WebSphere Application Server Liberty overview
Liberty is a lightweight Java™ runtime that is ideal for building microservices, modern monolithic applications, and anything in between. It is built on the open source Open Liberty runtime and is compatible with MicroProfile and Jakarta EE.
WebSphere Liberty and Open Liberty
- High availability and clustering in virtual machines (VM) with Liberty collectives
- Product installation with Installation Manager
- Ability to use Java™ EE 6 technologies
- Through the
heritageAPIs-1.0
feature, the ability to migrate WebSphere Application Server traditional applications that use certain deprecated programming models to Liberty without changing the code - WebSphere Liberty on z/OS® operating systems
Most Liberty features and capabilities are now documented on the Open Liberty website. However, capabilities that are specific to WebSphere Liberty and some older features and capabilities are documented only in the WebSphere Liberty documentation. Features that are valid for both runtimes are documented in both WebSphere Liberty and Open Liberty, although the extent of what is documented about a feature can vary between the two documentation sets. For more information, see Where to find Liberty documentation.
Open Liberty is open source and free to use. However, when you purchase a WebSphere Application Server or WebSphere Application Server Network Deployment license, you also get IBM support for your Open Liberty instances.
A flexible runtime with a focus on developer experience
Liberty is a flexible solution for developing and deploying all kinds of applications. Its modular structure is based around features, which enable the runtime capabilities your application needs. Whether you're developing cloud-native Java microservices with MicroProfile, or modern monolithic applications, enable the features that you want and Liberty automatically adds any dependencies for you. For a list of Liberty features, see Liberty features. You can also create your own features, as described in Extending Liberty.
Deployment of Java applications on z/OS systems
You can deploy applications that run on Liberty on z/OS systems, as described in Deploying applications in Liberty.
Liberty provides both a development and an operational environment. On z/OS systems, you can work natively with the operational environment by using the MVS™ console.
Liberty continuous delivery
A new version of Liberty is released about every 4 weeks. This predictable continuous-delivery release cycle provides a clear expectation of when a new release is available and simplifies keeping up with the latest security fixes and updates. For more information about the Liberty release cycle, see Single Stream Continuous Delivery (SSCD) Software Support Lifecycle Policy: WebSphere Liberty.
With zero-migration architecture, the existing APIs and behaviors that your application relies on are preserved and supported in each new release. In just a matter of minutes, you can move to the latest version of Liberty without having to change your application code or configuration.
You can also easily update applications that run on VMs or bare metal to a new Liberty version, either by using IBM Installation Manager or by extracting downloaded archives. For more information, see Installing Liberty.
Application security
- JSON Web Tokens
- OpenID Connect
- Security Assertion Markup Language (SAML) Web
- Simple and Protected GSS-API Negotiation Mechanism (SPNEGO)
During development and testing, the built-in basic user registry and the
quickStartSecurity
configuration element offer easily configurable security
frameworks to test access to your application in a lightweight, self-contained manner. When the
application is moved to production, you can easily convert the basic user registry to a
production-ready LDAP user registry or single sign-on solution. After deployment, Liberty offers functions that support security
hardening for applications in production. When your application runs in production, Liberty provides extensive auditing of security
events that can be written to an encrypted and signed audit log to help ensure the integrity of your
deployment. For more information, see
security hardening for applications in production.
The modular structure of Liberty presents a smaller attack surface than other Java runtimes. You enable only the features and capabilities that you need, which helps reduce the risk of vulnerabilities. And the Liberty four-week release cycle provides the latest security fixes to protect your applications from emerging threats and vulnerabilities. For more information, see Securing Liberty and its applications.
Observability and monitoring
Distributed tracing helps troubleshoot microservices by examining and logging requests as they propagate through a distributed system. Liberty supports distributed tracing through MicroProfile Telemetry, which you can instrument automatically, manually, or through a Java agent. For more information, see Enable distributed tracing with MicroProfile Telemetry.
Metrics are essential to building observability into applications so that operations teams can effectively monitor application behavior. You can gather detailed metrics on your Liberty applications with MicroProfile metrics. Liberty also provides a collection of MXBeans that you can use to gather metrics on different application and runtime components. For more information, see Monitoring the Liberty server runtime environment.