- Introduction
- Application Overview
- Project repositories
- Deploy the Application
- Validate the Application
- Delete the Application
- Optional Deployments
- DevOps automation, Resiliency and Cloud Management and Monitoring
This project provides a reference implementation for running a Cloud Native Mobile and Web Application using a Microservices architecture on a Kubernetes cluster. The logical architecture for this reference implementation is shown in the picture below.
The application is a simple store front shopping application that displays a catalog of antique computing devices, where users can search and buy products. It has both Web and Mobile interface, both the Mobile App and Web App rely on separate BFF (Backend for Frontend) services to interact with the backend data.
(Note: the Mobile app is not currently supported at this release)
There are several components of this architecture.
- This OmniChannel application contains both a Native iOS Application and an AngularJS based web application. The diagram depicts them as a Device and Browser.
- The iOS application uses the IBM Mobile Analytics Service to collect device analytics for operations and business
- The Web and Mobile app invoke their own backend Microservices to fetch data, we call this component BFFs following the Backend for Frontends pattern. In this Layer, front end developers usually write backend logic for their front end. The Web BFF is implemented using the Node.js Express Framework. The Mobile iOS BFF is implemented using Server side Swift. These Microservices are packaged as Docker containers and managed by Kubernetes cluster.
- These BFFs invoke another layer of reusable Java Microservices. In a real world project, this is sometimes written by different teams. The reusable microservices are written in Java. They run inside a Kubernetes cluster, for example the IBM Cloud Container Service or IBM Cloud private, using Docker.
- BFFs uses Hystrix open source library to provide an implementation of the Circuit Breaker Pattern. This component runs as a library inside the Java Applications. This component then forward Service Availability information to the Hystrix Dashboard.
- The Java Microservices retrieve their data from the following databases:
- The Catalog service retrieves items from a searchable JSON datasource using ElasticSearch. In a development environment, Elasticsearch runs in a container. In production, it uses Compose for Elasticsearch as a managed Elasticsearch instance instead.
- The Customer service stores and retrieves Customer data from a searchable JSON datasource using CouchDB. In the development environment, it runs CouchDB in a Docker container. In a production environment, it uses IBM Cloudant as a managed CouchDB instance instead.
- The Inventory and Orders Services use separate instances of MySQL. In this example, we run MySQL in Docker Containers for Development. In a production environment, it runs using Compose for MySQL as a managed resilient MySQL instance instead.
This project organized itself like a microservice project, as such each component in the architecture has its own Git Repository and tutorial listed below.
- refarch-cloudnative-kubernetes - The root repository (Current repository)
- refarch-cloudnative-bluecompute-web - The BlueCompute Web application with BFF services
- refarch-cloudnative-auth - The security authentication artifact
- refarch-cloudnative-micro-customer - The microservices (Java) app to fetch customer profile from identity store
- refarch-cloudnative-micro-inventory - The microservices (Java) app for Catalog (ElasticSearch) and Inventory data service (MySQL)
- refarch-cloudnative-micro-orders - The microservices (Java) app for Order data service (MySQL)
This project contains tutorials for setting up CI/CD pipeline for the scenarios. The tutorial is shown below.
- refarch-cloudnative-devops-kubernetes - The DevOps assets are managed here
This project contains tutorials for setting up Resiliency such as High Availability, Failover, and Disaster Recovery for the above application.
- refarch-cloudnative-resiliency - The Resiliency Assets will be managed here
- refarch-cloudnative-kubernetes-csmo - The BlueCompute application end-to-end cloud service management for Kubernetes based deployment
To run the sample applications you will need to configure your environment for the Kubernetes and Microservices runtimes.
To deploy the application, you require the following tools:
- kubectl (Kubernetes CLI) - Follow the instructions here to install it on your platform.
- helm (Kubernetes package manager) - Follow the instructions here to install it on your platform.
- If using
IBM Cloud Private
, we recommend you follow these instructions to installhelm
.
- If using
-
Clone the base repository:
$ git clone https://github.com/ibm-cloud-architecture/refarch-cloudnative-kubernetes
-
Clone the peer repositories:
$ cd refarch-cloudnative-kubernetes && sh clonePeers.sh
The following clusters have been tested with this sample application:
-
minikube - Create a single node virtual cluster on your workstation.
By default minikube defaults to 2048M RAM which is not enough to start the application. To provision 8G:
$ minikube start --memory 8192
Enable the ingress controller with:
$ minikube addons enable ingress
-
IBM Cloud Container Service - Create a Kubernetes cluster in IBM Cloud. The application runs in the Lite cluster, which is free of charge. Follow the instructions here.
-
IBM Cloud Private - Create a Kubernetes cluster in an on-premise datacenter. The community edition (IBM Cloud private-ce) is free of charge. Follow the instructions here to install IBM Cloud Private CE.
We have packaged all the application components as Kubernetes Charts. To deploy the application, follow the instructions to configure kubectl
for access to the Kubernetes cluster.
- Initialize
helm
in your cluster.
$ helm init
This initializes the helm
client as well as the server side component called tiller
.
- Add the
helm
package repository containing the reference application:
$ helm repo add ibmcase https://raw.githubusercontent.com/ibm-cloud-architecture/refarch-cloudnative-kubernetes/master/docs/charts/bluecompute-ce
- Install the reference application:
$ helm install --name bluecompute ibmcase/bluecompute-ce
After a minute or so, the containers will be deployed to the cluster. The output of the installation contains instructions on how to access the application once it has finished deploying. For more information on the additional options for the chart, see this document.
You can reference this link to validate the sample web application.
If you've installed on minikube
you can find the IP by issuing:
$ minikube ip
In your browser navigate to http://<IP>:31337
.
Use the following test credentials to login:
- Username: user
- Password: passw0rd
To delete the application from your cluster, run the following:
$ helm delete bluecompute --purge
Deploying the Helm chart will also work on a Kubernetes cluster from IBM Cloud Container Service. Use the following commands to install the chart:
$ helm init
$ helm repo add ibmcase https://raw.githubusercontent.com/ibm-cloud-architecture/refarch-cloudnative-kubernetes/master/docs/charts/bluecompute-ce
$ helm install --name bluecompute ibmcase/bluecompute-ce
To access the application, you need to access the IP address of one of your worker nodes. To get the IP, use the following command:
$ bx cs workers <CLUSTER_NAME>
OK
ID Public IP Private IP Machine Type State Status Zone Version
kube-dal13-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-w1 163.77.77.72 10.77.77.71 u2c.2x4.encrypted normal Ready dal13 1.10.1_1508
kube-dal13-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-w2 163.77.77.71 10.77.77.72 u2c.2x4.encrypted normal Ready dal13 1.10.1_1508
kube-dal13-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-w3 163.77.77.73 10.77.77.73 u2c.2x4.encrypted normal Ready dal13 1.10.1_1508
The command will give you an output similar to the above. Pick the Public IP of any of your worker nodes.
In your browser navigate to http://<IP>:31337
.
To validate the application itself, feel free to use the instructions here.
IBM Cloud Private contains integration with Helm that allows you to install the application and all of its components in a few steps. This can be done as an administrator using the following steps:
- Click on the user icon on the top right corner and then click on
Configure client
. - Copy the displayed
kubectl
configuration, paste it in your terminal, and press Enter on your keyboard. - Download and initialize helm in your cluster using these instructions.
- Add the
helm
package repository containing the reference application:
$ helm repo add ibmcase https://raw.githubusercontent.com/ibm-cloud-architecture/refarch-cloudnative-kubernetes/master/docs/charts/bluecompute-ce
- Install the reference application:
$ helm install --name bluecompute ibmcase/bluecompute-ce --tls
After a minute or so, the containers will be deployed to the cluster. The output of the installation contains instructions on how to access the application once it has finished deploying. For more information on the additional options for the chart, see this document.
Note that the ElasticSearch service requires the IPC_LOCK
capability to lock shared memory. If deploying BlueCompute to a namespace other than default
, the default PodSecurityPolicy does not permit this. Follow these instructions to enable BlueCompute to run in a non-default
namespace.
To access the application, you need to access the IP address of one of your proxy nodes. Pick the IP of any of your proxy nodes.
In your browser navigate to http://<IP>:31337
.
To validate the application itself, feel free to use the instructions here.
To delete the application from your cluster, run the following:
$ helm delete bluecompute --purge --tls
If Chart installation fails, it usually has to do with the version of helm in your workstation being incompatible with the one installed in the IBM Cloud Private Cluster. To verify installed versions of helm, use the following command:
$ helm version --tls
If the versions are different, you might want to delete the current helm client and install a version of helm client that matches the server one. To do so, please refer to Helm's guide here.
You can setup and enable automated CI/CD for most of the BlueCompute components via the IBM Cloud DevOps Open Toolchain. For detail, please check the DevOps project .
For guidance on how to manage and monitor the BlueCompute solution, please check the Management and Monitoring project.
Please check this repository on instructions and tools to improve availability and performances of the BlueCompute application.
Please review this page on how we secure the solution end-to-end.