Cover a large scale migration for one of our customers
STS Review Who I am STS review what we are involved in Approach how we are approaching the migration Bad – What is currently bad and biting our behind Ugly – What is just plain ugly about Jboss Good what's good wrt WebLogic The future of the work THIS IS TECHNICAL BUT SEEMS TO BE IN THE STRATEGY TRACK SUITS (I doubt any would come anyway) SNOOZE IN THE GEEKY BITS
Warning - lots of pictures to liven things up a bit to stop us getting bored as lots of bullets Fortunately company has a subscription to a stock imagery website
Explain Fast, Reliable Manageable Secure Involved in supporting the customer throughout their extensive WebLogic deployment Luckily for us also extensive Jboss expertise so weren't thrown out a long with BEA
Can't tell you who as work still ongoing One of the UK's biggest IT employers Large scale data processing capabilities – Many databases with many Terrabytes of data 1 app Message rates of millions per day Atos Origin, Logica, CSC, Lockheed Martin, Detica, PA Consulting, HP(EDS), BT, Unisys so very political with complex integration
Each application is typically deployed on own servers in own domain All you can eat WLS license with a day of reckoning! Some just moved from 6 to 8 NO later than WLS8.1 apps (spent two years choosing a new app server!) Provides installation across many servers ssh configures the box and deploys all resources including the app (bit more later) Write config in their XML deploys everything. Substantial investment in WLS
Talk through example and cimmunications mechanisms Each a different project potentially built by a different SI with different change rates and release procedures. Complexity of inter communications Many other applications pulling data from many different databases. Key many communications and interlinked applications
Handle sensitive data Legal requirements for auditing etc. Explain Principal Propagation in WebLogic – single password Custom Authentication to work via 2way SSL Entrust Explain VPD as requires principal propagation
We've been there as a consultancy for 4 years so had to do something. Almost every WebLogic specific tweak to JMS and EJBs has been done and there's a lot. Example tweaks – Thread pools for specific MDBs to prevent deadlocks and ensure sufficient MDB processing Fast query thread pools and slow query thread pools JMS session batch sizes to prevent slow consumers blocking Messaging Bridges for Store and Forward HA JMS configuration with Distributed Destinations This is now all humming nothing really to do last year as we know WLS 8.1 inside out. Infrastructure SI Decides to use JBoss !!!!!!
New outsourced infrastructure SI told to provide Hardware OS and JEE hosting we don't care what. They say JBoss on RHEL WTF!!! Hey Change is an opportunity for all you consultancies out there :-)
BEA rep told me – drill down a bit deeper on next slide Flexible, Agile development Off the Shelf Operating Environments (Amazon style) Spring, Hibernate in EJB 2.1 Only raised a handful of support cases as had us on site solving most problems – mainly bugs requiring patches New mandates from central government on open source usage Drill in deeper on next few slides
Surprisingly not the driver or the reason! Actually large cost associated. WebLogic development was humming along – engineers knew it Support knew it Change requires reeducation although some required with WLS 9 and 10 therefore not seen as a major downer.
New outsourced IT – On demand Operating Environments one of which JEE RHEL extensively so natural to go Jboss Evolved around JEE 1.4 limitations into Spring Hibernate Previously 1.4 so now learn capabilities Want to use SOA, ESB and Portals but big ticket items in Aqualogic and proprietary.
MAJOR reason We only raised a handful of cases mostly bugs also a danger for RH. License management! Story about expiration Support tickets sent to India when explicitly asked not to as about Government systems handled by UK team. Sick of stock send config.xml and upgrade to latest patch as difficult as against security policy so required sanitation (remove IP etc.) PS story about secret code We were there as BEA PS and solved most problems on site – actually cheaper to hire us at a day rate than pay big ticket support costs (c.f. 100 cpus) we don't charge by the cpu
End of reasons – look at migration approach As we've seen huge complexity in links between applications. Incremental still ongoing many years to migrate. Some may never migrate. ALL new applications Jboss, JEE 5, EJB3, JPA and Web Services New releases of new apps in active maintenance on Jboss – simple port first Jboss release
Key result of this Remains maybe until app retirement (6 years?) Can't get around point 2 we must solve the problem All protocols We must do the security TX propagation NOT going to solve rearchitect bad anyway Relied on WLS clustering not about to do away with it Need to consider both directions – this approach works in both directions (WLS->JB & JB->WLS)
Proposed solution explain next slide other things that don't work Explain security packageing and custom authenticator on both ends.
IIOP working after two weeks hacking around with JACORB CSIV2 - WLS client jar – incompatible CORBA ORBS failed! WLS 9/10 may work but worried about licensing Other direction tombstone works as well JBoss client in WLS (JDK mismatch compiled 1.5) didn't bother trying downgrade old version Jboss messaging bridge investigations ongoing Careful as WLS Bridges are XA so no dups or dropped messages
As promised we've started down the road let's see what we've seen is pretty rough
WLS docs are excellent can't fault. Extensive reference docs for every setting and tweak. Wiki much is old and appears out of date or difficult to know if applies to version you have and not OS latest Edocs can be downloaded – (Production Systems air gapped from the Internet for security) Example – EJB<->EJB across a NAT firewall both ways (WLS Network Channel and set external names etc. well documented) Jboss shudder in horror hopefully don't have to solve!! Anybody here tell me for all subsystems JMS, EJB2.1, EJB3.0 after buy them a pint in the bar Another example JTA tx boundaries in Datasources is each Datasource a resource or require XA drivers can I combine them into one ESB??????
WebLogic has the domain – single config file make a change voila. Some applications 2xclusters 8 nodes each with a few standalone or mini clusters. Come up with a partial solution through shared disk and shared “core configuration” Came up with it after slides submitted so buy me a beer!!!!! Differences – Server Peer ID, JTA Node name, JVM Route
Not passed TCK so recently discovered Run AS doesn't work and is used extensively in their environment. Created our own EJB interceptor for Run As Admin which is what they require. One developer spent 5 days on the Servlet EJB injection
Not specific to Jboss just to the organisation They've all gotta learn a helluva lot!!! Also wean them off Spring and onto JEE 5 instead with JPA
Look at the just plain ugly!!!!! Not much different from bad really but this is what is going to or has bitten us architecturally These could be easily fixed by productisation and a focus on Jboss as an integrated whole rather than a mish mash of OS projects. Needs product management effort
NO NEED!!!!! WebLogic 2 Plain and SSL one of you don't need SSL. If they can do it Jboss can do it. They've had to come up with IP aliasing on the machine and virtual network cards to roll out to many developers on large scale test servers. Everybody just cuts and pastes Service Binding Manager. Bloody incomprehensible and fragile especially the XSLT stuff As I mentioned before. ESB adds a bunch more ports !!
Tombstones are ugly!!! If you are migrating need to analyse how apps talk to each other and approach each issue
Very important for this organisation. Developers are nice but the high tail it when things go live. Drill into this to compare and contrast in next slides Requires extensive changes to “out of the box” server configs. Monitoring – WLS console excellent visibility Writing our own PMON utiliity
LSD how do you roll out say 8 Jboss nodes 2 clusters seemlessly across 4 physical servers ! Having to put in place policies and procedures. Always put at least two nodes per server so if Hot lose one still retain processing power. Looking at shared SAN and specific “shared” configurations of Jboss with lightweight individual server configs. -D environment variables to change settings in the central XML on the fly. Invent it ourselves
Talk through the picture
OK so we've bitched a lot about Jboss c.f. WebLogic What do we like about it !! Angel of the North – from my home city!! Good have been the Ugly picture according to some people back home
Not the licensing which is good but literally. ALWAYS download the code for the latest rev and keep near you. Take an exception look at the code. Solves things quickly. Stops Decompiling code – did a lot with WebLogic (SHUSH). Loses comments and line numbers. Developers here add more comments and I'll forgive the lack of docs Example if time -
Customer likes to add there own things in to transparently do stuff with so many dev teams. WebLogic colsed to that sort of thing Totally bespoke admin layout etc. Powerful but dangerous. Hook in our security pieces quickly and easily
Earlier did Eclipse RCP development WL Workshop proprietary bee hive stuff thankfully avoided Easy to get hold of stuff at home and play.
Moving to ESB and Jboss is a great fit ALSB hugely expensive and very SOAP oriented.
Earlier picture and SOAing it. Mitigate some of our interoperability and JMS problems.
Thought we would be further on when I submitted this presentation abstract. Simple ports have been painless apart from interoperability. Minor web app tweaks as WLS forgiving on deployment descriptors. Yet to port one of the formula one apps likely to remain as legacy and new versions written in JBoss.