Topic: Flying to cloud
Main idea: How to move an app to the cloud, how easily this can be done with spring-cloud, spring wraps lots of libraries from netflix to make it integrated with its own ecosystem + adds some default behavior
Good book: Migrating to cloud native application architecture (http://12factor.net)
Possible problems: Global locks, leadership election
Spring cloud benefits:
Circuit breaker (histryx) works OOTB
@FeignClient and @EnableFeignClients allows to group replicated clients and add load balancing (with Ribbon annotation), also OOTB
Topic: Fast feedback
Main idea: Lots of upcoming problems could be solved by achieving the fast feedback in many different areas. Author describes many techniques he uses on his projects
When throwing exception: add some context on different stages, then rethrow – this practice eliminates time spent on the issue analysis
mvn – T – allows parallel build execution (has many options):
mvn -T 4 clean install # Builds with 4 threads mvn -T 1C clean install # 1 thread per cpu core mvn -T 1.5C clean install # 1.5 thread per cpu core
Static analysis:
- use blacklist (filter) instead of whitelist of rules, to stay up to date with new rules suggested by PMD, FindBugs etc.
- ben-manes plugin scans your project and shows if there are new libraries to use
- mutation testing: pitest.org
- NonDex – analyze wrong assumptions about Java api
- CodeNarc – static code analyzer for Groovy
Topic: Security
Main idea: Author gives some advices on how to keep quality of the security on the project
Letsencrypt – gives free SSL certificates (yet you should pay for hosting of the certificate)
OWASP ASVS – security standards for developer
ZAP Zed attack proxy – helps to find security vulnerabilities
SAMM Overview – maturity model
Topic: Non-blocking microservices
Main idea: How one team moved their code and infrastructure to non-blocking IO
Someone had calculated that 1 thread ~1mb, which costs 8$ per year to maintain
First they’ve looked into JAX-RX 2.0 which supports async responses.
BUT:
Non-blocking servlet servlet will require non-blocking filters, which have to be written customly
So they moved to pure HTTP.
CompletableFuture (Java 8) allows to chain futures (like promises in JS).
Migration requires functional decomposition, to allow easy chaining.
Recommended Netty + async http client.
Move to NIO rather in case of low CPU loads, to benefit
Topic: Metrics gathering
Main idea: How one team gathered metrics
They’re using io.dropwizard.metrics:
– metrics-core
– metrics-spring – spring integration
– metrics-jvm – collect gc metrics
Works with @Timed annotation
Graphite and graphana – ui and storage for metrics