Devnexus 2019 : kotlin, micronaut, security and kubernetes

Just got back from DevNexus 2019 (March 6th – 8th in Atlanta, GA) and the title I chose sum up the most frequent themes of this edition !

Security Workshop

During the first day, I could get my hands on Java security, thanks to the workshop hosted by Snyk, Sonatype and IBM; I particularly appreciated the workshop exercises provided by Snyk, that are available on Github (I strongly advise you to spend few hours to complete them, they’re pretty fun to complete : you play the role of the hacker and then try to fix things up ! pretty cool workshop !)

Steve Pool could also explain the danger of serialization, and brought to our attention a project to automate  payloads that exploit unsafe Java object deserialization

Sessions

Still on the topic of security, the excellent Nicolas Fränkel hosted a great session about the JVM security manager : most users don’t know if a rogue third party library accesses more than it’s supposed to, and the JVM has the necessary tooling to tighten your application accesses (network, file reflection, etc.) – will you spend the necessary energy to close those security gaps ? (lots of testing is required to make sure you don’t close too much!) – You can check the demos on github here and there.

Micronaut was definitely one of the stars of this edition : no less than 9 sessions were about this reactive framework that looks promising. Breaking news ! a contender was announced during DevNexus : Quarkus, from RedHat

Cloud technologies were not forgotten, far from that : Istio, Knative and Kubernetes in general were mentioned in a lot of talks : some projects, such as riff or fn promise to make the Serverless adoption smoother, but I can’t help but think it ends up being a lot of technology stacked together to understand and run flawlessly …

Get your Java application ready for Kubernetes

I’ll end this post sharing some notes about this presentation I gave.

After warning the audience the necessity to have the cgroups aware JVM options (-XX:+UnlockExperimentalVMOptions and -XX:+UseCGroupMemoryLimitForHeap) set when running Java < 8u191 (they’re on by default in the following releases), I presented 2 new ways to build images for a Java application : CNCF Buildpacks and Jib

We then moved on to Kubernetes with a quick refresher, and I introduced Helm too.

Before closing the sessions with Prometheus metrics and Java libraries to interact with Kubernetes, I presented Skaffold that allows to automate redeployment and Telepresence that allows developers to start a local process and make it part of a remote Kubernetes cluster : great for debugging !

You can find the presentation on SlideShare ; I apologize to the audience for the couple of demos that failed during the session :-( – I learnt my lessons with internet dependent demos (always have a backup plan) !



Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée.

Le temps imparti est dépassé. Merci de saisir de nouveau le CAPTCHA.

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.