Archives

Why we Should not blindly Trust in Microservices

Today, a great deal is written every week about microservices on the Internet. I myself think, that Microservices offer many advantages. And so also I build such kind of services in my own open source workflow engine project. But today I read an article about Microservices which contained a funny picture. The picture should underpin the advantages of separating functions into a microservice architecture with an almost non-existent centralized management. The picture looks something like this:

I asked myself: Which of the two diagrams appears to me, as a software architect, as the clearer one…?

Have we not worked out for years an architecture, that allows us to reduce complexity? With Java EE, which seems to be an synonym for the evil monolithic architecture, we have now a concept which allows us to combine and connect different components (services) in an easy way. And with Java EE application servers we have a professional platform to control all these kinds of services.

Of course, it is painful to learn all the concepts about EJBs, Transactions, JNDI Resources and Pool-Management. And yes, as a beginner you are confronted with all these concepts if you try to succeed with the Java EE platform. But after that, you have a highly scalable, easy to manage platform running your piece of software.

When I am reading all the adulation for having separated databases, with services implemented in different languages, connected to each other without explicit contracts, I’m pretty sure, that in the next few years we have a lot of work, to bring back systems to the left side of the image.

Eclipse: Avoid Validation of Maven /target Folders

In eclipse maven project it’s annoying that Eclipse IDE always validates all files from the /target/ folders – which makes no sense in any case.

To avoid this validation you can disable the specific validator in the workspace preferences. Go to validators and edit the XML and JSF Validator and add a ‘Exclude Group – Rule’ for the folder

/target

You can also exclude specific files. In my case I exclude the file

glassfish-application.xml

How to Setup a Private Docker Registry

In this short tutorial I will show how to setup a private Docker registry. A private registry can be helpful if you want to distribute docker images in a large developer team or provide docker images to your customers. The tutorial assumes that you have a server with a docker daemon running in your network environment or internet. The goal is to push locally build docker images to the docker registry, so that other team members or customers can pull those images without the need to build the images from a Docker file. In the Imixs-Workflow Project we use such a private registry to support our customers with custom docker images. Continue reading

Deploy Gitbucket on Wildfly

When trying to deploy the Gitbucket project into wildfly I go tthe following error message:

WARN [org.jboss.modules] (ServerService Thread Pool -- 81) Failed to define class liquibase.serializer.core.yaml.YamlSerializer$LiquibaseRepresenter in Module "deployment.gitbucket.war:main" from Service Module Loader: java.lang.NoClassDefFoundError: Failed to link liquibase/serializer/core/yaml/YamlSerializer$LiquibaseRepresenter (Module "deployment.gitbucket.war:main" from Service Module Loader): org/yaml/snakeyaml/representer/Representer ...

This is a known issue and discussed here.

You can fix it if you add the file ‘jboss-deployment-structure.xml’ into the WEB-INF/ folder with the following content:

<jboss-deployment-structure>
  <deployment>
    <dependencies>
      <system export="true">
        <paths>
          <path name="com/sun/net/ssl/internal/ssl" />
          <path name="com/sun/net/ssl" />
        </paths>
      </system>
      <!-- add snakeyaml dependency -->
      <module name="org.yaml.snakeyaml"/>
    </dependencies>
  </deployment>
</jboss-deployment-structure>

How to install:

The following is a short install guide how to modify the gitbucket.war downloaded form the project release page:

1.) Download latest version from release page:

wget https://github.com/gitbucket/gitbucket/releases/download/4.7.1/gitbucket.war

change the version if needed

2.) unzip the war file

unzip gitbucket.war -d tmp/gitbucket.war

3.) create the ‘jboss-deployment-structure.xml’ file and add the content as explained above. Than copy the file into the WEB-INF folder

cp jboss-deployment-structure.xml /tmp/gitbucket.war/WEB-INF/

4.) create the doDeploy file

touch tmp/gitbucket.war/gitbucket.war.dodeploy

5.) start deployment by moving the folder to the wildfly deploy directory

cd tmp/
mv gitbucket.war /opt/wildfly/standalone/deployments/

Install Script

You can use also my install script from here to install gitbucket on Wildfly 9.x & 10.x under Linux.

/bin/bash wildfly-install.sh [INSTALLDIR] [GITBUCKET-VERSION]

You can specify the install directory of your wilfly installation and the gitbucket version.

Example:

/bin/bash wildfly-install.sh [INSTALLDIR] [GITBUCKET-VERSION]

Note: The script must be run as root. The script assumes that wildfly is running with the user ‘wildfly’. You can change this in your script if needed.

Why we should secure Business Objects?

Most applications deal with security in a functional way. This means that a business application typically defines different functional roles which are mapped to different users. For example let’s look on a simple Ordering System. In an Ordering System we will have roles like

  • Order-Creator‘ – creating the order
  • Order-Approver‘ – validating and approving
  • Order-Executor‘ – execution

These roles are typical for such an business application and mostly tightly coupled to the corresponding business methods – e.g. createOrder(), approveOrder() and executeOrder(). This works well in a monolithic business application where we can control the security layers as also the business logic. But as more complex the business application becomes, also the enclosed security becomes more complicated. For modern application design in addition we often have to deal with external web services and business logic which need to be adapted easily to changing requirements. So this static security model leads into a hell of hard coded business rules or, what is worse, can no longer guarantee the security. Continue reading

Why it’s Better to Trust in Java EE?

These days it seems to me that everyone blabs about the blessing of microservices and the new architectural style. In most articles about the new glory architecture of microservices, it’s generally assumed, that Java EE is slow, dull and scales poorly. There seems to be a big misunderstanding about what Java EE really is. And I even assume that not many of the young believers in the new world of microservices have engaged much with the concepts of Java EE. I’m taking here three examples each developer is confronted with. And perhaps you will rethink of these scenarios in the light of Java EE. Continue reading

VirtualBox no longer running in Debian

Today I had a strange problem with virtualbox in Debian Jessie which was no longer running.  When I start a virtual machine I got the following error message

The VirtualBox Linux kernel driver (vboxdrv) is either not loaded or
there is a permission problem with /dev/vboxdrv. Please reinstall the
kernel module by executing

'/etc/init.d/vboxdrv setup'

But the problem was that the vboxdrv was not installed so I was unable to run that command. Alos reinstalling Virtualbox or the linux-headers did not solve the problem.

After all I found this discussion on stackoverflow.  I was able to solve the problem by installing a new version of Virtualbox from the backports by using the following command:

apt-get -t jessie-backports install virtualbox