BT
x Your opinion matters! Please fill in the InfoQ Survey about your reading habits!

Martijn Verburg Talks About jClarity, Adopt a JSR and Java Security
Recorded at:

Interview with Martijn Verburg by Charles Humble on Apr 23, 2013 | NOTICE: The next QCon is in San Francisco Nov 3-7, Join us!
11:10

Bio Martijn Verburg is the CTO of jClarity and has over 12 years experience as a technology professional and OSS mentor in a variety of environments from start-ups to large enterprises. He is the co-leader of the London Java Community and leads the global effort for the Java User Group's "Adopt a JSR" and "Adopt OpenJDK" programmes.

Software is changing the world; QCon aims to empower software development by facilitating the spread of knowledge and innovation in the enterprise software development community; to achieve this, QCon is organized as a practitioner-driven conference designed for people influencing innovation in their teams: team leads, architects, project managers, engineering directors.

   

1. My name is Charles Humble and I’m here at QCon London with Martijn Verburg. Martijn can you introduce yourself to the InfoQ community?

Sure, my name is Martijn, as you mentioned. I’m the CTO of a new startup called jClarity, which does performance tooling for Cloud, and I am the co-leader of the London Java Community, here in London, and we run a bunch of global programs to get developers involved in Java itself.

   

2. Does jClarity have a product out now?

It has two products out at the moment. One which is out in the public domain; the second product is just going under private beta with a couple of clients. The first product is a garbage collection log analyzer; I guess along the lines of what HPjmeter does, for those who have heard of that tool. And the second product is the sort of gem in the crown; this is what we have been building towards for a good year now and it’s designed to tell you, in real time, performance problems you are having on your various cloud nodes that are running JVM applications.

   

3. It’s a kind of a distributed profiler then?

It’s not really a profiler per se; we like to say that profiling is one of the last things you want to do. It is a distributed system; our daemons will run alongside your JVM application, running on whichever nodes you have out in the cloud, and when you detect that there is some sort of end user or end system performance problem, some treshold has been crossed, we then go into a slightly more intense triaging mode on the particular nodes that we know are causing the problem.

   

4. At that point, can you then get more like the sort of granularity you get with profiler, so what the method is and ...?

We can do that. We actually look at the problem holistically. So is it a problem with the operating system?; is it actually a problem with the network?; is it perhaps that there’s too much hard disk writing or reading going on? We look at those areas first, typically, and then we actually start diving back into the JVM itself, so is it garbage collection that’s causing the problem?; is it the fact that you’ve got a particularly compute-intensive algorithm that is running? So we have a machine learning decision matrix that actually very quickly looks at the particular area it needs to, whether that be the JVM, the operating system or something else and then returns you an answer in, hopefully, what we call plain English.

   

6. Do you have hooks for bespoke instrumentation?

We can do, yes; we try not to do too much bespoke instrumentation. The reason being is a lot of us at jClarity have worked with application performance monitoring tools in the past and we certainly found that once you start instrumenting a live running application, you impact that live running application heavily itself. So we prefer to read data away from those kind of very intrusive probes and we actually use a lot more mathematical theories, statistics, financial modeling , that sort of thing, to actually glean our answers basically.

   

7. Is it a pure JVM tool?

At the moment it’s purely a JVM tool. The sort of modeling that we’re building, in theory would work for most managed runtime systems so, for example, the .NET CLR. So with a little bit of extra expertise into the team we certainly could move into those areas if we needed to.

   

8. Do you support all JVM languages?

We support all JVM languages. We actually focus primarily on the JVM, so we don’t particularly care what language is running on top of it. Our first two clients at the moment happen to be Scala shops.

   

9. How much does it cost?

Well, that depends. At the moment the licensing model for jPDM that we are experimenting with, as it were, in the market place is a pure transaction model. Our clients seem to prefer that model. They see what we have for them as an insurance policy and for them, as they naturally grow and scale, they are quite happy to see our tool licensing grow in accordance with that.

   

10. Do you support other collectors with Censum, so Garbage-First for instance?

We don’t support the G1 collector at the moment. We haven’t seen it out there in the wild enough, and from our internal experimentation we’re not seeing it quite hit its promises yet. So we don’t think a lot of people, from their internal experimentation, will be shifting to it quite yet.

   

11. Do you think that’s a fundamental problem or do you think that’s something that will kind of get worked out, ie do you think it's a kind of a failed experiment or do you think it’s something that just maybe needs a bit of refining in the real world?

It’s hard to tell. I mean, even the earlier collectors, the ones that we know very well today, CMS for example, or the ParNew collector from the Young Gen space, they did take years to actually get just right and there are still bug fixes going into them today. So I think it’s just too early to tell. I also think that obviously there was a lot of change in personnel at Sun/Oracle in the last 4 / 5 years. That’s probably had an impact on G1’s making it to production; so we will see.

   

12. Something else that’s coming out in Java8 is the removal of the PermGem space. I'm interested, given that you’re doing a lot of work with Garbage Collection logs and that kind of thing, what your perception of that change is?

Initially we thought it was quite a bad idea, because the idea of PermGem holding objects or holding data, as it were, that we know, or that your application knows, should live forever as long as the JVM lives, was quite a sensible thing to do; put that in a nice safe place, never touch it. By putting it back into the regular heap you’re just asking the existing collectors to do more work. They constantly will have to scan these objects which are always going to be there. However, looking more at the implementation of what they move it into, which I think is something called Metaspaces, it sounds like they’ve actually come up with a fairly reasonable compromise. But we’re probably waiting for one more milestone release of Java out before we start running our real experiments with it.

   

13. What’s next for jClarity?

The next step for us will be to release jPDM, which is our premier product, to the public Cloud, basically. We’re going to release a demo that anyone will be able to trial online, just being able to fire up some AWS instances, run our tooling, see how it works, see if they like it and from there on in it will be available to the general public for use on Amazon in particular. So if you deploy to Amazon in an IaaS type solution then you’ll be able to use it. And we have a backlog of about 15 PaaS providers that we’ve signed up with to integrate with as well. So we will become part of Heroku, SalesForce, Google App Engine, those sorts of places. Not everything is in concrete yet, but that’s generally the plan for 2013.

   

14. Last time we spoke you were just getting the Adopt a JSR and Adopt OpenJDK programs off the ground through the London Java community. How has that been going?

Adopt a JSR has been going fantastically. 2013, right from the very start, it was just an explosion world wide of Java user groups supporting the program. We now have a GitHub account for the organization. People from around the world have been donating their projects into that. Those projects themselves form sort of workshops that people can run at home, or run in their own local Java user group, to try out these latest, you know, Java EE7 in particular technologies. We have about 25 Java user groups on board now, and it's very very active, so we are really happy with the way that has gone. Adopt OpenJDK; slightly different. We’re still working out some of the technical barriers, in terms of build and CI and sending in patches to OpenJDK itself. We’re working very hard in our spare time to try and reduce that barrier to entry. So at the moment we’re looking at having a live copy of the popular OpenJDK forests in GitHub, so people can just use the popular pull request mechanism to submit patches. So, it’s an experiment; we’ll see how we go.

   

15. Java’s had quite a lot of fairly negative press recently obviously with the security exploits primarily through the browser plug in, and also the bundling of the Ask toolbar, which seems to have irritated a lot of people. How do you feel Oracle is dealing that situation?

The security situation; I think they’ve dealt with it extremely well. They obviously, very recently, had brought on Milton Smith as the head of Java security. I don’t think he quite expected the sort of first month of his job to turn out to be like this. He was actually certainly hired before this whole thing actually kicked off. The pace that they had been able to deliver the patches; that I think has been a lot faster than people originally anticipated. As per usual Oracle’s official policy of staying silent until the patch is released does irritate some people. But it’s a long standing policy that Oracle and many other companies have had for a long, long time and I personally don’t see them changing that. So yes, certainly on the security side, we’re reasonably happy. I think we’d all like to see applets die to be honest. Not a lot of people use them anymore. I think even Oracle’s advice would be encourage developers not to use them. Unfortunately there are some governments and large public entities that still force you to log in or use their applications via applets. I believe tax systems in Germany and things like that; so unfortunately it still has to be out there.

   

16. And the Ask toolbar?

The Ask toolbar; well, we will wait and see. I think Oracle has had a lot of feedback, both publicly and privately. Again they’re the type of company who will not comment until something is either done, or not done, and for a large organization like Oracle, I think it’s certainly too soon for us to expect a response.

   

17. In terms of security, do you think there are things that the wider Java community could be doing, and maybe should be doing, to help?

Yes, absolutely. One of the things that we’re actually building is a Java 6, or a Java countdown, site. It’s very similar to the IE 6 countdown side that Microsoft built many years ago to raise awareness in its community about the dangers of IE 6 and to upgrade. So we’re building almost a replica site to that, and we’re going to encourage the entire Java community to not just tell fellow developers and technologists, but to tell the everyday person on that street that, hey, if you have this plug-in, you should upgrade, here’s how you go about doing it or here is how you go about disabling it. So, yes, we’re very hopeful this will take kind of take off like the IE 6 countdown site did.

Charles: Excellent, that’s a good place to end it. Martijn, thank you very much.

Thank you!

General Feedback
Bugs
Advertising
Editorial
InfoQ.com and all content copyright © 2006-2014 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT