IBM developerWorks online chat transcript September 27, 2007 Topic: What's new in WebSphere Application Server Community Edition V2.0 Moderators: Matt Hogstrom, David Jencks, Donald Woods ----Start of transcript---- tomyoung: Hello everyone! My name is Tom Young. On behalf of developerWorks, I'd like to thank you all for joining the chat today. We're here with Matt Hogstrom, Donald Woods, and David Jencks to talk about the new features in IBM WebSphere Application Server Community Edition V2.0. I'd like to turn it over to Matt, Donald, and David to introduce themselves, then it will be open for questions. David Jencks: Hi, I'm David Jencks. I've worked on most parts of Apache Geronimo since it was founded. Recently, I've concentrated mostly on modularity and security features. I've also helped out with WAS CE on a few occasions. Hogstrom: Hi, I'm Matt Hogstrom. I work on Apache Geronimo as well as WAS CE. I mostly like to work with the externals of Geronimo from a performance perspective. Donald: Hi, I'm Donald Woods. I've been the WAS CE release lead since we started a little over 2 years ago and am a committer on Apache Geronimo. Hogstrom: So, David Jencks, how is the MEJB changes going ... I'm behind on the list. Hogstrom: Kevan was over in Japan at LinuxWorld and he asked about it last night. David Jencks: I believe they are complete. Anita has the MEJB deploying as a separate app and module, and Vamsi and I have made it so that the module builds and deploys. Hogstrom: We're going to have to rename your nick to Mr. Wizard. David Jencks: Also, I think we have the roles for the MEJB set up so that you can easily configure read and write security for users independently of their permissions for other apps. Hogstrom: So we can limit access by ACLs then? Hogstrom: or some such mechanism? David Jencks: Yes. Anita did all the heavy lifting on this. Ted Kirby: From your perspective, what are the most exciting new features in WAS CE 2.0? PRambo: Question: Java EE 5 seems to arguably be the biggest change in WASCE V2 (and Geronimo 2). What kind of differences does this mean to somebody who has been using V1 of the product? Hogstrom: Ted Kirby: I think that the move from the old Java EE 1.4 standards to 5.0 is the most significant difference. David Jencks: That depends partly on which features you have been using. For typical apps that use a database, I think the most important new feature is JPA support: this makes data access truly easy for the first time in javaee. scalello: Questions from Paul C who is having trouble logging in: can you ask Matt what's been done to speed up the startup time of the server when there are complex apps deployed to it with lots of cmp entity beans/jpa beans, and if there are plans to provide some form of pre-startup compile accelerator for a server or other ideas to speed startup time being considered? David Jencks: PRambo: For EJB users, the new ejb 3 standard makes EJBS so much easier to use, there is no comparison. David Jencks: PRambo: And finally I would say that web services are now usable in javaee. Hogstrom: For Paul C ... one of the areas where we were slower before, during initialization, was in classloader searches. Ron S: Do we have any new performance specs on the EJB3 container? Hogstrom: What we've done to address those issues was to streamline the searching and make sure we do not duplicate searches. David Jencks: PRambo: Closely related to the EJB 3 improvements is the extensive use of annotations for dependency injection. This usually means your xml descriptors and plans can be much simpler and often nonexistent. Hogstrom: Overall, startup is about 24% faster on 2.0 than it was before (allowing for OS anomalies and such). PRambo: Those seem like pretty significant changes. So what about migrating? I know this is vague, but is it worth "migrating" apps from V1 to V2, or generally should they just be rewritten? (Will V1 apps work on V2 wihout modification?) David Jencks: PRambo: There are a few changes to security configuration that are not backward compatible, but otherwise v1 apps should work unchanged on v2. We'd like to know of problems where this doesn't work. However, if you are using entity beans, I suggest looking into migrating to JPA. In my experience, the ease of use of JPA compared to entity beans will quickly pay back the migration time. Donald: PRambo: As always, "it depends..." If your deployment plans had hard-coded dependencies on 1.1.1 versioned artifacts, or other server specific artifacts (like Derby 10.1), then you'll have to update them for the new schemas and you can leave off the version numbers to make it easier to migrate in the future. Ron S: Has there been any info on using OpenJPA versus Hibernate? If a customer is using Hibernate with JPA, would the app come across to Geronimo? Donald: PRambo: That was for Geronimo specific plans. The standard web.xml and application.xml should not need updating, unless like David mentioned, you are using security. PRambo: For security, are you referring to the realms? David Jencks: Ron S: It depends on whether the app uses Hibernate JPA or the proprietary interfaces. JPA should port with little difficulty and I think there have been some reports of success. David Jencks: I don't know about the proprietary interface: that is likely to require more porting effort. Hogstrom: Ron S: There was some activity on the dev list a few weeks ago about using Hibernate under Geronimo, but that was for actually using Hibernate. Hogstrom: Ron S: I haven't seen any data on a simple port. Donald: PRambo: Yes. Most of the changes are in how you setup different realms in the server. David Jencks: Ron S: I've heard rumors that OpenJPA used in Geronimo is significantly faster than Hibernate, but don't know how accurate these rumors are. Ron S: Do we have any migration examples for hibernate to OpenJPA? David Jencks: Ron S: Not that I know of. LinSun: Ron S: I think CE provides a openJPA example. Frodo: Dave Carew said on his call today that Hibernate is a superset of JPA - do you have any pointers to docs that can help a developer familiar and who's developed with Hibernate and has apps using Hibernate - to review their work and get a feel for what needs changing? Is anyone writing any aids to scan through Hibernate code to look at what has to be changed to use the container JPA? David Jencks: PRambo: There are really 2 security changes: one is how run-as roles and default Subjects work, and one is how remote login works. Ron S: Yes LinSun: Question: I saw the English user doc for 2.0. Are the translated version of the user doc for 2.0 available soon? Frodo: Matt - Good to see a 24% startup time improvement over 1.1, but for large complex apps (like our Belgium case who I think may have moved on with an alternative aproach), it will still mean very long startup times for the server. Are there any thoughts on how the long startup time can be reduced still further - through some kind of standby/hibernate state for example - thus preventing the server to go through the arduous long startup, etc. David Jencks: Frodo: If the app uses JPA, then little change should be necessary, as I imagine you are well aware. There may be an effort underway to write a proprietary to JPA Hibernate migration guide, we're trying to find out its status. shekerow: Donald: You also have a developerWorks article on migrating Hibernate to OpenJPA. Donald: Frodo: Do you mean something like the VMWare Snapshot concept? Donald: Lin: Translated User Docs should be outin the next 30 to 60 days. Ron S: What is the relationship between CXF and Axis2? I thought Geronimo was going to use CXF. David Jencks: Ron S: Geronimo supports both CXF and Axis2. Ron S: Are they both installed in the binary? David Jencks: At the moment, we are shipping with CXF enabled for the Jetty server and Axis2 enabled for the Tomcat server, but you can change this with a system property. Donald: shekerow: There is already a devWorks article? Can you post the URL? Ted Kirby: Yes, there is a JPA sample. For details on that and other WASCE samples, see http://publib.boulder.ibm.com/wasce/V2.0.0/en/samples.html David Jencks: Ron S: Yes. Ron S: Ok, that explains it. Donald: Ron S: But WAS CE only provides the Tomcat + Axis2 configuration. Ron S: Yep, understand. Do you think there would be an issue with an app that was running using CXF and ported to WAS CE? LinSun: Ron S: FYI - there is a new jax-ws article out today that talks about develop jax-ws app in CE 2.0. David Jencks: Ron S: You would have to install suitable CXF modules into WASCE. David Jencks: Ron S. I'm not sure if the ones from Geronimo would work unchanged or if they would have to be rebuilt with dependencies pointing to the WASCE modules. Frodo: The idea is for scenarios where a server would take ages to simply start due to the compile of the gbean at startup. In our Belgium case, they told us in full WAS there's the ability to somehow pre-compile the code so the server can start significantly more quickly. If we can't do that in Geronimo - I am wondering what ways other than Matt's current optimisation approach - we could take to get startup times down to a similar level to that of full WAS's current start time for similar apps. Ron S: But would the APIs be similar in Axis2 so the CXF modules would not have to be installed? scalello: Question: Any plans for enhanced deployment management for multiple nodes in a farm? David Jencks: Ron S: With the new-in-javaee JAXWS spec, web service applications are much more portable than they used to be. LinSun: Ron S: There are a few jaxws examples in Apache Geronimo that works well with both CXF and Axis2. If the app just uses JAX-WS 2.0, the migration should not involve a lot of work as both CXF and Axis2 are jax-ws 2.0 compliant. Ted Kirby: DevWorks article "Migrating legacy Hibernate applications to OpenJPA and EJB 3.0" URL is http://www.ibm.com/developerworks/websphere/techjournal/0708_vines/0708_vines.html dwu: LinSun: URL for the jax ws article? LinSun: Ron S: Here is the link to the article I mentioned - http://www.ibm.com/developerworks/websphere/library/techarticles/0709_gawor/0709_gawor.html?S_TACT=105AGX10&S_CMP=WASCE Ron S: Thx David Jencks: scalello: Yes, although they are not yet usable. Jason Dillon is working on GShell, which will first allow remote administration of a single server. And I believe his plans are to next support simultaneous administration of multiple servers. (So far this is only in Geronimo) Ron S: David, has any password encryption been implemented in WAS CE 2.0. Can I hide passwords in config.xml? Frodo: So - perhaps the idea of a standby mode - where a snapshot of the started server in standby - could be imaged over to lots of (branch) machines - thus enabling the (branch) servers to come back to life/back online - significantly faster than before. David Jencks: scalello: Also, Gianny Damour is working on a cluster administration tool that may be specifically designed for the WADI clustering available for Geronimo-Jetty. Ron S: Could that be ported to Tomcat? Donald: Scalello: In an upcoming WAS XD 6.1 update, you will be able to health monitor WASCE instances, deploy applications, load balance applications, start/stop server instances (vertical or horizontal), and install new instances. David Jencks: Ron S: In Geronimo 2.0.1 and I think WASCE 2, as in Geronimo 1.x, passwords in config.xml and properties login realm files are encrypted with a fixed, hardcoded password. Frodo: On a different note - Are there plans to provide some form of profile support for a vertical cluster of ce servers. So they can be managed/handled from a single console (apols if this Q has been asked already). David Jencks: Ron S: In Geronimo 2.0.2 (coming soon), it is possible to set up Geronimo to use a per-server generated password, although I think that is apt to lead to more problems than it solves. Hogstrom: Frodo: As far as other options, we do some caching of the initial deployment process so it's important to separate deployment / initialization time from just initialization time. Ron S: David: Can we use another encryption algorithm? Hogstrom: Frodo: I believe folks that were looking at startup issues previously will see and like the improvement that we've made so far. David Jencks: Ron S: I assume you are asking about porting WADI clustering to Tomcat? That is certainly possible, but I don't know if anyone is currently working on it. scalello: Donald, I understand that will be cost effective for >= 15 nodes, but not so great for smaller farms with basic deployment management needs. Donald: Ron S: We will be upgrading to Geronimo 2.0.2 base in a future WAS CE maintenance release (probably late 4Q or early 1Q08). David Jencks: Ron S: If you write some code, you can use whatever encryption you want -- in Geronimo 2.0.2, the encryption is pluggable. Ted Kirby: "Develop and deploy JAX-WS Web services on WebSphere Application Server Community Edition V2.0" article URL is http://www.ibm.com/developerworks/websphere/library/techarticles/0709_gawor/0709_gawor.html?S_TACT=105AGX10&S_CMP=WASCE Frodo: Matt H - I guess it is an ongoing thing. I had another client on Friday asking what can be done to improve startup times of 1.1. Frodo: Thx Matt. David Jencks: Ron S: Is there something you don't like about AES? PRambo: Can I ask about performance constraints? At what point should you consider biting the bullet and exploring regular WAS? (And is there really a migration path since WAS is still J2EE?) Hogstrom: Frodo: One thing to note is that some platforms have different characteristics. Hogstrom: Frodo: For example, on Windows, we need to do some alternatives because of the way the files ystem does locking. Hogstrom: PRambo: Of course, the answer is "It depends ..." there are many considerations. PRambo: Naturally. Hogstrom: PRambo: There are many functional and non-functional issues to consider like clustering and management as well as scale. Hogstrom: PRambo: From a performance perspective, I believe you'll see that the WAS CE performs better than commercial servers in most contexts. Hogstrom: PRambo: Meaning, you'll get more Tx through. However, if you need to scale to 1000's of nodes and want detailed tracing and statistics, then other options like "Big" WAS make more sense. David Jencks: Frodo: I suspect it depends a lot on exactly what the slow part of app startup is. For instance, I would expect an OpenJPA app with pre-enhanced persistent classes to start up considerably faster than an "equivalent" ejb 2.1 app using entity beans. David Jencks: Frodo: For the most part, with the notable exception of Tomcat, we make a strong effort to preprocess the apps into Geronimo components that can be started without further analysis. David Jencks: Frodo: One side effect of this is that the enhancements Hogstrom mentioned to the classloader etc have a more dramatic effect since this "kernel" level activity is a larger proportion of the startup than of our "predeployment" scalello: Can anyone talk about if clustering has improved with 2.0? I understand Tomcat 6 is suppose to scale better. Frodo: We advised the client to look to use JPA reather than CMP - but given their timing for going live, we may have missed the deadline for going live. I have a client in Cyprus, however, who is having a similar challenge. David Jencks: Frodo: We'd certainly like feedback on what is slow and what problems people are experiencing. Frodo: Ok David - will keep u posted. Donald: scalello: We leverage/support the basic web tier clustering in Tomcat 6. Donald: scalello: Was there another feature of Tomcat6 you were interested in, besides web tier clustering? Ron S: I hear questions on runtime customization in 2.0. Is there any info on what system modules you should and should not shutdown? Any info on dependencies? Donald: Ron S: That's still TBD. There are some limitations in Geronimo 2.0.1 due to the OpenEJB integration/dependencies. Donald: Ron S: There were some updates checked into Geronimo 2.0.2 in the last couple days to help remove the OpenEJB depends, but its still work in-progress. scalello: Well, the interest was mostly with session replication, and if this has improved with Tomcat 6. David Jencks: Ron S: In Geronimo, I expect we'll have much better support for extracting or assembling a "customized server" rather soon, but right now the facilities are fairly primitive and hard to use. Ron S: Donald: The EJB container is the one most asked for stopping. Thx. Hogstrom: Scalello: Not that we've measured directly in CE 2.0, but there has been more work done on this for Tomcat directly. tomyoung: Sorry to say it, but we're pretty much out of time. I'd like to thank everyone for joining, and thanks to Matt, Donald, and David for hosting the conversation today. David Jencks: Ron S: To me the most useful approach seems to be to start with the applications you want to run and create a server adapted to exactly those applications. tomyoung: Thanks all. You'll be able to find a link to the transcript for this chat at http://www.ibm.com/developerworks/websphere/library/chats/0709_hogstrom/0709_hogstrom.html Frodo: General question to each Don, Matt and Dave. From your perspectives what do you see as the most nteresting/exciting new developments going into G2 over the next 6 to 12 months? scalello: Thanks everyone! Frodo: Dave or Matt - would you care to comment? David Jencks: Frodo: The two I expect to be most involved in are modularity and security. We've always aimed to be a modular server, and recently we have enough bits working so that many of our plans for application centered deployment can be a reality. For instance, it should soon be easy to "extract" a server that contains a set of applications and exactly the components needed for them to run. Similarly, the server will soon be assembled from plugins, and the admin console from "admin" plugins for the installed components. For security, in 2.0 we've finally become truly JACC-pluggable. I'm working with the Apache Directory Triplesec project to come up with a full-featured RBAC model that will provide comprehensive user and permission administration and integrate as a JACC provider. I think this will be able to address some of the shortcomings of the javaee security model when used with dynamic content applications, such as blogging applications, such as Roller and portals, such as Jetspeed2, where the resources that need permission management are not known and do not exist when the application is deployed. Implementing the JASPI spec should also simplify and extend the authentication possibilities. Another area I think is extremely important and exciting is clustering and remote management. At the moment, we have a considerable number of not-too-well-publicized and mostly partial clustering solutions, including WADI clustering for Jetty, native Tomcat clustering, and the third party TerraCotta solution. I expect these will become easier to use and more universally applicable. We should soon have remote administration through GShell, and I expect this to be expandable to cover cluster and farm administration. I believe there is an effort underway for WADI cluster administration as well. Another area I think will be a focus is performance and problem monitoring. I'm hoping to see better statistics overall, ARM, and much better reporting of the circumstances of errors that occur. Finally, I'm hoping to see popular applications become available "predeployed" as Geronimo plugins. A start in this direction is the Roller plugin under development at Geronimo, and the TerraCotta plugin maintained by TerraCotta. Frodo: Thanks for all your answers guys. Great work on 2.0. ----End of transcript----