I was invited to South Africa to speak at the Java Conference in Cape Town. Due to a short term change in speakers I got the opportunity to not only speak about my most favorite topic – Performance Problem Patterns – but also about my second favorite topic: Quality Metrics-Driven Software Delivery.
As for our APM Challenge: Here is the current APM Challenge Leaderboard. For the Dynatrace T-Shirt challenge make sure you send in your PurePaths until 3PM friday. Get started with getting your Dynatrace Free Trial (which becomes your Personal License after 30 days).
I also got the chance to list to all the other sessions. Sessions are recorded and should soon be up online. Check their conference website and see what happened on twitter: #JavaSA15! Here are some of my notes & highlights.
Big Java – Huge Scale. Massive Load. Monstrous unknowns
Herman Lintvelt (@hermanlintvelt) giving us insight on his LifeQ Cloud project and the lessons learned when they made technology and architectural choices
Challenges: small team, little time, huge scale: heading towards 1 PB for 1 millions users per month
Shortlist of choices: Microservices architecture, Erlang – FRP , Akka.io, Spray.io, Play, NoSQL
- Microservices: make sure to read Martin Fowlers blog; allows them to scale their teams better; easier to enhance/fix on service at a time; could create experimental services (switch versions of services to experiment); debugging challenges
- Akka: provided them to build a responsive, resilient, elastic and message driven system: http://akka.io/ & reactive-streams.org
Really interesting insights on how to use Akka Streams -> definitely “wet our appetite” as Herman put it 🙂
Polyglot persistence with Spring Data
Corneil du Plessis (@corneil) starting with an overview and history of accessing data through different mechanisms and different storage options.
Overview of Spring Data – http://projects.spring.io/spring-data/ having a long list of subprojects for the different data storage options (RDBMS, NoSQL, …). Some good basic examples on Spring Data Usage for Crud operations; finding entities, paging and slicing. You can check out his demo on http://github.com/corneil/spring-data-demo
Container-less Java for the Enterprise
Dewald Viljoen (@dewald_v) on an interesting topic – here is session description – looking forward to it: Moving from existing Web Containers to embedded containers such as embedded TomCat can be a tough sell to enterprise clients. It’s good to have options, it’s better when those options improve flexibility, scalability and reliability.
The Application Server Monolith Paradigm: why do I need 100s of MB of stuff and 100s of lines of XML to run 5MB of code? Why cant deploying an app not be as easy as compiling and running a Hello World Console App?!?
Troubleshooting Java Application Servers in the Real World
Rudolf Visagie giving a great talk with a good overview on how to troubleshoot apps using a variety of basic tools to identify the most common hotspots.
- Logging: Swiss Army Knife for Application Troubleshooting; Keep it simple; Impressive tricks for parsing log files through command line tools
- Stuck Thread Detection: check out Stuck Thread Detection provided by App Server, e.g: Tomcat
- Monitoring CPU Usage: Cmdline tools on different OSs
- Timeouts: All components have some types of timeouts: sockets, web services, database connections, … -> don’t trust the docs for default timeouts -> check it yourself
- Heap and Thread Dumps: Great story on StringBuilder related memory leak after switching from distributed to local cache
- Garbage Collection: Use verbose GC logs to learn more about internals of the GC Runs
- Serialization Overhead: Great performance comparison of different serialization frameworks -> worst one to be the built-in java serialization
- JMX and MBeans: Interesting story on inefficient cache access. Root cause could be seen through JMX & MBeans exposed by Cache Framework
Rudolf’s Tools Starter Pack: VisualVM, JConsole, Mission Control, Dynatrace, AppDynamics, NewRelic, Riverbed
Summary: Build Your Toolbox, Many ways to skin a cat; Consider all angles; Protect the many at the expense of the few; Look beyond the JVM! Test, test and test!!!
JVM Profiler Mechanics
Nitsan Wakar (@nitsanw) from Azul. I started taking notes but stopped after a while as Nitsan had A LOT of great information – showing live demos and more. You should check out his slides and the recording of his session once available. Check out his blog as well: http://psy-lob-saw.blogspot.com
Some of the notes I took that I wanted to share:
- Typical root causes of problems by RebelLabs: 54.8% Slow Database Queries, 38.6 Too Many Database Queries, 51.5% Inefficient application code, …
- Sampling Overview: based on the assumption that samples are ‘random’; distribution approximates ‘Time Spent’ distribution;
- Benchmarking: jmh!
- Great overview of challenges with GetStackTrace, SafePoints and AsyncGetStackTrace
Take Aways: Know your profiler (the real problem may shift if the profiler impacts your apps); There is no perfect profiler; Try an ‘unbiased’ profiler, give honest-profiler/perf-map-agent a go!
Pragmatic Functional Programming with Java 8
Pavel Tcholakov (@pavletko) about his experience on projects he has working on using Java 8. I have to admit: I am not at all a functional programmer and have my issues reading functional code. I am not sure if I am a bigger fan now after this presentation but I really liked the example he used showing how to “convert” a simple Java app that divided an input list into 3 output lists leveraging Java Streams and a functional approach. Interesting to see the step-by-step approach!
- Java 8: Check out Simon Ritter’s (@speakjava) Online Courses on all new language features
- “Mutable state is the new spaghetti code” by Rich Hickey
- Interesting performance stats showing the performance gain of using parallel streams. Parallel Streams? Java 8 Stream Tutorial!
Robust REST Architectures
Rishal Hurbans (@RishalHubans) and Matt Van der Westhuizen (@chaotikZA) on their experiences building different types of apps with a REST Architecture. Really awesome overview!
- REST is an Architectural Style: Tiered (Client -> Server), Stateless, Cacheable, Uniform Interface (Abstracted API for any service in the back), Layered Systems, Code on Demand
- Introduction to HTTP and how it applies to REST
- VERBS: PATCH is a verb used to update single attributes on a resource object instead of sending the whole object; HEAD good to validate information without requesting the actual content; TRACE shows you what the server on the other end really receives; OPTIONS helps you get a list of available methods on the REST object.
- STATUS: It is NOT OK to always return HTTP 200, e.g: use 2o2 Accepted if you received the request but haven’t yet really executed the action
- Fundamental Concepts: Resource, Server, Client, Request & Response, Representation. Good overview of Richardson Maturity Model
- Documentation: Swagger & RAML (came about to also be able to design your APIs and not just document existing APIs)
- Message Formats: There is a misconception that REST has to use JSON – but in fact thats not the case. Pick the protocol that makes sense for you
- JSON obviously leaner than XML -> easy to parse -> good framework support
- JSON-HAL (HyberTest Application Language) defines additional app context information such as links and embedded resources!
- JSON-SCHEMA: check out http://json-schema.org/
- Tooling/Framework Support:
- jQuery, AngularJS, … -> lots of support for calling REST services
- The preference of these guys is clearly AngularJS to build modern REST-based Web Apps! $resource makes it very easy to interact with REST APIs
Yesterdays Secure Application is todays security volnerable application
Richard Kolb (rjdkolb) trying to “scare” us a bit after our lunch break. Richard is a member of OWASP (Open Web App Security Project)
- Hackers usually break in using the easiest method but they can also use very sophisticated mathematical methods
- Hackers can use cloud services to get faster break code, e.g: SHA-1 is now broken on an estimated $2000 of GPU Time on EC2
- Check http://weakdh.org to check your site on vulnerabilities regarding Diffie-Hellman and the Logjam Attack.
- How Hackers exploit problems in Open Source Projects? Browser Bug Database! Compare Code Changes!
- OWASP Maven Plugin checks for vulnerabilities! Also check out their other libraries, docs & Top 10 List
- UPGRADE YOUR MAVEN!!
- Retire.js: Browser Plugin to analyze jQuery, Angular, … vulnerabilities!
Richard manged to “FREAK US OUT”!!
Rapidly brewing Java Apps in the Cloud
Indran Naikan (@indran_naick) from IBM showing us that we cannot only brew coffee but also Java Apps 🙂
- Evolution from “Systems of Record” to “Systems of Engagement”
- Top 5 Reasons for Cloud: Mitigate Local Risk and Challenges”, Lower the barrier to Entry for Entrepreneurs, Level the playing fields between developed and developing countries, Enables reach into new markets, Rapid and low cost deployment
- Interesting Demo using IBM BlueMix based on Cloud Foundry