Welcome!

Microservices Expo Authors: Liz McMillan, Pat Romanski, Jason Bloomberg, Automic Blog, Elizabeth White

Related Topics: Microservices Expo, Java IoT, Industrial IoT, Machine Learning

Microservices Expo: Article

The OSGi puzzle

Let's discover the OSGi architecture.

OSGi became very popular thanks to its modularity approach and its ability to enforce logical boundaries between modules. When we discover it the first time, the question is where to begin to understand how it works?

To understand OSGi concepts we will try to follow the puzzle approach. The idea is to begin with the trivial part of this technology, and search for other parts related to the found ones. And to assemble the puzzle we will be assisted by JArchitect that will be helpful to detect OSGi internal design.

To be more concrete we analyze with JArchitect an application using OSGi technology, it concern the famous eclipse IDE which use the OSGi container equinox.



Let's begin with the typical OSGi definition:

OSGi reduces complexity by providing a modular architecture for today's large-scale distributed systems as well as small, embedded applications. Building systems from in-house and off-the-shelf modules significantly reduces complexity and thus development and maintenance expenses. The OSGi programming model realizes the promise of component-based systems.

The trivial part of OSGi is modularity, let's discover what's the OSGi modules

OSGI modules are called Bundles and every application therefore consist of at least one bundle.

These bundles are executed inside a container, and as each modular approach where a container manage the modules, the question is which contract must implement every module to be intergated into the container?

Let's take as example the bundle org.eclipse.equinox.jsp.jasper and search for all its implemented interfaces, for that we can execute the following CQLinq request:

from t in Types where t.ParentProject.Name=="org.eclipse.equinox.jsp.jasper_1.0.300.v20110502" let interfaces=t.InterfacesImplemented from i in interfaces select i



The BundleActivator interface from OSGi package is implemented, this interface contains two methods start and stop useful to customizes the starting and stopping of the bundle.

Manifest-Version: 1.0

Bundle-Localization: plugin

Bundle-RequiredExecutionEnvironment: CDC-1.0/Foundation-1.0,J2SE-1.3

Bundle-SymbolicName: org.eclipse.equinox.jsp.jasper

Eclipse-LazyStart: true

Eclipse-SourceReferences: scm:cvs:pserver:dev.eclipse.org:/cvsroot/rt:

 org.eclipse.equinox/server-side/bundles/org.eclipse.equinox.jsp.jaspe

 r;tag=v20110502

Bundle-Activator: org.eclipse.equinox.internal.jsp.jasper.Activator


Another specificity of a bundle is its manifest file, here's a part from the org.eclipse.equinox.jsp.jasper manifest file:

Manifest-Version: 1.0

Bundle-Localization: plugin

Bundle-RequiredExecutionEnvironment: CDC-1.0/Foundation-1.0,J2SE-1.3

Bundle-SymbolicName: org.eclipse.equinox.jsp.jasper

Eclipse-LazyStart: true

Eclipse-SourceReferences: scm:cvs:pserver:dev.eclipse.org:/cvsroot/rt:

 org.eclipse.equinox/server-side/bundles/org.eclipse.equinox.jsp.jaspe

 r;tag=v20110502

Bundle-Activator: org.eclipse.equinox.internal.jsp.jasper.Activator

As we can observe this manifest contains some meta informations needed by the container, like specifying the bundle activator class which implements the BundleActivator interface.

The bundle represent our first piece of the puzzle,and here's a simplified representation of a bundle:



And just to have an idea of all bundles used by eclipse, let's search for all classes implementing BundleActivator interface.

from t in Types where t.Implement ("org.osgi.framework.BundleActivator") select new { t, t.NbBCInstructions }



Who manage the bundle and invoke BundleActivator methods?

To discover that let's search for methods invoking directly or indirectly BundleActivator.start

from m in Methods let depth0 = m.DepthOfIsUsing ("org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleActivator)") where depth0 >= 0 orderby depth0 select new { m, depth0 }



The bundle is activated by the OSGi framework when it's launched. the framework class is started by the equinox container. And to understand better what happen when the container start, here are some actions executed when the container is launched:



When the container is launched, it initialize the OSGi framework, the framework gets all installed bundles, and for each one it create an instance of BundleHost class, and store into a repository the found bundle.

The BundleHost class implement the Bundle interface, which contains methods like start,stop,uninstall and update, these methods are needed to manage the bundle life cycle.

So our second puzzle piece is The OSGi container, it's launched by the Equinoxlauncher, which initialise the framework. The framework class is responsible of loading bundles and activate them.

After discovering some basic concepts about bundle and container, let's go deep inside bundles and discover how they works internally.

Let's take as example the org.eclipse.equinox.http.servlet bundle and search for methods invoked by the start method of its Activator class.



This bundle create a service and register it into the container. A service in OSGi is defined by a standard Java class or interface. Typically a Java interface is used to define the service interface. The service is the preferred method bundles should use to communicate between each other.

Here are some useful scenarios of using services:

  • Export functionality from a bundle to other bundles.
  • Import functionality from other bundles.
  • Register listeners for events from other bundles.


Another remark from the previous dependecy graph is that a service factory is used to create the service instance.

Our third piece of the puzzle is the OSGi services layer, each bundle can use or declare some services , what enforce the component design approach, here's the new representation of the OSGi bundle.



If The bundle use services to communicate with other bundles, how it communicate with other jars?

If we develop a bundle and try to use a class from another jar, we can be surprised that it will not works as expected, the reason is that the ClassLoader is hooked by the OSGi container, to check that let's search which method invoke java.lang.Thread.setContextClassLoader.

from m in Methods where m.IsUsing ("java.lang.Thread.setContextClassLoader(ClassLoader)") select new { m, m.NbBCInstructions }



Many methods invoke it including the EquinoxLauncher. so every time the bundle try to create a class instance, the OSGi container will check if the code is permited to did this action or not, and here come the role of imported and exported package in the manifest file.

Export-Package: org.eclipse.equinox.http.servlet;version="1.1.0"



Import-Package: javax.servlet;version="2.3",javax.servlet.http;version

 ="2.3",org.osgi.framework;version="1.3.0",org.osgi.service.http;versi

 on="[1.2,1.3)" 



The bundle declare explicitly exported and imported package, and to check that , let's search for packages used by org.eclipse.equinox.http.servlet bundle and verify if it use only package imported.

from n in Packages where n.IsUsedBy ("org.eclipse.equinox.http.servlet_1.1.200.v20110502") select new { n, n.NbBCInstructions }



As we can observe all packages used are specified in the manifest file , in the import package section.
The exported package however represent the package that can be used from other bundles. it's represented by the ExportedPackage interface, and we can search for the container classes using this interface.

from t in Types where t.IsUsing ("org.osgi.service.packageadmin.ExportedPackage") select new { t, t.NbBCInstructions }



What interesting with this new capability, is that the bundle will have a well defined boundary, and what it use and what it expose as services is very well specified.

We can enforce the check of using imported packages by using other tools, for example with CQLinq we can write some rules warning each time a project use packages other than specified ones, but it's better to have this check in the execution environement, so the developer can't break this rules.

This capability to treat imported and exported packages is managed by the OSGi modules layer and it was our fourth piece of the puzzle.

Let's come back to the OSGi container and discover which services it provides?

Container services

As we discoverd before the container is launched by the EquinoxLauncher class and the framework class initialise and launch the bundles, to detect which services re provided let's search for all classes used in the framework initalisation method.
from t in Types where t.IsUsedBy ("org.eclipse.osgi.framework.internal.core.Framework.initialize(FrameworkAdaptor)") select new { t, t.NbBCInstructions }

Some classes are already discovered before like BundleRepository,BundleHost,PackageAdminImpl and ServiceRegistry.

What about the other classes:

  • StartLevelManager: Each OSGi Bundle is associated with a start level that enable the server to control the relative starting and stopping order of bundles. Only bundles that have a start level less or equal to the active start level of the server framework must be active. Usually, a bundle with a smaller start level tend to be started earlier.
  • SecurityAdmin: The security layer handles the security aspects by limiting bundle functionality to pre-defined capabilities.
  • EventManager: The Event Admin service provides a publish-subscribe model for handling events. It is realized according to the OSGi Event Admin Service Specification. The Event Admin service dispatches events between Event Publishers and Event Subscribers (Event Handlers) by interposing an event channel. Publishers post events to the channel and the event channel defines which handlers needs to be notified. Thus publishers and handlers have no direct knowledge of each other, which simplifies event management.


The OSGi whole picture
Let's assemble all puzzle pieces described before , and we will have the following OSGi picture:


This architecture has the following interesting benefits:

  • Simple.
  • Reduced Complexity.
  • Easy Deployment.
  • Secure.


What makes it very attractif and Worth a Detour, and you will not waste your time if you study it in depth.

More Stories By Lahlali Issam

Lahlali Issam Lead Developer at JavaDepend, a tool to manage and understand complex Java code. With JavaDepend, software quality can be measured using Code Metrics, visualized using Graphs and Treemaps, and queried using CQL language, a SQL like to query the code base.

@MicroservicesExpo Stories
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that’s no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, will explore how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He wi...
As today's digital disruptions bounce and smash their way through conventional technologies and conventional wisdom alike, predicting their path is a multifaceted challenge. So many areas of technology advance on Moore's Law-like exponential curves that divining the future is fraught with danger. Such is the problem with artificial intelligence (AI), and its related concepts, including cognitive computing, machine learning, and deep learning.
Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
There are several reasons why businesses migrate their operations to the cloud. Scalability and price are among the most important factors determining this transition. Unlike legacy systems, cloud based businesses can scale on demand. The database and applications in the cloud are not rendered simply from one server located in your headquarters, but is instead distributed across several servers across the world. Such CDNs also bring about greater control in times of uncertainty. A database hack ...
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
With Cloud Foundry you can easily deploy and use apps utilizing websocket technology, but not everybody realizes that scaling them out is not that trivial. In his session at 21st Cloud Expo, Roman Swoszowski, CTO and VP, Cloud Foundry Services, at Grape Up, will show you an example of how to deal with this issue. He will demonstrate a cloud-native Spring Boot app running in Cloud Foundry and communicating with clients over websocket protocol that can be easily scaled horizontally and coordinate...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
If you cannot explicitly articulate how investing in a new technology, changing the approach or re-engineering the business process will help you achieve your customer-centric vision of the future in direct and measurable ways, you probably shouldn’t be doing it. At Intellyx, we spend a lot of time talking to technology vendors. In our conversations, we explore emerging new technologies that are either disrupting the way enterprise organizations work or that help enable those organizations to co...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
We define Hybrid IT as a management approach in which organizations create a workload-centric and value-driven integrated technology stack that may include legacy infrastructure, web-scale architectures, private cloud implementations along with public cloud platforms ranging from Infrastructure-as-a-Service to Software-as-a-Service.
IT organizations are moving to the cloud in hopes to approve efficiency, increase agility and save money. Migrating workloads might seem like a simple task, but what many businesses don’t realize is that application migration criteria differs across organizations, making it difficult for architects to arrive at an accurate TCO number. In his session at 21st Cloud Expo, Joe Kinsella, CTO of CloudHealth Technologies, will offer a systematic approach to understanding the TCO of a cloud application...
API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong...
The goal of Continuous Testing is to shift testing left to find defects earlier and release software faster. This can be achieved by integrating a set of open source functional and performance testing tools in the early stages of your software delivery lifecycle. There is one process that binds all application delivery stages together into one well-orchestrated machine: Continuous Testing. Continuous Testing is the conveyer belt between the Software Factory and production stages. Artifacts are m...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes a lot of work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reduction in cost ...
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...