Get started with security for your Java Microservi
  • Introduction
  • Setup the IBM Cloud Environment
    • Overview
    • Access the Cluster
    • Access IBM Cloud Shell and get the code
  • Setup the IBM Cloud application environment
    • Overview
    • Exercise 1: Setup Istio
    • Exercise 2: Expose Istio Ingress gateway
    • Exercise 3: Expose the gateway via DNS with TLS enabled
    • Exercise 4: Setup Keycloak
  • Platform security with mTLS
    • Exercise 1: Deploy microservices to Kubernetes
    • Exercise 2: Secure microservices using Authentication with mTLS
    • (Optional) Exercise 3: Authorization with Istio
  • Authentication and Authorization with Keycloak and Quarkus
    • (Optional) Exercise 1: Setup the web-application and Microservices locally
    • Exercise 2: Authentication in Vue.js fronted application
    • Exercise 3: Authorization in Quarkus application
  • Additional Resources
    • Known issues
    • Blog posts related to security
    • Cloud-Native-Starter project
    • Cloud-Native-Starter project security
    • Cloud-Native-Starter project reactive
Powered by GitBook
On this page
  • (Issue 1) In case your Cloud Shell session was closed
  • Step 1: Go back to the open browser tab the open Kubernetes Cluster in the IBM Cloud web console.
  • Step 2: Setup needed variable you maybe need in your lab
  • (Issue 2) You can't access the Kubernetes Dashboard
  • (Issue 3) Problems with your IBM Cloud Account
  • (Note) Find the Certificate Manager of your cluster
  • Step 1: Copy the cluster ID
  • Step 2: Find the resources related to this cluster ID
  • Step 3: Inspect the given certificates

Was this helpful?

  1. Additional Resources

Known issues

PreviousExercise 3: Authorization in Quarkus applicationNextBlog posts related to security

Last updated 3 years ago

Was this helpful?

Here you find additional help, something went wrong, known issues or just get some information.

(Issue 1) In case your Cloud Shell session was closed

Setup the major environment variables we need in the workshop.

  • Solution: Follow these steps to setup the major environment variables we need in the workshop.

Step 1: Go back to the open browser tab the open Kubernetes Cluster in the IBM Cloud web console.

  1. Now select Actions->Connect via CLI on the right-hand side.

  1. In the new window you see all steps to access your Kubernetes Cluster in a terminal session. You can easily copy and paste the commands. We will use these commands later to access the Kubernetes cluster in the IBM Cloud Shell.

Step 2: Setup needed variable you maybe need in your lab

  • ROOT_FOLDER of your project

git clone https://github.com/IBM/cloud-native-starter.git
cd cloud-native-starter/security
ROOT_FOLDER=$(pwd)
echo $ROOT_FOLDER

  • MYCLUSTER your cluster name

export MYCLUSTER=YOUR-CLUSTER

  • INGRESSGATEWAYIP needed to create a DNS

export INGRESSGATEWAYIP=$(kubectl get svc -n istio-system | grep 'istio-ingressgateway' |  awk '{print $4}')
echo $INGRESSGATEWAYIP

  • INGRESSSECRET we use for Istio Ingress Gateway configuration

export INGRESSSECRET=export INGRESSSECRET=$(ibmcloud ks nlb-dns ls --cluster $MYCLUSTER | grep '0001' | awk '{print $5}')
echo $INGRESSSECRET

  • INGRESSURL we use to access for example the Cloud Native Starter application and Keycloak

export INGRESSURL=$(ibmcloud ks nlb-dns ls --cluster $MYCLUSTER | awk '/-0001./ {print $1}')
echo $INGRESSURL

(Issue 2) You can't access the Kubernetes Dashboard

When you open up your Kubernetes Dashboard from your cluster from the IBM Cloud WebConsole

and you get following error message:

It cloud be that you are logged on to two different IBM Cloud Accounts (your IBM Cloud account and the IBM Cloud workshop account) in different browser tabs.

  • Solution:

Just make sure you are signed in to the IBM Cloud Workshop account. To ensure this, just reload the tab on your browser and check the account. Then if you use the correct account it should work.

(Issue 3) Problems with your IBM Cloud Account

For questions like:

  • How do I resolve errors that occur when creating my account?

  • Can I sign up for a free trial?

    and many more ...

(Note) Find the Certificate Manager of your cluster

Step 1: Copy the cluster ID

Step 2: Find the resources related to this cluster ID

Step 3: Inspect the given certificates

If you have problems with your IBM Cloud Account please visit the FAQ page from the .

IBM Cloud does create for you a free service instance to manage the certificates for your Kubernetes cluster.

IBM Cloud support
Certificate Manager