SlideShare ist ein Scribd-Unternehmen logo

Profiling Java inside containers with ContainerJFR | DevNation Tech Talk

Red Hat Developers
Red Hat Developers

Annoyed by some bug in your Java application? Need to profile that performance bottleneck in your JVM? And all of this inside a container? Don't worry: we got you covered. Join this session to learn more about using JDK Flight Recorder (JFR) and JDK Mission Control (JMC) to troubleshoot, monitor, and profile Java applications. Also learn how to do all of this for Java applications inside containers, with ContainerJFR.

Technologie
1 von 23
Downloaden Sie, um offline zu lesen
V0000000 JDK Flight Recorder + OpenShift Introduction to ContainerJFR Andrew Azores Senior Software Engineer 1
V0000000 What we’ll discuss today Agenda 2 Java Profiling JDK Flight Recorder JDK Mission Control JFR in Containers ContainerJFR DEMO Security How to Set Up Your Applications
V0000000 3 A brief high-level overview of profiling and monitoring with Java and JVMs Java Profiling
V0000000 Overview 4 JVMs, being virtual machines, can provide a lot of information about what they, and your application, are doing at runtime, through various mechanisms: ▸ JMX and MXBeans ▸ JVM Agents ▸ Flight Recorder (open-sourced in 2018, previously commercial/proprietary)
V0000000 Examples of Metrics 5 Some examples of useful metrics that can be captured through any or all of these mechanisms: ▸ CPU load ▸ Memory usage ▸ Heap allocation ▸ Garbage Collection occurrences ▸ Garbage Collection pause times ▸ Thread states ▸ Disk or Network I/O ▸ And many more...
V0000000 6 Built-in framework in modern OpenJDKs to enable minimal-overhead diagnostic and profiling data about your JVM applications JDK Flight Recorder
V0000000 Flight Recorder vs MXBeans 7 What does Flight Recorder offer that MXBeans don’t? ▸ Inherent ability to persist to disk ▸ Circular buffer to limit data collected by age or buffer size ▸ JVM can perform a dump of buffer to disk on exit/crash ▸ Flight Recorder gathers data within the JVM itself, no JMX client connection required
V0000000 Flight Recorder vs Agents 8 What does Flight Recorder offer that Monitoring Agents don’t? ▸ Inherent ability to persist to disk, no need to roll your own ▸ Circular buffer to limit data collected by age or buffer size, no need to roll your own ▸ Built-in JFR events are implemented by the JVM itself, even in native code. May be difficult or impossible to get performance overhead so low with an Agent capturing equivalent data ▸ Flight Recorder is very stable as a core component of the JVM, removing risk of a bad Agent implementation causing instability ▸ Standardized and extremely efficient/compact binary representation of data
V0000000 Additional Features 9 JFR also offers many other great features: ▸ Present in all OpenJDKs 11+ (and more recent 8us) ▸ Simple API for applications to define custom event types at compile time and hook into the JFR infrastructure ・ Maintains the same great performance characteristics and minimal overhead of JFR ・ Allows events to be tailored to your specific application, ex. an event when a service request is received and an event when the response is written, or an event when a database connection is opened/closed, etc. ▸ Recordings can be configured to capture various different subsets of events, and enabling different recordings with (potentially overlapping) sets of events does not start a new thread or incur any other intrinsic overhead ・ Recordings can also be configured to only capture events with a duration above a certain threshold, or to only capture samples of an event at a specific rate, etc. ▸ Recordings can be configured with JVM flags to ensure that applications always have JFR enabled from startup to exit ▸ Recordings can be started/stopped at runtime over a JMX connection or using jcmd
V0000000 Desktop application for opening and analyzing Flight Recorder files, retrieving them from (local?) JVMs, and MXBean data 10 JDK Mission Control
V0000000 JDK Mission Control 11 JMC has tons of tools and features and is too large for the scope of this talk. In brief, it’s the go-to tool for analyzing Flight Recording files, and can also be used for starting and retrieving Flight Recordings.
V0000000 Mission Control to OpenShift 12 ▸ How do you connect JMC, a desktop application, to your JVM? ・ JMC can discover local JVMs, but what if your JVM is in a container? ・ What if that container is running inside a Pod in OpenShift? ▸ Route? ・ How do you configure a route for a JMX service URL (not HTTP)? ▸ NodePort? LoadBalancer? ExternalIP? ・ Is this convenient? Does it make sense to expose the application this way? ▸ IngressController! ・ This might work, but you need JMX over TLS+SNI and some more Ingress setup work
V0000000 How does an end user interact with JFR and consume Flight Recordings? How does this fit with containerization? 13 JFR in Containers
V0000000 JFR in Containers 14 Can we skip JMC for now and just use JFR directly with our containerized applications, then get that data into JMC directly later?
V0000000 JFR in Containers 15 ▸ JFR can dump to a file ・ But that’s to the container’s local filesystem - how do we get the file out? ▸ JFR can be configured with flags at startup time ・ What if you want to change configuration later after noticing a performance degradation? Do a rolling replacement of all replicas just to change recording settings? Can you still capture the performance degradation details after this? ▸ JMX can start and retrieve recordings! ・ We’re back to Routes/NodePorts/ExternalIPs/IngressControllers to get a JMX connection to the application
V0000000 ContainerJFR is a bridge between yourself and your JVM applications in the cloud 16 ContainerJFR
V0000000 Container-Native Runs as a “sidecar” pod alongside your application Uses JMX from within the Namespace Allows start/stop/retrieval of recordings at runtime Routable HTTPS API Exposes an API with cluster auth to export recordings Online Analysis Provides web-based tools for basic analysis in-cluster ContainerJFR How does ContainerJFR address these challenges? 17
V0000000 18 Demo Time
V0000000 How ContainerJFR keeps your recordings and application data safe 19 Safety & Security
V0000000 Safety & Security How does ContainerJFR keep application data safe and secure? 20 No agent, no library to bake-in to your application. Only standard JMX must be enabled on your application via JVM flags - no recompile or attachment. Non-Interference SSL/TLS over JMX is supported and HTTPS is enabled by default. Encrypted Users must authenticate to both the cluster and the target before accessing data or performing actions. Multiple Factor Authentication
V0000000 The few small steps needed to allow your applications to talk to ContainerJFR 21 Configuring Your Applications
V0000000 Configuring Your Applications How to Set Up Your Application for ContainerJFR 22 Just add some JVM flags to your application’s entrypoint script or command arguments. An example: ▸ -Dcom.sun.management.jmxremote.port=9091 # listen on port 9091, or any number if the port is named “jfr-jmx” ▸ -Dcom.sun.management.jmxremote.rmi.port=9091 ▸ -Dcom.sun.management.jmxremote.authenticate=true # enable JMX authentication ▸ -Dcom.sun.management.jmxremote.password.file=/app/resources/jmxremote.password # define users for JMX auth ▸ -Dcom.sun.management.jmxremote.access.file=/app/resources/jmxremote.access # set permissions for JMX users ▸ -Dcom.sun.management.jmxremote.ssl=true # enable JMX SSL ▸ -Dcom.sun.management.jmxremote.registry.ssl=true ▸ -Djavax.net.ssl.keyStore=/app/resources/keystore # set your SSL keystore ▸ -Djavax.net.ssl.keyStorePassword=somePassword # set your SSL keystore password JMX authentication and SSL are technically optional, but in any production deployment these should be enabled. After enabling SSL for your application’s JMX server, copy or POST your certificate to ContainerJFR’s truststore so that ContainerJFR trusts the connection.
V0000000 linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you 23

Empfohlen

To the moon and beyond with Java 17 APIs! | DevNation Tech Talk
To the moon and beyond with Java 17 APIs! | DevNation Tech TalkTo the moon and beyond with Java 17 APIs! | DevNation Tech Talk
To the moon and beyond with Java 17 APIs! | DevNation Tech Talk
Red Hat Developers
 
Building streaming applications using a managed Kafka service | DevNation Tec...
Building streaming applications using a managed Kafka service | DevNation Tec...Building streaming applications using a managed Kafka service | DevNation Tec...
Building streaming applications using a managed Kafka service | DevNation Tec...
Red Hat Developers
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
Red Hat Developers
 
Operatorhub.io and your Kubernetes cluster | DevNation Tech Talk
Operatorhub.io and your Kubernetes cluster | DevNation Tech TalkOperatorhub.io and your Kubernetes cluster | DevNation Tech Talk
Operatorhub.io and your Kubernetes cluster | DevNation Tech Talk
Red Hat Developers
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Red Hat Developers
 
Developer Intro to OpenShift
Developer Intro to OpenShiftDeveloper Intro to OpenShift
Developer Intro to OpenShift
Tiera Fann, MBA
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
Red Hat Developers
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gateway
ChengHui Weng
 

Empfohlen

To the moon and beyond with Java 17 APIs! | DevNation Tech Talk
To the moon and beyond with Java 17 APIs! | DevNation Tech TalkTo the moon and beyond with Java 17 APIs! | DevNation Tech Talk
To the moon and beyond with Java 17 APIs! | DevNation Tech Talk
Red Hat Developers
 
Building streaming applications using a managed Kafka service | DevNation Tec...
Building streaming applications using a managed Kafka service | DevNation Tec...Building streaming applications using a managed Kafka service | DevNation Tec...
Building streaming applications using a managed Kafka service | DevNation Tec...
Red Hat Developers
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
Red Hat Developers
 
Operatorhub.io and your Kubernetes cluster | DevNation Tech Talk
Operatorhub.io and your Kubernetes cluster | DevNation Tech TalkOperatorhub.io and your Kubernetes cluster | DevNation Tech Talk
Operatorhub.io and your Kubernetes cluster | DevNation Tech Talk
Red Hat Developers
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Red Hat Developers
 
Developer Intro to OpenShift
Developer Intro to OpenShiftDeveloper Intro to OpenShift
Developer Intro to OpenShift
Tiera Fann, MBA
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
Red Hat Developers
 
Gatekeeper: API gateway
Gatekeeper: API gatewayGatekeeper: API gateway
Gatekeeper: API gateway
ChengHui Weng
 
Kubernetes: The evolution of distributed systems | DevNation Tech Talk
Kubernetes: The evolution of distributed systems | DevNation Tech TalkKubernetes: The evolution of distributed systems | DevNation Tech Talk
Kubernetes: The evolution of distributed systems | DevNation Tech Talk
Red Hat Developers
 
Running I/O intensive workloads on Kubernetes, by Nati Shalom
Running I/O intensive workloads on Kubernetes, by Nati ShalomRunning I/O intensive workloads on Kubernetes, by Nati Shalom
Running I/O intensive workloads on Kubernetes, by Nati Shalom
Cloud Native Day Tel Aviv
 
WTF Do We Need a Service Mesh?
WTF Do We Need a Service Mesh? WTF Do We Need a Service Mesh?
WTF Do We Need a Service Mesh?
Anton Weiss
 
Monoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring BootMonoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring Boot
Tiera Fann, MBA
 
Kubernetes debug like a pro
Kubernetes debug like a proKubernetes debug like a pro
Kubernetes debug like a pro
Gianluca Arbezzano
 
Container Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor SalcedaContainer Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor Salceda
Cloud Native Day Tel Aviv
 
Moving existing apps to the cloud
Moving existing apps to the cloud Moving existing apps to the cloud
Moving existing apps to the cloud
Tiera Fann, MBA
 
Kubernetes Logging
Kubernetes LoggingKubernetes Logging
Kubernetes Logging
Denys Havrysh
 
Serverless stream processing of Debezium data change events with Knative | De...
Serverless stream processing of Debezium data change events with Knative | De...Serverless stream processing of Debezium data change events with Knative | De...
Serverless stream processing of Debezium data change events with Knative | De...
Red Hat Developers
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Improving security with Istio | DevNation Tech Talk
Improving security with Istio | DevNation Tech TalkImproving security with Istio | DevNation Tech Talk
Improving security with Istio | DevNation Tech Talk
Red Hat Developers
 
Zero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with KubernetesZero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with Kubernetes
Wojciech Barczyński
 
Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s
QAware GmbH
 
Kubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" ApproachKubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" Approach
Rodrigo Reis
 
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPFCilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Docker, Inc.
 
Go for Operations
Go for OperationsGo for Operations
Go for Operations
QAware GmbH
 
MongoDB.local DC 2018: MongoDB Ops Manager + Kubernetes
MongoDB.local DC 2018: MongoDB Ops Manager + KubernetesMongoDB.local DC 2018: MongoDB Ops Manager + Kubernetes
MongoDB.local DC 2018: MongoDB Ops Manager + Kubernetes
MongoDB
 
Cloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaCCloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaC
smalltown
 
KubeCon EU 2016 Keynote: Pushing Kubernetes Forward
KubeCon EU 2016 Keynote: Pushing Kubernetes ForwardKubeCon EU 2016 Keynote: Pushing Kubernetes Forward
KubeCon EU 2016 Keynote: Pushing Kubernetes Forward
KubeAcademy
 
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Red Hat Developers
 
OpenShift Taiwan Vol.1 Technology Overview
OpenShift Taiwan Vol.1 Technology OverviewOpenShift Taiwan Vol.1 Technology Overview
OpenShift Taiwan Vol.1 Technology Overview
Jason Peng
 
Cloud-based performance testing
Cloud-based performance testingCloud-based performance testing
Cloud-based performance testing
abhinavm
 

Weitere ähnliche Inhalte

Was ist angesagt?

Kubernetes: The evolution of distributed systems | DevNation Tech Talk
Kubernetes: The evolution of distributed systems | DevNation Tech TalkKubernetes: The evolution of distributed systems | DevNation Tech Talk
Kubernetes: The evolution of distributed systems | DevNation Tech Talk
Red Hat Developers
 
Kubernetes debug like a pro
Kubernetes debug like a proKubernetes debug like a pro
Kubernetes debug like a pro
Gianluca Arbezzano
 
Serverless stream processing of Debezium data change events with Knative | De...
Serverless stream processing of Debezium data change events with Knative | De...Serverless stream processing of Debezium data change events with Knative | De...
Serverless stream processing of Debezium data change events with Knative | De...
Red Hat Developers
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s
QAware GmbH
 
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPFCilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Docker, Inc.
 
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Red Hat Developers
 

Was ist angesagt? (20)

Kubernetes: The evolution of distributed systems | DevNation Tech Talk
Kubernetes: The evolution of distributed systems | DevNation Tech TalkKubernetes: The evolution of distributed systems | DevNation Tech Talk
Kubernetes: The evolution of distributed systems | DevNation Tech Talk
 
Running I/O intensive workloads on Kubernetes, by Nati Shalom
Running I/O intensive workloads on Kubernetes, by Nati ShalomRunning I/O intensive workloads on Kubernetes, by Nati Shalom
Running I/O intensive workloads on Kubernetes, by Nati Shalom
 
WTF Do We Need a Service Mesh?
WTF Do We Need a Service Mesh? WTF Do We Need a Service Mesh?
WTF Do We Need a Service Mesh?
 
Monoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring BootMonoliths to Microservices with Jave EE and Spring Boot
Monoliths to Microservices with Jave EE and Spring Boot
 
Kubernetes debug like a pro
Kubernetes debug like a proKubernetes debug like a pro
Kubernetes debug like a pro
 
Container Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor SalcedaContainer Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor Salceda
 
Moving existing apps to the cloud
Moving existing apps to the cloud Moving existing apps to the cloud
Moving existing apps to the cloud
 
Kubernetes Logging
Kubernetes LoggingKubernetes Logging
Kubernetes Logging
 
Serverless stream processing of Debezium data change events with Knative | De...
Serverless stream processing of Debezium data change events with Knative | De...Serverless stream processing of Debezium data change events with Knative | De...
Serverless stream processing of Debezium data change events with Knative | De...
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
 
Improving security with Istio | DevNation Tech Talk
Improving security with Istio | DevNation Tech TalkImproving security with Istio | DevNation Tech Talk
Improving security with Istio | DevNation Tech Talk
 
Zero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with KubernetesZero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with Kubernetes
 
Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s
 
Kubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" ApproachKubernetes Deployments: A "Hands-off" Approach
Kubernetes Deployments: A "Hands-off" Approach
 
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPFCilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
Cilium: Kernel Native Security & DDOS Mitigation for Microservices with BPF
 
Go for Operations
Go for OperationsGo for Operations
Go for Operations
 
MongoDB.local DC 2018: MongoDB Ops Manager + Kubernetes
MongoDB.local DC 2018: MongoDB Ops Manager + KubernetesMongoDB.local DC 2018: MongoDB Ops Manager + Kubernetes
MongoDB.local DC 2018: MongoDB Ops Manager + Kubernetes
 
Cloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaCCloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaC
 
KubeCon EU 2016 Keynote: Pushing Kubernetes Forward
KubeCon EU 2016 Keynote: Pushing Kubernetes ForwardKubeCon EU 2016 Keynote: Pushing Kubernetes Forward
KubeCon EU 2016 Keynote: Pushing Kubernetes Forward
 
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
Friends don't let friends do dual writes: Outbox pattern with OpenShift Strea...
 

Ähnlich wie Profiling Java inside containers with ContainerJFR | DevNation Tech Talk

Test Strategy For Future Cloud Architecture
Test Strategy For Future Cloud ArchitectureTest Strategy For Future Cloud Architecture
Test Strategy For Future Cloud Architecture
MaheshShri1
 
WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...
WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...
WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...
Jeffrey West
 
"Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?""Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?"
Volker Linz
 
GemFire In Memory Data Grid
GemFire In Memory Data GridGemFire In Memory Data Grid
GemFire In Memory Data Grid
Dmitry Buzdin
 
WebSphere Technical University: Top WebSphere Problem Determination Features
WebSphere Technical University: Top WebSphere Problem Determination FeaturesWebSphere Technical University: Top WebSphere Problem Determination Features
WebSphere Technical University: Top WebSphere Problem Determination Features
Chris Bailey
 
Autopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native StorageAutopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native Storage
SF Bay Cloud Native Open Infra Meetup
 

Ähnlich wie Profiling Java inside containers with ContainerJFR | DevNation Tech Talk (20)

OpenShift Taiwan Vol.1 Technology Overview
OpenShift Taiwan Vol.1 Technology OverviewOpenShift Taiwan Vol.1 Technology Overview
OpenShift Taiwan Vol.1 Technology Overview
 
Cloud-based performance testing
Cloud-based performance testingCloud-based performance testing
Cloud-based performance testing
 
Test Strategy For Future Cloud Architecture
Test Strategy For Future Cloud ArchitectureTest Strategy For Future Cloud Architecture
Test Strategy For Future Cloud Architecture
 
Splunk Conf 2014 - Splunking the Java Virtual Machine
Splunk Conf 2014 - Splunking the Java Virtual MachineSplunk Conf 2014 - Splunking the Java Virtual Machine
Splunk Conf 2014 - Splunking the Java Virtual Machine
 
Provisioning the IoT
Provisioning the IoTProvisioning the IoT
Provisioning the IoT
 
WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...
WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...
WebLogic Developer Webcast 5: Troubleshooting and Testing with WebLogic, Soap...
 
V mware v fabric 5 - what's new technical sales training presentation
V mware v fabric 5 - what's new technical sales training presentationV mware v fabric 5 - what's new technical sales training presentation
V mware v fabric 5 - what's new technical sales training presentation
 
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
VMworld 2013: How to Exchange Status Message Between Guest and Host Using RPC
 
Java Development on Bluemix
Java Development on BluemixJava Development on Bluemix
Java Development on Bluemix
 
Deltacloud API
Deltacloud APIDeltacloud API
Deltacloud API
 
"Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?""Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?"
 
ECI OpenFlow 2.0 the Future of SDN
ECI OpenFlow 2.0 the Future of SDN ECI OpenFlow 2.0 the Future of SDN
ECI OpenFlow 2.0 the Future of SDN
 
WSI35 - WebSphere Extreme Scale Customer Scenarios and Use Cases
WSI35 - WebSphere Extreme Scale Customer Scenarios and Use CasesWSI35 - WebSphere Extreme Scale Customer Scenarios and Use Cases
WSI35 - WebSphere Extreme Scale Customer Scenarios and Use Cases
 
Cloudfoundry Introduction
Cloudfoundry IntroductionCloudfoundry Introduction
Cloudfoundry Introduction
 
NZS-4409 - Enterprise Java Monitoring on zOS Discover, Alert, Optimize
NZS-4409 - Enterprise Java Monitoring on zOS Discover, Alert, OptimizeNZS-4409 - Enterprise Java Monitoring on zOS Discover, Alert, Optimize
NZS-4409 - Enterprise Java Monitoring on zOS Discover, Alert, Optimize
 
GemFire In Memory Data Grid
GemFire In Memory Data GridGemFire In Memory Data Grid
GemFire In Memory Data Grid
 
WebSphere Technical University: Top WebSphere Problem Determination Features
WebSphere Technical University: Top WebSphere Problem Determination FeaturesWebSphere Technical University: Top WebSphere Problem Determination Features
WebSphere Technical University: Top WebSphere Problem Determination Features
 
IBM Monitoring and Diagnostics Tools - Health Center 3.0.2
IBM Monitoring and Diagnostics Tools - Health Center 3.0.2IBM Monitoring and Diagnostics Tools - Health Center 3.0.2
IBM Monitoring and Diagnostics Tools - Health Center 3.0.2
 
Autopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native StorageAutopilot : Securing Cloud Native Storage
Autopilot : Securing Cloud Native Storage
 
WLS
WLSWLS
WLS
 

Mehr von Red Hat Developers

DevNation Tech Talk: Getting GitOps
DevNation Tech Talk: Getting GitOpsDevNation Tech Talk: Getting GitOps
DevNation Tech Talk: Getting GitOps
Red Hat Developers
 
GitHub Makeover | DevNation Tech Talk
GitHub Makeover | DevNation Tech TalkGitHub Makeover | DevNation Tech Talk
GitHub Makeover | DevNation Tech Talk
Red Hat Developers
 
Integrating Loom in Quarkus | DevNation Tech Talk
Integrating Loom in Quarkus | DevNation Tech TalkIntegrating Loom in Quarkus | DevNation Tech Talk
Integrating Loom in Quarkus | DevNation Tech Talk
Red Hat Developers
 
DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...
DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...
DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...
Red Hat Developers
 
A Microservices approach with Cassandra and Quarkus | DevNation Tech Talk
A Microservices approach with Cassandra and Quarkus | DevNation Tech TalkA Microservices approach with Cassandra and Quarkus | DevNation Tech Talk
A Microservices approach with Cassandra and Quarkus | DevNation Tech Talk
Red Hat Developers
 
Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...
Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...
Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...
Red Hat Developers
 
Kubernetes configuration and security policies with KubeLinter | DevNation Te...
Kubernetes configuration and security policies with KubeLinter | DevNation Te...Kubernetes configuration and security policies with KubeLinter | DevNation Te...
Kubernetes configuration and security policies with KubeLinter | DevNation Te...
Red Hat Developers
 
Level-up your gaming telemetry using Kafka Streams | DevNation Tech Talk
Level-up your gaming telemetry using Kafka Streams | DevNation Tech TalkLevel-up your gaming telemetry using Kafka Streams | DevNation Tech Talk
Level-up your gaming telemetry using Kafka Streams | DevNation Tech Talk
Red Hat Developers
 

Mehr von Red Hat Developers (20)

DevNation Tech Talk: Getting GitOps
DevNation Tech Talk: Getting GitOpsDevNation Tech Talk: Getting GitOps
DevNation Tech Talk: Getting GitOps
 
Exploring the power of OpenTelemetry on Kubernetes
Exploring the power of OpenTelemetry on KubernetesExploring the power of OpenTelemetry on Kubernetes
Exploring the power of OpenTelemetry on Kubernetes
 
GitHub Makeover | DevNation Tech Talk
GitHub Makeover | DevNation Tech TalkGitHub Makeover | DevNation Tech Talk
GitHub Makeover | DevNation Tech Talk
 
Quinoa: A modern Quarkus UI with no hassles | DevNation tech Talk
Quinoa: A modern Quarkus UI with no hassles | DevNation tech TalkQuinoa: A modern Quarkus UI with no hassles | DevNation tech Talk
Quinoa: A modern Quarkus UI with no hassles | DevNation tech Talk
 
Extra micrometer practices with Quarkus | DevNation Tech Talk
Extra micrometer practices with Quarkus | DevNation Tech TalkExtra micrometer practices with Quarkus | DevNation Tech Talk
Extra micrometer practices with Quarkus | DevNation Tech Talk
 
Event-driven autoscaling through KEDA and Knative Integration | DevNation Tec...
Event-driven autoscaling through KEDA and Knative Integration | DevNation Tec...Event-driven autoscaling through KEDA and Knative Integration | DevNation Tec...
Event-driven autoscaling through KEDA and Knative Integration | DevNation Tec...
 
Integrating Loom in Quarkus | DevNation Tech Talk
Integrating Loom in Quarkus | DevNation Tech TalkIntegrating Loom in Quarkus | DevNation Tech Talk
Integrating Loom in Quarkus | DevNation Tech Talk
 
Quarkus Renarde 🦊♥: an old-school Web framework with today's touch | DevNatio...
Quarkus Renarde 🦊♥: an old-school Web framework with today's touch | DevNatio...Quarkus Renarde 🦊♥: an old-school Web framework with today's touch | DevNatio...
Quarkus Renarde 🦊♥: an old-school Web framework with today's touch | DevNatio...
 
Containers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkContainers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech Talk
 
Distributed deployment of microservices across multiple OpenShift clusters | ...
Distributed deployment of microservices across multiple OpenShift clusters | ...Distributed deployment of microservices across multiple OpenShift clusters | ...
Distributed deployment of microservices across multiple OpenShift clusters | ...
 
DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...
DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...
DevNation Workshop: Object detection with Red Hat OpenShift Data Science [Mar...
 
Dear security, compliance, and auditing: We’re sorry. Love, DevOps | DevNatio...
Dear security, compliance, and auditing: We’re sorry. Love, DevOps | DevNatio...Dear security, compliance, and auditing: We’re sorry. Love, DevOps | DevNatio...
Dear security, compliance, and auditing: We’re sorry. Love, DevOps | DevNatio...
 
11 CLI tools every developer should know | DevNation Tech Talk
11 CLI tools every developer should know | DevNation Tech Talk11 CLI tools every developer should know | DevNation Tech Talk
11 CLI tools every developer should know | DevNation Tech Talk
 
A Microservices approach with Cassandra and Quarkus | DevNation Tech Talk
A Microservices approach with Cassandra and Quarkus | DevNation Tech TalkA Microservices approach with Cassandra and Quarkus | DevNation Tech Talk
A Microservices approach with Cassandra and Quarkus | DevNation Tech Talk
 
GitHub Actions and OpenShift: ​​Supercharging your software development loops...
GitHub Actions and OpenShift: ​​Supercharging your software development loops...GitHub Actions and OpenShift: ​​Supercharging your software development loops...
GitHub Actions and OpenShift: ​​Supercharging your software development loops...
 
Profile your Java apps in production on Red Hat OpenShift with Cryostat | Dev...
Profile your Java apps in production on Red Hat OpenShift with Cryostat | Dev...Profile your Java apps in production on Red Hat OpenShift with Cryostat | Dev...
Profile your Java apps in production on Red Hat OpenShift with Cryostat | Dev...
 
Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...
Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...
Kafka at the Edge: an IoT scenario with OpenShift Streams for Apache Kafka | ...
 
Kubernetes configuration and security policies with KubeLinter | DevNation Te...
Kubernetes configuration and security policies with KubeLinter | DevNation Te...Kubernetes configuration and security policies with KubeLinter | DevNation Te...
Kubernetes configuration and security policies with KubeLinter | DevNation Te...
 
Level-up your gaming telemetry using Kafka Streams | DevNation Tech Talk
Level-up your gaming telemetry using Kafka Streams | DevNation Tech TalkLevel-up your gaming telemetry using Kafka Streams | DevNation Tech Talk
Level-up your gaming telemetry using Kafka Streams | DevNation Tech Talk
 
Know your app: Add metrics to Java with Micrometer | DevNation Tech Talk
Know your app: Add metrics to Java with Micrometer | DevNation Tech TalkKnow your app: Add metrics to Java with Micrometer | DevNation Tech Talk
Know your app: Add metrics to Java with Micrometer | DevNation Tech Talk
 

Kürzlich hochgeladen

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Kürzlich hochgeladen (20)

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 

Profiling Java inside containers with ContainerJFR | DevNation Tech Talk

  • 1. V0000000 JDK Flight Recorder + OpenShift Introduction to ContainerJFR Andrew Azores Senior Software Engineer 1
  • 2. V0000000 What we’ll discuss today Agenda 2 Java Profiling JDK Flight Recorder JDK Mission Control JFR in Containers ContainerJFR DEMO Security How to Set Up Your Applications
  • 3. V0000000 3 A brief high-level overview of profiling and monitoring with Java and JVMs Java Profiling
  • 4. V0000000 Overview 4 JVMs, being virtual machines, can provide a lot of information about what they, and your application, are doing at runtime, through various mechanisms: ▸ JMX and MXBeans ▸ JVM Agents ▸ Flight Recorder (open-sourced in 2018, previously commercial/proprietary)
  • 5. V0000000 Examples of Metrics 5 Some examples of useful metrics that can be captured through any or all of these mechanisms: ▸ CPU load ▸ Memory usage ▸ Heap allocation ▸ Garbage Collection occurrences ▸ Garbage Collection pause times ▸ Thread states ▸ Disk or Network I/O ▸ And many more...
  • 6. V0000000 6 Built-in framework in modern OpenJDKs to enable minimal-overhead diagnostic and profiling data about your JVM applications JDK Flight Recorder
  • 7. V0000000 Flight Recorder vs MXBeans 7 What does Flight Recorder offer that MXBeans don’t? ▸ Inherent ability to persist to disk ▸ Circular buffer to limit data collected by age or buffer size ▸ JVM can perform a dump of buffer to disk on exit/crash ▸ Flight Recorder gathers data within the JVM itself, no JMX client connection required
  • 8. V0000000 Flight Recorder vs Agents 8 What does Flight Recorder offer that Monitoring Agents don’t? ▸ Inherent ability to persist to disk, no need to roll your own ▸ Circular buffer to limit data collected by age or buffer size, no need to roll your own ▸ Built-in JFR events are implemented by the JVM itself, even in native code. May be difficult or impossible to get performance overhead so low with an Agent capturing equivalent data ▸ Flight Recorder is very stable as a core component of the JVM, removing risk of a bad Agent implementation causing instability ▸ Standardized and extremely efficient/compact binary representation of data
  • 9. V0000000 Additional Features 9 JFR also offers many other great features: ▸ Present in all OpenJDKs 11+ (and more recent 8us) ▸ Simple API for applications to define custom event types at compile time and hook into the JFR infrastructure ・ Maintains the same great performance characteristics and minimal overhead of JFR ・ Allows events to be tailored to your specific application, ex. an event when a service request is received and an event when the response is written, or an event when a database connection is opened/closed, etc. ▸ Recordings can be configured to capture various different subsets of events, and enabling different recordings with (potentially overlapping) sets of events does not start a new thread or incur any other intrinsic overhead ・ Recordings can also be configured to only capture events with a duration above a certain threshold, or to only capture samples of an event at a specific rate, etc. ▸ Recordings can be configured with JVM flags to ensure that applications always have JFR enabled from startup to exit ▸ Recordings can be started/stopped at runtime over a JMX connection or using jcmd
  • 10. V0000000 Desktop application for opening and analyzing Flight Recorder files, retrieving them from (local?) JVMs, and MXBean data 10 JDK Mission Control
  • 11. V0000000 JDK Mission Control 11 JMC has tons of tools and features and is too large for the scope of this talk. In brief, it’s the go-to tool for analyzing Flight Recording files, and can also be used for starting and retrieving Flight Recordings.
  • 12. V0000000 Mission Control to OpenShift 12 ▸ How do you connect JMC, a desktop application, to your JVM? ・ JMC can discover local JVMs, but what if your JVM is in a container? ・ What if that container is running inside a Pod in OpenShift? ▸ Route? ・ How do you configure a route for a JMX service URL (not HTTP)? ▸ NodePort? LoadBalancer? ExternalIP? ・ Is this convenient? Does it make sense to expose the application this way? ▸ IngressController! ・ This might work, but you need JMX over TLS+SNI and some more Ingress setup work
  • 13. V0000000 How does an end user interact with JFR and consume Flight Recordings? How does this fit with containerization? 13 JFR in Containers
  • 14. V0000000 JFR in Containers 14 Can we skip JMC for now and just use JFR directly with our containerized applications, then get that data into JMC directly later?
  • 15. V0000000 JFR in Containers 15 ▸ JFR can dump to a file ・ But that’s to the container’s local filesystem - how do we get the file out? ▸ JFR can be configured with flags at startup time ・ What if you want to change configuration later after noticing a performance degradation? Do a rolling replacement of all replicas just to change recording settings? Can you still capture the performance degradation details after this? ▸ JMX can start and retrieve recordings! ・ We’re back to Routes/NodePorts/ExternalIPs/IngressControllers to get a JMX connection to the application
  • 16. V0000000 ContainerJFR is a bridge between yourself and your JVM applications in the cloud 16 ContainerJFR
  • 17. V0000000 Container-Native Runs as a “sidecar” pod alongside your application Uses JMX from within the Namespace Allows start/stop/retrieval of recordings at runtime Routable HTTPS API Exposes an API with cluster auth to export recordings Online Analysis Provides web-based tools for basic analysis in-cluster ContainerJFR How does ContainerJFR address these challenges? 17
  • 19. V0000000 How ContainerJFR keeps your recordings and application data safe 19 Safety & Security
  • 20. V0000000 Safety & Security How does ContainerJFR keep application data safe and secure? 20 No agent, no library to bake-in to your application. Only standard JMX must be enabled on your application via JVM flags - no recompile or attachment. Non-Interference SSL/TLS over JMX is supported and HTTPS is enabled by default. Encrypted Users must authenticate to both the cluster and the target before accessing data or performing actions. Multiple Factor Authentication
  • 21. V0000000 The few small steps needed to allow your applications to talk to ContainerJFR 21 Configuring Your Applications
  • 22. V0000000 Configuring Your Applications How to Set Up Your Application for ContainerJFR 22 Just add some JVM flags to your application’s entrypoint script or command arguments. An example: ▸ -Dcom.sun.management.jmxremote.port=9091 # listen on port 9091, or any number if the port is named “jfr-jmx” ▸ -Dcom.sun.management.jmxremote.rmi.port=9091 ▸ -Dcom.sun.management.jmxremote.authenticate=true # enable JMX authentication ▸ -Dcom.sun.management.jmxremote.password.file=/app/resources/jmxremote.password # define users for JMX auth ▸ -Dcom.sun.management.jmxremote.access.file=/app/resources/jmxremote.access # set permissions for JMX users ▸ -Dcom.sun.management.jmxremote.ssl=true # enable JMX SSL ▸ -Dcom.sun.management.jmxremote.registry.ssl=true ▸ -Djavax.net.ssl.keyStore=/app/resources/keystore # set your SSL keystore ▸ -Djavax.net.ssl.keyStorePassword=somePassword # set your SSL keystore password JMX authentication and SSL are technically optional, but in any production deployment these should be enabled. After enabling SSL for your application’s JMX server, copy or POST your certificate to ContainerJFR’s truststore so that ContainerJFR trusts the connection.
  • 23. V0000000 linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you 23