License Switch GPL-3.0 to EPL 2.0

We consider to switch the licence model for Imixs-Workflow from GPL-3.0 to EPL 2.0. The new license model will affect the Jakarta EE 9 development stream. Older versions of Imixs-Workflow will not be affected from this change.

The Eclipse Public License is a modern license which reflects the norms and expectations of an industry that has changed a lot in the last years. The EPL has been approved by the Free Software Foundation (FSF) and the Open Source Imitative (OSI).

As a weak copyleft license, the EPL is a middle ground of sorts between permissive options (like the MIT License or Apache License 2.0) and strong copyleft licenses (like GPL v2 and GPL v3.) A core requirement of the EPL – one that’s not part of permissive licenses – is that derivative works of EPL-licensed code must also be licensed under the EPL. As such, anyone who distributes a program that constitutes such a derivative work must also make their source code available. Find more details here.

In addition we plan that the new license will include also a secondary license for GPL-2.0+ compatibility. In this way you can still license your work under GPL if you like.

The notion of a “Secondary License” is intended to permit combining content licensed under the EPL-2.0 with an otherwise incompatible license, specifically the GNU General Public License, v2.0 or greater. This means that the content that includes a Secondary License clause may be combined with content distributed under the terms of that Secondary License, and the combined content can be then be collectively distributed under the terms of that Secondary License.

Does EPL-2.0 change the scope of the copyleft?

The EPL-2.0 is a weak copyleft license. In its simplest terms, that means that if you have modified EPL-2.0 licensed source code and you distribute that code or binaries built from that code outside your organization, you must make the source code available under the EPL-2.0.

Can I take a Program licensed under the EPL, compile it without modification, and commercially license the result?

Yes. You may compile a Program licensed under the EPL without modification and commercially license the result in accordance with the terms of the EPL.

Can I modify the EPL-2.0 License?

No. Everyone is permitted to copy and distribute copies of the new Agreement; however, in order to avoid inconsistency, the agreement is copyrighted and may only be modified by the Agreement Steward who reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify the Agreement.

Find also more details see the EPL FAQs. If you have any questions please add your comments here.

Why AWS & Azure Are Not Kubernetes

When you hear about Kubernetes for the first time these days, you might get the impression that Kubernetes has a lot to do with AWS or Azure. If you read blogs or tutorials about Kubernetes or even if you join conferences, AWS and Azure is everywhere. It seems like a stupid idea not to believe that Kubernetes is based on these Internet platforms and can exist outside them.

But Kubernetes is far away from being a product or internet service that is only offered by Amazon or Microsoft. Rather, Kubernetes is an open source platform which is supported and developed by the Linux Foundation. Many people are working on the concepts for this open platform on a daily basis. And the goal of Kubernetes is to provide an open and powerful platform for operating container-based applications and Microservices.

It was never a walk in the park to setup and operate a stable and highly available cloud environment consisting of many servers. With Kubernetes companies and organizations should be enabled to run a server infrastructure for container-based applications by there own. Google has published his own experiences in this area and handed it over to the Linux Foundation in order to share that knowledge with others. And it was never the goal to make a product or put organizations in a dependent situation. On the other hand, it is a big business for companies like Microsoft and Amazon to offer their services based on the concepts of Kubernetes. Binding customers to their platforms is the new way of licencing. And they do a lot of marketing to succeed.

Build Your Own Cluster

Believe it or not, you can set up your own Kubernetes cluster and run it successfully in just a few hours. The concepts of Kubernetes provide many solutions for the problems that normally arise when operating large server environments. The result will be a stable and sustainable cloud infrastructure that you can control yourself.

Of course, Kubernetes is a complex system of many different building blocks. It takes time to get used to it. But today there are also a lot of concepts available to achieve success quickly. So don’t hesitate and take control of your personal cloud platform.

If you like, you can take a look at our open source project ‘Imixs-Cloud‘, which shows a simple and stable approach for the operation of a Kubernetes cluster.

Imixs Workflow & SpaCy 3.1

With its latest version, the Open Source Workflow Engine Imixs-Workflow fully integrates the AI Framework SpaCy v3.1. SpaCy has become an industry standard over the last two years with a huge ecosystem. SpaCy can be combined with a variety of plugins and so called pipelines, to process any kind of data within a machine learning environment.

The Imixs Workflow project Imixs-ML follows a generic approach to combine machine learning frameworks with BPMN. The project provides a core API and a Rest Service Interface. This makes it easy to combine the workflow management platform with the AI ecosystem from spaCy. The integration is based on the Imixs Micro Kernel architecture which allows a modern model based development.

The Imixs-ML project is hosted on Gibhub.

Processing Business Documents with AI

An example of how AI can be combined with BPM, is the processing of business documents. The concepts of natural language processing (NLP) with its sub domains of entity recognition and classification allows the analysis of business documents in various ways. For example, payment information like IBAN/BIC and an payment date can be extracted from an invoice document to be processed by the Imixs Workflow engine. With the classification of documents, for example, customer orders can be automatically routed to the responsible sales department. This all is embedded into a continuous learning technology where the Imixs Workflow engine automatically refines the ML models based on the decisions made by humans actors in a specific business process. Starting from scratch is possible even if only a small training database exists.

Dynamic Classification

One new feature of SpaCy 3.1 is the new multi-label classifier. This new pipeline allows the learning of new categories within an existing ML model. For a continuous learning system like Imixs-ML this is a great feature to extract more data from a business task with the help of AI.

If you like to learn more about the BPMN and AI start a dicsussion on Github or ask our experts.

Imixs Workflow on Jakarta EE 9

Imixs-Workflow is the first open source workflow engine running on Jakarta EE 9. The latest version 6.0 can be run on every modern application server supporting the new cloud native industry standard. This allows you to digitize your business processes in a modern, portable and open IT environment.

Jakarta EE is a set of specifications that enables the world wide community of java developers to work on cloud native Java enterprise applications. Imixs-Workflow integrates into this technology and provides you a powerfull, stable and sustainable way to map your business processes according to the BPMN 2.0 standard.

For many years, Java EE has been a major platform for mission-critical enterprise applications. Imixs Workflow was founded on this technology from the first beginning. In order to accelerate business application development for a cloud-native world, the Java EE specification moved to the Eclipse Foundation enabling a community-driven collaboration and a more open innovation.

Version 6.0.0 and Java 11

With version 6.0.0, Imixs Workflow adapted the existing technology to the new Jakarta EE 9 specification and modernized various areas of the open source workflow engine. At the same time, with this release, the switch to Java 11 is now completed.

Rule Engine based on GraalVM

The integrated business rule engine of Imixs Workflow is now based on the GraalVM technology. With the new rule engine, business rules can now be written in different popular languages and can be combined with additional features and libraries. This allows the design and the execution of more complex business processes based on the BPMN 2.0 standard.

With the Jakarta EE 9 application ‘Imixs-Process-Manager‘, the Imixs Workflow project provides a reference application for a quick start. The project is hosted on Github.

Imixs Workflow is 100% open source and we invite you to participate in it. There are different ways how you can do that. Join the Imixs Workflow Project now on GitHub. You can help to improve the project by reporting bugs or start a new discussion.

Stream Analytics with Imixs-Workflow

The real-time processing of a continuous stream of business data and events is becoming increasingly important in modern IT architectures. This type of architecture, in which events are building the centre of data processing, is also known as a Reactive Streaming Architecture. In the following we will show how to solve some of the related challenges with the help of a workflow technology.

Let’s take a closer look at this type of architecture first. Basically, the event-based processing of data is not new and has actually been developed for decades in various specialized domains such as the financial sector. But since the last few years, new standards for processing data streams have emerged. Technologies like Apache Kafka, Storm, Flink or Spark are gaining popularity and pushing a new hype.

From industrial production systems to multiplayer computer games, so-called Streaming Architectures are used more and more frequently in order to be able to process big data in real time. Streaming architectures have developed into a central architectural element of modern technology companies. In many companies real-time streams have become the core system in their architecture.

The goal is to be able to integrate new system solutions more quickly and to connect any kind of data streams. The streaming architecture is not only found at technology giants such as Ebay, Netflix or Amazon, but today in every modern technology company that is working on the digitization of its business processes. So what are the main challenges in building such an architecture?

Continue reading “Stream Analytics with Imixs-Workflow”

Imixs-Cloud – Running SQL in Kubernetes

For most self managed Kubernetes environments the SQL database is one of the most important infrastructure parts. Typically SQL database servers are not designed to run on distributed nodes in an environment like Kubernetes. One solution is to run a single SQL database in a Kubernetes POD with a distributed filesystem like Longhorn or Ceph. This works well for example with PostgreSQL in most situations. Of course this can have some performance impacts and requires fast SSDs. Another solution is to run a distributed SQL Database like Cockroach. With the latest version of the Imixs-Cloud project we now offer a smart solution to run a SQL Database cluster within a self managed Kubernetes cluster.

Note: CockroachDB does not support the isolation level of transactions required for complex business logic. For that reason the Imixs-Workflow project does NOT recommend the usage of CockroachDB. See also the discussion here.

CockroachDB

CockroachDB is a distributed SQL database with a build in replication mechanism. This means that the data is replicated over several nodes in a database cluster. This increases the scalability and resilience in the case that a single node fails. With its Automated-Repair feature the database also detects data inconsistency and automatically fixes faulty data on disks. The project is Open Source and hosted on Github.

CockroachDB supports a lower level of ACID transactions. This means guaranteed atomicity, isolation, consistency, and durability of data is not the same quality as in a PostgreSQL database . However CockroachDB can be used in combination with Jakarta EE and JPA. Supporting the PostgreSQL wire protocol, CockroachDB can be used with the standard PostgresSQL JDBC driver.

See how CockroachDB can be used within the Imixs-Cloud project .

You can find a install guide here.

Imixs Cloud & GitOps

With the latest update of the Imixs-Cloud project the Kubernetes cluster environment now also supports GitOps. GitOps describes a concept in which a git repository can be used for the entire management process of an application – from development to deployment to maintenance. With the directory structure of separate sub-directories for each application the core concept of Infrastructure as Code was already supported by Imixs-Cloud from the beginning.

Now the project integrates the Open Source project Argo CD in its tool chain. If you already have a Imixs-Cloud environment running you can start Argo CD within seconds. Just edit the ingress deployment with your own Internet domain and start the deployment:

$ kubectl create namespace argocd 
$ kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
$ kubectl apply -f management/argo-cd/030-ingress.yaml

The Arco CD web UI allows you to easily snyc all your applications to be deployed, monitored and updated automatically.

You fill find the complete setup guide here.

Jakarta EE and Wildfly Running on Kubernetes

In this blog I will explain how to setup and customize Wildfly to run your Jakarta EE application on Kubernetes. We use this setup in our own Open Source project to run modern Jakarata EE applications on Kubernetes. You can find this project on Github.

Wildfly is Jakarta EE 8 compatible and includes the latest Eclipse MicroProfile in version 3.3. It provides a modern application framework out of the box to simplify the development of web applications and microservices. All runtime services minimize the heap allocation and applications are starting very fast with a minimum of memory.

Continue reading “Jakarta EE and Wildfly Running on Kubernetes”

Payara Micro 5.201 – Setup a JDBCRealm

To setup a database realm (JDBCRealm) in Payara Micro is a little bit tricky because some settings have changed in the past and so there is no clear updated example. This blog post shows a configuration example for Payara 5.2 in combination with a data source based on the Workflow project Imixs-Office-Workflow.

<security-service activate-default-principal-to-role-mapping="true" jacc="simple"
   audit-enabled="true" default-realm="jdbcRealm">

<auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm">
<property value="${com.sun.aas.instanceRoot}/config/admin-keyfile" name="file" />
<property value="fileRealm" name="jaas-context" />
</auth-realm>

<!-- Imixs file realm configuraiton START -->
<auth-realm classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" name="jdbcRealm">
<property name="jaas-context" value="jdbcRealm"></property>
<property name="encoding" value="Hex"></property>
<property name="password-column" value="password"></property>
<property name="datasource-jndi" value="jdbc/office"></property>
<property name="group-table" value="userid_usergroup"></property>
<property name="user-table" value="userid"></property>
<property name="group-name-column" value="group_id"></property>
<property name="group-table-user-name-column" value="id"></property>
<property name="digest-algorithm" value="SHA-256"></property>
<property name="user-name-column" value="id"></property>
</auth-realm>
<!-- Imixs file realm configuraiton END -->

....
<audit-module classname="com.sun.enterprise.security.ee.Audit" name="default">
<property name="auditOn" value="true" />
</audit-module>
.....
</security-service>

Take care about the property “group-table-user-name-column”. This property is new and specifies the column name for the userid within the group table.

Another important setting is the “default-realm” in the security-service tag. This property must be set to the name of the jdbcRealm (in my case “jdbcRealm”).

Enable Security Audit

To get more information what is happening during the authentication you can enable the security-service audit with the attribute

audit-enabled="true"

and the audit for the security module with the property ‘auditOn’

<audit-module classname="com.sun.enterprise.security.ee.Audit" name="default">
   <property name="auditOn" value="true" />
</audit-module>