21 December 2017

Garbage Collector incompatibilities

Garbage Collector incompatibilities

Conflicting collector combinations in option list; please refer to the release notes for the combinations allowed

I got the above error message after upgrading Eclipse Oxygen.

This is for GC options:

-XX:+UseParallelGC
# -XX:+UseG1GC

We cannot use both Garbage Collector at the same time... at least in this new version 4.7.2

https://docs.oracle.com/javase/8/docs/technotes/guides/vm/gctuning/collectors.html

05 December 2017

30 November 2017

Patrones de Diseño (en un año)

Se han utilizado diferentes patrones de diseño para diferentes necesidades, tal como, de arquitectura de componentes a nivel de servicios y de patrones de construcción OOP.

A continuación es la lista de los patrones de diseños usados:

- Descomposición de servicios para poder tener un buen limite de dominios (DDD, separation of concerns)

- @Domains: usado en la capa Rest donde está la implementación de POJOs

- Repository: donde está desacoplado la implementación de varios repositorios, dejando expuesta el mismo contrato a los cliente.

- @Service: capa Rest, tiene Patrón: Service-layer, en donde implementamos diferentes servicios para llamar, sean base datos pertenecientes a CDN o directamente como cliente al bus de servicios.

- @Controller: Rest, es el controller de springmvc, que es parte del patrón de diseño MVC, el cual dejamos claro el manejo del flujo del servicio rest

- Factory: todos los datasources utilizados vienen del contenedor de aplicaciones (Weblogic), y es una factoría de la cual nos abstraemos de la implementación (Oracle) y usamos la conexión entregada, la cual es reutilizada en las siguientes interacciones.

- DAO: pl-generator, librería que genera DAO automático desde la metadata de oracle y tenemos la interfaz (Façade) de los stored procedures de la base de datos, por directriz (generalmente en bancos) siempre accedemos a través de esos SP, y la librería gracias a esta encapsulación entregada por DAO podemos abstraernos de todo lo necesario de conexiones JDBC.

- SAL: Service Access Layer: Rest, patrón que viene desde la arquitectura SOA y tenemos implementada los diferentes servicios en un solo package.

- MVC: angular/rest. Usamos el patrón Model-View-Controller en nuestra solución. View es AngularJS, Controller y Model está implementado en Rest en las clases con anotaciones @Controller y Pojos, aprovechando la separación entregada por Spring

- API-Proxy: Usamos servicios Rest para todos los accesos desde front hacia OSB/DB. nunca se puede acceder directo desde Front, asi se usa api-proxy como interfaz.

- Aggregator: se utiliza en message-aggregator-rest para encapsular la implementación de del motor de envio de emails. De esta manera le damos más valor al request del envío del correo (Decorator) y tenemos un fachada (facade) para la implementación final.

- Connection Factory: JMS, todos los JMS utilizan un Connection Factory implementada por WLS. de esta manera se reutilizan las conexiones JMS.

- Prototype: en javascript para extender funciones y hacer honor al límite de 100 líneas por función (modular), se utiliza el patrón prototype.

- Database per service: notificaciones utiliza 1 schema por su solución, y no compartimos la base de datos con otros servicios, si alguien más necesita insertar datos estos deben hacerse a través un el api-proxy expuesto por notificaciones.

- Shared database (base datos compartida), existen schemas que son utilizados por varios servicios, tal como, session_cn.

- Log aggregation, se logea las transacciones y funcionalidades importantes de cada uno de los servicios en un log de aplicación que está configurado en cada uno de los dominios de WLS.

- Client-side UI composition. Cada aplicación puede tener componentes propios que están encapsulados en directivas angular. Estas directivas pueden ser reutilizadas por otras aplicaciones. El equipo de Diseño se preocupa de generar el esqueleto de las páginas, componiendo diferentes componentes UI.

- además utilizamos de varios patrones de diseño de más bajo nivel GoF: iterator, façade, singleton, Factory method pattern, Decorator, Builder, etc.


Java Performance

This is a summary post of good practices (many easy) to improve performance in your Java code:
  1. use Apache commons-lang StringUtils.replace() instead String.replace(). The big difference is because Java replace() uses regexp which makes it more expensive immediately.
  2. avoid regexp if possible (many times we use regexp and meanwhile a String.indexof() is enough).  also, Apache commons lang: StringUtils.replace("hola\nmundo\n", "\n", "");
  3. Compile once a Regexp Pattern:  Pattern pattern_dst = Pattern.compile("destinationAddress\\\"\\:\\\"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+\\\"");
  4. Apache commons lang, now has separated packages for regexp methods, such us, replaceall().
  5. on the same, String.split also has issues when it's not a simple character the splitter
  6. avoid using Java7 UUID (there are other faster libraries for it) (randomness trends to be slow).
    https://github.com/cowtowncoder/java-uuid-generator
    https://github.com/jchambers/fast-uuid    (* this looks interesting)
    https://github.com/codahale/fast-uuid
  7. Asynchronous Logging Parameterized Messages (log4j2) (Ring buffer - LMAX Disruptor)
    Many logging libraries offer an API for logging parameterized messages. This enables application code to look something like this:
    logger.debug("Entry number: {} is {}", i, entry[i]);
    without API:
    if (logger.isDebugEnabled()) {
        logger.debug("Entry number: " + i + " is " + entry[i].toString());
    }
    The best solution is placeholders and if{}
    if (logger.isDebugEnabled()) {
        logger.debug("Entry number: {} is {}", i, entry[i]);
    } 
    lambda java8:
    logger.trace("Some long-running operation returned {}", () -> expensiveOperation());
  8. Jasper Reports has a lazy loading at init() :
    JasperReportsContext jasperReportsContext = new SimpleJasperReportsContext();
            LocalJasperReportsContext localJasperReportsContext = new LocalJasperReportsContext(jasperReportsContext);
            localJasperReportsContext.setClassLoader(this.getClass().getClassLoader());
  9. StringBuilder or StringBuffer over String (for concatenation)
  10. Primitive over wrapper, such us, Integer, Double etc, ie:
    The Integer class wraps a value of the primitive type int in an object. An object of type Integer contains a single field whose type is int.
    If you need an object instead, then use Integer.valueOf(), Long.valueOf()
  11. Sorted of sorted List Java sorted ??? (Big Theta!)
  12. String concatenating one line, it's not a problem
  13. BigInteger & BigDecimal are expensive. (avoid)
  14. Cache database connections. Object pooling. Apache common pool, Fast Object Pool, Vibur Object Pool
  15. Tune fetchSize when querying a big number of rows from DB. (default is 10, which makes it slow) 
  16. Mapper Objects: use MapStruct (fastest).
  17. log4j contention when writing to log file (async, buffer, network as a solution)
  18. exceptions are "expensive"
  19. Timeouts! (trigger'm!)
    Socket_timeouts TCP_NODELAY, SO_SNDBUF, SO_RCVBUF,  HTTP, JAX-WS, RestTemplate, JDBC timeouts :P
  20. Thread synchronized (as seen on log4j2), blocking java monitor 
  21. HTTP 1.1 instead 1.0 (keep-alive)
  22. Data source sizing
  23. PMD has several performance rules:  (among others)
    Don’t create instances of already existing BigInteger (BigInteger.ZERO, BigInteger.ONE)
    Avoid instantiating Boolean objects; you can reference Boolean.TRUE, Boolean.FALSE.
  24. Most of PMD, checkstyles rules are embedded at sonarqube.
  25. Jackson ObjectMapper must be reused (it's thread-safe). It is expensive.(use 2.8.7+ by race condition). Singleton, static or Object pooling (see above).
  26. CompletableFuture uses a forkjoin thread pool, which is a thread pool shared between all CompletableFutures and all parallel streams.
    https://dzone.com/articles/concurrency-in-action-using-javas-completable-futu
  27. https://github.com/devwebcl/async-springmvc-poc
  28. Java 8 parallel streams pitfall
    https://www.baeldung.com/java-8-parallel-streams-custom-threadpool https://medium.com/@michaelbespalov/parallel-stream-pitfalls-and-how-to-avoid-them-91f11808a16
  29. JVM CPU measure. It may be expensive for some JVM
  30. Every time you make something "static", consider if you want to make it "final" too. In most cases, you do. "static final"-s are much more optimize-able. https://t.co/Xm0YgDUTtL (from @shipilev) 
  31. Netty is a popular asynch framework, but it can suffer of OOM: io.netty.maxDirectMemory
  32. DO NOT use java 11 (~30% slower)

try-with-resources

A known, and now kind of old feature of Java 7, but still isn't as popular as we wish.

Straightforward (and easy) implementation, where you need to declare resources (File, Stream) into parenthesis of "try" keyword:

private static void printFileJava7() throws IOException {

    try(InputStream input = new FileInputStream("hola.txt")) {

        int data = input.read();
        while(data != -1){
            System.out.print((char) data);
            data = input.read();
        }
    }
}

And JVM will have the responsibility to close those resources.

Beware: that the object in try() must implement AutoCloseable.

More info:

https://docs.oracle.com/javase/tutorial/essential/exceptions/tryResourceClose.html

http://tutorials.jenkov.com/java-exception-handling/try-with-resources.html

https://www.mkyong.com/java/try-with-resources-example-in-jdk-7/


24 November 2017

HTTP Codes - Arquitectura Restful

La arquitectura Rest se basa fuertemente en el protocolo HTTP, por lo cual es importante responder (y parsear al recibir) los diferentes códigos HTTP que existen.
Los códigos están agrupados por las siguientes categorías:
  • 1xx – Informational
  • 2xx – Successful
  • 3xx – Redirection
  • 4xx - Client Error
  • 5xx - Server Error

El proyecto  deberia uso granular de estos códigos con alguna libreria transversal.

Deberíamos usar solo los códigos más útiles (top “10”) que son los siguientes:

HTTP Response codes

200OKSuccessfully executed. should be used to indicate nonspecific success
201CREATEDSuccessfully executed and a new resources has been created. The response body is either empty or contains a URI(s) of the created resource. The location header should should also contain the new URI
202ACCEPTEDThe request was valid and has been accepted but has not yet been processed. The response should include a URI to poll for status updates on the request. Allows for asynchronous request ( start of an asynchronous action)
204NO_CONTENTThe request was successful but the server did not have a response. should be used when the response body is intentionally empty.
Ejemplo: Si se busca el listado de productos para un cliente y el cliente existe pero la lista es vacía, el estado es 204
301MOVED_PERMANENTLYThe new location should be returned in the response ( should be used to relocate resources)
302REDIRECTThe HTTP response status code 302 Found is a common way of performing URL redirection.
400BAD_REQUESTMalformed or invalid request
401UNAUTHORIZEDInvalid authorization credentials. (no autenticado, o autenticado incorrectamente)
403FORBIDDENDisallowed request. Security error. (no autorizado para ver pagina/recurso)
404NOT_FOUNDResource not found.
Ejemplo: Si se busca un cliente por rut y éste no existe, el estado es 404
405METHOD_NOT_ALLOWEDMethod (verb) not allowed for requested resource. Response will provide an “Allow” header to indicate what is allowed
412PRECONDITION_FAILEDOne or more conditions given in the request header fields evaluated to false when tested on the server.
415UNSUPPORTED_MEDIA_TYPEClient submitted a media type that is incompatible for the specified resource.
422UNPROCESSABLE_ENTITYSe ha producido un error funcional. El servicio reconoce los parámetros como válidos, pero alguna condición de negocio no se puede llevar a cabo. Ej: "Monto Pagado+monto capitalizado no puede ser mas que monto adeudado+monto vencido+monto adeudado ajuste-monto condonado para monto XXX" invocando a servicio bus para cálculo de pago.
418I'm a teapotLudic HTTP
500INTERNAL_SERVER_ERRORCatchall for server processing problem
503SERVICE_UNAVAILABLEResponse in the face of too many request
504GATEWAY_TIMEOUTserver error response code indicates that the server, while acting as a gateway or proxy, did not get a response in time from the upstream server that it needed in order to complete the request.

HTTP verbs:
 

  1. GET. The GET method requests a representation of the specified resource. Requests using GET should only retrieve data. (idempotent)
  2. POST. The POST method is used to submit an entity to the specified resource, often causing a change in state or side effects on the server (payload)
  3. HEAD. The HEAD method asks for a response identical to that of a GET request, but without the response body.
  4. PUT. The PUT method replaces all current representations of the target resource with the request payload.
  5. DELETE. The DELETE method deletes the specified resource.
  6. CONNECT. The CONNECT method establishes a tunnel to the server identified by the target resource.
  7. OPTIONS. The OPTIONS method is used to describe the communication options for the target resource.  OPTIONS sirve para verificar CORS!
  8. TRACE. The TRACE method performs a message loop-back test along the path to the target resource.
  9. PATCH. The PATCH method is used to apply partial modifications to a resource.


more details:

  • HEAD - No defined body semantics.
  • GET - No defined body semantics.
  • DELETE - No defined body semantics.
  • CONNECT - No defined body semantics
  • PUT - Body supported.
  • POST - Body supported.
  • TRACE - Body not supported.
  • OPTIONS - Body supported but no semantics on usage (maybe in the future).


Mayor información

03 November 2017

Simple HTTP Server

python -m SimpleHTTPServer 8000

if you face :
/usr/bin/python: No module named SimpleHTTPServer

it's because for python 3:

python3 -m http.server 8000

02 November 2017

Cannot retrieve WLS app info

Cannot retrieve:

The configuration for app is still being loaded from your last request, please wait a moment and retry.

####<Oct 30, 2017 9:59:44 AM CLT> <Error> <Console> <lablnx297> <AdminServer> <[ACTIVE] ExecuteThread: '5' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <cc19eb40-e1ae-46e5-80cb-dbf2a3509811-00000f0c> <1509368384819> <BEA-240003> <Administration Console encountered the following error: java.lang.NullPointerException
  at weblogic.application.internal.ApplicationRuntimeMBeanImpl.getComponentRuntimes(ApplicationRuntimeMBeanImpl.java:449)
  at sun.reflect.GeneratedMethodAccessor1348.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.lang.reflect.Method.invoke(Method.java:606)
  at weblogic.management.jmx.modelmbean.WLSModelMBean.getAttribute(WLSModelMBean.java:525)
  at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:647)
  at com.sun.jmx.mbeanserver.JmxMBeanServer.getAttribute(JmxMBeanServer.java:678)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.mbeanservers.internal.JMXContextInterceptor.getAttribute(JMXContextInterceptor.java:157)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$12.run(WLSMBeanServerInterceptorBase.java:326)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.getAttribute(WLSMBeanServerInterceptorBase.java:324)
  at weblogic.management.mbeanservers.internal.SecurityInterceptor.getAttribute(SecurityInterceptor.java:300)
  at weblogic.management.jmx.mbeanserver.WLSMBeanServer.getAttribute(WLSMBeanServer.java:279)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5$1.run(JMXConnectorSubjectForwarder.java:327)
  at java.security.AccessController.doPrivileged(Native Method)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$5.run(JMXConnectorSubjectForwarder.java:325)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.getAttribute(JMXConnectorSubjectForwarder.java:320)
  at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1468)
  at javax.management.remote.rmi.RMIConnectionImpl.access$300(RMIConnectionImpl.java:97)
  at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1332)
  at java.security.AccessController.doPrivileged(Native Method)
  at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1431)
  at javax.management.remote.rmi.RMIConnectionImpl.getAttribute(RMIConnectionImpl.java:661)
  at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:701)
  at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:527)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
  at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:523)
  at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:311)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:263)
>

HTTP Cluster WebLogic Server

Old Deprecated feature:

web.xml :

<servlet><servlet-name>ProxyServlet</servlet-name>
<servlet-class>weblogic.servlet.proxy.HttpProxyServlet</servlet-class>
<init-param>
<param-name>redirectURL</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>ProxyServlet</servlet-name>
<url-pattern>/MyProducerApp/*</url-pattern>
</servlet-mapping>

.

31 October 2017

Clear Cache WLS

Before deleting any directory, you need to shutdown all servers first.

The following provides a generic example path to the tmp directory in question:

WINDOWS: 
cd C:\wls\user_projects\domains\servers\

UNIX:
cd /wls/user_projects/domains/servers/

The following would be used to clear the cache:

WINDOWS:  
rd C:\wls\user_projects\domains\servers\tmp
rd C:\wls\user_projects\domains\servers\cache


UNIX: 
rm -rf /wls/user_projects/domains/servers/tmp
rm -rf /wls/user_projects/domains//servers/cache



 For WLS versions 9.2 and above, delete the following Admin and Managed server cache directories:

    /servers/cache
   
/servers/stage (if exists)
   
/servers/tmp
 




18 October 2017

WLS JMS Configuration

Essential steps to configure a JMS environment


CORE_WLS_Domain --> Services --> Persistent Stores -->

New:

Name: FileStore-Mensajeria1
Target: Managed Server 1 (WLS01)
Directory: jmsMensajeria_1
(Activate Changes)

Name: FileStore-Mensajeria2
Target: Managed Server 2 (WLSS02)
Directory: jmsMensajeria_2
(Activate Changes)


CORE_WLS_Domain --> Services --> Messaging --> JMS Servers

New:

Name: JMSServer-Mensajeria_1
Persistent Store: FileStore-Mensajeria1
Target: WLS01 (migratable)
(finish)

Name: JMSServer-Mensajeria_2
Persistent Store: FileStore-Mensajeria2
Target: WLS02 (migratable)
(finish)

(Activate Changes)


CORE_WLS_Domain --> Services --> Messaging --> JMS Modules

Name: JMSModule_Mensajeria
Target: wls_core_cluster
(next/finish)
(Activate Changes)


entrar a JMS Module creado: (crear subdeployment)
CORE_WLS_Domain --> Services --> Messaging --> JMS Modules --> JMSModule_Mensajeria --> Subdeployments

New:

name: MensajeriaSubdeployment
Target: JMSServer-Mensajeria_1, JMSServer-Mensajeria_2
(Activate Changes)


CORE_WLS_Domain --> Services --> Messaging --> JMS Modules --> JMSModule_Mensajeria

New:

Connection Factory (next)

Name: ConnectionFactory-Mensajeria
JNDI Name: jms/ConnectionFactory-Mensajeria (next)
(finish)
(Activate Changes)

New:

Distributed Queue (next)

Name: DistributedQueue-Mensajeria
JNDI Name: jms/journal-standar (next)
Advanced Targeting: MensajeriaSubdeployment

JMS Servers: JMSServer-Mensajeria_1, JMSServer-Mensajeria_2
(finish)
(Activate Changes)



12 October 2017

Opatch WLS 12c

Backup Oracle Home:
It is highly recommended that you back up the Oracle home before any patch operation. You can back up the Oracle home using your preferred method. You can use any method such as zip, cp -r, tar, and cpio to compress the Oracle home.

Opatch path:
/Users/German/Oracle/Middleware/Oracle_Home/OPatch

List patches:
./opatch lsinventory
./opatch lsinventory -detail

Check if it's feasible:
./opatch apply /Users/German/tmp/patches/23639929 -report

if the next message appears:

JAVA_HOME is not set or does not exist

then add (jre path) :

-jre /Library/Java/JavaVirtualMachines/jdk1.7.0_201.jdk/Contents/Home

Apply patch:
./opatch apply /Users/German/tmp/patches/23639929

Rollback patch
./opatch rollback -id 23639929

logs:
ORACLE_HOME/cfgtoollogs/opatch/

More info:
https://docs.oracle.com/middleware/1213/core/OPATC/toc.htm

11 October 2017

Too many open files


The following problem may occurr in WLS:
Caused By: java.net.SocketException: Too many open files
  at java.net.Socket.createImpl(Socket.java:447)
  at java.net.Socket.connect(Socket.java:577)
  at oracle.net.nt.TcpNTAdapter.connect(TcpNTAdapter.java:161)
  at oracle.net.nt.ConnOption.connect(ConnOption.java:159)
  at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:428)
  at oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:506)
  at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:595)
  at oracle.net.ns.NSProtocol.connect(NSProtocol.java:230)

This is a common issue when  File Descriptors are not enough for the OS processes.

Checking the most open FD appear WLS Managed Servers and they are almost on the limit:

4076 376 /u04/Middleware/WLS12c/jdk/bin/java-server-Xms1024m-Xmx2048m-XX:PermSize=256m-XX:MaxPermSize=512m-Dweblogic.Name=WLS02

4063 32526 /u04/Middleware/WLS12c/jdk/bin/java-server-Xms1024m-Xmx2048m-XX:PermSize=256m-XX:MaxPermSize=512m-Dweblogic.Name=WLS01

Checking with lsof -p <pid> we see a lot of open jar files from war files, because we have several war files deployed.

Check:
$ ulimit -n
4096

Therefore the solution is to set a bigger soft & hard limit.

04 October 2017

How to know OHS version

$ ./httpd.worker -v
./httpd.worker: error while loading shared libraries: libexpat.so.0: cannot open shared object file: No such file or directory

$ ps -fea | grep httpd

$ export ORACLE_HOME=/u04/Middleware/P_OHS12c/product

$ export LD_LIBRARY_PATH=/u04/Middleware/P_OHS12c/product/lib

$ cd /u04/Middleware/P_OHS12c/product/wlserver/../ohs/bin/

$ ./httpd.worker -v
Server version: Oracle-HTTP-Server/2.2.22 (Unix)
Server built:   Sep  3 2015 01:14:57
Server label:   APACHE_12.1.3.0.0_LINUX.X64_RELEASE



25 August 2017

Sed cheat sheet

Sometimes we need to clean-up a file (ie: log prod file).

(or gsed for gnu-sed in macosx

* delete a match and backup of original file:

sed -i.bak '/<ConnectionEnv.cleanup, jconn=oracle.jdbc.driver.T4CConnection/d' ./infile

sed -i.bak '/INFO: true/d' ./infile

gsed -i.bak '/INFORMACIÓN: true> /d' ./infile


* delete two lines and the match string

gsed -i -e '/match1/,+2d'

* delete one line and the match string

gsed -i -e '/OPTIONS/,+1d' *uml*.puml

* execute more than one command in sed (use -e flag)

sed -i -e 's/File//g' -e 's/MINvac.pdb//g'

* recursive find and replace

find . -type f -print0 | xargs -0 sed -i 's/MYSQL_USER/MYSQL_ROOT_USER/g'

* no lookups by default

use: -E o -r ( -E, -r, --regexp-extended )


21 August 2017

Inputless WLS Credentials

Awkwardly WLS develoment version does not show credentials input when booting.
Of course, the solution is to create security/boot.properties.
however if I don't press [enter] then it waits forever :S

Probably there is a patch for this, but dev version

<Aug 11, 2017 11:30:18 AM CLT> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG128 to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true.>
<Aug 11, 2017 11:30:18 AM CLT> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 24.80-b11 from Oracle Corporation.>
<Aug 11, 2017 11:30:19 AM CLT> <Info> <Security> <BEA-090065> <Getting boot identity from user.>
---->
<Aug 10, 2017 6:01:49 PM CLT> <Info> <Management> <BEA-141298> <Could not register with the Administration Server: java.rmi.RemoteException: [Deployer:149150]An IOException occurred while reading the input. : with response code '401' : with response message 'Unauthorized'>
<Aug 10, 2017 6:01:49 PM CLT> <Info> <Management> <BEA-141107> <Version: WebLogic Server 12.1.3.0.0  Tue Aug 11 09:00:41 UTC 2015 1697938 >
<Aug 10, 2017 6:01:52 PM CLT> <Error> <Configuration Management> <BEA-150021> <The Administration Server failed to authenticate the identity of the user  starting the Managed Server. The reason for the error is .>
<Aug 10, 2017 6:01:52 PM CLT> <Alert> <Management> <BEA-141151> <The Administration Server could not be reached at http://127.0.0.1:7001.>
<Aug 10, 2017 6:01:52 PM CLT> <Info> <Configuration Management> <BEA-150018> <This server is being started in Managed Server independence mode in the absence of the Administration Server.>
<Aug 10, 2017 6:01:52 PM CLT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING.>
<Aug 10, 2017 6:01:52 PM CLT> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool.>
<Aug 10, 2017 6:01:52 PM CLT> <Info> <WorkManager> <BEA-002942> <CMM memory level becomes 0. Setting standby thread pool size to 256.>

11 July 2017

Software Architect Skills/Responsabilities

There are several list of required skills/responsabilities a Software Architect should have.
One of these (a little old now, but still valid) is:

https://dzone.com/articles/architecture-%E2%80%93-top-10-traits

  1.     Knowledge of relevant technologies
  2.     Strong analysis & design skills
  3.     Coding & POCs
  4.     Architecture & design activities
  5.     Modeling language/Tools
  6.     Architectural frameworks/Tools
  7.     Communication
  8.     Training/Mentoring
  9.     Sales/Pre-sales
  10.     Presentation Skills

PD: as usual, I'll be updating this Post as I find new resources or my own ideas...

  1. Code Review

from Simon Brown:



12 May 2017

Java Muxer WLS



Go to Environment > Servers > your_Server > Tuning, under Advanced, set the Muxer Class based on your OS and reboot the server. 

Solaris/HP­UX Native Muxer : weblogic.socket.DevPollSocketMuxer 
POSIX Native Muxer : weblogic.socket.PosixSocketMuxer
Windows Native Muxer : weblogic.socket.NTSocketMuxer
Java Muxer : weblogic.socket.JavaSocketMuxer

java.lang.Thread.State: RUNNABLE
at sun.nio.ch.EPollArrayWrapper.epollWait(Native Method)

at sun.nio.ch.EPollArrayWrapper.poll(EPollArrayWrapper.java:269)
at sun.nio.ch.EPollSelectorImpl.doSelect(EPollSelectorImpl.java:79)
at sun.nio.ch.SelectorImpl.lockAndDoSelect(SelectorImpl.java:87)
­ locked <0x0000000789f2b040> (a sun.nio.ch.Util$2)
­ locked <0x0000000789f2b030> (a java.util.Collections$UnmodifiableSet)
­ locked <0x0000000789f2adf8> (a sun.nio.ch.EPollSelectorImpl)
at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:98)
at weblogic.socket.NIOSocketMuxer$NIOInputStream.readInternal(NIOSocketMuxer.java:815) at weblogic.socket.NIOSocketMuxer$NIOInputStream.read(NIOSocketMuxer.java:759)
at weblogic.socket.NIOSocketMuxer$NIOInputStream.read(NIOSocketMuxer.java:742)
at weblogic.socket.JSSEFilterImpl.readFromNetwork(JSSEFilterImpl.java:462)
at weblogic.socket.JSSEFilterImpl.read(JSSEFilterImpl.java:424)
at weblogic.socket.JSSESocket$JSSEInputStream.read(JSSESocket.java:64)

Catastrophic Regexp (again)

Hitting a stuck thread:
"main" prio=5 tid=0x00007fd577005800 nid=0x1c03 runnable [0x00007000035db000]
   java.lang.Thread.State: RUNNABLE
    at java.util.regex.Pattern$5.isSatisfiedBy(Pattern.java:5151)
    at java.util.regex.Pattern$5.isSatisfiedBy(Pattern.java:5151)
    at java.util.regex.Pattern$CharProperty.match(Pattern.java:3694)
    at java.util.regex.Pattern$Curly.match0(Pattern.java:4158)
    at java.util.regex.Pattern$Curly.match(Pattern.java:4132)
    at java.util.regex.Pattern$Start.match(Pattern.java:3408)
    at java.util.regex.Matcher.search(Matcher.java:1199)
    at java.util.regex.Matcher.find(Matcher.java:592)
    at java.util.regex.Pattern.split(Pattern.java:1200)
    at java.lang.String.split(String.java:2313)
    at RegExpTest.main(RegExpTest.java:28)

Once again it's a "stuck" thread for the catastrophic issue in regexp:
https://github.com/devwebcl/regexp-playground/blob/master/src/main/java/cl/devweb/regexp/exploit/JxlsBug.java


09 May 2017

Software Architecture Books

List of most important of Software Architecture books:

Software Architecture in Practice (3rd Edition)
Len Bass, Paul Clements, Rick Kazman









Software Systems Architecture: Working With Stakeholders Using Viewpoints and Perspectives (2nd Edition)
Nick Rozanski, Eóin Woods


“Software Architecture: Foundations, Theory, and Practice”
R. N. Taylor, N. Medvidovic, E. M. Dashofy
https://images-na.ssl-images-amazon.com/images/I/51-zNj0gg3L._SX386_BO1,204,203,200_.jpg


Design Patterns: Elements of Reusable Object-Oriented Software
Erich Gamma, Richard Helm, Ralph Johnson y John M. Vlissides. 1994













Software Architecture for Developers
Simon Brown
 Technical leadership and the balance with agility

97 Things Every Software Architect Should Know: Collective Wisdom from the Experts
 97 Things Every Software Architect Should Know: Collective Wisdom from the Experts


The Mythical Man-Month: Essays on Software Engineering
Frederick P. Brooks Jr.
 The Mythical Man-Month: Essays on Software Engineering


Software Architecture Pattern
Mark Richards
Software Architecture Patterns


12 More Essential Skills for Software Architects
Dave Hendricksen
 12 More Essential Skills for Software Architects

Enterprise Integration Patterns
Gregor Hohpe, Bobby Woolf 
Enterprise Integration Patterns.jpg


Cracking the IT Architect Interview
Sameer Paradkar











  

Just Enough Software Architecture
George Fairbanks
https://images-na.ssl-images-amazon.com/images/I/61%2BhzVm5IoL._SX397_BO1,204,203,200_.jpg


Building Evolutionary Architectures
Neal Ford, Rebecca Parsons, Patrick Kua
https://covers.oreillystatic.com/images/0636920080237/lrg.jpg


Essential Software Architecture
Ian Gorton
Essential Software Architecture

Patterns of Enterprise Application Architecture, 1st Edition
Martin Fowler


Designing Software Architectures: A Practical Approach, 1st Edition
Humberto Cervantes , Rick Kazman


Documenting Software Architectures: Views and Beyond (2nd Edition)
Paul Clements, Felix Bachmann, Len Bass, David Garlan, James Ivers, Reed Little, Paulo Merson, Robert Nord, Judith Stafford


Clean Architecture: A Craftsman's Guide to Software Structure and Design, 1st Edition
Robert C. Martin


Thinking Architecturally
Nathaniel Schutta













37 Things One Architect Knows About IT Transformation: A Chief Architect's Journey
Gregor Hohpe








Evaluating Software Architectures: Methods and Case Studies 1st Ed, 2001
Paul Clements, Peter Gordon, Rick Kazman Mark Klein



03 May 2017

Design Patterns: A domain agnostic approach


a book about explaining in a different way GoF patterns, given several examples (use case) by pattern, this way providing a better explanation for each one, this means a leverage for a better understanding, and promoting GoF to a reference book.

A good approach used is to ask himself about different situations, including boundary cases and how each pattern may help or even not help (clarifying common misunderstanding).

A great companion book for Gof, and even Gof becomes as a reference book whereas DPA becomes the book to read.

24 March 2017

Analyzing WLS

A very (old) common question is how to analyze (stuck) WLS.

The first we need to do here is to take Heap and Thread Dumps.

Take several Thread dump and one heap dump (although the last one has an embedded thread dump), this will help to find out issues, OOM, connection leaks, recurrent garbage collector, etc.

Heap dump:

jmap -dump:format=b,file=/home/user/tmp/heap.hprof <pid>

kill -3 <pid>
   jstack -l <PID>

i.e.:

Last login: Thu Mar 23 17:57:43 on ttys002
hola$ ps -fea | grep -i weblogic
  501  6179  6178   0  4:04PM ttys001    0:00.00 sh /Users/German/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/startWebLogic.sh
  501  6180  6179   0  4:04PM ttys001    0:00.02 /bin/sh /Users/German/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/bin/startWebLogic.sh
  501  6225  6180   0  4:04PM ttys001    0:56.60 /Library/Java/JavaVirtualMachines/jdk1.7.0_80.jdk/Contents/Home/bin/java -server -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=128m -XX:MaxPermSize=256m -Dweblogic.Name=AdminServer -Djava.security.policy=/Users/German/Oracle/Middleware/Oracle_Home/wlserver/server/lib/weblogic.policy -Xverify:none -Djava.endorsed.dirs=/Library/Java/JavaVirtualMachines/jdk1.7.0_80.jdk/Contents/Home/jre/lib/endorsed:/Users/German/Oracle/Middleware/Oracle_Home/wlserver/../oracle_common/modules/endorsed -da -Dwls.home=/Users/German/Oracle/Middleware/Oracle_Home/wlserver/server -Dweblogic.home=/Users/German/Oracle/Middleware/Oracle_Home/wlserver/server -Dweblogic.utils.cmm.lowertier.ServiceDisabled=true weblogic.Server
  501  8061  7485   0 10:08AM ttys002    0:00.00 grep -i weblogic
[German@KDU ~]$ kill -3 6225
[German@KDU ~]$ kill -3 6225
[German@KDU ~]$ kill -3 6225
...
[German@KDU tmp]$ jmap -dump:format=b,file=/Users/German/tmp/heap.hprof 6225
Dumping heap to /Users/German/tmp/heap.hprof ...
Heap dump file created
[German@KDU tmp]$ 
Other important information would be to retrieve PermGen stats:

$ jmap 28705 -permstat

To get information of variables of java process (including classpath)

jinfo <pid>


16 March 2017

AWS Servicios canónicos y más

Servicios básicos de AWS:


Amazon Virtual Private Cloud enables you to launch Amazon Web Services (AWS) resources into a virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS. 


Amazon EC2

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale
cloud computing easier for developers.


Amazon CloudWatch 
is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by your applications and services, and any log files your applications generate. You can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health. You can use these insights to react and keep your application running smoothly.


Elastic Load Balancing
Elastic Load Balancing automatically distributes your incoming application traffic across multiple targets, such as EC2 instances. It monitors the health of registered targets and routes traffic only to the healthy targets. Elastic Load Balancing supports two types of load balancers: Application Load Balancers and Classic Load Balancers.
 

El producto Elastic Load Balancing tiene 2 posibilidades de uso: 

  • Classic Load Balancer
  • Application Load Balancer (es la opción que es mas versátil)


Amazon S3
Amazon Simple Storage Service (Amazon S3), provides developers and IT teams with secure, durable, highly-scalable
cloud storage.


Amazon RDS
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a
relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks, freeing you up to focus on your applications and business. Amazon RDS provides you six familiar database engines to choose from, including 
Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server.

 

Amazon Aurora
is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.


Amazon DynamoDB 
is a fast and flexible
NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale.


Amazon SQS Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, fully managed message queuing service.


Amazon CloudFront 
is a global Content Delivery Network (CDN) service that accelerates delivery of your websites, APIs, video content or other web assets. It integrates with other Amazon Web Services products to give developers and businesses an easy way to accelerate content to end users with no minimum usage commitments.
It is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application.

 

--- 2020:

 

Amazon Kinesis Data Firehose
is the easiest way to reliably load streaming data into data lakes, data stores, and analytics tools. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk, enabling near real-time analytics with existing business intelligence tools and dashboards you’re already using today.


AWS CloudFormation
provides a common language for you to model and provision AWS and third-party application resources in your cloud environment. AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third-party resources.


AWS Fargate
is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS). Fargate makes it easy for you to focus on building your applications. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design.


Amazon ECS - Elastic Container Service
Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service. Customers such as Duolingo, Samsung, GE, and Cookpad use ECS to run their most sensitive and mission critical applications because of its security, reliability, and scalability.

ECS is a great choice to run containers for several reasons (container orchestration services). First, you can choose to run your ECS clusters using AWS Fargate, which is serverless compute for containers. Fargate removes the need to provision and manage servers, lets you specify and pay for resources per application, and improves security through application isolation by design. Second, ECS is used extensively within Amazon to power services such as Amazon SageMaker, AWS Batch, Amazon Lex, and Amazon.com’s recommendation engine, ensuring ECS is tested extensively for security, reliability, and availability.


Amazon ECR - Elastic Container Registry
Easily store, manage, and deploy container images
Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon Elastic Container Service (ECS), simplifying your development to production workflow. Amazon ECR eliminates the need to operate your own container repositories or worry about scaling the underlying infrastructure. Amazon ECR hosts your images in a highly available and scalable architecture, allowing you to reliably deploy containers for your applications.


AWS IoT Core
is a managed cloud service that lets connected devices easily and securely interact with cloud applications and other devices.


AWS Secrets Manager
helps you protect secrets needed to access your applications, services, and IT resources
AWS Secrets Manager
is a secrets management service that helps you protect access to your applications, services, and IT resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

 

Amazon Kinesis Data Streams
enables you to build custom applications that process or analyze streaming data for specialized needs. You can continuously add various types of data such as clickstreams, application logs, and social media to an Amazon Kinesis data stream from hundreds of thousands of sources. Within seconds, the data will be available for your Amazon Kinesis Applications to read and process from the stream.

 

Amazon Cognito
provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a user name and password, or through a third party such as Facebook, Amazon, Google or Apple.
(The /oauth2/token endpoint gets the user's tok
ens.)
https://aws.amazon.com/blogs/security/how-to-add-authentication-single-page-web-application-with-amazon-cognito-oauth2-implementation/

With Amazon Cognito, you can easily add user sign-up, sign-in, and data synchronization to serverless applications. Amazon Cognito user pools provide built-in sign-in screens and federation with Facebook, Google, Amazon, and Security Assertion Markup Language (SAML). Amazon Cognito Federated Identities lets you securely provide scoped access to AWS resources that are part of your serverless architecture.


Amazon Athena
is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.
 



Amazon Macie
is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as Personally Identifiable Information (PII) or intellectual property and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved. 


Amazon EMR
An Amazon EMR release is a set of open-source applications from the big-data ecosystem. Each release comprises different big-data applications, components, and features that you select to have Amazon EMR install and configure when you create a cluster. Applications are packaged using a system based on Apache BigTop, which is an open-source project associated with the Hadoop ecosystem. This guide provides information for applications included in Amazon EMR releases.
(Hadoop, Spark, Sqoop).
Presto is a fast SQL query engine (~Hive) designed for interactive analytic queries over large datasets from multiple sources. 

 

AWS Glue
is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. You can create and run an ETL job with a few clicks in the AWS Management Console. (Data Lake =
(job, crawler)).
 


A cloud IDE for writing, running, and debugging code.


Key Management Service (KMS) makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect your keys. AWS KMS is integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs.


AWS SQS
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message-oriented middleware, and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available.


Amazon Simple Workflow Service (SWF)
helps developers build, run, and scale background jobs that have parallel or sequential steps. You can think of Amazon SWF as a fully-managed state tracker and task coordinator in the Cloud.


Amazon MSK
Amazon Managed Streaming for Apache Kafka is a fully managed service, highly available, and secure Apache Kafka service that makes it easy for you to build and run applications that use Apache Kafka to process streaming data.



AWS Cloud Map
is a cloud resource discovery service. With Cloud Map, you can define custom names for your application resources, and it maintains the updated location of these dynamically changing resources. This increases your application availability because your web service always discovers the most up-to-date locations of its resources.
 


Amazon Elasticsearch Service
is a fully managed service that makes it easy for you to deploy, secure, and run Elasticsearch cost-effectively at scale. You can build, monitor, and troubleshoot your applications using the tools you love, at the scale you need. The service provides support for open-source Elasticsearch APIs, managed Kibana, integration with Logstash and other AWS services, and built-in alerting and SQL querying. Amazon Elasticsearch Service lets you pay only for what you use – there are no upfront costs or usage requirements. With Amazon Elasticsearch Service, you get the ELK stack you need, without the operational overhead.


Amazon Elastic Transcoder
is media transcoding in the cloud. It is designed to be a highly scalable, easy to use and a cost-effective way for developers and businesses to convert (or “transcode”) media files from their source format into versions that will playback on devices like smartphones, tablets, and PCs.


AWS Lambda
lets you run code without provisioning or managing servers. You pay only for the compute time you consume.
With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Not everything can be triggered by lambdas (i.e.: RDS).



AWS X-Ray
helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components.


Amazon ElastiCache
allows you to seamlessly set up, run, and scale popular open-Source compatible in-memory data stores in the cloud. Build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores. Amazon ElastiCache is a popular choice for real-time use cases like Caching, Session Stores, Gaming, Geospatial Services, Real-Time Analytics, and Queuing.
Amazon ElastiCache offers fully managed Redis and Memcached for your most demanding applications that require sub-millisecond response times.


Amazon EC2 C5 instances
are the next generation of the Amazon EC2 Compute Optimized instance family. C5 instances offer the lowest price per vCPU in the Amazon EC2 family and are ideal for running advanced compute-intensive workloads. This includes workloads such as high-performance web servers, high-performance computing (HPC), batch processing, ad serving, highly scalable multiplayer gaming, video encoding, scientific modeling, distributed analytics and machine/deep learning inference.


NAT Gateways
You can use a network address translation (NAT) gateway to enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances.


AWS EventBridge
Amazon EventBridge allows you to route events between AWS services, integrated software as a service (SaaS) applications, and your own applications. Event producers publish events onto an event bus, which uses rules to determine where to send those events. The rules can specify one or more targets, which can be other AWS services or Lambda functions. This model makes it easy to develop scalable, distributed serverless applications by handling event routing and filtering.


AWS WAF - Web Application Firewall
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS WAF gives you control over how traffic reaches your applications by enabling you to create security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific traffic patterns you define. You can get started quickly using Managed Rules for AWS WAF, a pre-configured set of rules managed by AWS or AWS Marketplace Sellers. The Managed Rules for WAF address issues like the OWASP Top 10 security risks. These rules are regularly updated as new issues emerge. AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of security rules.

2021 ----

AWS Batch
has limit of 20 job queue. Before you can submit jobs in AWS Batch, you must create a job queue. When you create a job queue, you associate one or more compute environments to the queue and assign an order of preference for the compute environments.

You also set a priority to the job queue that determines the order in which the AWS Batch scheduler places jobs onto its associated compute environments. For example, if a compute environment is associated with more than one job queue, the job queue with a higher priority is given preference for scheduling jobs to that compute environment.

AWS Landing Zone
This solution is delivered by AWS Solutions Architects or Professional Services consultants to create a customized "baseline" of AWS accounts, networks, and security policies.

ACM
AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/

AWS VPN
AWS Virtual Private Network solutions establish secure connections between your on-premises networks, remote offices, client devices, and the AWS global network. AWS VPN is comprised of two services: AWS Site-to-Site VPN and AWS Client VPN. Together, they deliver a highly-available, managed, and elastic cloud VPN solution to protect your network traffic.
 
AWS Direct Connect
enables you to securely connect your AWS environment to your on-premises data center or office location over a standard 1 gigabit or 10 gigabit Ethernet fiber-optic connection.

- AWS Transfer Family
- Amazon Glacier

- AWS Redshift
- AWS QuickSight
- AWS SNS

- AWS Cloudtrail
- Amazon GuarDuty
- AWS Config
- AWS trusted Advisor
 

AWS EKS - Amazon Elastic Kubernetes Service
gives you the flexibility to start, run, and scale Kubernetes applications in the AWS cloud or on-premises. Amazon EKS helps you provide highly-available and secure clusters and automates key tasks such as patching, node provisioning, and updates. (EKS = Managing Kubernetes cluster on AWS infrastructure).


My Blog List

Blog Archive

Disclaimer

The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.