Cloud Native Diary #10
Exciting projects with Java and Generative AI, Arconia framework for multitenant Java applications, supply chain security, and conference news.
In Cloud Native Diary, I periodically share my journey working with application development, platform engineering, and cloud native technologies.
This year's first edition will cover exciting projects with Java and Generative AI, my work around multitenant applications, my presentations on supply chain security and Carvel, and news from conferences. Let's get to it!
Java and Generative AI
The recent developments around Generative AI and Large Language Models (LLMs) opened up the stage for a new generation of applications that can consume pre-trained models via convenient APIs and enhance any type of application, including Java ones.
Spring AI is the latest addition to the Spring portfolio. It's a powerful framework to build Java applications powered by LLMs. Just like Spring Data offers convenient abstractions to interact with different databases, Spring AI allows integration with multiple LLM providers, including OpenAI, Stability, HuggingFace, and Ollama. The project is under active development and continuously introducing new integrations and capabilities. Last week, I had the chance to submit my first pull request to Spring AI. I also started working on a new GitHub project to showcase how to use Spring AI.
Another framework to build LLM-powered Java applications is LangChain4j, which I also mentioned in the previous issue of Cloud Native Diary. The project comes with basic support for Spring Boot, but it's currently quite limited. I wanted to explore more capabilities and LLM integrations, so I started a new project to enhance support.
There are already Spring Boot Starter projects for LangChain4j with OpenAI and Ollama, with more integrations coming soon. I hope I'll eventually get to merge my project with LangChain4j to offer more complete Spring Boot support. I also started working on a new GitHub project to showcase how to use LangChain4j with Spring Boot.
Working with LLMs impacts the developer experience in terms of cost (when using a paid service like OpenAI) and productivity (when using slow models and having to wait several seconds for a response). Ollama is a great way to run LLMs locally, saving money and keeping your data private. As an alternative to running the native Ollama application (available for macOS and Linux), you can also run Ollama in a container. I publish and maintain a series of multi-architecture Ollama container images, pre-configured with a few different open-source or free LLMs. Feel free to use them in your projects!
In the examples I shared above with Spring AI and LangChain4j, you can see how I use the Testcontainers support in Spring Boot to run Ollama images as dev services.
Java and Multitenancy
Multitenancy is quite a fascinating topic and an essential one when it comes to building SaaS applications. Last year, I presented at Spring I/O about building multitenant applications with Java and Spring Boot. If you're interested in the subject, you can watch the recording and check out the sample code on GitHub. Next month, I'll cover this subject at Jfokus: Multitenant Mystery - Every Bean Has a Secret.
I've been working with multitenant applications for several years. Each organization has specific needs for implementation, but there are common requirements and capabilities that each multitenant system is likely to need. There must be a way to reduce all the usual boilerplate and simplify the development of multitenant applications.
Following that thought, I started a new project called Arconia, a framework to build SaaS and multitenant applications using Java and Spring Boot. Yesterday, I published the first release, containing foundational support for introducing a tenant context in web applications and a dedicated Spring Boot Starter. More features are coming soon to introduce multitenant support for Spring Security, Spring Data Relational, and Spring Data JPA. If you decide to try it, feel free to reach out and share your feedback!
Cloud Native Denmark
I really like how Denmark has a vibrant cloud native community. In December, I joined the Cloud Native Aarhus meetup to talk about how to supercharge your Kubernetes platform with Carvel. If you're interested in Carvel, you can watch the recording and check out the sample code on GitHub. In January, I joined the Cloud Native Aalborg meetup to give the same presentation, and next month, I'll be at the Cloud Native Copenhagen meetup. Such a nice tour around Denmark!
This month, we also kicked off the organization of KCD Denmark 2024, which will happen in Copenhagen. After the great success of the first edition, we are now finalizing the details about the venue and dates. Stay tuned!
KubeCon+CloudNativeCon Europe
This past week's major highlight was receiving news from KubeCon+CloudNativeCon Europe 2024 that I got two presentations accepted! I'm beyond excited and grateful for the opportunity!
On the first day, I'll present on Building AI-Ready Platforms - Symphony for Developer and Platform Engineer with Lize Raes, a core member of the team driving the development of LangChain4j. You can expect live coding and live music. It's going to be fun!
On the second day, I'll go back on stage with my good friend Mauricio Salatino. We'll talk about Unlocking New Platform Experiences with Open Interfaces. The session will focus on using existing CNCF projects to implement an end-to-end experience and support teams from idea to production while reducing toil and friction. I can't wait!
Supply Chain Security
Since the last issue of Cloud Native Diary, I published an in-depth article about generating and working with SBOMs (Software Bills of Materials) in Java. It explores one of the subjects I covered in my presentation at Devoxx Belgium last November. If you're interested in this subject, you can watch the recording and check out the sample code on GitHub.
In both the article and the presentation, I adopted the OWASP CycloneDX project for generating and exchanging SBOMs and the OWASP Dependency Track application for managing supply chain security risks. I also contributed a few pull requests to both projects (here, here, and here). I'm now looking into further contributions to the CycloneDX Gradle Plugin to enhance support for multi-project builds.
Supply chain security is one of my favorite subjects, and I'm happy to join Voxxed Days Zurich in March to talk about it. I'll be presenting about Securing the Supply Chain for Your Java Applications.
Speaking of security, I'm part of the program committee for the Security Track at Devoxx UK. It's been an interesting and educational experience, and I'm excited about the upcoming conference.
Cover image generated with Stockimg.AI.