Research topic: Agentic AI & MCP preparations The source of all motivation is curiosity. That’s why, together with a colleague, I’ve decided to take two topics that I know little about so far but think will be very important in the future and block them out as research topics for next week. So I’m going to lock myself away somewhere with my colleague and work on the topic until we think we know enough to share our knowledge. Or we get other tasks that require more of our attention. ...

GitOps mult-cloud namespace scoped My usual tasks include giving presentations and workshops to customers on middleware topics. One of my favorite topics is GitOps, for which I have also created my own demos. Here at Red Hat there is a very nice demo that I used as a basis, the quinoa wind turbine race which was created by my colleague Kevin Dubois. To learn Gitops I worked through two free downloadable ebooks, the two here: ...

In that week I had much customer conversations, but not much really interesting news to post here. Except the Camel K deprecation statements and some things I would like to add. Camel K deprecation, Red Hat’s build of Apache Camel 4 A customer had some questions about the deprecation of Red Hat’s Camel K and the plans for Red Hat’s build of Apache Camel 4. For over six years, Camel K has pioneered cloud-native, low-code, and managed integration services. Recently, many of Camel K’s capabilities have been standardized and integrated into Camel Core. That’s just the way Red Hat does things, we want the innovation that comes from our own downstream projects (which often comes from customer requests) to also flow into the upstream community projects. This allows all Camel customers to benefit from cloud-native advancements. Kaoto is of course still supported and has only received some mixed messages regarding internal interaction with Camel. ...

Got an interesting customer question about their deployment topology. WIP GitOps with ApplicationSet on multiple clusters - namespace permission only In general, for deploymets I use my GitOps demo which I created with learnings I got from our two gitops books The path to GitOps by Christian Hernandez GitOps Cookbook by Alex Soto Bueno and Natale Vinto Manifest repository: https://github.com/gmodzelewski/quinoa-wind-turbine-manifests Source code repository: https://github.com/gmodzelewski/quinoa-wind-turbine The new use case is: The customer has 35 OpenShift clusters and each of their customers (= for simplicity I will call them users) only has administrative rights on a namespace. No admin rights on clusters at all. Now the users have a software which they want to deploy not on one but on all of the 35 clusters. This is a very tedious task and troublesome to do. Cah GitOps help? Of course! ...

In that week I presented some insights at the Volkswagen Stammtisch, an internal developer weekly meeting to share knowledge. Super cool idea frm Volkswagen to have something like that in the company and I was honored to do so. The content of my slides is already shared in that blog, so I don’t have anything to add. Other topics I did in that week were business usual, except one thing which is really worth mentioning, the learnings from the Quarkus Atomic Cafe. ...

Red Hat Streams for Apache Kafka Q&A follow-up Following on from last week’s blog post I got more interesting questions to our product Red Hat Streams for Apache Kafka and more answers I would like to share. Is there a recommended way to use mTLS with custom/own certificates? We have a lot of docs for that, for example here Best way is to link tls external as described here It is NOT recommended to use own CAs to generate the certificate for the internal Kafka communication. The management is cumbersome and if you forget to update the certificates the whole kafka stops working! What is the best way to update client certificates? Use a GitOps approach, don’t overcomplicate things if you have other deployments/tools that needs certificates to be updated, embed this additional tool into the existing workflow documentation: https://docs.redhat.com/en/documentation/red_hat_streams_for_apache_kafka/2.8/html/deploying_and_managing_streams_for_apache_kafka_on_openshift/security-str#clients_ca_secrets Is there a recommended integrated schema registry? In our Application Foundation Bundle we have the product named Apicurio. The goal is to not include the schema registry somehow in the kafka but have it deployed separately. Supports Avro Schemas and authentication flows Super good example What the plans are for Apache Flink Flink is on the Roadmap and is currently evaluated (intern Link): https://docs.google.com/presentation/d/1UHT8waGXLi6fWzEVlD2yNq1VJsXjzrnOinaZ1xaiJjY/edit#slide=id.g2f32fcd8b8f_0_15 Spring Boot example deployment with heapdump and MTA custom rule If you are more interested into the Volksdaten von Volkswagen topic, I created a small spring heapdump application and a custom rule for Migration Toolkit for Applications that checks explicitly for that. The code for the custom rule is located in a folder in the spring heapdump application repo. ...

Cool Developer Hub Blog Post There’s a new cool blog post on how to get Developer Hub running, which explains a lot of the interanals as well as the usage in a short and easy way (with solutions!):\n https://blog.jromanmartin.io/rhdh-adventure/rhdh-adventure/index.html Red Hat Kafka Q&A Recently I attended a meeting with a customer about Red Hat Kafka and some deeper questions came up which I answered and would like to share. Here in short form: ...

CPU limits und requests, how to avoid CPU throttling If you look at the usual utilization of a kubernetes cluster, you can quickly see that a lot of resources are idling around. Nevertheless, you may receive a warning that the cluster’s resources are at their limit. How does this fit together? The issue is non-optimized resource allocation. Resource limits help with budget control by preventing a single application from consuming more resources than allocated, which is critical in cloud environments where resources translate directly into costs. ...

Things to add to CW1 2025 - Volkswagen data leak @38c3 2024 - Quarkus, Connectivity Link, ACS Link to previous article Again, here is the recording from the 28c3 (in German) A Red Hat colleague pointed out to me that in addition to the heap dump, there was another reason for the data leak at Volkswagen, namely the identity provider. We don’t know exactly which one was used, so we took the use case and looked at whether it would also be possible with our product Keycloak. ...

New year new ideas. I thought it would be nice to write down some news I stumble upon and I think are worth sharing. Long story short, lets get to the news. Red Hat Developer Hub breaking changes: dynamic plugins At the end of the year I saw that my own managed instance of Developer Hub was down. Of course, the culprit were some breaking changes and because I’m deploying the bleeding edge latest is greatest version which upgrades automatically. ...