When developing and running apps inside Microsoft Azure you have to deal with the topics like monitoring and logging. Azure provides a central solution for that questions which is Application Insights. AppInsights (for short) is the central hub to get metrics and log data from our applications and let you access these data within the azure portal in an easy and convenient way. While the metric aspect is well documented, how to connect your favorite application logger to AppInsights it is not.
In this blog post we will show you how to enhance your typical Spring-Boot application to have all the logging data send to Azure AppInsights automatically. In a followup post we will show the same for a typical nodejs based application.
Sodium is an implementation of Functional Reactive programming (FRP) with some nice features. One of these is the support of transactions in the GUI layer. I had quite some discussions with my colleagues on what this actually means and if such a transaction concept is useful or not. In this article I sum up my current insights and opinions about transactions in Sodium.
Using fat JARs within Docker images wastes storage. I’ll demonstrate how to do better when using Spring Boot and Maven.
Functional reactive programming (FRP) is a variant of reactive programming for the development of user interfaces based on the functional paradigm and a strict set of basic operators. In contrast to reactive frameworks, such as RxJs, using FRP enables a developer to define a pure area in her code in which some error classes, typical for event-based architectures, do not occur. Sodium is an FRP-framework, which is independent of a specific GUI-framwork and supports several different programming languages. Here, we describe how to use Sodium together with Angular.
Deploying a Docker container on Azure ‘Web App for Containers’ can be done fairly easy. In this blog post, I will provide a step by step guide to get you started. Some basic knowledge of Azure and Docker definitely helps. But why should you care in the first place? You will get:
- a managed runtime (for a single image)
- scaling to multiple instances
- a simple deployment model
- easy integration with App Insights (Azure’s Monitoring system for Web Apps)
- use any Azure SaaS like CosmosDB, MSSQL, …
CVE-2016-1000031 is a vulnerabilty in the extremely widely used Apache Commons library commons-fileupload – you might not even know you’re having it on your class path. It has a very nasty Remote Code Execution vulnerability with easy to use exploits publicly available up to version 1.3.2. What makes it even worse is that you do not even need to use the library – you only need to have it on your class path and to deserialise some data. The data is the attack vector. You can find a good in detail explanation of the vulnerability here.
It did take a while but with version 1.3.3 this vulnerability is finally closed (by default).
There is some stuff that you should know about the fix though:
A microservice is an autonomous sub application for a strictly defined and preferably small domain. An application built from microservices is scalable, resilient, and flexible. At least, if the services and their infrastructure are well designed. One requirement on the used frameworks to achieve scalability and resilience is that they are lightweight. Lightweightness comes in different flavors. Microservices should be stopped and started fastly, and should consume few resources. The development and maintenance of microservices should be easy.
For this reason, in the Java world, Spring Boot is currently recommended as best choice regarding these requirements. Traditional Java EE application servers are too heavyweight, because they are not developed as basis for single services but as platform for running different applications simultaneously. Thus, they must be bloated.
Being a curious person I used some of my spare time in the last Christmas holidays to actually measure the lightweightness. First I chose Spring Boot and WildFly as “competitors”. I added WildFly Swarm which provides similar features as Spring Boot but is based on WildFly. Then looking at the requirements I decided to include a framework with a real small startup time in comparison to Java-based frameworks and chose Snap based an Haskell. For every framework I built a minimal micro service, wrapped it into a Docker container, and measured its weight.
In one of our recent projects we have encountered some memory leaks using standard JavaEE technologies like CDI and EJBs. Our application in question does a lot of communication using JMS as a transportation layer. To be able to handle different message types dynamically we have used the Instance Injection of CDI. Using that approach with CDI might get your trapped into some memory leak problems like we did, so we would like to share our experiences and what you can do about it.
Testing your processes is an important tasks to ensure and validate your expected behaviour of your application. An introduction how to do a proper test automation in process applications can be found the following camunda webinar: https://network.camunda.org/webinars/24
A normal approach for testing your processes is to have your actual service implementation mocked or swapped completely to your own implementation for testing purposes. For CDI based java delegates this is an easy task to do within the camunda BPM test environment.
But if your project does not allow you to rely on your favourite CDI or Spring based environment you have to configure your java delegates for service tasks via class name binding. Unfortunately there seems not to be an out of the box approach to test that kind of configuration easily.
Will will show you how to get use of the great extensibility of the camunda BPM engine to have plain java delegates mocked as easy as their CDI/Spring counterparts.