The Ultimate One-Day Java Workshop: Deploying AI-Enhanced Applications with Security & Scalability

Track: Security
The Ultimate One-Day Java Workshop: Deploying AI-Enhanced Applications with Security and High-Performance on Kubernetes and Serverless Platforms

Introduction: Welcome to a comprehensive workshop designed for those eager to master the intricacies of deploying Java applications in cloud environments. As the software development landscape continues to evolve rapidly, the dual needs to integrate Artificial Intelligence (AI) and deliver efficient, secure, and scalable deployment strategies become increasingly critical. This workshop aims to bridge the gap between traditional Java application deployment and modern cloud-based solutions, offering participants a deep dive into the latest technologies, methodologies, and best practices, including the exciting realm of AI.

Objective: Our goal is to equip you with the knowledge and skills necessary to start navigating the complexities of Java deployment to cloud platforms in a safe, secure, and innovative way. Whether you're looking to deploy Java applications using traditional JAR files, explore the potential of containerization, venture into serverless architectures, or integrate AI to enhance application capabilities, this workshop will provide you with a solid foundation and practical insights to enhance your deployment strategies. Special emphasis will be placed on not only mastering deployment techniques but also on how to incorporate AI into your Java applications and deliver these advanced solutions in a safe manner.

Environment: All code and development will take place online using Google’s platform

Attendees should have some familiarity with the Java programming language.
Attendees should bring a laptop with wifi capabilities.


Part 1: Introduction and Overview
Setting the stage for an in-depth exploration of Java deployment in cloud environments. We'll provide an overview of the workshop's structure, aiming to equip attendees with a solid understanding of the deployment lifecycle, from packaging to deployment, with a focus on Java applications. The facilitators will introduce themselves, offering insights into their expertise and what attendees can expect to learn, particularly about secure deployment options like JAR, CRaC, native compilation, and containerization.

Part 2: Java Packaging and Deployment Options
This segment delves into the technicalities of Java packaging and deployment, offering a comparative analysis of deployment strategies such as JAR deployment, Checkpoint/Restore in Application Continuity (CRaC), and native compilation. We'll explore containerization including using application frameworks for MicroProfile. With hands-on practical demonstrations using Google Cloud, the attendees will be able to use Google’s online development environments to explore the various deployment workflows from JAR to cloud, JAR to container to cloud, and native compilation to serverless architectures.

Part 3: Ensuring Security in Java Deployment
This critical section addresses the paramount importance of a secure software supply chain in Java deployment. We begin with an introduction to essential tools like Software Bill of Materials (SBOMs) and dependency scanning, moving on to a detailed discussion on mitigating cyber threats and adopting secure software development practices. We’ll look at commercial options (with a demonstration of Sonatype Nexus and Lifecycle) review relevant open source tools and discuss the various pros-and-cons of each.


Part 4: Extended Architectural Decisions
Post-lunch, the conversation shifts to architectural decisions, contrasting Kubernetes with serverless architectures in terms of cost, scalability, operational management, and security. This part aims to provide a comprehensive understanding of choosing the right architecture for Java applications in the cloud.

Part 5: AI in Development and Deployment
The final part of our workshop explores the revolutionary role of AI in development and deployment processes. With examples using HuggingFace, PaLM and GEMINI the attendees will use LangChain4J in a hands-on session to integrate Google’s AI APIs into Java applications. We'll also examine the security implications of AI, including supply chain concerns and legislative impacts, followed by a series of short discussions on the elements of building secure and efficient deployment pipelines.

The workshop concludes with a recap of key learnings, emphasizing the importance of automation, security in the supply chain, and the variety of deployment options available. An open Q&A session offers participants the opportunity to clarify doubts and engage directly with the experts.

Steve Poole
Developer Advocate,Security Champion, DevOps practitioner (whatever that means) Long time Java developer, leader and evangelist. I’ve been working on Java SDKs and JVMs since Java was less than 1. Also had time to work on other things including various JSRs, being a committer on various open source projects including ones at Apache, Eclipse and OpenJDK. A seasoned speaker and regular presenter at international conferences on technical and software engineering topics.
Jamie Coleman
Jamie is a Developer Advocate for Sonatype formally IBM, based in the UK. He talks about the importance of security in software, improving developer productivity and raising awareness about energy consumption of technology. Passionate about discovering ways to help reduce developers carbon footprint, he is also a subject matter expert in containerised solutions and build technologies. He fell in love with Java at University and has gone on to talk at many conferences about using Java with microservices and related technology. He has worked on a wide variety of projects such as modernising IBM CICS mainframe testing infrastructure, creating, and automating the creation of Docker images for IBM’s products and contributing to a DevOps pipeline offering.
Grace Jansen
Grace is a Developer Advocate at IBM, working with Open Liberty and Reactive Platform. She has been with IBM since graduating from Exeter University with a Degree in Biology. Grace enjoys bringing a varied perspective to her projects and using her knowledge of biological systems to simplify complex software patterns and architectures. As a developer advocate, Grace builds POC’s, demos and sample applications, and writes guides and tutorials. She is a regular presentor at international technology conferences and has recently authored a book on reactive systems. Grace also has a keen passion for encouraging more women into STEM and especially Technology careers.
Abdel Sghiouar
Abdel Sghiouar is a senior Cloud Developer Advocate @Google Cloud. A co-host of the Kubernetes Podcast by Google and a CNCF Ambassador. His focused areas are GKE/Kubernetes, Service Mesh and Serverless. Abdel started his career in datacenters and infrastructure in Morocco where he is originally. Before moving to Google's largest EU datacenter in Belgium. Then in Sweden he joined Google Cloud Professional Services and spent 5 years working with Google Cloud customers on architecting and designing large scale distributed systems before turning to advocacy and community work.
Mohammed Aboullaite
Mohammed is a community catalyst, a true open source believer and one of Google developer expert.