webapp Docker Spring Boot

Distributing desktop webapps via Docker

Two weeks ago, we studied how to replace desktop Java apps with Java webapps. Now is the time to think about distributing such desktop webapps. The current trend now is to use Docker. I assume readers are at least familiar with the technology. The most straightforward way is to create a WAR and deliver it inside a Tomcat image. Another option is to create a fat JAR with Tomcat embedded as per the previous post, and run it inside a image with the JRE only. One of the deciding factors is the si

DevOps micrometer metrics Spring Boot

Metrics with Spring Boot 2.0 - Counters and gauges

Last week, I wrote about how one could migrate metrics from Spring Boot 1.5 to Spring Boot 2.0. This week, it’s time to check the different metrics available in Spring Boot 2.0 and how to create them. Meter There are 4 main types of metrics available: CounterGaugeTimerDistribution summary To keep the post readable in one piece, it will be limited to Counter and Gauge All metrics inherit from the base Meter class. A Meter provides basic measurement storage capabilities. As

DevOps metrics Spring Boot monitoring

Spring Boot 2.0 actuator change analysis

Some years ago, I discovered the Spring Boot actuator: Spring Boot includes a number of additional features to help you monitor and manage your application when it’s pushed to production. You can choose to manage and monitor your application using HTTP endpoints, with JMX or even by remote shell (SSH or Telnet). Auditing, health and metrics gathering can be automatically applied to your application. To sum it up, the actuator offers endpoints that allow monitoring of the application from

Java 9 Spring Boot modules Jigsaw

Migrating a Spring Boot application to Java 9 - Compatibility

With the coming of Java 9, there is a lot of buzz on how to migrate applications to use the module system. Unfortunately, most of the articles written focus on simple Hello world applications. Or worse, regarding Spring applications, the sample app uses legacy practices - like XML for example. This post aims to correct that by providing a step-to-step migration guide for a non-trivial modern Spring Boot application. The sample app chosen to do that is the Spring Pet clinic.

WAR JAR JavaEE Spring Boot archive

What archive format should you use, WAR or JAR?

Some time ago, RAM and disk space were scarce resources. At that time, the widespread strategy was to host different applications onto the same platform. That was the golden age of the application server. I wrote in an earlier post that the current tendency toward cheaper resources will make it obsolete, in the short or long term. However, a technology trend might bring it back in favor. Having an application server is good when infrastructure resources are expensive, and sharing them across ap

Spring Boot design

Fixing my own Spring Boot starter demo

Since one year or so, I try to show the developer community that there’s no magic involved in Spring Boot but rather just straightforward software engineering. This is achieved with blog posts and conference talks. At jDays, Stéphane Nicoll was nice enough to attend my talk and pointed out an issue in the code. I didn’t fix it then, and it came back to bite me last week during a Pivotal webinar. Since a lesson learned is only as useful as its audience, I’d like to share my mista

Spring MVC actuator Spring Boot

Fully configurable mappings for Spring MVC

As I wrote some weeks earlier, I’m trying to implement features of the Spring Boot actuator in a non-Boot Spring MVC applications. Developing the endpoints themselves is quite straightforward. Much more challenging, however, is to be able to configure the mapping in a properties file, like in the actuator. This got me to check more closely at how it was done in the current code. This post sums up my 'reverse-engineering' attempt around the subject. Standard MVC Usage In Spring MVC, in

JVM security JAR Spring Boot policy

Signing and verifying a standalone JAR

Last week, I wrote about the JVM policy file that explicitly lists allowed sensitive API calls when running the JVM in sandboxed mode. This week, I’d like to improve the security by signing the JAR. The nominal way This way doesn’t work. Readers more interested in the solution than the process should skip it. Create a keystore The initial step is to create a keystore if none is already available. There are plenty of online tutorials showing how to do that. keytool -genke

JVM security Spring Boot policy

Proposal for a Java policy files crafting process

I’ve already written about the JVM security manager, and why it should be used - despite it being rarely the case, if ever. However, just advocating for it won’t change the harsh reality unless some guidelines are provided to do so. This post has the ambition to be the basis of such guidelines. As a reminder, the JVM can run in two different modes, standard and sandboxed. In the former, all API are available with no restriction; in the later, some API calls deemed sensitive are forb

Elasticsearch metrics Spring Boot monitoring devops JMX jest jolokia

Feeding Spring Boot metrics to Elasticsearch

This week’s post aims to describe how to send JMX metrics taken from the JVM to an Elasticsearch instance. Business app requirements The business app(s) has some minor requirements. The easiest use-case is to start from a Spring Boot application. In order for metrics to be available, just add the Actuator dependency to it: <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-actuator</artifactId> </dependency&