In a development team, we are working on a jhipster microservice project with Uaa, Jh-registry, mic 1, mic 2 and gateway.
The question here is it possible to deploy shared Uaa and Jh-registry in a remote server using Docker and other developers on either mic 1 and mic 2 use them as a service?
If the answer is yes, is there any config or inspiration sample available?
The answer is yes and there's very little to do, just edit the src/main/resources/config/bootstrap.yml file of your gateway, uaa and microservices so that they point to the registry url for config:
spring:
...
cloud:
config:
fail-fast: false # if not in "prod" profile, do not force to use Spring Cloud Config
uri: http://admin:${jhipster.registry.password}#my-registry.example.com:8761/config
And then for Eureka server url, edit application*.yml in applications and registry to change defaultZone
eureka:
...
client:
service-url:
defaultZone: http://admin:${jhipster.registry.password}#my-registry.example.com:8761/eureka/
Related
I am trying to create a gateway+microservice setup (using jhipster 7.8.1) something similar to this sample but without eureka service discovery.
After generation, the applications boots fine but the UI (in my case Angular) is unable to reach the microservice (i.e unable to perform CRUD operation - I see 404 in the gateway). I did some initial digging and found the following in application.yml in gateway app
spring:
application:
name: gateway
cloud:
gateway:
default-filters:
- JWTRelay
discovery:
locator:
enabled: true
lower-case-service-id: true
predicates:
- name: Path
args:
pattern: "'/services/'+serviceId.toLowerCase()+'/**'"
filters:
- name: RewritePath
args:
regexp: "'/services/' + serviceId.toLowerCase() + '/(?<remaining>.*)'"
replacement: "'/${remaining}'"
which seems to be doing the routing, especially
spring.cloud.gateway.discovery.locator.enabled:true
seems to be doing the magic of mapping the apps registered with the discovery service to be available for gateway proxy'ing (reference)
I looked into the template in the jhipster's code base and did not find any other implementation for the no discovery service option.
For the no discovery service option I was expecting to see (with my limited knowledge of gateway) some explicit route mapping in the gateway to my microservices. Am i missing something or do I have to tweak something in the gateway to make it work without the discovery service.
Any help is greatly appreciated...
Note: I was able to run my setup as expected with eureka discovery (jhipster registry)
I need some guidance please, first here is my project details :
- Jhipster v6.0.0
- Angular
- Microservices architecture with Jhipster-Registry + UAA
- No monitoring, no Ingress, no Istio (just the defaults options, full JHipster)
- Deployed on Google Kubernetes Engine cluster
So, if I understand correctly, with my current setup it is the Gateway that is doing the load balancing using Netflix Ribbon and it is the entry point from the World Wide Web to access my app. How can I make my app accessible with HTTPS and SSL certificate on GKE ? I'm a bit confused, do I need to switch to Ingress ?
Thanks
I've setup a POC with the following components:
JHipster registry
JHipster API gateway
2 JHipster microservices
The communication works very well between these components.
Another requirement of my POC is to register an legacy webservice(SOAP or REST not developed with JHipster) in the JHipster gateway.
Is it possible?
I would want to use the API Gateway as a unique entry point for all the clients(external and internal)to access all the webservices of my company.
Thank you.
Two important criteria are service discovery and security.
For service discovery, JHipster offers 2 options: JHipster Registry (Eureka) and HashiCorp Consul. Consul is better suited for legacy apps as it is less invasive because you can use DNS resolution and templates and a sidecar proxy approach.
For security, legacy apps should be able to consume authentication tokens to apply authorizations.
I have a problem with jhispter-registry using keycloak (or okta) for authentication. My microservices stack is mde of registry in version 4.0.1 (but I hab same problem with version 3.3.0), a gateway and a microservice generated by jhipster version 5.3.0. I use keycloak version 4.3.0 in docker.
I manage to authenticate me on registry and gateway without problems.
When I call web service required authentication through gateway (by example http://127.0.0.1:8080/ws/auth), it's ok.
But on registry with administration menu, when I want look gateway configuration (or metrics, logs, ...), I got a cors error after 2 redirections :
from registry to gateway_ip/login: ok
from gateway to keyclok: cors error
And if I want configuration of my service, I got directly an error 401.
All services (registry (version 4.0.1), gateway (generated by jhipster 5.3.0), microservices (generated by version 5.3.0) and keycloak (version 4.3.0 in docker) run in my PC. In /etc/hosts, I added ip 127.0.0.1 to keycloak. I use default configuration for all services, in dev profile.
Is it a bug of jhipster, or have I misconfigured my services ?
Thanks, Denis
I developed a microservice application with these :
Jhipster registry
Uaa
Gateway
Microservice1
I want to deploy this in production on different server, but I don't want to use IP to access to microservices.
How can I launch microservice1 and uaa to say to the registry that they need to be called with these URLs :
uaa.myapp.com
microservice1.myapp.com