Imixs-Cloud – Running SQL in Kubernetes

For most self managed Kubernetes environments the SQL database is one of the most painful infrastructure parts. Typically SQL database servers are not designed to run in a distributed environment like Kubernetes. Running it in an external environment is often not the desired architecture because a Kubernetes Cluster should not depend on external infrastructure. One solution is to run a single SQL database in a Kubernetes POD with a distributed filesystem like Longhorn or Ceph. But this always have some performance impacts and requires fast SSDs. Another solution is to run a distributed SQL Database like Cockroach.

With the latest version of the Imixs-Cloud project we now offer a smart solution to run a SQL Database cluster within a self managed Kubernetes cluster.

CockroachDB

CockroachDB is a distributed SQL database with a build in replication mechanism. This means that the data is replicated over several nodes in a database cluster. This increases the scalability and resilience in the case that a single node fails. With its Automated-Repair feature the database also detects data inconsistency and automatically fixes faulty data on disks. The project is Open Source and hosted on Github.

CockroachDB fully supports distributed ACID transactions. This means guaranteed atomicity, isolation, consistency, and durability of data. This allows CockroachDB to be used in combination with Jakarta EE and JPA. Supporting the PostgreSQL wire protocol, CockroachDB can be used out of the box for the Imixs Workflow engine using the standard PostgresSQL JDBC driver.

See how CockroachDB can be used within the Imixs-Cloud project .

You can find a install guide here.

Imixs Cloud & GitOps

With the latest update of the Imixs-Cloud project the Kubernetes cluster environment now also supports GitOps. GitOps describes a concept in which a git repository can be used for the entire management process of an application – from development to deployment to maintenance. With the directory structure of separate sub-directories for each application the core concept of Infrastructure as Code was already supported by Imixs-Cloud from the beginning.

Now the project integrates the Open Source project Argo CD in its tool chain. If you already have a Imixs-Cloud environment running you can start Argo CD within seconds. Just edit the ingress deployment with your own Internet domain and start the deployment:

$ kubectl create namespace argocd 
$ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
$ kubectl apply -f management/argo-cd/030-ingress.yaml

The Arco CD web UI allows you to easily snyc all your applications to be deployed, monitored and updated automatically.

You fill find the complete setup guide here.

Jakarta EE and Wildfly Running on Kubernetes

In this blog I will explain how to setup and customize Wildfly to run your Jakarta EE application on Kubernetes. We use this setup in our own Open Source project to run modern Jakarata EE applications on Kubernetes. You can find this project on Github.

Wildfly is Jakarta EE 8 compatible and includes the latest Eclipse MicroProfile in version 3.3. It provides a modern application framework out of the box to simplify the development of web applications and microservices. All runtime services minimize the heap allocation and applications are starting very fast with a minimum of memory.

Continue reading “Jakarta EE and Wildfly Running on Kubernetes”

Payara Micro 5.201 – Setup a JDBCRealm

To setup a database realm (JDBCRealm) in Payara Micro is a little bit tricky because some settings have changed in the past and so there is no clear updated example. This blog post shows a configuration example for Payara 5.2 in combination with a data source based on the Workflow project Imixs-Office-Workflow.

<security-service activate-default-principal-to-role-mapping="true" jacc="simple"
   audit-enabled="true" default-realm="jdbcRealm">

<auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm">
<property value="${com.sun.aas.instanceRoot}/config/admin-keyfile" name="file" />
<property value="fileRealm" name="jaas-context" />
</auth-realm>

<!-- Imixs file realm configuraiton START -->
<auth-realm classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" name="jdbcRealm">
<property name="jaas-context" value="jdbcRealm"></property>
<property name="encoding" value="Hex"></property>
<property name="password-column" value="password"></property>
<property name="datasource-jndi" value="jdbc/office"></property>
<property name="group-table" value="userid_usergroup"></property>
<property name="user-table" value="userid"></property>
<property name="group-name-column" value="group_id"></property>
<property name="group-table-user-name-column" value="id"></property>
<property name="digest-algorithm" value="SHA-256"></property>
<property name="user-name-column" value="id"></property>
</auth-realm>
<!-- Imixs file realm configuraiton END -->

....
<audit-module classname="com.sun.enterprise.security.ee.Audit" name="default">
<property name="auditOn" value="true" />
</audit-module>
.....
</security-service>

Take care about the property “group-table-user-name-column”. This property is new and specifies the column name for the userid within the group table.

Another important setting is the “default-realm” in the security-service tag. This property must be set to the name of the jdbcRealm (in my case “jdbcRealm”).

Enable Security Audit

To get more information what is happening during the authentication you can enable the security-service audit with the attribute

audit-enabled="true"

and the audit for the security module with the property ‘auditOn’

<audit-module classname="com.sun.enterprise.security.ee.Audit" name="default">
   <property name="auditOn" value="true" />
</audit-module>

Imixs Releases new Process Manager

The digitization of business processes has become a key challenge for organisations and enterprises. From the development perspective, essentially two things are needed for a modern application design:

  • a process description – created using the BPMN 2.0 standard
  • a runtime environment – to execute and persist business data in a secure way

With the Imixs Process Manager we are now releasing a new platform that combines the design and the execution of business processes in a highly scalable and easy to use environment. Organisations can start quickly and develop and test their own business process. And of course the open source platform can be customized and extended to be used for development as well as for production.

The Imixs Process Manager comes with a Docker profile that can be started within seconds in a containerised environment like Kubernetes.

BPMN 2.0

A business process is designed with the help of the Imixs-BPMN modeller tool. New models are uploaded and executed directly within the Imixs Process Manager.

Custom Forms

With the new build-in custom form generator, the Imixs Process Manager allows the definition of custom forms directly in a BPMN 2.0 model without writing one line of code. New forms are defined by a XML template which brings much more flexibility into the process design.

<?xml version="1.0"?>
<imixs-form>
  <imixs-form-section label="Order">
    <item name="_orderid" type="text" label="Order ID:" />
    <item name="_orderdate" type="date" label="Order Date:" />
  </imixs-form-section>
</imixs-form>

Open Source

Of course, the Imixs Process Modeller is open source and can be forked on GitHub.

The Imixs Process Manager provides a great new and easy way to start with modern business process management.

Imixs-Workflow 5.2 Supports Asynchronous Events

With the new release v5.2.0, the open source workflow engine Imixs-Workflow now supports the asynchronous execution of BPMN events.

This feature is a big step forward especially in a microservice architecture. The new so called AsyncEvents make it much more easier to decouple a Rest API call from the processing life cycle of the workflow engine. In this way the request-response pattern shows better performance and allows a very clear design of complex business processes.

The AsyncEvents were already part of the Imixs-Microservice project in a pre-release and become now a core feature of the Imixs-Workflow engine. Especially in more complex architectures, the use of the so-called SAGA Pattern is an important building block. With asynchronous events Imixs-Workflow is now supporting this design pattern as a core feature. Read also our blog about building powerful microservice solutions with the SAGA Pattern.

Microservice Saga Pattern with Imixs-Workflow

In my last blog I explained the core concepts behind the Microservice Saga Pattern. In this blog I will address the problem from a more practical perspective by demonstrating how Imixs-Workflow can be used as a Saga Orchestrator within a Microservice architecture. First, I would like to give a brief review of the main concepts of the saga pattern. Later I show some implementation examples.

Continue reading “Microservice Saga Pattern with Imixs-Workflow”

Cloud Native and Business Transactions

Everyone is talking about cloud technologies and of course every modern project relies on a microservice architecture. A variety of technologies and methods contribute to the success of this architecture pattern. But what does cloud native actually mean for the business world? How do companies and organizations implement business processes successfully beyond the big technology promises?

The basic idea of a microservice architecture is to break down the technical requirements of a software system into the smallest possible and therefore manageable services. The advantage: services created in this way can be developed independently of each other with different technologies by different teams. At the same time, we see new methods and technologies to connect, monitor and scale these services.

But just looking at the technology does’t mean that software can be developed faster and better. I would therefore like to compare some of these methods and technologies from the microservice architecture with the requirements for the development of business applications.

Continue reading “Cloud Native and Business Transactions”

Improved OCR Integration

The new version of the open source project Imixs-Workflow provides an improved OCR integration and supports much more document formats.

With the upcoming release of Imixs-Archive v2.1.2, which is part of the Imixs-Workflow ecosystem, nearly all kinds of documents can now be analyzed on demand. The Optical character recognition (OCR) is based on the latest version of the Apache Tika project. The Imixs-Archive service detects and extracts metadata and text from all common file types (such as Word, PPT, XLS, JPG and PDF). All of these file types are parsed through an integrated microservice, making the data useful for fulltext search, content analysis, translation, and machine learning.

Even a snapshot taken with your smartphone from an invoice or a contract document can now be transferred to the Imixs workflow system in seconds. This makes the digitization of business processes even faster and easier.

With the integrated Workflow Management Suite Imixs-Office-Workflow your team can collaborate fast, clear and in a structured way.

Imixs-Workflow provides a modern microservice architecture. This means that you can integrate this solution into any container-based infrastructure such as Kubernetes. The Imixs workflow project already provides production ready Docker images.

Kubernetes for Small and Medium Organisations

With Imixs-Cloud we started a new open infrastructure project, providing a lightweight kubernetes cluster for small and medium-sized organizations. This projects goal is to build, run and maintain business applications in a production ready and self managed kubernetes cluster. The main objectives of Imixs-Cloud are simplicity, transparency and operational readiness.

The runtime environment is based on Kubernetes and provides an easy way to setup and maintain a medium-sized kubernetes cluster environment hosted on virtual servers or bare metal. The project is open source and constantly under development. You can join the project on Github.

The project contains information how to setup a kubernetes cluster on bare metal servers or cloud servers.

Continue reading “Kubernetes for Small and Medium Organisations”