Modernizing Application Development and Deployment
The best application platform for Jakarta EE (Java EE) apps.
Develop, test, deploy or migrate your Jakarta EE applications in any environment: public, private, or multi-cloud.
Broad integration with cloud vendors including Microsoft Azure, Amazon AWS, Google Cloud Platform, and more. We don’t lock you into a product suite.
Deep support for running in containers or Kubernetes infrastructures. High availability, reliability, and automatic scaling.
Monthly releases, bug fixes, and patches ensure security and stability of your production environment.
The Domain Data Grid makes it easy to create a cluster of Application Serve instances. Works out-of-the-box in variety of network topologies, Amazon AWS, Google Cloud, Microsoft Azure, Kubernetes, and LAN environments.
A robust platform for the development, deployment, and management of Jakarta EE applications
Azul Zulu JDK: 11 (11.0.12+), 17 (17.34/17.0.3+), 21 (21.30/21.0.1+)
Oracle JDK: 11 (11.0.12+), 17 (17.0.3+), 21 (21.0.1+)
Amazon Corretto: 11 (11.0.12+), 17 (17.0.3+), 21 (21.0.1+)
Adopt Open JDK: 11 (11.0.12+), 17 (17.0.3+), 21 (21.0.1+)
Adopt Open JDK with Eclipse Open J9: 11 (11.0.12+), 17 (17.0.3+), 21 (21.0.1+)
Any other JVM based on OpenJDK 11.0.12+ or 17.0.3+ or 21.0.1+
The Application Server runs on the x64 and arm64 variants of the above JVMs.
The Application Server runs on the following Operating Systems in all the versions listed below and all their newer versions:
Windows
- Windows 7+
- Windows Server 2008+
Linux
- Ubuntu 14.04 (Trusty Tahr) LTS+
- Debian 7 (Wheezy)+
- CentOS 6+
- RHEL 5+
- OpenSUSE 42.2+
- SUSE 11.4, 12.2+, 15.0+
- Amazon Linux (all versions)Other
- MacOS(OSX) 10.10.5 (Yosemite)+
- IBM AIX 7.1+
If you develop OSGI modules and Web or Enterprise artifacts within your enterprise, you can run them both on the Application Server. There is no need to look for two systems and can use the functionality and features you are already familiar with.
The Application Server supports OAuth2, which is similar to the SAML protocol but uses JSON instead of XML. OAuth 2.0 is an authorization framework that enables a third-party application to obtain limited access to an HTTP service.
You can use the OIDC support to achieve a Single Sign-on with the users credentials managed by a third-party. If a user has already been authenticated for one of your applications, he or she should not be asked for credentials when he accesses one of the other applications during the same browser session. This can be used when the applications are running on different servers.
The Application Server's REST API can be integrated in your application configuration data and interact with the App Server configuration through a REST interface.
Enable business users to quickly create, publish, and manage content, pages, and multimedia across different channels.
Expedite content creatiThe Domain Data Grid makes it easy to create a cluster of instances running your application and works right out-of-the-box in variety of network topologies with little to no configuration needed for Amazon AWS, Google Cloud, Microsoft Azure, Kubernetes, and LAN environments.on with native tools that allow users to create and update content without using any code.
Deployment Groups are an extremely flexible form of clustering as each instance can be part of one or more Deployment Groups. When a Deployment Group is restarted, a rolling restart of each instance is performed to ensure the information contained in the Domain Data Grid is kept.
High Availability for the Domain Data Grid ensures there is always a backup of application and system information, such as web session information, stored in the event an instance goes down. The data is redistributed when a new instance joins the Domain Data Grid.
Using microservices poses a new set of challenges as they need to cope with the distributed aspects. Services can be unavailable, slow to respond, or there could be network issues. With the MicroProfile Fault Tolerance policies, you can configure what need to be done in those cases, in a declarative way. It allows you to define retries, timeouts, default values and the concept of a circuit breaker
With the JCache functionality you can define how data is stored in a Cache in a standard way. Since the JCache implementation is provided by Hazelcast, which also is used in the Domain Data Grid functionality, you have a robust data grid acting as a caching tier
The Admin Console is an easy-to-navigate graphical interface to configure the Application Server and your applications
The Admin Console Auditing Service keeps track of all actions that are executed so that you can later determine if any problem was linked to a certain command that was executed.
Repeating manual actions in the Admin Console can cause errors and is time consuming. The Recorder allows you to record the actions you take in the Admin Console and replay them later using the CLI.
The CLI is a command line interface to perform quick administrative tasks from a script. Using the asadmin CLI eliminates potential errors when performing manual actions with the Admin Console.
The Admin Console Auditing Service keeps track of all actions that are executed so that you can later determine if any problem was linked to a certain command that was executed.
Certificate Management CLI commands make it easier and faster to install and update SSL certificates while preventing mistakes.
When the Client Certificate is found within the App Server TrustStore, it is accepted and based on the role mapping, you can grant the client access to the application. You can perform additional checks on the Client Certificate. When the Certificate issuer supports revocation of the certificates, the status can be retrieved through the Online Certificate Status Protocol (OCSP).
You can define a Custom SSL certificate that must be used when there are secure connections between the client and the server. After uploading it in the TrustStore, you only need to specify its alias in the configuration before it can be used. By default, an environment comes with a self-signed certificate so you can immediately start testing it out in a development or test environment.
The Data Grid Encryption offers end-to-end encryption to store and exchange sensitive information between instances securely. Information exchanged with Data Grid Encryption can only be read by the App Server instance.
The App Server can read from multiple KeyStores and TrustStores, making it possible to just point to the original TrustStores you were using (while also adding new TrustStores and KeyStores) when you upgrade App Server Server to the latest version. You no longer need to import your custom SSl certificate into the App TrustStore and import it again when you upgrade your app server environment.
MicroProfile JWT Authentication specification defines an extension on OAuth2 and OpenIdConnect to allow authentication and authorization of user requests that are secure and tokens that do not require external validation. MicroProfile JWT Authentication in App Server increases the independence of applications and allows for features like single sign-on by identifying the caller in a request without having a single point of failure to validate the request.
Password Alias allows use of sensitive data (such as passwords) in CLI commands and the Admin Console while keeping them hidden from users who should not have access to them.
Secure Administration prevents unauthorized access when performing App Server configuration remotely by requiring an SSL encrypted connection with a username and password.
The Monitoring Service identifies possible issues for troubleshooting, checks performance against specified rules, and sends alerts of potential problem areas.
Notification Service works in the background to allow services such as JMX Monitoring, Health Check, and Request Tracing to send messages to the notifiers.
Notifiers deliver monitoring and alert messages to external systems. The Application Server has a list of notifiers bundled by default. The Notifier API allows third parties to create notifiers for their system and allows developers to customize notifiers for their needs.
Health Check automatically monitors the health of the system and alerts you in the event of abnormal conditions. When used with the Notification Service, you can detect undesired behavior, predict possible failures, and trigger alerts to an external system with little to no impact on your application’s performance.
REST Monitoring makes monitoring data accessible over a standard HTTP connection
SQL Tracing gives you a detailed look at what the application is doing to identify the cause of issues and a view of all queries performed. Slow SQL statements can be detected and logged with the Slow SQL Logger. Not only learn why some requests are slow but to also receive the executed query so you can improve performance within the application or database.
Request Tracing helps you understand the cause of slow application performance. It’s compatible with the MicroProfile Open Tracing specification so you can use any data generated in any OpenTracing tool (such as Zipkin and Jaeger).
Use AMX Beans to access, configure and monitor the Application Server with a vendor neutral protocol. It can be accessed by client applications such as JConsole, VisualVM, or Azul Mission Control.
JMX Monitoring allows you to gather information from MBeans and push it to external systems for processing and reporting without the need for external applications such as JConsole or VisualVM.
Using MicroProfile Health Check allows developers to create your own health checks for your applications and automate the verification of your system’s health status using your custom checks.
MicroProfile Metrics provide detailed insight into the status of the application or your system. They can be the basis to determine the health of your system and make it possible to analyze the time series of values to identify trends and act before the system experiences problems. MicroProfile Metrics exposes the metrics in the Prometheus format by default (the most popular open-source product for gathering metrics).
MicroProfile Metrics provide detailed insight into the status of the application or your system. They can be the basis to determine the health of your system and make it possible to analyze the time series of values to identify trends and act before the system experiences problems. MicroProfile Metrics exposes the metrics in the Prometheus format by default (the most popular open-source product for gathering metrics).
Support for containers out-of-the-box and official Docker Images so you can reduce your infrastructure and maintenance costs of your existing applications.
A server instance created on a Docker node is a Docker Instance. When the container starts, the instance can join a Deployment Group. At registration time, the instance can use a specified configuration available on the Domain and when it joins a Deployment Group, all application assigned to that Deployment Group are also deployed on the Docker Instance.
The Docker Node feature allows you to create additional nodes and sever instances running within a Docker container. Both your instances and Docker container are under the control of the Domain Server and can be managed using either the Admin Console or the CLI tool.
Simplify your secure adoption of containers with remarkable speed.
Reduce the operational overhead of deploying containerized applications
Unlock the skills necessary to realize the power of containerized apps on any platform at scale
Accelerate container adoption with centralized troubleshooting and management capabilities
Securely deploy container-based applications with ease
Deliver self-service with freedom, precise controls, and necessary guardrails
Enable seamless operation in diverse environments, including the datacenter, public cloud, network edge, and Industrial IoT devices.
Works with all of these platforms and many more.
Kubernetes multi-cluster management is powerful but complex. Our intuitive Kubernetes management platform allows admins to manage and secure the cluster quickly, while the built-in, sane defaults keep the team on the right track.
RBAC for Kubernetes
KaaS cluster provisioning
GitOps automation
Import via kubeconfig file
Registry management
Pod security constraints
External authentication
Resource overcommitment
The intuitive UI gets you up to speed quickly with sane defaults built in to keep your team on the right track.
You don't need to learn Kubernetes specific code or remember the command line syntax or terminology. Instead, stay focused on development.
Set security policies per-cluster to keep your deployments safe, secure, and only accessing what they need.
Set up ingress controllers and load balancers for your deployments quickly and easily.
Visually monitor memory and CPU usage across your cluster. No need to worry about running out of resources.
With support for Docker Standalone and Docker Swarm, we help you and your team get up and running on Docker with no fuss.
A fully featured Docker and Docker Swarm management tool.
Running as a container on your infrastructure, give you and your team the full power of Docker within an intuitive interface, letting you build, publish and deploy container images, manage networks and volumes, and configure scaling across your cluster. We also make it easy for you to secure, monitor and maintain your platform with features like RBAC, registry management, and external authentication support.
Container and service deployment and management
External authentication with auto sync
GitOps automation
New image notification
Registry management
Role-based Access Control (RBAC)
App templates
S3 backups
Create and publish your Docker images directly from our intuitive interface, with no need to learn the CLI intricacies.
Spin up containers and services from your own or others' images manually, via Git, or with our powerful app templates functionality.
From single Docker Standalone deployments to huge Swarm clusters, Portainer lets you manage your setup from one system.
Configure access controls on your environments and containers, ensuring that the right people get the right access and nothing more.
Easily view container logs, environment resource usage and configuration, and make the necessary changes with a few clicks.
If you’re using an external authentication provider such as Azure Active Directory, Google or Github, our product comes with preconfigured defaults to help you set this up quickly and without fuss. If you find you need to adjust these defaults for your particular needs, you can do that too.
Can be configured to accept Lightweight Directory Access Protocol (LDAP) authentication if your organization has implemented LDAP or Active Directory authentication. When users attempt to log into the app, the application will authenticate them against your LDAP directory or Active Directory. If authentication is successful, the user is allowed to login.
If you have established authentication systems in place you will likely want to exploit them rather than create something new. We allow you to easily integrate Microsoft, Google and Github based OAuth systems, letting you onboard and manage team members without needing a separate access control system.
With role-based access control (RBAC), you can configure fine-grained access controls for your environments, whether they’re Docker, Swarm or Kubernetes. There are multiple roles available to choose from, each with their own pre-defined set of privileges, targeted at a range of different user types. Users can be directly (or as part of teams) assigned roles and can be given levels of access on a per-environment basis.
Ensuring your installation is backed up is crucially important in a production environment, and we provide the ability to back up and restore your instance both as a local file and via S3 to AWS or S3-compatible providers such as MinIO. You can schedule automated backups to your S3 bucket directly.
