<div dir="ltr">Hi,<br><div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 23, 2014 at 3:38 PM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">As much as we like to think the app server is an operating system, it<br>
isn't. The app server isn't a place where untrusted apps run.<br></blockquote></div><br></div><div class="gmail_extra">I'm a big fan of this view. I know that originally the AS may have been seen as a kind of OS for server apps, but in practice this just hasn't worked out. The protection model of the OS with its isolating processes is just much more powerful.<br>
<br>Running a single app per AS gives you better protection, even more if each AS runs inside its own virtual server (which makes it even easier to limit the CPU usage of individual apps). Additionally, a lot of problems associated with updating either the JVM, the entire AS, or one or more libraries of the AS just go away in the one-app-per-AS setup. Adam Bien wrote a good article about this: <a href="http://adam-bien.com/roller/abien/entry/why_not_one_application_per">http://adam-bien.com/roller/abien/entry/why_not_one_application_per</a><br>
<br></div><div class="gmail_extra">I think Red Hat/JBoss shares the same belief. I mean, why else would OpenShift use SELinux to isolate apps and not just run a bunch of them on a single JBoss AS?<br><br></div><div class="gmail_extra">
Kind regards,<br></div><div class="gmail_extra">Arjan Tijms</div></div></div>