Bei der Java User Group Dortmund ist es in den letzten Jahren zur Tradition geworden, am Tag nach dem Javaland eine Minikonferenz zu organisieren und Sprecher aus dem Javaland nach Dortmund einzuladen. In diesem Jahr schaffen wir dies aus verschiedenen Gründen nicht, wollten aber auch nicht mit dieser Tradition brechen. Daher haben wir uns spontan entschieden, ein Auswärtsspiel zu organisieren. Gemeinsam mit der REWE digital in Köln organisieren wir im bekannten Format ein Abend mit internationalen Top-Sprechern aus dem Javaland. Auch wenn die Anreise für ein solches Auswärtsspiel etwas weiter ist, möchten wir allen Java Entwicklern in der Region die Möglichkeit bieten, zwei ausgewählte Vorträge aus dem Javaland zu besuchen.
Dieses Treffen findet bei REWE digital auf dem Carlswerkgelände in der Schanzenstraße in Köln Mülheim statt.
Gebäude Kupferwerk 2.15
Das Gelände des Carlswerks ist ziemlich weitläufig, deshalb bitte die Anfahrtsbeschreibung beachten.
Talk #1 “Making Microservices Micro Again with Istio Service Mesh”
(Ray Tsang, Google, @saturnism)
Microservices are here to stay. When applied properly, microservices techniques and culture ultimately help us continuously improve business at a faster pace than traditional architecture. However, microservices architecture itself can be complex to configure. All of a sudden, we are faced with the need for a service discovery server, how do we store service metadata, make decisions on whether to use client side load balancing or server side load balancing, deal with network resiliency, think how do we enforce service policies and audit, trace nested services calls… The list goes on.
Sure, it’s easy to have a single stack that makes everything work provided there are good microservices support – but what if you have a polyglot environment? How would you make sure all of the stack can address the same concerns in a consistent way? This is where a service mesh comes in.
In this talk, Ray will introduce Istio, an open source service mesh framework created by Google, IBM, and Lyft. We’ll see how the service mesh work, the technology behind it, and how it addresses aforementioned concerns.
About Ray Tsang
Ray is a Developer Advocate for the Google Cloud Platform. Ray had extensive hands on cross-industry enterprise systems integration delivery and management experiences since 2002. Ray has built mobile applications & micropayment systems as an independent contractor. During his time in Taiwan, Ray has built IT systems for Taiwanese government for a large scale search engine, electronic customs record management, and more. At Accenture, Ray was a team lead for a SOA deployment at a utilities company, building out common frameworks for messaging and service tracing. Moreover, Ray was an architect leading teams to implement online booking channels for a global hospitality company. During Ray’s time at Red Hat, he was specialized in Java middleware, and contributing to open source projects such as Infinispan.
Aside from technology, Ray enjoys traveling and adventures. Ray is currently a Developer Advocate at Google.
Talk #2 “Deconstructing and Evolving REST Security”
(David Blevins, Tomitribe, @dblevins)
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. We then detail a competing Amazon-style approach called HTTP Signatures, ideal for B2B scenarios and similar to what is use to secure all Amazon AWS API calls. Each approach will be explored analyzing the architectural differences, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, “I could write this myself.”
As a bonus at the end, we’ll peak into a new IETF Internet Draft launched this year that combines JWT and HTTP Signatures into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios. Come to this session if you want to go from novice to expert with a bit of humor, a big picture perspective and wire-level detail.
About David Blevins
Founder of Tomitribe, veteran of Open Source Java EE in both implementing and defining JavaEE specifications for over 15 years with a strong drive to see JavaEE simple, testable and as light as Java SE. Co-Founder of OpenEJB (1999), Geronimo (2003), TomEE (2011). Member of the Eclipse MicroProfile, Jakarta EE PMC, JCP Executive Committee, Java EE 8 Expert Group, past member of the Java EE 7, EJB 3.2, and EJB 3.0 Expert Groups. Contributing author to Component-Based Software Engineering: Putting the Pieces Together from Addison Wesley.