The Istio service mesh is a powerful tool for building a service mesh. If you don’t know about Istio yet, have a look at the Introduction to Istio series of articles or download the ebook Introducing Istio Service Mesh for Microservices.
The power of Istio comes with the cost of some complexity at configuration and runtime. To help this, the Kiali project provides observability of the mesh and the services in the mesh. Kiali visualizes the mesh with its services and workloads. It indicates the health of the mesh and shows hints about applied configuration options. You can then drill in on individual services or settings to view details.
This post describes how to use Kiali to observe what the microservices in your Istio service mesh are doing, validate the Istio configuration, and see any issues.
Continue reading “Observe what your Istio mesh is doing with Kiali”
This post is a short summary of my recent experiences with customers that are implementing architectures similar to microservices but with different characteristics in the current post-microservices world.
The microservices architectural style has been around for close to five years now, and much has been said and written about it. Today, I see teams deciding not to strictly follow certain principles of the “pure” microservices architecture and to break some of the “rules.” Teams are now more informed about the pros and cons of microservices, and they make context-driven decisions respecting team experience and organizational boundaries and accept the fact that not every company is Netflix. Below are some examples I have seen in my recent microservices gigs.
Continue reading “The rise of non-microservices architectures”
This is the first in a series of articles that consider the role of Kubernetes and application servers. Do application servers need to exist? Where does the current situation leave developers trying to choose the right path forward for their applications?
Why Kubernetes is the new application server
By now you’ve likely read “Why Kubernetes is The New Application Server” and you might be wondering what that means for you. How does it impact Java EE or Jakarta EE and Eclipse MicroProfile? What about application servers or fat JARs? Is it the end as we’ve known it for nearly two decades?
In reality, it doesn’t impact the worldview for most. It’s in line with the efforts of a majority of vendors around Docker and Kubernetes deployments over the last few years. In addition, there’s greater interest in service mesh infrastructures, such as Istio, and how they can further assist with managing Kubernetes deployments.
Continue reading “Kubernetes is the new application operating environment (Part 1)”
Red Hat Enterprise Linux (RHEL) 7.6 Beta was released a few days ago and one of the first new features I noticed is Podman. Podman complements Buildah and Skopeo by offering an experience similar to the Docker command line: allowing users to run standalone (non-orchestrated) containers. And Podman doesn’t require a daemon to run containers and pods, so we can easily say goodbye to big fat daemons.
Podman implements almost all the Docker CLI commands (apart from the ones related to Docker Swarm, of course). For container orchestration, I suggest you take a look at Kubernetes and Red Hat OpenShift.
Podman consists of just a single command to run on the command line. There are no daemons in the background doing stuff, and this means that Podman can be integrated into system services through
We’ll cover some real examples that show how easy it can be to transition from the Docker CLI to Podman.
Continue reading “Intro to Podman (Red Hat Enterprise Linux 7.6 Beta)”
Securing applications and services is no longer just about assigning a username and password. You need to manage identities. You need to integrate with legacy and external authentication systems to provide features that are in demand like social logins and single sign-on (SSO). Your list of other requirements may be long. But you don’t want to develop all of this yourself, nor should you.
Continue reading “Securing apps and services with Keycloak (Watch DevNation Live video)”
During the last three months, there have been some changes regarding Eclipse MicroProfile at Red Hat. If you haven’t been following the details, this post recaps what’s changed and introduces Thorntail and SmallRye.
Bye-bye WildFly Swarm! Hello Thorntail!
You may have missed this important news. Our MicroProfile implementation changed its name two months ago.
After a lot of feedback from the community, we decided to rename “WildFly Swarm” to Thorntail. While the former name was nice, we found that the “Swarm” term was a bit overloaded in the IT industry and could be confusing. It’s the same for the “WildFly” part; sharing this name with our Java EE application server was a source of confusion for some users, making them think it was a subproject of WildFly.
Continue reading “Eclipse MicroProfile and Red Hat Update: Thorntail and SmallRye”
Firewalld, the default firewall management tool in Red Hat Enterprise Linux and Fedora, has gained long sought support for nftables. This was announced in detail on firewalld’s project blog. The feature landed in the firewalld 0.6.0 release as the new default firewall backend.
The benefits of nftables have been outlined on the Red Hat Developer Blog:
There are many longstanding issues with firewalld that we can address with nftables that were not possible with the old iptables backend. The nftables backend allows the following improvements:
Continue reading “Firewalld: The Future is nftables”
Integration testing is still an important step in a CI/CD pipeline even when you are developing container-native applications. Integration tests tend to be very resource-intensive workloads that run for a limited time.
I wanted to explore how integration testing technologies and tools could leverage a container orchestrator (such as Red Hat OpenShift) to run faster and more-dynamic tests, while at the same time using resources more effectively.
In this post, you will learn how to build behavior-driven development (BDD) integration tests using Cucumber, Protractor, and Selenium and how to run them in OpenShift using Zalenium.
The code for the example of this article can be found on GitHub in redhat-cop/container-pipelinesh.
Continue reading “Container-native integration testing”
Microservices and serverless architectures are being implemented, or are a part of the roadmap, in most modern solution stacks. Given that Java is still the dominant language for business applications, the need for reducing the startup time for Java is becoming more important. Serverless architectures are one such area that needs faster startup times, and applications hosted on container platforms such as Red Hat Openshift can benefit from both fast Java startup time and a smaller Docker image size.
Let’s see how GraalVM can be beneficial for Java-based programs in terms of speed and size improvements. Surely, these gains are not bound to containers or serverless architectures and can be applied to a variety of use cases.
Continue reading “Natively compile Java code for better startup time”