Welcome!

Microservices Expo Authors: Dalibor Siroky, Stackify Blog, Elizabeth White, Pat Romanski, Liz McMillan

Related Topics: Microservices Expo, Java IoT, Industrial IoT, Machine Learning

Microservices Expo: Article

The OSGi puzzle

Let's discover the OSGi architecture.

OSGi became very popular thanks to its modularity approach and its ability to enforce logical boundaries between modules. When we discover it the first time, the question is where to begin to understand how it works?

To understand OSGi concepts we will try to follow the puzzle approach. The idea is to begin with the trivial part of this technology, and search for other parts related to the found ones. And to assemble the puzzle we will be assisted by JArchitect that will be helpful to detect OSGi internal design.

To be more concrete we analyze with JArchitect an application using OSGi technology, it concern the famous eclipse IDE which use the OSGi container equinox.



Let's begin with the typical OSGi definition:

OSGi reduces complexity by providing a modular architecture for today's large-scale distributed systems as well as small, embedded applications. Building systems from in-house and off-the-shelf modules significantly reduces complexity and thus development and maintenance expenses. The OSGi programming model realizes the promise of component-based systems.

The trivial part of OSGi is modularity, let's discover what's the OSGi modules

OSGI modules are called Bundles and every application therefore consist of at least one bundle.

These bundles are executed inside a container, and as each modular approach where a container manage the modules, the question is which contract must implement every module to be intergated into the container?

Let's take as example the bundle org.eclipse.equinox.jsp.jasper and search for all its implemented interfaces, for that we can execute the following CQLinq request:

from t in Types where t.ParentProject.Name=="org.eclipse.equinox.jsp.jasper_1.0.300.v20110502" let interfaces=t.InterfacesImplemented from i in interfaces select i



The BundleActivator interface from OSGi package is implemented, this interface contains two methods start and stop useful to customizes the starting and stopping of the bundle.

Manifest-Version: 1.0

Bundle-Localization: plugin

Bundle-RequiredExecutionEnvironment: CDC-1.0/Foundation-1.0,J2SE-1.3

Bundle-SymbolicName: org.eclipse.equinox.jsp.jasper

Eclipse-LazyStart: true

Eclipse-SourceReferences: scm:cvs:pserver:dev.eclipse.org:/cvsroot/rt:

 org.eclipse.equinox/server-side/bundles/org.eclipse.equinox.jsp.jaspe

 r;tag=v20110502

Bundle-Activator: org.eclipse.equinox.internal.jsp.jasper.Activator


Another specificity of a bundle is its manifest file, here's a part from the org.eclipse.equinox.jsp.jasper manifest file:

Manifest-Version: 1.0

Bundle-Localization: plugin

Bundle-RequiredExecutionEnvironment: CDC-1.0/Foundation-1.0,J2SE-1.3

Bundle-SymbolicName: org.eclipse.equinox.jsp.jasper

Eclipse-LazyStart: true

Eclipse-SourceReferences: scm:cvs:pserver:dev.eclipse.org:/cvsroot/rt:

 org.eclipse.equinox/server-side/bundles/org.eclipse.equinox.jsp.jaspe

 r;tag=v20110502

Bundle-Activator: org.eclipse.equinox.internal.jsp.jasper.Activator

As we can observe this manifest contains some meta informations needed by the container, like specifying the bundle activator class which implements the BundleActivator interface.

The bundle represent our first piece of the puzzle,and here's a simplified representation of a bundle:



And just to have an idea of all bundles used by eclipse, let's search for all classes implementing BundleActivator interface.

from t in Types where t.Implement ("org.osgi.framework.BundleActivator") select new { t, t.NbBCInstructions }



Who manage the bundle and invoke BundleActivator methods?

To discover that let's search for methods invoking directly or indirectly BundleActivator.start

from m in Methods let depth0 = m.DepthOfIsUsing ("org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleActivator)") where depth0 >= 0 orderby depth0 select new { m, depth0 }



The bundle is activated by the OSGi framework when it's launched. the framework class is started by the equinox container. And to understand better what happen when the container start, here are some actions executed when the container is launched:



When the container is launched, it initialize the OSGi framework, the framework gets all installed bundles, and for each one it create an instance of BundleHost class, and store into a repository the found bundle.

The BundleHost class implement the Bundle interface, which contains methods like start,stop,uninstall and update, these methods are needed to manage the bundle life cycle.

So our second puzzle piece is The OSGi container, it's launched by the Equinoxlauncher, which initialise the framework. The framework class is responsible of loading bundles and activate them.

After discovering some basic concepts about bundle and container, let's go deep inside bundles and discover how they works internally.

Let's take as example the org.eclipse.equinox.http.servlet bundle and search for methods invoked by the start method of its Activator class.



This bundle create a service and register it into the container. A service in OSGi is defined by a standard Java class or interface. Typically a Java interface is used to define the service interface. The service is the preferred method bundles should use to communicate between each other.

Here are some useful scenarios of using services:

  • Export functionality from a bundle to other bundles.
  • Import functionality from other bundles.
  • Register listeners for events from other bundles.


Another remark from the previous dependecy graph is that a service factory is used to create the service instance.

Our third piece of the puzzle is the OSGi services layer, each bundle can use or declare some services , what enforce the component design approach, here's the new representation of the OSGi bundle.



If The bundle use services to communicate with other bundles, how it communicate with other jars?

If we develop a bundle and try to use a class from another jar, we can be surprised that it will not works as expected, the reason is that the ClassLoader is hooked by the OSGi container, to check that let's search which method invoke java.lang.Thread.setContextClassLoader.

from m in Methods where m.IsUsing ("java.lang.Thread.setContextClassLoader(ClassLoader)") select new { m, m.NbBCInstructions }



Many methods invoke it including the EquinoxLauncher. so every time the bundle try to create a class instance, the OSGi container will check if the code is permited to did this action or not, and here come the role of imported and exported package in the manifest file.

Export-Package: org.eclipse.equinox.http.servlet;version="1.1.0"



Import-Package: javax.servlet;version="2.3",javax.servlet.http;version

 ="2.3",org.osgi.framework;version="1.3.0",org.osgi.service.http;versi

 on="[1.2,1.3)" 



The bundle declare explicitly exported and imported package, and to check that , let's search for packages used by org.eclipse.equinox.http.servlet bundle and verify if it use only package imported.

from n in Packages where n.IsUsedBy ("org.eclipse.equinox.http.servlet_1.1.200.v20110502") select new { n, n.NbBCInstructions }



As we can observe all packages used are specified in the manifest file , in the import package section.
The exported package however represent the package that can be used from other bundles. it's represented by the ExportedPackage interface, and we can search for the container classes using this interface.

from t in Types where t.IsUsing ("org.osgi.service.packageadmin.ExportedPackage") select new { t, t.NbBCInstructions }



What interesting with this new capability, is that the bundle will have a well defined boundary, and what it use and what it expose as services is very well specified.

We can enforce the check of using imported packages by using other tools, for example with CQLinq we can write some rules warning each time a project use packages other than specified ones, but it's better to have this check in the execution environement, so the developer can't break this rules.

This capability to treat imported and exported packages is managed by the OSGi modules layer and it was our fourth piece of the puzzle.

Let's come back to the OSGi container and discover which services it provides?

Container services

As we discoverd before the container is launched by the EquinoxLauncher class and the framework class initialise and launch the bundles, to detect which services re provided let's search for all classes used in the framework initalisation method.
from t in Types where t.IsUsedBy ("org.eclipse.osgi.framework.internal.core.Framework.initialize(FrameworkAdaptor)") select new { t, t.NbBCInstructions }

Some classes are already discovered before like BundleRepository,BundleHost,PackageAdminImpl and ServiceRegistry.

What about the other classes:

  • StartLevelManager: Each OSGi Bundle is associated with a start level that enable the server to control the relative starting and stopping order of bundles. Only bundles that have a start level less or equal to the active start level of the server framework must be active. Usually, a bundle with a smaller start level tend to be started earlier.
  • SecurityAdmin: The security layer handles the security aspects by limiting bundle functionality to pre-defined capabilities.
  • EventManager: The Event Admin service provides a publish-subscribe model for handling events. It is realized according to the OSGi Event Admin Service Specification. The Event Admin service dispatches events between Event Publishers and Event Subscribers (Event Handlers) by interposing an event channel. Publishers post events to the channel and the event channel defines which handlers needs to be notified. Thus publishers and handlers have no direct knowledge of each other, which simplifies event management.


The OSGi whole picture
Let's assemble all puzzle pieces described before , and we will have the following OSGi picture:


This architecture has the following interesting benefits:

  • Simple.
  • Reduced Complexity.
  • Easy Deployment.
  • Secure.


What makes it very attractif and Worth a Detour, and you will not waste your time if you study it in depth.

More Stories By Lahlali Issam

Lahlali Issam Lead Developer at JavaDepend, a tool to manage and understand complex Java code. With JavaDepend, software quality can be measured using Code Metrics, visualized using Graphs and Treemaps, and queried using CQL language, a SQL like to query the code base.

@MicroservicesExpo Stories
The nature of test environments is inherently temporary—you set up an environment, run through an automated test suite, and then tear down the environment. If you can reduce the cycle time for this process down to hours or minutes, then you may be able to cut your test environment budgets considerably. The impact of cloud adoption on test environments is a valuable advancement in both cost savings and agility. The on-demand model takes advantage of public cloud APIs requiring only payment for t...
It has never been a better time to be a developer! Thanks to cloud computing, deploying our applications is much easier than it used to be. How we deploy our apps continues to evolve thanks to cloud hosting, Platform-as-a-Service (PaaS), and now Function-as-a-Service. FaaS is the concept of serverless computing via serverless architectures. Software developers can leverage this to deploy an individual "function", action, or piece of business logic. They are expected to start within milliseconds...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory? In her Day 2 Keynote at @DevOpsSummit at 21st Cloud Expo, Aruna Ravichandran, VP, DevOps Solutions Marketing, CA Technologies, was jo...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and co...
The cloud era has reached the stage where it is no longer a question of whether a company should migrate, but when. Enterprises have embraced the outsourcing of where their various applications are stored and who manages them, saving significant investment along the way. Plus, the cloud has become a defining competitive edge. Companies that fail to successfully adapt risk failure. The media, of course, continues to extol the virtues of the cloud, including how easy it is to get there. Migrating...
For DevOps teams, the concepts behind service-oriented architecture (SOA) are nothing new. A style of software design initially made popular in the 1990s, SOA was an alternative to a monolithic application; essentially a collection of coarse-grained components that communicated with each other. Communication would involve either simple data passing or two or more services coordinating some activity. SOA served as a valid approach to solving many architectural problems faced by businesses, as app...
Some journey to cloud on a mission, others, a deadline. Change management is useful when migrating to public, private or hybrid cloud environments in either case. For most, stakeholder engagement peaks during the planning and post migration phases of a project. Legacy engagements are fairly direct: projects follow a linear progression of activities (the “waterfall” approach) – change managers and application coders work from the same functional and technical requirements. Enablement and develo...
Gone are the days when application development was the daunting task of the highly skilled developers backed with strong IT skills, low code application development has democratized app development and empowered a new generation of citizen developers. There was a time when app development was in the domain of people with complex coding and technical skills. We called these people by various names like programmers, coders, techies, and they usually worked in a world oblivious of the everyday pri...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
From manual human effort the world is slowly paving its way to a new space where most process are getting replaced with tools and systems to improve efficiency and bring down operational costs. Automation is the next big thing and low code platforms are fueling it in a significant way. The Automation era is here. We are in the fast pace of replacing manual human efforts with machines and processes. In the world of Information Technology too, we are linking disparate systems, softwares and tool...
DevOps is good for organizations. According to the soon to be released State of DevOps Report high-performing IT organizations are 2X more likely to exceed profitability, market share, and productivity goals. But how do they do it? How do they use DevOps to drive value and differentiate their companies? We recently sat down with Nicole Forsgren, CEO and Chief Scientist at DORA (DevOps Research and Assessment) and lead investigator for the State of DevOps Report, to discuss the role of measure...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - we've lost control, we've given up cost to a certain extent, and then security, flexibility," explained Steve Conner, VP of Sales at Cloudistics,in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
These days, APIs have become an integral part of the digital transformation journey for all enterprises. Every digital innovation story is connected to APIs . But have you ever pondered over to know what are the source of these APIs? Let me explain - APIs sources can be varied, internal or external, solving different purposes, but mostly categorized into the following two categories. Data lakes is a term used to represent disconnected but relevant data that are used by various business units wit...
With continuous delivery (CD) almost always in the spotlight, continuous integration (CI) is often left out in the cold. Indeed, it's been in use for so long and so widely, we often take the model for granted. So what is CI and how can you make the most of it? This blog is intended to answer those questions. Before we step into examining CI, we need to look back. Software developers often work in small teams and modularity, and need to integrate their changes with the rest of the project code b...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis tool. It is an extremely lightweight tool that can integrate with pretty much any build process right now," explained Andrew Siegmund, Application Migration Specialist for CAST, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software and using our platform people can draw a picture of the system, network, software," explained Kihyeon Kim, CEO and Head of R&D at Cloud4U, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications. Kubernetes was originally built by Google, leveraging years of experience with managing container workloads, and is now a Cloud Native Compute Foundation (CNCF) project. Kubernetes has been widely adopted by the community, supported on all major public and private cloud providers, and is gaining rapid adoption in enterprises. However, Kubernetes may seem intimidating and complex ...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In their Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, and Mark Lav...