I am trying to create a gateway+microservice setup (using jhipster 7.8.1) something similar to this sample but without eureka service discovery.
After generation, the applications boots fine but the UI (in my case Angular) is unable to reach the microservice (i.e unable to perform CRUD operation - I see 404 in the gateway). I did some initial digging and found the following in application.yml in gateway app
spring:
application:
name: gateway
cloud:
gateway:
default-filters:
- JWTRelay
discovery:
locator:
enabled: true
lower-case-service-id: true
predicates:
- name: Path
args:
pattern: "'/services/'+serviceId.toLowerCase()+'/**'"
filters:
- name: RewritePath
args:
regexp: "'/services/' + serviceId.toLowerCase() + '/(?<remaining>.*)'"
replacement: "'/${remaining}'"
which seems to be doing the routing, especially
spring.cloud.gateway.discovery.locator.enabled:true
seems to be doing the magic of mapping the apps registered with the discovery service to be available for gateway proxy'ing (reference)
I looked into the template in the jhipster's code base and did not find any other implementation for the no discovery service option.
For the no discovery service option I was expecting to see (with my limited knowledge of gateway) some explicit route mapping in the gateway to my microservices. Am i missing something or do I have to tweak something in the gateway to make it work without the discovery service.
Any help is greatly appreciated...
Note: I was able to run my setup as expected with eureka discovery (jhipster registry)
Related
In a development team, we are working on a jhipster microservice project with Uaa, Jh-registry, mic 1, mic 2 and gateway.
The question here is it possible to deploy shared Uaa and Jh-registry in a remote server using Docker and other developers on either mic 1 and mic 2 use them as a service?
If the answer is yes, is there any config or inspiration sample available?
The answer is yes and there's very little to do, just edit the src/main/resources/config/bootstrap.yml file of your gateway, uaa and microservices so that they point to the registry url for config:
spring:
...
cloud:
config:
fail-fast: false # if not in "prod" profile, do not force to use Spring Cloud Config
uri: http://admin:${jhipster.registry.password}#my-registry.example.com:8761/config
And then for Eureka server url, edit application*.yml in applications and registry to change defaultZone
eureka:
...
client:
service-url:
defaultZone: http://admin:${jhipster.registry.password}#my-registry.example.com:8761/eureka/
I need some guidance please, first here is my project details :
- Jhipster v6.0.0
- Angular
- Microservices architecture with Jhipster-Registry + UAA
- No monitoring, no Ingress, no Istio (just the defaults options, full JHipster)
- Deployed on Google Kubernetes Engine cluster
So, if I understand correctly, with my current setup it is the Gateway that is doing the load balancing using Netflix Ribbon and it is the entry point from the World Wide Web to access my app. How can I make my app accessible with HTTPS and SSL certificate on GKE ? I'm a bit confused, do I need to switch to Ingress ?
Thanks
We have various Asp.net core containers with REST APIs hosted in Azure Kubernetes Service. Each REST API service implements many HTTP methods with different routes but has common base route (based on controller name).
Requirements is to route the request to different service based starting route value, e.g. All requests starting with “/user” route user service or products APIs requests to product service.
We have added path as "/user/* ", "/product/* " in the path section of the kubernetes ingress.
Asterisk (*) is not working
According to this you need to use regex.
path: /foo/.*
I created a microservice project with a gateway & stuff, and I've some interrogation on one of the gateway spring property.
I've this one on my gateway's application-dev.yml (also prod):
jhipster:
gateway:
authorized-microservices-endpoints:
app1: /api,/v2/api-docs
I'm suspecting that the 'app1' shall be replaced by one or all my microservices (and maybe the UAA one too), but I don't know what it does.
Any description or insight on it?
Regards,
The jhipster.gateway.authorized-microservices-endpoints config variable controls access to your microservices when requested through the gateway. In the case of the example, only /api (API endpoints) and /v2/api-docs (Swagger docs) are accessible through the gateway for the app1 microservice.
This means if you try to request an API mapping that is not present in the list (such as an actuator endpoint http://gateway:8080/app1/management/info) it will fail. You can still make the request directly to the microservice if you needed to.
By default, all paths are open to any microservice. To secure your apps, you will need to add your microservices to the list and set the accessible endpoints.
In summary, this config lets you reduce the attack surface of your microservices. Here's a link to the related JHipster issue where this was added. You can also find details in JHipster's Gateway documentation.
We are developing microservices in NodeJS and deploying them to an Application server. These services run on random port which is set in config file programmatically. I know these services could be managed using service discovery like Eureka / Consul and similar. However, is there a way to manage them without using any service discovery.
However you call it, you will need a central place where services will need to register their host and port (and deregister when they shutdown gracefully), so that others know how to consume them. You can use a database (SQL/noSQL), Eureka, Consul, anything that will give you "put data" and "get data" capabilities.
Benefit of solutions like Eureka and Consul are built-in health checks and removing service from the registry if it fails them.