Month: March 2020

In this blog, I will cover a quick introduction of TKG and a couple of use cases and real challenges which can be solved using this :

What is Tanzu Kubernetes Grid (TKG)?

Streamline operations across multi-cloud infrastructure.

https://tanzu.vmware.com/kubernetes-grid

• TKG is an enterprise Kubernetes Orchestration library to manage container and other Kubernetes cluster objects and lifecycle of K8s cluser of clusters .
• TKG uses latest Kubernetes upstream Cluster API which manages multiple K8s clusters lifecycle.
• It can spawn to multi nodes/VMs.
• Running K8s containers at scale in production – especially for mission critical workloads in day 2 operation- gets very complex.  Hard to manage a Kubernetes runtime consistently and securely, especially if you are running in multiple DCs / AZs on cloud.
• TKG provides enterprises with a consistent, upstream aligned, automated multi-cluster operations across SDDC, Public Cloud, and Edge environments that is ready for end-user workloads and ecosystem integrations.
• TKG does for Kubernetes what Kubernetes does for your containers.
• It provides integrations with public cloud like AWS and also open sources support:
  • Harbor – Image Registry
  • Concourse – CI/CD pipeline tool
  • Velero – K8s backup
  • Contour – K8s Ingress Controller
  • KubeAdm – Manage cluster lifecycle
  • dex – idP Authentication/ UAA
  • Sonobuoy – diagnostic tool
  • WaveFront (TO)
  • APMs- Prometheus with Grafana, Wavefront and other APM tools,ELK, FluentBit
  • Calico CNI with NSX-T for VM

TKG use cases

• Kubernetes Orchestration for multi-cloud and multi-clusters and manage life cycle of multiple clusters
• Platform Automation of managing cluster of K8s clusters
• High Availability, Auto-scalability
• Consistent Kubernetes across environments
• Kubernetes open source alone is not enough
• Day2 Operations Patching, Upgrade etc.
• Overhead of access, networking, security policies applied cluster-by-cluster
• Public cloud vendor lock-in
• Manual configuration and management, siloed by environment on-prem and public cloud
• On-prem management is critical

References

Ref Doc- https://docs.vmware.com/en/VMware-Tanzu-Kubernetes-Grid/index.html

In this blog, I will cover a quick introduction of TAC and a couple of use cases and real challenges which can be solved using this :

What is Tanzu Bitnami Application Catalogue (TAC)?

Curate a catalog of production-ready open-source software from the Bitnami collection.

https://tanzu.vmware.com/application-catalog

Bitnami Application Catalogue (TAC) is a secure, curated Kubernetes docker images for the popular APIs and libraries to build, run, manage and secure cloud native docker images. It does CVE, virus scanning and always keep secure updated golden images in it’s central SAAS repo. It’s builds. docker images based on OS for CI/CD deployment on Kubernenes.

Why Bitnami Tanzu Application Catalogue (TAC)?

Working with pre-packaged software, that impose security vulnerability, risk and challenges. Developers are sourcing containers from public Docker Hub that are out of date, vulnerable, insecure by default, or broken. Auditing, hardening, integrating, and making software ready for production is time consuming, difficult, and low value add from an organizational standpoint. It’s also frustrating to dev teams as software selection will be limited and forced to opt open source options.

TAC use Cases

• Keep images up to date with regular patching and updates
• Manage golden images privately on preferred OS
• Regular security scan for viruses and vulnerabilities
• Manage/sync images on their on-prem private image repository using Harbor
• Non-secure images
• No enterprise support for regular updates and security patching
• No virus and CVE scan and transparency of scan reports
• Hard to manage preferred OS based images and configuration

References

1. Available stacks – https://bitnami.com/stacks
2. How to start and use – https://docs.bitnami.com/tanzu-application-catalog/
3. FAQ- https://docs.bitnami.com/tanzu-application-catalog/faq/

Demo Video

I have posted this same blog on Dzone on July 2, 2018. This one is the latest version:

Transitioning/implementing to microservices creates significant challenges for organizations. I have identified these challenges and solution based on my exposure to microservices in production. 

These are the ten major real challenges of implementing microservices architecture and proposed solutions:

1. Data Synchronization (Consistency) — Event sourcing architecture can address this issue using the async messaging platform. The SAGA design pattern can address this challenge.

2. Security — An API Gateway can solve these challenges. There are many open source and enterprise APIs are available like Spring Cloud Gateway, Apigee, WSO2, Kong, Okta (2-step authentication) and public cloud offering from AWS, GCP and Azure etc. Custom solutions can also be developed for API security using JWT token, Spring Security, and Netflix OSS Zuul2.

3.  Services Communication — There are the different way to communicate microservices –
a. Point to point using API Gateway
b. Messaging event driven platform using Kafka and RabbitMQ
c. Service Mesh

4. Service Discovery — This will be addressed by open source Istio Service Mesh, API Gateway, Netflix Eureka APIs. It can also be done using Netflix Eureka at the code level. However, doing it in with the orchestration layer will be better and can be managed by these tools rather doing and maintaining it through code and configuration.

5. Data Staleness — The database should be always updated to give recent data. The API will fetch data from the recent and updated database. A timestamp entry can also be added with each record in the database to check and verify the recent data. Caching can be used and customized with an acceptable eviction policy based on business requirements.

6. Distributed Logging, Cyclic Dependencies of Services and Debugging — There are multiple solutions for this. Externalized logging can be used by pushing log messages to an async messaging platform like Kafka, Google PubSub, ELK etc. Also, a good number of APM tools available like WaveFront, DataDog, App Dynamics, AWS CloudWatch etc.

It’s difficult to identify issues between microservices when services are dependent on each other and they have a cyclic dependency. Correlation ID can be passed by the client in the header to REST APIs to track all the relevant logs across all the pods/Docker containers on all clusters.

7. Testing — This issue can be addressed with unit and integration testing by mocking microservices individually or integrated/dependent APIs which are not available for testing using WireMock, BDD, Cucumber, integration testing.

8. Monitoring & Performance — Monitoring can be done using open-source tools like Prometheus with Grafana APIs by creating gauges and matrices, GCP StackDriver, Kubernetes, Influx DB, combined with Grafana, Dynatrace, Amazon CloudWatch, VisualVM, jProfiler, YourToolKit, Graphite etc.

Tracing can be done by the latest Open tracing project or Uber’s open source Jaeger. It will trace all microservices communication and show request/response, errors on its dashboard. Open tracing , Jaeger are good APIs to trace API logs Many enterprise offerings are also available like Tanzu TSM etc.

9. DevOps Support — Microservices deployment and support-related challenges can be addressed using state-of-the-art CI/CD DevOps tools like Jenkin, Concourse (supports Yaml), Spinnaker is good for multi-cloud deployment. PAAS K8 based solutions TKG, OpenShift.

10. Fault Tolerance — Istio Service Mesh or Spring Hystrix can be used to break the circuit if there is no response from the dependent microservices for the given SLA/ETA and provide a mechanism to re-try and graceful shutdown services without any data loss.

In this blog, I will cover SpringBoot popularity for Microservices, use cases of SpringBoot Cloud Gateway, a couple of API use cases and real challenges of Microservices which can be solved using API Gateway.

SpringBoot first citizen for Microservices! Why?

Spring is the most popular Java framework on the market, around 60% enterprise applications run on Java, has good integration with almost all popular development libraries.Java EE is bulky and not suitable for Microservices. Different vendors are trying to run Java EE middleware in containers, but it is an anti pattern and difficult to maintain. Spring Boot Introduced in 2014 as part of Spring Framework is Micro-services ready and is the most popular  enterprise Java micro-services framework.

I am going to cover some of the SpringBoot and and SpringBoot Cloud Gateway use cases and what kind of real challenges it can solve:

SpringBoot Cloud Gateway use cases

• API Service discovery and routing
• A&A Security
• API Rate limiting for clients
• Impose common policies
• API Caching
• Control API traffic
• Circuit breaker and monitoring
• Path filtering
• API performance for redundant data request
• High cost and heavy H/W
• Throttling of APIs
• Loose security

SpringBoot Use Cases

• Increase developer productivity
• Manual, auto scheduled jobs/batches
• Security for Authorization & Authentication (A&A)
• REST API development
• Develop cloud native applications
• Microservices deployment on Kubernetes containers
• API health monitoring, capture and analyse telemetry data
• Prometheus, Grafana integration support for API performance, usage, SLA
• SQL Data JPA and Hibernate ORM for MySQL,PostGresSQL and Oracle JDBC
• Spring Templates for integration with Redis, RabbitMQ etc.
• API and second level Caching
• Spring Boot Kubernetes support
• Application logging by using messaging queue and log forwarder
• Faster REST API development
• Good integration with almost all popular libraries

Spring RunTime Enterprise Support- OpenJDK, Spring, Tomcat

VMware provides enterprises support requirements for Java, OpenJDK, and Tomcat Server and Oracle is now charging for JDK fixes. Spring Runtime provides support and signed binaries for OpenJDK, Tomcat, and Spring. Also it includes, VMware’s TC Server, a hardened, curated, and enterprise ready Tomcat installation.

It supports all these Spring 40+ APIs binaries:

Among the application frameworks, there is a clear winner, and it’s called Spring! Both Spring Boot (No. 1) and Spring Framework (No. 2) are well ahead of the competition – especially ahead of Jakarta EE.

Source: https://jaxenter.com/java-trends-top-10-frameworks-2020-168867.html

April 2020 Status of Spring downloads and Developrs

Evolution of Java Open Sources