ibm / cloud-native-starter Goto Github PK
View Code? Open in Web Editor NEWCloud Native Starter for Java/Jakarta EE based Microservices on Kubernetes and Istio
Home Page: https://cloud-native-starter.mybluemix.net/
License: Apache License 2.0
Cloud Native Starter for Java/Jakarta EE based Microservices on Kubernetes and Istio
Home Page: https://cloud-native-starter.mybluemix.net/
License: Apache License 2.0
This repo shows how to gain persistence using JPA and 'Db2 on Cloud'. But this will definitely affect the performance. Is there a way to do this in memory and not using any external database?
Dear Colleague,
We are looking to find ways to help developers find security misconfigurations, i.e., violation of security best practices in Kubernetes manifests. We have noticed an instance of hostPID: true
in one of your Kubernetes manifests. Sharing the host's PID namespace allows visibility of processes on the host, potentially leaking information such as environment variables and configuration. For examples of Kubernetes security misconfigurations we are following our peer-reviewed publication on Kubernetes security best practices (https://arxiv.org/pdf/2006.15275.pdf).
Location of security anti-pattern:
Fix: #68
We would like to hear if you agree to fix this misconfiguration or have fixed the misconfiguration.
The command
$ for i in install/kubernetes/helm/istio-init/files/crd*yaml; do kubectl apply -f $i; done
hangs/does not return.
Couldn't validate the istio installation either:
$ istioctl verify-install
Error: unknown command "verify-install" for "istioctl"
Run 'istioctl --help' for usage.
I have been following the steps shown in articles-java-jee
to create EntityManagerFactory
. I have made the necessary changes in persistence.xml
,server.xml
and also put beans.xml
inside WEB-INF
folder. In spite of that when I create EntityManagerFactory
, it becomes null.
@PersistenceContext(name = "jpa-unit") static EntityManagerFactory emf;
static EntityManager em = emf.createEntityManager();
Persistence.xml
<persistence version="2.2"
xmlns="http://xmlns.jcp.org/xml/ns/persistence"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/persistence
http://xmlns.jcp.org/xml/ns/persistence/persistence_2_2.xsd">
<persistence-unit name="jpa-unit" transaction-type="JTA">
<jta-data-source>jdbc/articlejpadatasource</jta-data-source>
<properties>
<property name="eclipselink.ddl-generation" value="create-tables"/>
<property name="eclipselink.ddl-generation.output-mode" value="both" />
</properties>
</persistence-unit>
</persistence>
Server.xml
<library id="DB2JCCLib">
<fileset dir="${shared.resource.dir}/db2jars" includes="jcc*.jar"/>
</library>
<dataSource id="articlejpadatasource"
jndiName="jdbc/articlejpadatasource">
<jdbcDriver libraryRef="DB2JCCLib" />
<properties.db2.jcc databaseName=""
portNumber="50000"
serverName=""
user=""
password="" />
</dataSource>
beans.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/beans_1_1.xsd"
bean-discovery-mode="all">
</beans>
pom.xml
<dependency>
<groupId>com.ibm.db2</groupId>
<artifactId>jcc</artifactId>
<version>11.1.4.4</version>
</dependency>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.10</version>
<executions>
<execution>
<id>copy-jcc-dependency</id>
<phase>package</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<includeArtifactIds>jcc</includeArtifactIds>
<outputDirectory>${project.build.directory}/</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
What am I missing?
I followed the instructions on Deployment in IBM cloud but I'm failing on the first script
iks-scripts/create-iks-cluster.sh
The script seems to run successfully, but neither of
ibmcloud ks cluster ls
nor
ibmcloud ks cluster-get cloud-native -s
show anything about the new cluster.
I was able the create the account through http://ibm.biz/nheidloff and followed all the instructions to set up the local environment.
OS: Win10 with git-bash.
Hi,
Actually, this issue is related to several script files.
When you retrieve the value of specific configuration by using "ibmcloud ks cluster-get" in a script file, ibmcloud should have the locale configuration with en_US.
Normally ibmcloud uses OS environment language as its locale. So, in Korean OS env, that script occurs the error. For example, 26 line of cluster-get-config.sh is as follows.
STATE=$(ibmcloud ks cluster-get $CLUSTER_NAME -s | awk '/^State:/ {print $2}')
In Korea OS env, ibmcloud outputs "상태" instead of "State". So, we can't get the value of "State".
Therefore, in my case, I should have performed "ibmcloud config --locale en_US".
I suggest that document mentions this as prerequisite to support people in non-English.
Regards,
EunKyung Kim
Added instructions for Open Liberty on OpenShift 4.2+ / CodeReady Containers at
https://github.com/marcredhat/crcdemos/blob/master/openliberty/README.adoc
Hope this helps,
Marc
After running the installation process with all scripts for a local minikube, I cannot connect to the app:
Firefox can’t establish a connection to the server at 192.168.99.100:31380.
Istio tells me something about "pending" on the external IP:
istio-system istio-ingressgateway LoadBalancer 10.110.187.239 15020:30332/TCP,80:31380/TCP,443:31390/TCP,31400:31400/TCP,15029:30827/TCP,15030:32327/TCP,15031:32182/TCP,15032:30530/TCP,15443:30640/TCP 9h
Not sure what I would have to change to template.local.env to run the example locally - I just copied it over.
kubectl get pod gives:
NAME READY STATUS RESTARTS AGE articles-54d8979866-p7thc 2/2 Running 0 8m37s authors-799f865c55-8nz7z 2/2 Running 0 4m29s web-api-v1-6f84d7c856-d7plv 2/2 Running 0 4m47s web-app-77866cb8b5-ndlvv 2/2 Running 0 4m16s
Any ideas?
Running the install scripts I get the following error:
cloud-native-starter$ scripts/deploy-web-api-java-jee.sh scripts/deploy-web-api-java-jee.sh: 8: scripts/deploy-web-api-java-jee.sh: Syntax error: "(" unexpected
on an Ubuntu 16.04 host
Hello.
First of all, thank you for the 'reactive' sample project. It helps me understand better on reactive applications.
That being said, I followed the steps in the README and encountered a few minor issues.
My O/S: macOS Big Sur
bash-3.2$ sh scripts/deploy-authors.sh
2021-08-04 13:18:24 Deploying authors
scripts/deploy-authors.sh: line 15: set: -g: invalid option
set: usage: set [--abefhkmnptuvxBCHP] [-o option] [arg ...]
bash-3.2$ echo $SHELL
/usr/local/bin/fish
I am not sure why even though '#!/bin/bash' is specified in the script. But, it looks like the solution is just to specify the shell inside the 'eval'. For example,
eval $(minikube docker-env --shell bash)
Full credit to docker/machine#4035 (comment) for the above solution.
'admin' does not appear to be a valid email address. Please reset the PGADMIN_DEFAULT_EMAIL environment variable and try again.
I think it's because the kubedb pgadmin.yaml -> 'PGADMIN_DEFAULT_EMAIL' doesn't use an email. Hence, when I tried it with an email address it worked.
I have attached a patch file to this issue because I thought someone else might encounter the same issues as I did, and the patch might help them.
Thanks again for this sample project.
Hi!
First of all, thanks very much for all of this code, it's very useful!
Second, it seems I can't get the reactive examples working.
For example, when deploying kafka through strimzi operator, kafka cluster pods doesn't start (I opened and issue here strimzi/strimzi-kafka-operator#2449 ).
But..when I decreased the replica number to 1, it seems to be running fine, BUT it starts failing after deploying and invoking the web-app-reactive URL.
Do you know what can be happening? I am using latest minikube, Kubernetes and strimzi operator versions.
Thanks very much!
Here are logs attached:
logs-from-kafka-in-my-cluster-kafka-0(1).txt
logs-from-zookeeper-in-my-cluster-zookeeper-0(1).txt
The script currently says
STATE=$(ibmcloud ks cluster-get $CLUSTER_NAME -s | awk '/State:/ {print $2}')
This has to be changed to
STATE=$(ibmcloud ks cluster-get $CLUSTER_NAME -s | awk '/^State:/ {print $2}')
(note the caret), to distinguish it from the "Master State:" line which now also appears in that output.
Not sure if this results in an error in the end, but I get
2019-07-08 08:37:38 Preparing YAML files for Kubernetes Deployment scripts/deploy-authors-nodejs.sh: line 22: /home/de117305/Current/Microservices/cloud-native-starter/local.env: No such file or directory 2019-07-08 08:37:38 DB is 2019-07-08 08:37:38 Cloudant URL is 2019-07-08 08:37:38 Clean-up Minikube scripts/deploy-authors-nodejs.sh: line 38: [: !=: unary operator expected No resources found 2019-07-08 08:37:38 Build Docker Image
and
destinationrule.networking.istio.io/authors created scripts/deploy-authors-nodejs.sh: line 57: [: !=: unary operator expected 2019-07-08 08:38:52 Done deploying authors-nodejs
when running
scripts/deploy-authors-nodejs.sh
workshop full https://github.com/IBM/cloud-native-starter/blob/master/workshop/00-prerequisites.md
Uses old version of istio 1.1.5 and this fails on new versions of k8s 1.16+ as Deployment is not part of apps/beta1
IKS doc uses istio 1.5.1, so as good step forward it would be good to keep all 3 places using same version of Istio between minikube and IKS
We need to verify the impact of "IBM Cloud Container Registry is Deprecating Container Builds".
This could have impact for our bash scripts and other automations we made for the workshops.
The command
sudo scripts/deploy-istio-ingress-v1.sh
gives the following errors
2019-09-30 08:20:51 Deploying Istio Ingress definitions for web-api v1 only
error: unable to recognize "istio-ingress-gateway.yaml": no matches for kind "Gateway" in version "networking.istio.io/v1alpha3"
error: unable to recognize "istio-ingress-service-web-api-v1-only.yaml": no matches for kind "VirtualService" in version "networking.istio.io/v1alpha3"
2019-09-30 08:20:51 Done deploying Istio Ingress definitions
So the show-urls.sh
shows the following:
2019-09-30 08:21:11 ------------------------------------------------------------------------------------
2019-09-30 08:21:11 kiali
2019-09-30 08:21:11 Run the command: kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=kiali -o jsonpath='{.items[0].metadata.name}') 20001:20001
2019-09-30 08:21:11 Then open http://localhost:20001/kiali/console with username: admin, password: admin
2019-09-30 08:21:11 ------------------------------------------------------------------------------------
2019-09-30 08:21:11 prometheus
2019-09-30 08:21:11 Run the command: kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=prometheus -o jsonpath='{.items[0].metadata.name}') 9090:9090 &
2019-09-30 08:21:11 Then open http://localhost:9090/
2019-09-30 08:21:11 ------------------------------------------------------------------------------------
2019-09-30 08:21:11 jaeger
2019-09-30 08:21:11 Run the command: kubectl -n istio-system port-forward $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686 &
2019-09-30 08:21:11 Then open http://localhost:16686
2019-09-30 08:21:11 ------------------------------------------------------------------------------------
2019-09-30 08:21:11 grafana
2019-09-30 08:21:11 Run the command: kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &
2019-09-30 08:21:11 Then open http://localhost:3000/dashboard/db/istio-mesh-dashboard
2019-09-30 08:21:11 ------------------------------------------------------------------------------------
2019-09-30 08:21:11 articles
2019-09-30 08:21:11 API explorer: http://10.0.2.15:31046/openapi/ui/
2019-09-30 08:21:11 Sample API: curl http://10.0.2.15:31046/articles/v1/getmultiple?amount=10
2019-09-30 08:21:11 ------------------------------------------------------------------------------------
2019-09-30 08:21:11 authors
2019-09-30 08:21:12 Sample API: curl http://10.0.2.15:30257/api/v1/getauthor?name=Niklas%20Heidloff
2019-09-30 08:21:12 ------------------------------------------------------------------------------------
2019-09-30 08:21:12 authentication
2019-09-30 08:21:12 authentication is not available. Run scripts/deploy-authentication-nodejs.sh
2019-09-30 08:21:12 ------------------------------------------------------------------------------------
2019-09-30 08:21:12 web-api
error: the server doesn't have a resource type "gateway"
2019-09-30 08:21:12 API explorer: http://10.0.2.15:30770/openapi/ui/
2019-09-30 08:21:12 Metrics: http://10.0.2.15:30770/metrics/application
2019-09-30 08:21:12 Sample API: curl http://10.0.2.15:30770/web-api/v1/getmultiple
2019-09-30 08:21:12 ------------------------------------------------------------------------------------
2019-09-30 08:21:12 web-app
error: the server doesn't have a resource type "gateway"
2019-09-30 08:21:13 Ingress not available. Run scripts/deploy-istio-ingress-v1.sh
2019-09-30 08:21:13 ------------------------------------------------------------------------------------
Thank you for any ideas!
It cloud be that you can't upload all microservice container images to the IBM Cloud Container registry, because you could exceed 0.5 GB total image size in the steps of lab 2.
While installing (re-installing after a delete-all.sh) I noticed this:
cloud-native-starter$ scripts/deploy-web-api-java-jee.sh 2019-07-08 08:51:43 Deploying web-api-java-jee v1 error: the path "protect-web-api.yaml" does not exist
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.