Blog

Akka 24.05: more security. More performance. More efficiency.

Written by Jonas Bonér | May 22, 2024 7:00:00 AM

Data security is becoming increasingly important; it’s at the top of every company’s mind. The problem is that creating a fully secure cloud system is challenging. One usually ends up with a large surface area that can be hard to understand and protect fully, a problem that multiplies as one moves close to the edge where the end users reside. Many companies using Akka face this problem, and we have focused the last six months on cloud and edge systems security and extending our edge capabilities in general.

So, I’m thrilled to announce the Akka 24.05 release. It packs a bunch of exciting new features, including Zero Trust, much faster and more efficient cloud performance via new Database Sharding capabilities, support for GraalVM Native Image and Java 21, and an Akka Rust client for stretching Akka out to edge devices, including other enhancements for edge use cases.

Let’s take a brief look at each one of these.

Create Zero Trust Akka systems

In the past, the standard approach to cybersecurity involved fortifying the perimeter—enveloping networks with firewalls as though wrapping them in a digital moat. This setup assumed everything within this moat was safe and trustworthy: service-to-service requests went unquestioned, credentials remained static yet secure, and internal services accessed only the data necessary for their functions.

However, as technology evolved into a labyrinth of cloud-based infrastructures and sprawling service ecosystems, these traditional defenses began to show their limitations. Modern networks are complex and dynamic, making it exceedingly difficult to maintain a comprehensive view of potential vulnerabilities. Relying solely on perimeter defenses in such environments exposes organizations to many risks, from misconfigurations to sophisticated system breaches.

Enter the Zero Trust security concept, a paradigm shift in cybersecurity. The five pillars of Zero Trust security are identity, device, network, application and workload, and data. Unlike its predecessors, Zero Trust operates on the assumption that breaches are not just possible but likely, including within the so-called secured perimeter. It doesn't eliminate perimeter defenses but supplements them with robust, multi-layered security measures designed to detect, isolate, and neutralize threats, ensuring that any breach does not lead to a systemic crisis. Zero Trust embodies the belief that in the realm of security, trust is a vulnerability that modern organizations can no longer afford.

We have spent the last six months researching what it means to build a bulletproof Zero Trust system based on Akka. We can now ensure our customers can easily navigate the complexities of creating such a system, which includes thorough documentation and new security features.

Ensure better performance at a lower cost

Most companies agree that the majority of business value resides in data. They are under constant pressure not just to capture and safely store their users’ data but also to process, transform, analyze, and return intelligent answers to the users in real-time as the data “flies by”—and often need to do that for hundreds of thousands of concurrent users. In turn, low latency of data requests has become a significant competitive advantage and driver of business value.

The problem is that managing shared data in a distributed environment safely and reliably while maintaining correctness, performance, scalability, and cost profile is one of the hardest things to accomplish when building distributed systems.

Akka has always been extremely good at managing distributed data reliably at scale with remarkably consistent low latency (most often sub 20 ms). However, customers sometimes ask what storage layer to use underneath Akka. Using a distributed database can frequently cause the cost to shoot through the roof, making it hard to scale and operate reliably. Alternatively, using a single centralized database usually becomes a bottleneck and cost concern for applications with high throughput requirements.

In this release, we have focused on this issue by adding the capability to spread the data and load over many physical backend databases. It doesn't require any partitioning or sharding support from the database, so one can use ordinary, cost-efficient, non-distributed databases to do the job.

Relying on many small and cheap Postgres database instances for storage instead of expensive and complicated distributed databases significantly reduces cost and complexity while ensuring that the application can scale out linearly in terms of throughput and latency. In the latest benchmark, we reached 1 million requests per second on only 8 standard AWS RDS instances, scaling linearly as we scaled the application while keeping the cost per 1k IOPS flat.

Create even more powerful cloud-to-edge applications

One key to excellent performance is running your app where customers reside, ensuring that data and processing are always physically co-located with the user. This means extending the application from the cloud to the edge and having a data distribution and consensus fabric that moves the data to where it needs to be at every moment, ensuring the lowest latency possible and extremely high levels of resilience. Modern cloud applications need to extend across the whole spectrum of the cloud-to-edge continuum (see this article for more information), and making this easier has been one of our main focuses for the last two years.

Running Akka natively on resource-constrained devices

Last year, we shipped Akka Edge, but we are not stopping there. A significant leap forward for Akka is the new capability to use Akka concepts outside the JVM with the latest library called “Akka Edge Rust.” Here, we have extended Akka Edge to empower cloud developers to run their Akka apps even closer to where they are used and where the user’s data resides. “Akka Edge Rust” provides a subset of Akka implemented with the Rust programming language. Rust has been chosen given its focus on reliability and efficiency for resource-constrained devices where CPU, memory, and storage are at a premium.

Learn more in the guide introducing Akka Edge Rust by providing a step-by-step explanation of how to set up and develop a Rust-based service that works with an Akka JVM, a cloud-based counterpart.

Faster startup times using GraalVM

We have made it much easier to build a GraalVM native image of an Akka application. GraalVM Native Image compiles Java or Scala code ahead of time to a native executable. A native image executable provides lower resource usage than the JVM, smaller deployments, faster startup times, and immediate peak performance—making it ideal for Akka Edge deployments in resource-constrained environments where one needs rapid responsiveness under autoscaling.

Support for Active-Active entity replication out to the edge

We shipped Active-Active Replicated Event Sourcing about a year ago. Building upon that, we are now shipping Replicated Event Sourcing for Edge, extending its support to entities running all the way out to the far edge. Active-Active means that entities can be concurrently updated in more than one geographical location—such as edge Point-of-Presence (PoP) and different cloud regions—while Akka guarantees that they always converge to a consistent state.

Also, in addition to Event Sourced entities, you can now replicate state changes of Durable State entities in Akka Edge and Akka Distributed Cluster.

Write simpler and more expressive code with Java 21

We now have official support for Java 21, which gives access to useful Java language features such as record deconstruction and pattern matching for switch statements. These features are handy when writing actor and event-based systems in Java. The support for Java 21 records and pattern matching allows for a more concise use of Akka's APIs. Look at the tutorial "Implementing Microservices with Akka" for an example of how the new Java 21 syntax can be used to simplify code.

CVEs and bug fixes

In this release, we are also adding fixes for 3 CVEs, 2 bug fixes, and 10 improvements (see the release notes for details), bringing the total of CVEs since we changed the license to 47 and bug fixes to 218.

What’s next

It’s exciting for me to see our roadmap investments coming to fruition like this. Over the coming weeks, we will continue to dive deeper into each key area of the 24.05 release through a series of blogs and webinars.

Follow us on X or LinkedIn to receive notifications of this new content and for ongoing news and insight about Akka.

Related items: