Exercise 1: Deploy microservices to Kubernetes
Last updated
Last updated
In this exercise we will run the application in your Kubernetes cluster using precompiled container images for our sample application: articles-secure, web-api-secure, and web-app. These container images have been uploaded to Docker Hub.
When running locally, you will set the Keycloak URL as OpenID Connect (OIDC) provider in application.properties. When running on a Kubernetes cluster we cannot set the OIDC provider (keycloak) in application.properties without recompiling the code, building a new image, and loading this image in a Image repository that is accessible to your Kubernetes cluster. So for this example, we specify the Quarkus OIDC property as environment variable during deployment. The environment variable is read from a config map.
This is our configmap definition:
Our Keycloak service runs in the same namespace as the rest of the application, so all we need is the name of the service (keycloak) and the port numer (8080).
Apply the configmap.yaml
Deploy Articles Microservice
Deploy Web-API Microservice
Deploy Web-App Vue.js frontend application
Verify all pods are running
Example output:
Try to open the Cloud-Native-Starter application in a browser. Use the $INGRESSURL
of your cluster, which is the URL to the frontend application Web_APP
you deployed before.
You will see we need to configure the redirect in Keycloak
Open Keycloak in a browser and login to Keycloak with user: admin
and password: admin
. Get the right URL by display the URL with the following terminal command.
Select Clients
and then frontend
in Keycloak.
Ajust the client frontend URIs https://YOUR-URL:auth
with valid redirect URI you get with the command:
Replace the entries with your value.
Use following URL:
Login in with user: alice
and password: alice
Now you see the entries of the articles
Note: The image shows you in Kiali the running applications. These are the simplified steps you see in the image. This is not a part of your hands-on tasks.
1: The web-app
will be requested buy our URL to be loaded in a webbrowser.
2: The web-app
in the webbrowser does connect to Keycloak
for Authentication.
2: The web-app
in the webbrowser does connect to the web-api
to get the Articles information.
4: The web-api
in does validated the authorization with Keyloak
.
5: The web-api
in the webbrowser does connect to the articles
to get the Articles information.
6: The articles
in does validated the authorization with Keyloak
.