Why PCF is the best platform for Spring Boot

1

Why PCF is the best platform for Spring Boot

2017-07-20 Toshiaki Maki (@making)

Who am I ?

2

Toshiaki Maki (@making) https://blog.ik.am Sr. Solutions Architect @Pivotal Japan Spring Framework 💖 Cloud Foundry 💖

Platform Spring Specific Comparison

3

AWS BeanStalk

Azure WebApps

Google AppEngine

Heroku OpenShift/k8s

PCF/ PWS

Spring Cloud Connector

Spring Cloud Connector Heroku

Spring Cloud Connector Cloud Foundry

Spring Boot Integration

* cloud profile * Apps Manager Spring Boot Actuator Support * Metric Forwarder

Spring Cloud Integration

Spring Cloud AWS

Spring Cloud GCP

* Spring Cloud Kubernetes * SCDF

* Spring Cloud Services * Trace Exporter * SCDF

Platform Spring Specific Comparison

3

AWS BeanStalk

Azure WebApps

Google AppEngine

Heroku OpenShift/k8s

PCF/ PWS

Spring Cloud Connector

Spring Cloud Connector Heroku

Spring Cloud Connector Cloud Foundry

Spring Boot Integration

* cloud profile * Apps Manager Spring Boot Actuator Support * Metric Forwarder

Spring Cloud Integration

Spring Cloud AWS

Spring Cloud GCP

* Spring Cloud Kubernetes * SCDF

* Spring Cloud Services * Trace Exporter * SCDF

Why PCF for Spring?

4

Why PCF for Spring?

4

Because Pivotal Cloud Foundry gives us a lot of out-of-the-box features to manage / operate Spring Boot apps

Why PCF for Spring?

4

Because Pivotal Cloud Foundry gives us a lot of out-of-the-box features to manage / operate Spring Boot apps

Why PCF for Spring?

4

Because Pivotal Cloud Foundry gives us a lot of out-of-the-box features to manage / operate Spring Boot apps

12 Factors Apps

Microservices

Security

Tracing

Metrics

Spring Support in PCF

5

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

Spring Support in PCF

6

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

"profile" in Spring

7

without PCF/PWS

myapp.foo=I am in local env.message=I am a default property.logging.level.com.example=DEBUG

myapp.foo=I am in AWS.message=I am a production propertylogging.level.com.example=INFO

application.properties

application-prod.properties

java -jar app.jar --spring.profiles.active=prod

cloud profile

8

with PCF/PWS

myapp.foo=I am in local env.message=I am a default property.logging.level.com.example=DEBUG

myapp.foo=I am in cloud foundry.message=I am a cloud property.logging.level.com.example=INFO

application.properties

application-cloud.properties

java -jar app.jar --spring.profiles.active=cloud

cloud profile

8

with PCF/PWS

myapp.foo=I am in local env.message=I am a default property.logging.level.com.example=DEBUG

myapp.foo=I am in cloud foundry.message=I am a cloud property.logging.level.com.example=INFO

application.properties

application-cloud.properties

java -jar app.jar --spring.profiles.active=cloud

cloud profile is set by java-buildpack

Spring Support in PCF

9

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

Attach backend services

10

without PCF/PWS

spring.datasource.url=real-db.example.comspring.datasource.username=real-db-userspring.datasource.password=readl-db-password

spring.rabbitmq.addresses=real-rabbit.example.comspring.rabbitmq.username=real-rabbit-userspring.rabbitmq.password=real-rabbit-passwordspring.rabbitmq.virtual-host=real-vhost

application-prod.properties

Attach backend services

11

without PCF/PWS

spring.datasource.url=${DB_URL}spring.datasource.username=${DB_USERNAME}spring.datasource.password=${DB_PASSWORD}

spring.rabbitmq.addresses=${RABBIT_URL}spring.rabbitmq.username=${RABBIT_USERNAME}spring.rabbitmq.password=${RABBIT_PASSWORD}spring.rabbitmq.virtual-host=${RABBIT_VHOST}

application-prod.properties

Attach backend services

11

without PCF/PWS

spring.datasource.url=${DB_URL}spring.datasource.username=${DB_USERNAME}spring.datasource.password=${DB_PASSWORD}

spring.rabbitmq.addresses=${RABBIT_URL}spring.rabbitmq.username=${RABBIT_USERNAME}spring.rabbitmq.password=${RABBIT_PASSWORD}spring.rabbitmq.virtual-host=${RABBIT_VHOST}

application-prod.properties

export DB_URL=real-db.example.comexport DB_USERNAME=real-db-userexport DB_PASSWORD=real-db-password...

Spring Cloud Connectors

12

with PCF/PWS

@Profile("cloud")public class CloudConfig extends AbstractCloudConfig { @Bean public DataSource dataSource() { return connectionFactory().dataSource(); } @Bean public ConnectionFactory rabbitConnectionFactory() { return connectionFactory().rabbitConnectionFactory(); }}

Spring Cloud Connectors

12

with PCF/PWS

@Profile("cloud")public class CloudConfig extends AbstractCloudConfig { @Bean public DataSource dataSource() { return connectionFactory().dataSource(); } @Bean public ConnectionFactory rabbitConnectionFactory() { return connectionFactory().rabbitConnectionFactory(); }}

cf bind-service myapp mydbcf bind-service myapp myrabbit

Spring Cloud Connectors

13

with PCF/PWS

<dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-spring-service-connector</artifactId></dependency><dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-cloudfoundry-connector</artifactId></dependency>

Spring Cloud Connectors

14

• RDB • RabbitMQ • Redis • MongoDB • SMTP • Spring Cloud Services (Config Server, Eureka, Hystrix

Dashboard) [1] • Vault [2] • ....

with PCF/PWS

[1] ... https://github.com/pivotal-cf/spring-cloud-services-connector [2] ... https://github.com/pivotal-cf/spring-cloud-vault-connector

⚠ Do NOT use default datasource

15

with PCF/PWS

https://discuss.pivotal.io/hc/en-us/articles/221898227-Connection-pool-warning-message-maxIdle-is-larger-than-maxActive-setting-maxIdle-to-4-seen-in-PCF-deployed-Spring-app

org.apache.tomcat.jdbc.pool.ConnectionPool WARNING maxIdle is larger than maxActive, setting maxIdle to: 4

⚠ Do NOT use default datasource

15

with PCF/PWS

https://discuss.pivotal.io/hc/en-us/articles/221898227-Connection-pool-warning-message-maxIdle-is-larger-than-maxActive-setting-maxIdle-to-4-seen-in-PCF-deployed-Spring-app

org.apache.tomcat.jdbc.pool.ConnectionPool WARNING maxIdle is larger than maxActive, setting maxIdle to: 4org.apache.tomcat.jdbc.pool.PoolExhaustedException: [...] Timeout: Pool empty. Unable to fetch a connection in 30 seconds, none available[size:4; busy:4; idle:0; lastwait:30000]

😱

⚠ Do NOT use default datasource

16

with PCF/PWS

@Profile("cloud")public class CloudConfig extends AbstractCloudConfig { @Bean public DataSource dataSource() { PooledServiceConnectorConfig.PoolConfig poolConfig = new PooledServiceConnectorConfig.PoolConfig( 5 /* min */, 30 /* max */, 3000 /* wait */); return connectionFactory() .dataSource(new DataSourceConfig(poolConfig, null)); }}

Spring Support in PCF

17

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

Microservices with Spring Cloud

18

without PCF/PWS

Spring Boot App

Spring Boot App

Service Registry (Eureka) Config ServerCircuit Breaker Dashboard

(Hystrix Dashboard)

You manage (deploy + security)

You manage (deploy + security)

You manage (deploy + security)

Spring Cloud Services

19

with PCF/PWS

Spring Boot App

Spring Boot App

Service Registry (Eureka) Config ServerCircuit Breaker Dashboard

(Hystrix Dashboard)

PCF manage (cf cs & cf bs)

PCF manage (cf cs & cf bs)

PCF manage (cf cs & cf bs)

19

UAA

Spring Support in PCF

20

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

Distributed Tracing with Zipkin

21

Spring Boot App

Spring Boot App

Spring Boot App

without PCF/PWS

Spring Boot App

Zipkin

You manage (deploy + security)

X-B3-SpaceId X-B3-TraceId

Distributed Tracing with Zipkin

22

spring.zipkin.url=my-zipkin.example.com

without PCF/PWS

Trace Exporter

23

Spring Boot App

Spring Boot App

PCF Metrics

with PCF/PWS

Trace Exporter

GoRouter

Spring Boot App

Spring Boot App

X-B3-SpaceId X-B3-TraceId

Trace Exporter

24

Trace Exporter

25

Spring Support in PCF

26

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

Spring Boot Actuator

27

Spring Boot Actuator

/health, /info, /loggers, /dump

Spring Boot Actuator

27

Spring Boot Actuator

/health, /info, /loggers, /dump

Secured by default since Spring Boot 1.5.

ROLE_ACTUATOR is required.

Secured by Default (since Spring Boot 1.5)

28

🔒

29

😛management.security.enabled=false

29

😛management.security.enabled=false

🙅

30

management.security.enabled=true

management.security.enabled=falseapplication.properties

application-cloud.properties

Many users say ...

31

Many users say ...

31

"Actuator is actually useful, but

it is not for production, right?"

Nooooooooooooooooo!!!!!

32

Nooooooooooooooooo!!!!!

32 http://docs.spring.io/spring-boot/docs/current/reference/html/production-ready.html

Secure with Spring Security

33

without PCF/PWS

@EnableWebSecurity@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)public class ActuatorSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.antMatcher("/admin/**").authorizedRequests() .anyRequest().hasRole("ACTUATOR") .and().httpBasic() .and().csrf().disable(); } // ...}

management.context-path=/admin

Spring Actuator Support in Apps Manager

34

Spring Boot Actuator

/cloudfoundryapplication/health, /cloudfoundryapplication/info, ...

Apps Manager

UAA

token

token

with PCF/PWS

Cloud Controller

tokenpermission

Spring Actuator Support in Apps Manager

35

Endpoint Description Supported Version/dump Get thread dump 🆕 1.11~/env Get env variables, properties/metrics Get application's metrics/health Get the result of health checks ✅ 1.9~/info Get build information ✅ 1.9~/loggers Change logging level ✅ 1.9~/trace Get request trace log 🆕 1.11~/heapdump Download heap dump 🆕 1.11~

Apps Manager

36

/health

37

/info

38

/loggers

39

/dump

40

/dump

41

/trace

42

/heapdump

43

/heapdump

44

/heapdump

45

/heapdump

46

Spring Support in PCF

47

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

Spring Actuator Support in Apps Manager

48

Endpoint Description Supported Version/dump Get thread dump 🆕 1.11~/env Get env variables, properties/metrics Get application's metrics/health Get the result of health checks ✅ 1.9~/info Get build information ✅ 1.9~/loggers Change logging level ✅ 1.9~/trace Get request trace log 🆕 1.11~/heapdump Download heap dump 🆕 1.11~

Spring Actuator Support in Apps Manager

48

Endpoint Description Supported Version/dump Get thread dump 🆕 1.11~/env Get env variables, properties/metrics Get application's metrics/health Get the result of health checks ✅ 1.9~/info Get build information ✅ 1.9~/loggers Change logging level ✅ 1.9~/trace Get request trace log 🆕 1.11~/heapdump Download heap dump 🆕 1.11~

Spring Boot Actuator Metrics

49

Spring Boot Actuator

/metrics

Spring Boot Actuator Metrics

49

Spring Boot Actuator

/metrics

Metrics Writer

Spring Boot Actuator Metrics

49

Spring Boot Actuator

/metrics

Metrics Writer TSDB or ...

Spring Boot Actuator Metrics

49

Spring Boot Actuator

/metrics

Redis, OpenTSDB, Statsd, JMX

Metrics Writer TSDB or ...

Spring Boot Actuator Metrics

49

Spring Boot Actuator

/metrics

send

Redis, OpenTSDB, Statsd, JMX

Metrics Writer TSDB or ...

Spring Boot Actuator Metrics

49

Spring Boot Actuator

/metrics

send

Redis, OpenTSDB, Statsd, JMX

Dashboard

Metrics Writer TSDB or ...

Spring Boot Actuator Metrics

49

Spring Boot Actuator

/metrics

send

Redis, OpenTSDB, Statsd, JMX

DashboardYou configure

Metrics Writer TSDB or ...

Metrics Writer

50

@Bean@ExportMetricWriterMetricWriter metricWriter(MetricExportProperties export){ return new RedisMetricRepository(connectionFactory, export.getRedis().getPrefix(), export.getRedis().getKey());}

docs.spring.io/spring-boot/docs/current/reference/html/production-ready-metrics.html#production-ready-metric-writers

without PCF/PWS

Metrics Forwarder Service

51

comes with java buildpack v3.18/4.2+

Enables Actuator's MetricsWriter to Metrics Forwarder Service automatically

https://github.com/cloudfoundry/java-buildpack-metric-writer

https://github.com/cloudfoundry/java-buildpack/blob/master/docs/framework-metric_writer.md

with PCF/PWS

Metrics Forwarder Service

52

Spring Boot Actuator

Metrics WriterJava

build

pac

k Metrics Forwarder

Service

bind TSDB

Dashboard

send

send

with PCF/PWS

Metrics Forwarder Service

53

cf bind-service myapp mf

cf cups mf -p '{"endpoint":"X","access_token":"X"}'

cf create-service metric-forwarder plan mf

OR

THEN

with PCF/PWS

DEMO Scenario

54

Spring Boot Actuator

Metrics WriterJava

build

pac

k Metrics Forwarder

Service

bind

Grafana

Prometheusscrape

send

works as * Metrics Forwarder Service * Service Broker * Prometheus Exporter

PromQL

55

Source code

56

https://github.com/making/prometheus-exporter-metrics-forwarder-service

Integration with PCF (Future)

57

Spring Boot Actuator

Metrics WriterJava

build

pac

k Metrics Forwarder

Service

bindPCF Metrics, Autoscalersend

send

will be provided as a "tile"

Recap

58

Why PCF is best platform for Spring ➡ a lot of out-of-the-box features

• cloud profile • Spring Cloud Connectors • Spring Cloud Services • Trace Exporter • Spring Actuator Support in Apps Manager • Metrics Forwarder Service

https://www.youtube.com/watch?v=9rPjLaOkEUo

59