcGCThreads=... -Djava.util.concurrent.ForkJoinPool.common.parallelism=...
JVM Disk I/O on Container ● Problem: Slow WRITE performance ● Cause: Container is using graph driver ● Solution: Create a named volume or mount from host docker volume create mysql-data docker run -v mysql-data:/var/lib/mysql
JVM Disk I/O on Container ● Problem: Slow SecureRandom entropy calculation ● Cause: Container doesn't have enough events ● Solution: Set security JVM property to async -Djava.security.egd=file:/dev/urandom
JVM Network on Container ● Problem: Bad DNS resolution on Alpine based images ● Cause: Alpine images doesn't use glibc ● Solution: Don't use Alpine images when using DNS reverse lookups or Domain Search Example: docker run --dns-search=service.consul $ ping myservice $ ping: cannot resolve myservice: Unknown host
IDE support for Docker ● NetBeans (8.2+) ● IntelliJ ● Eclipse
Tooling support for Docker ● Build lifecycle ○ Maven Plugin (docker-maven-plugin) ○ Gradle (gradle-docker-plugin) ● Tests ○ JUnit (docker-compose-rule) ○ Arquillian Cube
Container Schedulers ● Docker Swarm ● Kubernetes ● Mesos/Marathon ● AWS ECS ● etc.
Introducing Swarm + docker compose v3 ● Swarm is ready to use in Docker 1.13+ ● Compose v3 support secrets & deploy options secrets: - mypassword: deploy: - replicas - resources limits - update config - placement
Demo time!
Extra Container challenges ● Multi-host Networking ● Transparent Proxy ● Service Discovery ● Monitoring & Logs
Docker Architectural View
Moby Project github.com/docker/docker => github.com/moby/moby
Questions? panga@apache.org github.com/panga/qcon2017

Recommended

Apache
ApacheApache
Apache
Karthikeyan Balasubramaniam
 
Techniques to Improve Cache Speed
Techniques to Improve Cache SpeedTechniques to Improve Cache Speed
Techniques to Improve Cache Speed
Zohaib Hassan
 
Memcache d
Memcache dMemcache d
Memcache dAbhishek Tomar
 
Kubernetes
KubernetesKubernetes
Kubernetes
Diego Pacheco
 
Achieving the ultimate performance with KVM
Achieving the ultimate performance with KVMAchieving the ultimate performance with KVM
Achieving the ultimate performance with KVM
StorPool Storage
 
Doing QoS Before Ceph Cluster QoS is available - David Byte, Alex Lau
Doing QoS Before Ceph Cluster QoS is available - David Byte, Alex LauDoing QoS Before Ceph Cluster QoS is available - David Byte, Alex Lau
Doing QoS Before Ceph Cluster QoS is available - David Byte, Alex Lau
Ceph Community
 
Ceph QoS: How to support QoS in distributed storage system - Taewoong Kim
Ceph QoS: How to support QoS in distributed storage system - Taewoong KimCeph QoS: How to support QoS in distributed storage system - Taewoong Kim
Ceph QoS: How to support QoS in distributed storage system - Taewoong Kim
Ceph Community
 
Scaling Apache Pulsar to 10 Petabytes/Day
Scaling Apache Pulsar to 10 Petabytes/DayScaling Apache Pulsar to 10 Petabytes/Day
Scaling Apache Pulsar to 10 Petabytes/Day
ScyllaDB
 

Recommended

Apache
ApacheApache
Apache
Karthikeyan Balasubramaniam
 
Techniques to Improve Cache Speed
Techniques to Improve Cache SpeedTechniques to Improve Cache Speed
Techniques to Improve Cache Speed
Zohaib Hassan
 
Memcache d
Memcache dMemcache d
Memcache dAbhishek Tomar
 
Kubernetes
KubernetesKubernetes
Kubernetes
Diego Pacheco
 
Achieving the ultimate performance with KVM
Achieving the ultimate performance with KVMAchieving the ultimate performance with KVM
Achieving the ultimate performance with KVM
StorPool Storage
 
Doing QoS Before Ceph Cluster QoS is available - David Byte, Alex Lau
Doing QoS Before Ceph Cluster QoS is available - David Byte, Alex LauDoing QoS Before Ceph Cluster QoS is available - David Byte, Alex Lau
Doing QoS Before Ceph Cluster QoS is available - David Byte, Alex Lau
Ceph Community
 
Ceph QoS: How to support QoS in distributed storage system - Taewoong Kim
Ceph QoS: How to support QoS in distributed storage system - Taewoong KimCeph QoS: How to support QoS in distributed storage system - Taewoong Kim
Ceph QoS: How to support QoS in distributed storage system - Taewoong Kim
Ceph Community
 
Scaling Apache Pulsar to 10 Petabytes/Day
Scaling Apache Pulsar to 10 Petabytes/DayScaling Apache Pulsar to 10 Petabytes/Day
Scaling Apache Pulsar to 10 Petabytes/Day
ScyllaDB
 
Globo.com & Varnish
Globo.com & VarnishGlobo.com & Varnish
Globo.com & Varnishlokama
 
Scaling WordPress
Scaling WordPressScaling WordPress
Scaling WordPressMark Jaquith
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
Fabian Reinartz
 
Elephant Roads: a tour of Postgres forks
Elephant Roads: a tour of Postgres forksElephant Roads: a tour of Postgres forks
Elephant Roads: a tour of Postgres forks
Command Prompt., Inc
 
Couchbase live 2016
Couchbase live 2016Couchbase live 2016
Couchbase live 2016
Pierre Mavro
 
Automatic Operation Bot for Ceph - You Ji
Automatic Operation Bot for Ceph - You JiAutomatic Operation Bot for Ceph - You Ji
Automatic Operation Bot for Ceph - You Ji
Ceph Community
 
T.Pollak y C.Yaconi - Prey
T.Pollak y C.Yaconi - PreyT.Pollak y C.Yaconi - Prey
T.Pollak y C.Yaconi - PreyStarTech Conference
 
OOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM appsOOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM apps
Sematext Group, Inc.
 
Cassandra Anti-Patterns
Cassandra Anti-PatternsCassandra Anti-Patterns
Cassandra Anti-Patterns
Matthew Dennis
 
Accelerating HBase with NVMe and Bucket Cache
Accelerating HBase with NVMe and Bucket CacheAccelerating HBase with NVMe and Bucket Cache
Accelerating HBase with NVMe and Bucket Cache
Nicolas Poggi
 
Eduardo Silva - monkey http-server everywhere
Eduardo Silva - monkey http-server everywhereEduardo Silva - monkey http-server everywhere
Eduardo Silva - monkey http-server everywhereStarTech Conference
 
Node.js
Node.jsNode.js
Node.jsEU Edge
 
Seastore: Next Generation Backing Store for Ceph
Seastore: Next Generation Backing Store for CephSeastore: Next Generation Backing Store for Ceph
Seastore: Next Generation Backing Store for Ceph
ScyllaDB
 
Massively Scaled High Performance Web Services with PHP
Massively Scaled High Performance Web Services with PHPMassively Scaled High Performance Web Services with PHP
Massively Scaled High Performance Web Services with PHP
Demin Yin
 
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providersPLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PROIDEA
 
OSNoise Tracer: Who Is Stealing My CPU Time?
OSNoise Tracer: Who Is Stealing My CPU Time?OSNoise Tracer: Who Is Stealing My CPU Time?
OSNoise Tracer: Who Is Stealing My CPU Time?
ScyllaDB
 
Ruby e xmpp
Ruby e xmppRuby e xmpp
Ruby e xmpp
Willian Molinari
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUG
Jorge Morales
 
Heapoff memory wtf
Heapoff memory wtfHeapoff memory wtf
Heapoff memory wtf
Olivier Lamy
 
Seastar at Linux Foundation Collaboration Summit
Seastar at Linux Foundation Collaboration SummitSeastar at Linux Foundation Collaboration Summit
Seastar at Linux Foundation Collaboration Summit
Don Marti
 
ContainerWorkloadwithSemeru.pdf
ContainerWorkloadwithSemeru.pdfContainerWorkloadwithSemeru.pdf
ContainerWorkloadwithSemeru.pdf
SumanMitra22
 
Java 어플리케이션 성능튜닝 Part1
Java 어플리케이션 성능튜닝 Part1Java 어플리케이션 성능튜닝 Part1
Java 어플리케이션 성능튜닝 Part1
상욱 송
 

More Related Content

What's hot

Globo.com & Varnish
Globo.com & VarnishGlobo.com & Varnish
Globo.com & Varnishlokama
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
Fabian Reinartz
 
Elephant Roads: a tour of Postgres forks
Elephant Roads: a tour of Postgres forksElephant Roads: a tour of Postgres forks
Elephant Roads: a tour of Postgres forks
Command Prompt., Inc
 
Couchbase live 2016
Couchbase live 2016Couchbase live 2016
Couchbase live 2016
Pierre Mavro
 
Automatic Operation Bot for Ceph - You Ji
Automatic Operation Bot for Ceph - You JiAutomatic Operation Bot for Ceph - You Ji
Automatic Operation Bot for Ceph - You Ji
Ceph Community
 
OOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM appsOOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM apps
Sematext Group, Inc.
 
Cassandra Anti-Patterns
Cassandra Anti-PatternsCassandra Anti-Patterns
Cassandra Anti-Patterns
Matthew Dennis
 
Accelerating HBase with NVMe and Bucket Cache
Accelerating HBase with NVMe and Bucket CacheAccelerating HBase with NVMe and Bucket Cache
Accelerating HBase with NVMe and Bucket Cache
Nicolas Poggi
 
Eduardo Silva - monkey http-server everywhere
Eduardo Silva - monkey http-server everywhereEduardo Silva - monkey http-server everywhere
Eduardo Silva - monkey http-server everywhereStarTech Conference
 
Seastore: Next Generation Backing Store for Ceph
Seastore: Next Generation Backing Store for CephSeastore: Next Generation Backing Store for Ceph
Seastore: Next Generation Backing Store for Ceph
ScyllaDB
 
Massively Scaled High Performance Web Services with PHP
Massively Scaled High Performance Web Services with PHPMassively Scaled High Performance Web Services with PHP
Massively Scaled High Performance Web Services with PHP
Demin Yin
 
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providersPLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PROIDEA
 
OSNoise Tracer: Who Is Stealing My CPU Time?
OSNoise Tracer: Who Is Stealing My CPU Time?OSNoise Tracer: Who Is Stealing My CPU Time?
OSNoise Tracer: Who Is Stealing My CPU Time?
ScyllaDB
 
Ruby e xmpp
Ruby e xmppRuby e xmpp
Ruby e xmpp
Willian Molinari
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUG
Jorge Morales
 
Heapoff memory wtf
Heapoff memory wtfHeapoff memory wtf
Heapoff memory wtf
Olivier Lamy
 
Seastar at Linux Foundation Collaboration Summit
Seastar at Linux Foundation Collaboration SummitSeastar at Linux Foundation Collaboration Summit
Seastar at Linux Foundation Collaboration Summit
Don Marti
 

What's hot (20)

Globo.com & Varnish
Globo.com & VarnishGlobo.com & Varnish
Globo.com & Varnish
 
Scaling WordPress
Scaling WordPressScaling WordPress
Scaling WordPress
 
Storing 16 Bytes at Scale
Storing 16 Bytes at ScaleStoring 16 Bytes at Scale
Storing 16 Bytes at Scale
 
Elephant Roads: a tour of Postgres forks
Elephant Roads: a tour of Postgres forksElephant Roads: a tour of Postgres forks
Elephant Roads: a tour of Postgres forks
 
Couchbase live 2016
Couchbase live 2016Couchbase live 2016
Couchbase live 2016
 
Automatic Operation Bot for Ceph - You Ji
Automatic Operation Bot for Ceph - You JiAutomatic Operation Bot for Ceph - You Ji
Automatic Operation Bot for Ceph - You Ji
 
T.Pollak y C.Yaconi - Prey
T.Pollak y C.Yaconi - PreyT.Pollak y C.Yaconi - Prey
T.Pollak y C.Yaconi - Prey
 
OOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM appsOOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM apps
 
Cassandra Anti-Patterns
Cassandra Anti-PatternsCassandra Anti-Patterns
Cassandra Anti-Patterns
 
Accelerating HBase with NVMe and Bucket Cache
Accelerating HBase with NVMe and Bucket CacheAccelerating HBase with NVMe and Bucket Cache
Accelerating HBase with NVMe and Bucket Cache
 
Eduardo Silva - monkey http-server everywhere
Eduardo Silva - monkey http-server everywhereEduardo Silva - monkey http-server everywhere
Eduardo Silva - monkey http-server everywhere
 
Node.js
Node.jsNode.js
Node.js
 
Seastore: Next Generation Backing Store for Ceph
Seastore: Next Generation Backing Store for CephSeastore: Next Generation Backing Store for Ceph
Seastore: Next Generation Backing Store for Ceph
 
Massively Scaled High Performance Web Services with PHP
Massively Scaled High Performance Web Services with PHPMassively Scaled High Performance Web Services with PHP
Massively Scaled High Performance Web Services with PHP
 
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providersPLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
 
OSNoise Tracer: Who Is Stealing My CPU Time?
OSNoise Tracer: Who Is Stealing My CPU Time?OSNoise Tracer: Who Is Stealing My CPU Time?
OSNoise Tracer: Who Is Stealing My CPU Time?
 
Ruby e xmpp
Ruby e xmppRuby e xmpp
Ruby e xmpp
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUG
 
Heapoff memory wtf
Heapoff memory wtfHeapoff memory wtf
Heapoff memory wtf
 
Seastar at Linux Foundation Collaboration Summit
Seastar at Linux Foundation Collaboration SummitSeastar at Linux Foundation Collaboration Summit
Seastar at Linux Foundation Collaboration Summit
 

Similar to QCon 2017 - Java/JVM com Docker em produção: lições das trincheiras

ContainerWorkloadwithSemeru.pdf
ContainerWorkloadwithSemeru.pdfContainerWorkloadwithSemeru.pdf
ContainerWorkloadwithSemeru.pdf
SumanMitra22
 
Java 어플리케이션 성능튜닝 Part1
Java 어플리케이션 성능튜닝 Part1Java 어플리케이션 성능튜닝 Part1
Java 어플리케이션 성능튜닝 Part1
상욱 송
 
JVM Performance Tuning
JVM Performance TuningJVM Performance Tuning
JVM Performance Tuning
Jeremy Leisy
 
State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020
State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020
State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020
Jelastic Multi-Cloud PaaS
 
Inside The Java Virtual Machine
Inside The Java Virtual MachineInside The Java Virtual Machine
Inside The Java Virtual Machineelliando dias
 
Java performance tuning
Java performance tuningJava performance tuning
Java performance tuning
Mohammed Fazuluddin
 
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...
Jean-Philippe BEMPEL
 
Jvm problem diagnostics
Jvm problem diagnosticsJvm problem diagnostics
Jvm problem diagnostics
Danijel Mitar
 
It's always sunny with OpenJ9
It's always sunny with OpenJ9It's always sunny with OpenJ9
It's always sunny with OpenJ9
DanHeidinga
 
Tomcatx troubleshooting-production
Tomcatx troubleshooting-productionTomcatx troubleshooting-production
Tomcatx troubleshooting-productionVladimir Khokhryakov
 
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been ToldDCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
Docker, Inc.
 
Java and Container - Make it Awesome !
Java and Container - Make it Awesome !Java and Container - Make it Awesome !
Java and Container - Make it Awesome !
Dinakar Guniguntala
 
Spark 2.x Troubleshooting Guide
Spark 2.x Troubleshooting GuideSpark 2.x Troubleshooting Guide
Spark 2.x Troubleshooting Guide
IBM
 
Java performance monitoring
Java performance monitoringJava performance monitoring
Java performance monitoring
Simon Ritter
 
[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes
Bruno Borges
 
Introduction of Java GC Tuning and Java Java Mission Control
Introduction of Java GC Tuning and Java Java Mission ControlIntroduction of Java GC Tuning and Java Java Mission Control
Introduction of Java GC Tuning and Java Java Mission Control
Leon Chen
 
Adopting GraalVM - Scale by the Bay 2018
Adopting GraalVM - Scale by the Bay 2018Adopting GraalVM - Scale by the Bay 2018
Adopting GraalVM - Scale by the Bay 2018
Petr Zapletal
 
Shootout at the PAAS Corral
Shootout at the PAAS CorralShootout at the PAAS Corral
Shootout at the PAAS Corral
PostgreSQL Experts, Inc.
 
Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...
Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...
Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...
Jelastic Multi-Cloud PaaS
 

Similar to QCon 2017 - Java/JVM com Docker em produção: lições das trincheiras (20)

ContainerWorkloadwithSemeru.pdf
ContainerWorkloadwithSemeru.pdfContainerWorkloadwithSemeru.pdf
ContainerWorkloadwithSemeru.pdf
 
Java 어플리케이션 성능튜닝 Part1
Java 어플리케이션 성능튜닝 Part1Java 어플리케이션 성능튜닝 Part1
Java 어플리케이션 성능튜닝 Part1
 
JVM Performance Tuning
JVM Performance TuningJVM Performance Tuning
JVM Performance Tuning
 
State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020
State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020
State of Java Elasticity. Tuning Java Efficiency - GIDS.JAVA LIVE 2020
 
Inside The Java Virtual Machine
Inside The Java Virtual MachineInside The Java Virtual Machine
Inside The Java Virtual Machine
 
Java performance tuning
Java performance tuningJava performance tuning
Java performance tuning
 
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...
Devoxx Fr 2022 - Remèdes aux oomkill, warm-ups, et lenteurs pour des conteneu...
 
Jvm problem diagnostics
Jvm problem diagnosticsJvm problem diagnostics
Jvm problem diagnostics
 
It's always sunny with OpenJ9
It's always sunny with OpenJ9It's always sunny with OpenJ9
It's always sunny with OpenJ9
 
Tomcatx troubleshooting-production
Tomcatx troubleshooting-productionTomcatx troubleshooting-production
Tomcatx troubleshooting-production
 
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been ToldDCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
 
Java and Container - Make it Awesome !
Java and Container - Make it Awesome !Java and Container - Make it Awesome !
Java and Container - Make it Awesome !
 
Scaling Django
Scaling DjangoScaling Django
Scaling Django
 
Spark 2.x Troubleshooting Guide
Spark 2.x Troubleshooting GuideSpark 2.x Troubleshooting Guide
Spark 2.x Troubleshooting Guide
 
Java performance monitoring
Java performance monitoringJava performance monitoring
Java performance monitoring
 
[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes[Outdated] Secrets of Performance Tuning Java on Kubernetes
[Outdated] Secrets of Performance Tuning Java on Kubernetes
 
Introduction of Java GC Tuning and Java Java Mission Control
Introduction of Java GC Tuning and Java Java Mission ControlIntroduction of Java GC Tuning and Java Java Mission Control
Introduction of Java GC Tuning and Java Java Mission Control
 
Adopting GraalVM - Scale by the Bay 2018
Adopting GraalVM - Scale by the Bay 2018Adopting GraalVM - Scale by the Bay 2018
Adopting GraalVM - Scale by the Bay 2018
 
Shootout at the PAAS Corral
Shootout at the PAAS CorralShootout at the PAAS Corral
Shootout at the PAAS Corral
 
Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...
Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...
Elastic JVM for Scalable Java EE Applications Running in Containers #Jakart...
 

More from Leonardo Zanivan

Como se tornar um desenvolvedor de software melhor
Como se tornar um desenvolvedor de software melhorComo se tornar um desenvolvedor de software melhor
Como se tornar um desenvolvedor de software melhor
Leonardo Zanivan
 
QConSP 2018 - Java Module System
QConSP 2018 - Java Module SystemQConSP 2018 - Java Module System
QConSP 2018 - Java Module System
Leonardo Zanivan
 
TDC 2017 - Vale a pena utilizar Docker em produção?
TDC 2017 - Vale a pena utilizar Docker em produção?TDC 2017 - Vale a pena utilizar Docker em produção?
TDC 2017 - Vale a pena utilizar Docker em produção?
Leonardo Zanivan
 
JavaOne 2016 - Kotlin: The Language of The Future For JVM?
JavaOne 2016 - Kotlin: The Language of The Future For JVM?JavaOne 2016 - Kotlin: The Language of The Future For JVM?
JavaOne 2016 - Kotlin: The Language of The Future For JVM?
Leonardo Zanivan
 
NetBeans Day 2016 - Getting the best of NetBeans IDE
NetBeans Day 2016 - Getting the best of NetBeans IDENetBeans Day 2016 - Getting the best of NetBeans IDE
NetBeans Day 2016 - Getting the best of NetBeans IDE
Leonardo Zanivan
 
TDC 2016 - Simplificando a segurança de sua aplicação com Java EE
TDC 2016 - Simplificando a segurança de sua aplicação com Java EETDC 2016 - Simplificando a segurança de sua aplicação com Java EE
TDC 2016 - Simplificando a segurança de sua aplicação com Java EE
Leonardo Zanivan
 
TDC 2016 - Rodando JavaScript Server com Wildfly
TDC 2016 - Rodando JavaScript Server com WildflyTDC 2016 - Rodando JavaScript Server com Wildfly
TDC 2016 - Rodando JavaScript Server com Wildfly
Leonardo Zanivan
 
JavaOne 2015 - Simplificando a segurança de sua aplicação com Java EE
JavaOne 2015 - Simplificando a segurança de sua aplicação com Java EEJavaOne 2015 - Simplificando a segurança de sua aplicação com Java EE
JavaOne 2015 - Simplificando a segurança de sua aplicação com Java EE
Leonardo Zanivan
 
NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...
NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...
NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...
Leonardo Zanivan
 
JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]
JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]
JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]
Leonardo Zanivan
 
O papel e a carreira do arquiteto de software
O papel e a carreira do arquiteto de softwareO papel e a carreira do arquiteto de software
O papel e a carreira do arquiteto de software
Leonardo Zanivan
 
Curso Android Básico
Curso Android BásicoCurso Android Básico
Curso Android Básico
Leonardo Zanivan
 
TDC 2014 - Arquitetura front-end com AngularJS
TDC 2014 - Arquitetura front-end com AngularJSTDC 2014 - Arquitetura front-end com AngularJS
TDC 2014 - Arquitetura front-end com AngularJS
Leonardo Zanivan
 

More from Leonardo Zanivan (13)

Como se tornar um desenvolvedor de software melhor
Como se tornar um desenvolvedor de software melhorComo se tornar um desenvolvedor de software melhor
Como se tornar um desenvolvedor de software melhor
 
QConSP 2018 - Java Module System
QConSP 2018 - Java Module SystemQConSP 2018 - Java Module System
QConSP 2018 - Java Module System
 
TDC 2017 - Vale a pena utilizar Docker em produção?
TDC 2017 - Vale a pena utilizar Docker em produção?TDC 2017 - Vale a pena utilizar Docker em produção?
TDC 2017 - Vale a pena utilizar Docker em produção?
 
JavaOne 2016 - Kotlin: The Language of The Future For JVM?
JavaOne 2016 - Kotlin: The Language of The Future For JVM?JavaOne 2016 - Kotlin: The Language of The Future For JVM?
JavaOne 2016 - Kotlin: The Language of The Future For JVM?
 
NetBeans Day 2016 - Getting the best of NetBeans IDE
NetBeans Day 2016 - Getting the best of NetBeans IDENetBeans Day 2016 - Getting the best of NetBeans IDE
NetBeans Day 2016 - Getting the best of NetBeans IDE
 
TDC 2016 - Simplificando a segurança de sua aplicação com Java EE
TDC 2016 - Simplificando a segurança de sua aplicação com Java EETDC 2016 - Simplificando a segurança de sua aplicação com Java EE
TDC 2016 - Simplificando a segurança de sua aplicação com Java EE
 
TDC 2016 - Rodando JavaScript Server com Wildfly
TDC 2016 - Rodando JavaScript Server com WildflyTDC 2016 - Rodando JavaScript Server com Wildfly
TDC 2016 - Rodando JavaScript Server com Wildfly
 
JavaOne 2015 - Simplificando a segurança de sua aplicação com Java EE
JavaOne 2015 - Simplificando a segurança de sua aplicação com Java EEJavaOne 2015 - Simplificando a segurança de sua aplicação com Java EE
JavaOne 2015 - Simplificando a segurança de sua aplicação com Java EE
 
NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...
NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...
NetBeans Day 2015 - Node.js, HTML5, JBoss Forge, and Other Awesome New NetBea...
 
JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]
JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]
JavaOne 2014 - Scalable JavaScript Applications with Project Nashorn [CON6423]
 
O papel e a carreira do arquiteto de software
O papel e a carreira do arquiteto de softwareO papel e a carreira do arquiteto de software
O papel e a carreira do arquiteto de software
 
Curso Android Básico
Curso Android BásicoCurso Android Básico
Curso Android Básico
 
TDC 2014 - Arquitetura front-end com AngularJS
TDC 2014 - Arquitetura front-end com AngularJSTDC 2014 - Arquitetura front-end com AngularJS
TDC 2014 - Arquitetura front-end com AngularJS
 

Recently uploaded

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 

Recently uploaded (20)

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 

QCon 2017 - Java/JVM com Docker em produção: lições das trincheiras

  • 1. Java/JVM com Docker em produção: lições das trincheiras Leonardo Zanivan panga@apache.org
  • 3. Why Docker Container? ● Environments (dev, test, UAT, prod) ● Productivity (onboarding, develop, test) ● Single Responsibility Principle ● DevOps or Dev + Ops ● Economies of $cale
  • 4. Use Cases ● Pokemon GO (1000+ nodes) ● "X" Messaging (1000+ containers) ● Uber Docker Host (~300 containers)
  • 5. JVM + Containers (docker, rkt, runC) ● Memory ● CPU ● Disk I/O ● Network
  • 6. JVM Memory on Container ● Common problems: ○ OOM Killer ○ OutOfMemory error ○ High memory usage
  • 7. JVM Memory on Container Cause #1: Java Max Heap Size not defined (-Xmx) ● JVM default MaxHeapSize = Total host memory / 4 ● JVM isn't aware of cgroups! (JDK 9 has an experimental flag) Example: total host memory = 32GB max container memory = 1GB default heap size = 8GB
  • 8. JVM Memory on Container Cause #2: Container Memory < Java Memory (Heap+Stack) ● Java max heap isn't the max amount of memory used ● Use a 0.7 factor of Java Max Heap to Container Example: max container memory = 1GB wrong max heap size = 1GB ok max heap size = 700MB
  • 9. JVM Memory on Container Cause #3: No SWAP partition ● Your local machine has SWAP, but production not! ● Default container SWAP limit on Docker is 2*memory Example: max container memory = 1GB max container swap = 2GB max jvm heap size = 2GB
  • 10. JVM Memory on Container Cause #4: Default Garbage Collector ● Always specify a Garbage Collector (JDK < 9) ● Default GC doesn't scale, is slow and consume more RAM Solution: CMS = -XX:+UseConcMarkSweepGC G1 = -XX:+UseG1GC
  • 11. JVM CPU on Container ● Problem: Slow GC performance, bad lambda parallelism ● Cause: JVM isn't aware of cgroups! Example: total host cores = 8 max container cores = 1 max jvm cores = 8
  • 12. JVM CPU on Container ● Solution: Set appropriate JVM properties -XX:ParallelGCThreads=<max_container_cores> -XX:ConcGCThreads=... -Djava.util.concurrent.ForkJoinPool.common.parallelism=...
  • 13. JVM Disk I/O on Container ● Problem: Slow WRITE performance ● Cause: Container is using graph driver ● Solution: Create a named volume or mount from host docker volume create mysql-data docker run -v mysql-data:/var/lib/mysql
  • 14. JVM Disk I/O on Container ● Problem: Slow SecureRandom entropy calculation ● Cause: Container doesn't have enough events ● Solution: Set security JVM property to async -Djava.security.egd=file:/dev/urandom
  • 15. JVM Network on Container ● Problem: Bad DNS resolution on Alpine based images ● Cause: Alpine images doesn't use glibc ● Solution: Don't use Alpine images when using DNS reverse lookups or Domain Search Example: docker run --dns-search=service.consul $ ping myservice $ ping: cannot resolve myservice: Unknown host
  • 16. IDE support for Docker ● NetBeans (8.2+) ● IntelliJ ● Eclipse
  • 17. Tooling support for Docker ● Build lifecycle ○ Maven Plugin (docker-maven-plugin) ○ Gradle (gradle-docker-plugin) ● Tests ○ JUnit (docker-compose-rule) ○ Arquillian Cube
  • 18. Container Schedulers ● Docker Swarm ● Kubernetes ● Mesos/Marathon ● AWS ECS ● etc.
  • 19. Introducing Swarm + docker compose v3 ● Swarm is ready to use in Docker 1.13+ ● Compose v3 support secrets & deploy options secrets: - mypassword: deploy: - replicas - resources limits - update config - placement
  • 21. Extra Container challenges ● Multi-host Networking ● Transparent Proxy ● Service Discovery ● Monitoring & Logs