Skip to content

Files

Latest commit

 

History

History

jhipster-k8s

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
blog
blog
 
 
docker-compose
docker-compose
 
 
gateway
gateway
 
 
k8s
k8s
 
 
store
store
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
demo.adoc
demo.adoc
 
 
reactive-ms.jdl
reactive-ms.jdl
 
 

README.md

Kubernetes + Reactive Java with JHipster Example

This example uses JHipster 7 to generate Kubernetes deployment descriptors and deploy your microservice architecture to Minikube and Google Cloud (GKE). See Kubernetes to the Cloud with Spring Boot and JHipster to see how it was built.

Prerequisites: Java 11 and Docker.

Getting Started

To install this example, run the following commands:

git clone https://github.com/oktadev/java-microservices-examples.git
cd java-microservices-examples/jhipster-k8s/k8s

If you don't have JHipster installed, install it.

npm i -g generator-jhipster@7

Run JHipster's Kubernetes sub-generator.

jhipster k8s

You will be prompted with several questions. The answers will be pre-populated from choices I made when creating this app. Answer as follows, changing the Docker repository name to yours, or leaving it blank if you don't have one.

  • Type of application: Microservice application
  • Root directory: ../
  • Which applications? <select all>
  • Set up monitoring? No
  • Which applications with clustered databases? select store
  • Admin password for JHipster Registry: <generate one>
  • Kubernetes namespace: demo
  • Docker repository name: <your docker hub username>
  • Command to push Docker image: docker push
  • Enable Istio? No
  • Kubernetes service type? LoadBalancer
  • Use dynamic storage provisioning? Yes
  • Use a specific storage class? <leave empty>

Install Minikube to Run Kubernetes Locally

If you have Docker installed, you can run Kubernetes locally with Minikube. Run minikube start to begin.

minikube --memory 8g --cpus 8 start

Build Docker images for each app. In the {gateway, blog, store } directories, run the following Gradle command (where <image-name> is gateway, store, or blog).

./gradlew bootJar -Pprod jib -Djib.to.image=<docker-repo-name>/<image-name>

You can also build your images locally and publish them to your Docker daemon. This is the default if you didn't specify a base Docker repository name.

# this command exposes Docker images to minikube
eval $(minikube docker-env)
./gradlew -Pprod bootJar jibDockerBuild

Because this publishes your images locally to Docker, you'll need to make modifications to your Kubernetes deployment files to use imagePullPolicy: IfNotPresent.

- name: gateway-app
  image: gateway
  imagePullPolicy: IfNotPresent

Make sure to add this imagePullPolicy to the following files:

  • k8s/gateway-k8s/gateway-deployment.yml
  • k8s/blog-k8s/blog-deployment.yml
  • k8s/store-k8s/store-deployment.yml

Register an OIDC App for Auth

Install the Okta CLI using the instructions on cli.okta.com and come back here when you're done. If you don't have an Okta developer account, run okta register.

NOTE: You can also use your browser and Okta's developer console to register an app. See JHipster's security documentation for those instructions.

From the gateway project's directory, run okta apps create jhipster. Accept the default redirect URIs.

This process does several things:

  1. Registers an OIDC app in Okta with JHipster's configured redirect URIs.
  2. Creates ROLE_ADMIN and ROLE_USER groups and adds your user to both.
  3. Creates a groups claim and adds it to ID tokens.
  4. Creates a .okta.env file with the values you'll need to talk to Okta.

Update k8s/registry-k8s/application-configmap.yml to contain your OIDC settings from the .okta.env file the Okta CLI just created. The Spring Cloud Config server reads from this file and shares the values with the gateway and microservices.

data:
  application.yml: |-
    ...
    spring:
      security:
        oauth2:
          client:
            provider:
              oidc:
                issuer-uri: https://<your-okta-domain>/oauth2/default
            registration:
              oidc:
                client-id: <client-id>
                client-secret: <client-secret>

To configure the JHipster Registry to use OIDC for authentication, modify k8s/registry-k8s/jhipster-registry.yml to enable the oauth2 profile.

- name: SPRING_PROFILES_ACTIVE
  value: prod,k8s,oauth2

Then, in the k8s directory, start your engines!

./kubectl-apply.sh -f

You can see if everything starts up using the following command.

kubectl get pods -n default

You can use the name of a pod with kubectl logs to tail its logs.

kubectl logs <pod-name> --tail=-1 -n default

You can use port-forwarding to see the JHipster Registry.

kubectl port-forward svc/jhipster-registry -n default 8761

Open a browser and navigate to http://localhost:8761. You'll need to sign in with your Okta credentials.

Once all is green, use port-forwarding to see the gateway app.

kubectl port-forward svc/gateway -n default 8080

Then, go to http://localhost:8080, and you should be able to add blogs, posts, tags, and products.

Please read the Kubernetes to the Cloud with Spring Boot and JHipster for more information.

Links

This example uses the following open source libraries:

Help

Please post any questions as comments on this example's blog post, or on the Okta Developer Forums.

License

Apache 2.0, see LICENSE.