Author Archives: Jeanne Boyarsky

JavaOne – Java Secure Coding Guidelines for Java SE

Posted on by
Reply

“Java Secure Coding Guidelines for Java SE”

Speaker: Andrew Gross

For more blog posts from JavaOne, see the table of contents

This was the first Oracle talk I saw. It had the Oracle disclaimer. I was impressed he only showed it for 5 seconds. “It was there”!

References:

Mutability

  • make copies of data for output/input
  • copy list so know type/order as well
  • equals can be override so don’t trust identity equality
  • Java 8 adds unmodifiable view of list
  • Java 9 actually adds immutable collection with List.of()

Object construction

  • May need to protect if object isn’t completely created but have data to secure
  • Throwing an exception from a constructor does not protect from obtaining if finalize overridden
  • Making final helps
  • Use initialized field and don’t set fields until clean
  • Since Java 6, object guaranteed to be destroyed if exception thrown before super() called

Serialization

  • Avoid if security sensitive and guard sensitive data
  • Adds a hidden constructor
  • Lambdas can be serializiable [how? and they don’t have data anyway?]
  • Do not deserialize untrusted data. ex: microservices
  • Java 9 added a filter that can be invoked during deserialization so can limit based on what is expected

Access Control

  • Confused deputy – you can’t go to bank and ask for a million dollars. But if bank manager does on your behalf, he/she can. Confused deputy is where more privilege code does something on less privileged code’s behalf

Oracle security announcements are going to start including module names so can determine if affected.

My take: I mostly mentally checked out halfway through. This was really dry. I did learn that the Secure Coding Guidelines exist which means I can read it at some point. It didn’t help that he said to hold all questions; that would have broken it up a little and added some perspective.

JavaOne – Docker 101 Workshop

Posted on by
Reply

“Docker 101 Workshop”

Speaker: Eric Smalling

For more blog posts from JavaOne, see the table of contents

Used docker in the cloud on play-with-docker.com. The one used in class won’t be available after JavaOne, but they also have a training site that looks open.

VM vs Container

  • Not a VM – creates a binary artifact, underlying architecture is different
  • A VM is like a house – protection from outsiders (door/lock), own infrastructure (plumbing, foundation), minimum features (bedroom, bathroom). If want new VM, duplicate resources because like getting a new house.
  • Containers like Docker are like an apartment. They have protection (doorman), shared infrastructure (plumbing), come in different sizes within same building (studio, 1 bedroom, penthouse), can be very small (studio), isolate apps from each other (apartment door lock)
  • Containers come with base image, standardized packaging.
  • All containers share same OS Kernel; available for all major Linux distributions, Windows 2016 server and IBM mainframes

Docker

  • Build – dev env, Ship – create and store images, run – deploy/manage/scale
  • Can develop on exactly same container. No differences between Dev/QA/Prod
  • Immutable deployed artifact
  • Store artifacts in registry – repo for Docker images
  • Docker offers a trusted registry for Enterprise customers.

Terms

  • Docker Trusted Registry – store and distribute images
  • Docker Universal Control Plane – Web based management CaaS (containers as a service) – Swarm connects multiple Docker instances. Adds security/access control. Integrates with LDAP.
  • Docker Image – contains everything needed to run
  • Docker Container – standard unit in which app services resides
  • Docker Engine – Creates/ships/runs Docker containers
  • Service – an app or part of an app that provides a specific function
  • Stack – Represents multi-service applications. Made up of one or more services

Basic commands

These are the verbose commands for clarity

  • docker image pull account/dockerName:latest – pull latest dockerName from account – gets from docker web by default
  • docker image ls – list what pulled/built
  • docker container run -d -p portX:portY –name dockerName account/dockerName:latest – run detached (-d) run on port x and send to port y
  • docker container ps – the container running
  • docker container stop dockerName (or container id) – stop from running
  • docker container rm dockerName (or container id) – so don’t pile up
  • docker image rm account/dockerName:latest (or image id) – remove from local system to save space in cache
  • docker build -t account/dockerName:version . – build an image from your machine and tag
  • docker image push account/dockerName:version – push to docker hub

Dockerfile

  • Instructions on how to build a docker image
  • Looks similar to “native” commands
  • Important to optimize
  • Common for run commands to span lines. Can use \ to continue on new line for readability and ; to run multiple commands together
  • Each line in dockerfile adds a new layer. By combining run commands you minimize layers. This makes the image smaller and cleaner.
  • Commands
    • First line is “FROM dockerName:version” – this is the starting point for your image. Like a parent
    • RUN … – run a shell command in image building
    • COPY x y – copy from your machine (or where running the docker file) to VM location
    • EXPOSE port – tell container to expose port
    • CMD [a, b] – run the application

Lab 1

In GitHub, did task 1 together and then task 2 on our own.

Interesting facts

  • Using alpine Linux as base because small
  • If image doesn’t have account name (ex alpine vs joe:alpine), means it is a trusted/official image. Ex: mySql, Jenkins.
  • The Docker store has certified images which is a higher level of validation. Certified means supported/commercial.
  • Important to do all setup in Dockerfile so can recreate image on demand
  • Great learning moment about the dangers of using “latest” – need to use mysql 5.5 instead of latest because “latest” has a bug where mysql doesn’t start

Commands (this lab shows how to run a container for a single command, interactively and for a long running task)

  • docker container run alpine hostname – run hostname command in alpine vm
  • docker container ls – currently running containers
  • docker container ls -a – all containers; not just those running
  • docker container ps – works same as “ls” but only applies to containers. “ls” allows command to be equivalent for images and other types
  • docker container run –interactive –tty –rm ubuntu bash – opens root bash shell in image and remove the container when the container stops
  • docker container run \
    –detach \
    –name mydb \
    -e MYSQL_ROOT_PASSWORD=my-secret-pw \
    mysql:5.5 – run a container in detached mode with an easy to type name and an environment variable [remember to not to use this approach for a real password]
  • docker container logs mydb – see logs
  • docker container top mydb – shows processes
  • docker exec -it mydb \
    mysql \
    –user=root \
    –password=$MYSQL_ROOT_PASSWORD \
    –version – execute command inside the running container in an interactive shell to find out the running version

Lab 2

This lab builds an image from what we pulled from github, run it and delete it.

I learned

  • Our docker hub account id is just used for a namespace here since we aren’t pushing it. Like maven install vs maven deploy. Or like git commit vs git push.
  • Tab autocomplete works for container names!
  • Can run Linux VM on Windows host
  • Can’t run Windows VM on Linux host

Commands in lab 2

  • docker image build –tag boyarsky/linux_tweet_app:1.0 .
  • docker container run –detach –publish 80:80 –name linux_tweet_app boyarsky/linux_tweet_app:1.0
  • docker container rm –force linux_tweet_app

Layers

  • Example layers – kernel, OS, install, upgrade
  • An image is a giant tarball made up of layers
  • When create an image, there is a thin read/write layer on top. It is for things changed while running container.
  • Looks for a file from top to bottom so finds first matching one.
  • This is why layers remove extra files as last command to run. That way don’t have things don’t need. Saves space and search time.
  • When start a container, a writeable layer added on top.
  • When update image, Docker sees that it has all layers but new one so doesn’t need to re-download everything.

Volumes

  • For persisted data like logs or sharing data between containers.
  • Persists after container deleted unless explicitly delete.
  • Ex: Jenkins work directory
  • Can create in Dockerfile or via CLI
  • docker volume create volName – create volume
  • docker run -d -v volName:/path name ls /path – run container and list contents of volume
  • Use volumes to mount local code in running container – docker container run -v $(pwd):/path
  • Improves performance because avoids copy on write

Lab 3

Playing with volumes. (Lab 3 also has pushing to dockerhub but we didn’t get that far)

Commands in lab 3

  • docker container run \
    –detach \
    –publish 80:80 \
    –name linux_tweet_app \
    –mount type=bind,source=”$(pwd)”,target=/usr/share/nginx/html \
    boyarsky/linux_tweet_app:1.0 – use a bind mount which allows container to see directory on the underlying machine
  • cp index-new.html index.html – update file in underlying directory
  • docker rm –force linux_tweet_app – start over
  • docker container run \
    –detach \
    –publish 80:80 \
    –name linux_tweet_app \
    boyarsky/linux_tweet_app:1.0 – start without volume
  • docker rm –force linux_tweet_app – start over again
  • docker image build –tag boyarsky/linux_tweet_app:2.0 . – increment version since last time
  • docker image ls – see both versions 1.0 and 2.0
  • docker container run \
    –detach \
    –publish 80:80 \
    –name linux_tweet_app \
    boyarsky/linux_tweet_app:2.0
  • docker container run \
    –detach \
    –publish 8080:80 \
    –name old_linux_tweet_app \
    boyarsky/linux_tweet_app:1.0 – run with different name and port
  • docker image ls -f reference=”boyarsky/*” – list all with this account
  • docker login
  • docker image push boyarsky/linux_tweet_app:1.0 – push/publish
  • docker image push boyarsky/linux_tweet_app:2.0 – push/publish other version

My take: I was (just barely) able to complete the lab. I feel like I learned the basics and have a good kick off point when ready to acquire more hands on knowledge.

JavaOne – Legacy Developer’s Guide to Java 9

Posted on by
Reply

“Legacy Developer’s Guide to Java 9”

Speaker: Wayne Citrin

For more blog posts from JavaOne, see the table of contents

Multi-Release Jar Files

  • Pre Java 9, can use late binding where probe API at runtime and fall back to old approach. Reflection is ugly
  • add Multi-Release: true to manifest
  • Can specify folders for different version of Java
  • Can only specify versions Java 9 or later in folders. But can target Java 1.7 or 1.8 or whatever in root folder and provide Java 9 options in the “9” folder. Good for backward compatibility
  • Unknown how increased release cadance will affect this
  • New jar tool so can pass -legacyFolder and -release options.

Modules

  • Can use ordinary jar files aongside modularized jars and include in module path
  • A modularied jar file in the classpath is treated like any other jar file – the module rules are not enforced – no wins, but does work; good for migration
  • All ars in the classpath are considered part of a single unnabled module – exports everything to other odules and can access al other modules
  • If you hae a modularized app (aka you have a module path) but some old jars, just put in classpath
  • If put non-modularized jar in modpath, it becomes an automatic module with the module name using the name of the jar file. It exposes everything and can acess everything. Still useful so other modules can refer to it as a dependency
  • A package can only be in one named module (including automatic module – if not, will get runtime error
  • Can often put legacy jars in mod path

JLink
For sending custom JDK distros

My take: Wayne said this was intended to be a talk vs a BOF. So he had slides. Worked out well since this is a topic where more people have ideas than can offer information. Good end to the day.