O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

2018 10-oracle-java-licensing-update-support-changes

58 visualizações

Publicada em

Oracle's recent changes to the release schedule, maintenance, support and licensing of Java (JDK) - an overview, the impact and recommendations.

Publicada em: Software
  • Login to see the comments

2018 10-oracle-java-licensing-update-support-changes

  1. 1. Oracle’s Recent Changes to Java (JDK) Overview, Impact & Recommendations 1Neil Brown, Issue: 2710/18.
  2. 2. Overview Oracle recently made several changes affecting how they maintain, support & license use of Java (more accurately the JDK). This has commercial & technical implications for all enterprises running apps on the JVM (users of the JDK) ● Impacts all apps that run on the JVM - regardless of language (Java, Groovy, Scala) ● Anyone responsible for developing or provisioning JVM apps for prod usage needs to aware ● Don’t panic! Java is still free. And changes broadly positive. 2
  3. 3. Java Terminology Java SE (JSE) - Specification of Java language including APIs (Owned by Oracle) Java Development Kit (JDK) - A binary implementation of JSE, plus some other supporting tools and utilities. OpenJDK - OSS project for source implementation of JSE that has served as RI of the JSE since JDK 7. OpenJDK binary - A build & packaged distribution of OpenJDK source. Several exist, free (unbranded) & commercial (branded), produced by different entities 3
  4. 4. What Java users are accustomed to prior to changes Oracle provides the ‘standard’ JDK ● Oracle (before them Sun) have provided the de facto standard JDK for all popular platforms (Win, OS X, x86); & underwritten quality Scheduling of Java Feature Releases (e.g. ..., 7, 8. 9) ● Fixed scope (set of new features and enhancements); Variable release date (not shipped until feature complete; known to slip, significantly). 4
  5. 5. What Java users are accustomed to prior to changes Java - Stable, Secure and Zero Cost (Overlapping, Long Term, Free Updates) ● “Stable” - Oracle provide free updates for old JDK versions, for considerable period after new versions released, e.g. ○ JDK 7 released = July 2011; End of free public updates = April 2015. (~4 years) ○ JDK 8 released = March 2014; End of free public updates = Jan 2019 (~5 years) ○ Long overlap overlap provides ‘stability’ - users have plenty of time to wait for battle-testing & test upgrade to new versions, whilst still benefiting from fixes & security patches to current ● “Secure” - Oracle produced free update releases to Oracle JDK containing rolled-up security patches, every 3 months. (Including backporting to old versions of JDK that’re still receiving free public updates). 5
  6. 6. What Java users are accustomed to prior to changes Java - Stable, Secure and Zero Cost (Overlapping, Long Term Free Updates) ● Zero Cost - For desktop and server apps (only), the Oracle JDK has been free to use in production. 6
  7. 7. What’s Changed & Why? 1) Java SE Release Schedule ● Given delays in past releases (e.g. JDK 9/Modules), dev feedback & trends, Oracle switched to a time-based release schedule ● New feature release (10, 11, 12...) of Java, every 6 months. ● +ves - Faster pace of innovation. Devs get new features as soon as complete ● However...also led to Oracle changing approach to maintaining (updating) and supporting Java... 7
  8. 8. What’s Changed & Why? 2) Oracle Changes to JDK Maintenance & (Oracle) Support ● Shorter duration of free/public updates provided by Oracle (only) ○ Free updates (fixes & security patches) to OpenJDK only provided for 6 months after release (until the next feature release), rather than several years. No longer an overlap! e.g. JDK 10 - Released March 2018; End of public updates = Sept 2018. (Already EoL) JDK 11 - Released Sept 2018; End of public updates = March 2019. ● Availability of (Paid) Oracle (only) Support ○ Oracle designating some JDK releases as Long Term Support (LTS) for their purposes (One every 2 or 3 years / 6th feature release - (8), 11, 17, 23, ...). ○ LTS releases get paid Oracle support for min 5 years. ○ Oracle NOT offering any support (even paid) for non-LTS releases (9, 10, 12...) 8
  9. 9. Picture credit: Simon Ritter, Azul Systems What’s Changed & Why? Oracle-specific update & support policy. Other support offerings available from limited no. other vendors. 9
  10. 10. What’s Changed & Why? 3) Licensing of Oracle JDK ● From JDK 11 (released 09/2018) Oracle JDK now requires license in prod for all deployments (including servers). (Still usable for free in dev & test). ● Pre JDK 11, licensing terms are unchanged e.g. can continue to use Oracle JDK 8 in prod indefinitely 10
  11. 11. General Impact of Changes to Oracle Updates & Support Based on what’s known today*, you can only have 2 of 3 previously described stability, security, zero-cost (must sacrifice one, to some extent). (*See slide 13). Option 1 - Secure & Free, But sacrifice Stability ● Case - Security important, but don’t want to spend any money... ● To ensure availability of security updates you need to commit to switching to major new versions of the JDK immediately on release (every 6 months) ● Reduces stability - Adopt new releases in prod before battle-tested by others ● Also a commitment to regression test and possibly update app (if breaking changes) every 6 months 11
  12. 12. Option 2 - Stable & Free, But sacrifice Security (May be avoidable*) ● Stability at zero cost still possible by staying on previous LTS release (e.g. 8) after new one (e.g. 9) released, & upgrading at leisure. But (as of today) no guarantee continue to receive free updates (inc. security patches) when Oracle cease to provide them. Option 3 - Secure & Stable, But not free (May be avoidable*) ● To get stability & security as before, might now need to pay for it. ● Can continue to use previous LTS release (e.g. 8 or 11), but (as of today) access to updates after 6 months only guaranteed with commercial support contract from vendor ● Also, to receive updates for non-LTS releases almost certainly need commercial support contract, which fewer vendors are offering (not Oracle) General Impact of Changes to Oracle Updates & Support 12
  13. 13. *Future provision of overlapping free updates for previous JDK releases relies on continued contribution to OpenJDK from other parties, which is still TBC - ● Requires other OpenJDK committers donate effort to backport updates (fixes & security updates) after Oracle ceases; And other orgs to provide builds ● +ve - RedHat & others already do it for JDK 6 & 7. And Linux distro builds. But Oracle changes create greater maintenance burden - more releases, earlier ● -ve - As of today no one yet appointed maintenance leads for JDK 8U, 9U, 10U ● Expectation - RedHat & others continue to provide updates, but for Oracle’s LTS releases (only), starting with JDK 8. ○ If happens, can still have Stable, Secure & Free - but ONLY for LTS releases General Impact of Changes to Oracle Updates & Support 13
  14. 14. Potential Benefits of Paid Support 1. Retain stability - Might not be necessary, hopefully long term, overlapping updates to LTS releases continue to be provided by other OpenJDK committers 2. Obtain updates to non-LTS releases in prod - Nobody offering this for free. And only a subset of support vendors offering it. 3. Support Java - Paying for support is one way to show support for Java. There are also other, more direct ways to support Java OSS community. 14
  15. 15. My Advice for JVM dev teams If/while you company is not paying for JDK support - 1) Choice of JDK 1. Do not start using Oracle JDK in prod - If you don’t have a license. 2. Do not start using Oracle OpenJDK in prod - It will only receives updates for 6 months 3. Review current choice JDK in few months when each provider’s position clearer on key criteria a. Length of time new builds produced for JDK update releases (both LTS and non-LTS) b. Quality of builds - Primarily testing for JSE conformance (TCK tests). 4. AdoptOpenJDK may become best free JDK to use with respect to criteria 15
  16. 16. My Advice for JVM dev teams 2) JDK Release Adoption ● Only use LTS JDK releases (currently 8 or 11) in prod ○ Maximises likelihood you’ll continue to benefit from free updates for > 6 months (stable, secure, free) ● Otherwise...before just adopting non-LTS JDK releases (9, 10, 12,...) in prod, ensure you discuss and understand trade-offs & risks - ○ No free updates (including security patches) after 6 months ○ Reduces future paid support options (e.g. Oracle don’t offer it for non-LTS) ○ Is adoption of a non-LTS release really essential for biz? 16
  17. 17. Thanks for attending Neil Brown @neiljbrown neiljbrown.com 17