Table of contents
Introduction
Devoxx Belgium is a Java community conference in Antwerp, Belgium. Every year in November it is organised and always has a great assortment of bleeding edge technology talks, methodology talks and architectual insights.
During this edition, about 30 JWorks colleagues joined talks at Devoxx. Ordina again had a very popular booth by providing attendees nachos, the venue is a cinema after all.
Keynotes
The Hitchhiker’s Guide to Diversity (Don’t panic!)
Audrey Neveu gave this inspirational keynote.
This talks, following the same format as the similarly titled book, provides a chapter by chapter overview of the struggles and issues with diversity in our industry and what steps our community can take to improve. The key takeaway is to be at least aware of the issue and to try to be sensitive to undertones in jokes and messages towards all members of our community, especially as they might not seem harmful at first sight.
Qualities of a Highly Effective Architect
A typical Venkat Subramaniam talk. In a funny but straightforward way he explained the pitfalls, do’s and don’ts for architects. He provided a 12 point guideline that all architects should adhere to. ‘Prototype beats any arguments’ and ‘Every technical decision should have an expiration label’ are just a few examples.
This talk is a definitely must-see as he provides his view on how architects should behave in an organisation with the usual portion of humor.
Talks
Running Kafka in Kubernetes: a practical guide
This is a talk by Kate Stanley from IBM. She works in the IBM Event Streams project.
This talk provides a good overview of common pitfalls with setting up Kafka on a Kubernetes cluster. Katherine introduces all basic concepts, so following this talk is possible without a ton of Kafka and Kubernetes knowledge. She discusses how several Kubernetes constructs are used to support and enabled the usage of Kafka and Zookeeper. Liveness and readiness probes, Stateful sets, Pod anti-affinity, Persistent volumes and headless services are all discussed. Lastly Katherine discusses the different options for running and managing a Kafka cluster on Kubernetes. Both the IBM Events Helm charts and the Strimzi operator are shown and discussed. Strimzi is an operator that allows Kafka cluster to be created and managed through CRDs in Kubernetes.
She also provided us with some tips about what you need to monitor when running your Kafka cluster:
- Make sure to verify your brokers on the In Sync Replicas (ISR) metrics, especially when doing rolling upgrades so you will not lose any data.
- Verify that your Zookeeper instances have reached a quorum.
Best Practices to Spring to Kubernetes Easier and Faster
Ray Tsang is a developer advocate for the Google Cloud Platform. He is a Java Champion and works on improving the usability of GCP for Java use cases.
Ray shows some tools and their use cases when developing Java applications on Kubernetes. Most tools are shown in a small demo.
Discussed tools
He also provides some common pitfalls when developing Java for Kubernetes. He refers to his talk about common docker pitfalls.
Finally, he showed a demo of how an IntelliJ plugin, when combined with Skaffold, can allow a developer to debug a container running on an actual Kubernetes cluster, straight from their local machine. Side note, this is super cool!
Apache Pulsar 101: architecture, concepts & benchmarks
A talk by Quentin Adam and Steven Le Roux.
Apache Pulsar is a pub sub messaging system built on top of Apache Zookeeper.
Bookkeeper is a distributed writer log on which Twitter Manhattan has been based. Because Pulsar uses Bookkeeper as the underlying storage engine, its brokers are by design stateless freeing them up from having to deal with storage constraints.
A broker can have different roles:
- broker: this is the default option and can be compared in functionally with a Kafka broker.
- proxy: this deals with external communication between the brokers.
Currently a proxy just handles outside communication with the brokers, but there is a proposal PIP-46 to let it handle much more, including dealing with the Kafka binary protocol and MQTT.
By default, a topic will not be partitioned, but if you want you can create these without any problem as you can see here. A difference with Kafka is that a partition is subdivided in segments, with the oldest segment containing the oldest entries.
Pulsar feels like a nice mix between streaming and standard message queuing patterns, something worth looking into.
Observing Chaos
Juraci Paixão Kröhling is a SE at RedHat working on the Kiali team and a maintainer of Jaeger Tracing.
He provides a brief overview of the basic concepts of a services mesh, its inner workings with a sidecar and their advantages and issues. Next, he discussed how different features of a service mesh can solve common concerns w.r.t. routing, resiliency, security, observability and distributed tracing.
The last part of the talk is an extensive demo of the four tools/technologies discussed in the talk: Jaeger, Istio, Quarkus and Kiala. A demo service is deployed and a distributed tracing example scenario is shown and discussed.
Top Tips for Terrible Tech Talks
In this talk by Chet Haase, he provides us with the guidelines for what makes a good technical talk for him.
Don’t provide an agenda, your material should speak for itself and have a logical begin, middle and end.
Make sure that you are not reading slides or even speaker notes, as at that moment you will loose the focus of the audience.
A lot of hints also focus on simplification:
- a small, catchy title
- no walls of text
- no complicated diagrams
- simplify code, it doesn’t need to compile
Have eye contact with the audience, but not with an individual as that might become creepy. Finally, learn how to project with your voice and movement, bring some power into your talk.
Be in the room before your talk and have a chat with some of the audience, it can be pretty rewarding for the attendees, but most importantly the first words you utter will be the most nervous ones.
Don’t follow a rehearsed script, do not fake emotions which you don’t have. But by no means skip on practice and preparation, as you need to own the material you are bringing.
And most importantly, be real and have fun.
What happens after your startup is acquired
This was an amazing talk by Renata Tamasi, founder of Samebug and currently working at Rollbar.
During this talk, she took us through the journey of running and later-on selling her start-up to Rollbar. She starts by showing the struggles they had to get the start-up going in Europe and what the pitfalls they uncovered during journey. Simply put, getting a SaaS based start-up off the ground and making is successful in Europe is almost impossible without the founders moving to the US. During their journey, Renata explained the different paths they tried with Samebug ranging from trying to raise funding for their start-up to finally getting acquired by Rollbar.
This is a must see talk for everyone who wants to join a start-up and it will be very familiar for anyone who was in a start-up at one point in time.
Resiliency and Availability Design Patterns for the Cloud
Sebastien Stormacq is a senior Technical Evangelist as AWS.
Your system should still work when a failure occurs, even if it’s just in a degraded state. Your business should not rely on a single person being available and present.
Geo redundancy is explained and how you can use availability zones (AZs) to have geo redundancy. He also explained a scenario where an AZ fails and a hot failover is performed using an Elastic Load Balancer. Always spread architectures over multiple AZs or use regionless services (S3, ELB) which are multi-az by default.
Load shedding is a technique to drop all traffic once a service becomes loaded beyond a preset point of healthy load. This prevents the service from being overloaded and crashing.
Shuffle sharding is a technique to reduce the blast radius for an outage by creating isolated compartments in the infrastructure.
Finally Sebastian provides two very good resources:
Takeaways:
- Use Availability zones to achieve Geo redundancy
- Use autoscaling mechanisms to have self-healing VMs
- Test your backups
- Use a split database setup. Split logically or functionally (read-write / sharding)
- Set and sync timeouts
- Implement backoffs for retries with jitter
- Make sure database operations are idempotent
- Use circuit breaks to prevent overloading an already degraded system
- Implement health checks
- Reject traffic when load is high on the service (load shedding and throttling)
- Apply shuffle sharding techniques to limit blast radius of outage
- Perform GameDays
- Experiment with Chaos engineering
SSL/TLS for mortals
Maarten Mulders provides this talk for mortals.
SSL is outdated and should be not be used anymore. Documentation can be confusing as SSL is sometimes used to discuss SSL and TLS setups. Only TLS should be used as SSL has been broken (cracked) multiple times.
Maarten goes on to explain the basic concepts of public and private keys. He also explains all the mathematics behind the RSA key creation.
This talk is ideal for people wanting to get a brief overview of how TLS works.
Back to the Future: How 80s Arcade Games Taught me Clojure
In this talk Mey Beisaron explained how she learned Clojure.
If you often learn a new programming language, it becomes much easier. For her latest position she needed to start using Clojure.
A very good book to get started with learning Clojure is Clojure for the brave and true, which is actually a funny book. After the book the website 4clojure is a good source of exercises you can follow.
But she still felt that that wasn’t enough to understand the language completely.
Some years ago, for Java, she was able to learn it in one weekend, by writing a simple 2D game. Writing the game made her feel the need to use objects much more naturally. Not only that, with the game you also need other concepts likes threads, etc.
When writing a game, do focus on a simple game, so you can truly focus on the language you need to learn.
But Clojure did take more then a weekend, immutability changes everything, it messes with your head.
In order to write a game there are several steps you need to follow:
-
Understand the 2d game structure It should be pretty simple, identify the framework functions and the game logic. The framework functions deal with the outside world: network connections, loading resources, player input, … While the game logic identifies the win conditions.
-
Find code of a game written in Clojure. So you can learn from an existing source.
An interesting game library to use with Clojure is Oaks/Play.clj.
-
Map that game Find the code which moves the character, which loads the assets, …
-
Add a feature Start coding
-
Write a new game Write your own game with the knowledge you have acquired.
Dream big, start with tiny steps!
A nice talk brought with great enthusiasm.
Defence Against the Docker Arts
Joe Kutner works at Heroku and is a core maintainer of Buildpacks.io.
He starts this talk by providing a set of common pitfalls and best practises for creating Dockerfiles in Rapidfire. Multi-stage builds, combining multiple run commands into one and using proper base images for all docker builds are just a few examples.
Joe then discusses the pros and cons of Buildkit and Jib as tools for building Docker images.
Lastly, Joe explains what Buildpacks are, their origin, their use cases and what the architecture is. The different advantages of Buildpacks are extensively explained and the lifecycle of a typical Buildpack is shown. Pack is discussed as an easy way to use Buildpacks for a Spring Boot application. Joe demos the usefulness of Buildpacks with the use case of the HeartBlead CVE.
This talk is recommended for an audience that is interested in building Docker images without having to deal with Dockerfiles.
Flowable business processing from Kafka events
Tijs Rademakers and Joram Barrez are both employees of Flowable.
The talk starts by providing a brief overview of Flowable as a product. They introduce the different standards that Flowable supports: BPMN, CMMN and DMN. Tijs continues by explaining the architecture of Flowable and its evolution.
Next, Joram explains how (Kafka) events can be used in the Engine. He goes on by providing a demo of the platform using an example process. A flow diagram of the information flow and the use of Kafka and Flowable is shown. He also explains all code that is required to execute the demo process.
This talk provides a good starting point for Flowable, even for people who have very little to no experience with BPM engines.
API First development with OpenAPI - Should you practise it !? by Nick Van Hoof
Our very own Nick Van Hoof gave a talk at Devoxx as well. Nick is a Cloud Engineer at Ordina, currently working at Nike.
In this 15 minute quickie, Nick explains why API first development is a good practise. He start by explaining the advantages through an example. Next, he goes on to show a short demo and some examples of an Open API design and tooling that can be used to ease the usage of Open API.
This talk gives a good introduction into why you should embrace API first development and what tooling and benefits you can expect.
A container platform for the banking industry - why, what & how
This talk is presented by Wiebe de Roos, an CI/CD Consultant and Engineer at ABN AMRO Bank.
Wiebe starts by sketching the scale of the project and their container journey. The different requirements are discussed and platform landscape was used. Next, he discusses what pipelines are used to provide the end-to-end CI/CD workflow.
He continues to explain what measure they have taken to adhere to the hard audit requirements in their regulated banking environment. Container security, compliancy, monitoring and logging and their solutions for these requirements are shown and explained.
This is an amazing talk, a definately must watch for anyone using Kubernetes in a regulated environment.
How to get hacked properly
This talk is presented by Julien Topcu, a member of OWASP.
Julien uses an example Spring Boot webapp to showcase a few common security issues. For each of the issue, he also presents and live codes the remediation. These exploits are all part of the OWASP top 10.
This is a nice talk to get an interesting overview of a few common security issues and their fixes in Spring Boot.
Scaling Sustainable Innovation through Team Autonomy
Tom Stoepkens from Bol.com gives this talk.
(Tech) Innovations should be used as a highly potent enabler for business goals. A common culture and goal is key to be able to use team autonomy. Tom provides an overview of how they automate and the technologies they use in his team. Next, he explains how testing helps with supporting sustainable innovation.
This talk provides an insight into how Bol.com and especially the team of Tom actually uses automation to allow their team to innovate quickly.
Better software, faster: principles of Continuous Delivery and DevOps
This talk is presented by Bert Jan Schrijver, the CTO of OpenValue.
He starts his talk be providing definitions for CI, the two types of CD and DevOps. Next, he dissects CD into the required components and explains how these can be fulfilled. He defines all the different components and what the ideal setup would look like.
It’s a nice overview of the requirements for a DevOps / CD organisation.
Broken Buildtools and Bad Behaviors; The Maven Story
We tend to keep doing things the same way because they were required in the past.
Eventually something breaks and we go to Stack Overflow or we ask our colleagues and we find a fix or workaround, but how long are we going to use this workaround?
These workarounds become a pattern and these patterns control people.
“Works on my machine” is mostly caused by local code changes, different OS, JDK, Maven, Files and/or Properties.
Maven manages files for your through the Local Repository. The local repository is a dependency cache without time-to-live and can be located at ${user.home}/.m2/repository.
The local repository of Maven is actually broken.
Maven 2 had a dumb cache, once something was downloaded it would stay there forever.
Maven 3 introduced cached artifacts that got verified for existence with _remote.repositories.
Artifacts that got deleted from Maven Central will be detected and fail your build.
The Maven repository has checksums, but they are not being checked by default.
You can enable this using -C for strict checksum checking causing a build failure or lax checksum checking using -c which will only warn for checksum mismatches.
Are you running mvn clean install by default?
You probably said “yes” like most developers.
This a workaround for Maven 2 which is no longer needed in Maven 3.
Dependency resolution in Maven 2 was broken. It was unaware of the reactor and dependencies had to exist in the local repository. Maven 3 is reactor aware meaning install is no longer required.
I/O is slow, so logging, files and downloading the internet with Maven is slow as well.
As logging is slow, you should aim for a clean Maven output.
So use your logging framework and do not use System.out or System.err.
Disable logging during testing (using loglevel=off) and in the extreme run Maven with -q and –quiet which will disable all output and just tell you when it’s done.
When you enable debugging on Maven you’ll notice your build time will increase even though nothing has changed.
As files are slow, we should not use mvn clean.
Most of the Maven plugins are aware if they must execute their task.
The Maven CI extension (stands for Maven clean install extension) which will register clean and install when you keep executing clean install, your build will eventually fail as this is a bad practice.
Properties resolution are mostly defined in your pom.xml, but also in your settings.xml and system properties.
By adding a parameter to mvn deploy -Dspring.version you can change your deployed Spring version.
This is however not limited to Spring.
You can also set this for the Java version, but please NEVER EVER do this.
Versions could also break your builds due to conflicts with branch merging.
You should isolate versions and make them unique.
Maven 3.5.0 introduces CI-friendly placeholders which allow you to use placeholders for revision, SHA1 and change list, but multi-modules require a hack to rewrite your pom.
To resolve this issue, there will be something new called maven.experimental.buildconsumer which will land in Maven 3.7.0 and it will require Java 8 or above.
Treat your pom as production code so remove dead code like unused dependencies, plugins, properties and reports.
Keep improving and locate and optimize time consuming processes, automate as much as possible and keep having fun.
Be like a responsible pilot and try to understand every plugin and think if you still need it. Stay curious and keep yourself informed. Watch out for questions with outdated answers (on Stack Overflow) and find information at the source.
Maven is up for grabs.
About 60~80% of Java project/developers use Maven.
About 95% (sub)projects have just ~5-10 active volunteers, there is no company behind this project.
If you feel like contributing to the Maven project check out Maven’s up for grabs.
Conclusion
One of the takeaways from this conference is that Kubernetes now is the de facto deployment platform for Java applications moving forward. During the conference a lot of tools, Jib popped up a few times, and integrations with IDEs have been showcased and every talk seems to assume that the deployment platform is Kubernetes.
Event-driven talks are also in a lift. There were quite a few talks about Kafka or talks about software that can integrate with Kafka.
Finally, the conference was a great success again. Ordina handed out tons of nachos, every attendee has caught up with the trends in our community and all vendors have been able to showcase their newest products.
See you next year, Devoxx people!
