I created new JHipster microservice application for demo purpose. I used JHipster Registry version 4.1.1 and create a new UAA application.
Both applications started without error.
I want to show UAA application metrics in Registry Dashboard (Administration -> Metrics) but it cannot display and logout JHipster Registry automatically.
There is a log line in UAA application:
Enter: com.mycompany.repository.CustomAuditEventRepository.add() with argument[s] = [AuditEvent [timestamp=2019-03-19T19:35:08.979Z, principal=access-token, type=AUTHENTICATION_FAILURE, data={type=org.springframework.security.authentication.BadCredentialsException, message=Cannot convert access token to JSON}]]
Please let me know how to fix this problem.
When using the UAA architecture for microservices, the JHipster Registry needs to run with the uaa profile to properly manage the registered services. Otherwise, it expects the services to use JWT by default.
The gateway's docker-compose file for the registry (src/main/docker/jhipster-registry.yml) comes preconfigured with the uaa profile. If you launch the JHipster Registry some other way (such as a git clone or WAR file), make sure it includes the uaa profile.
Related
I have an application developed in Node and Angular , wherein I used express and passport for authorising user with Active directory(AD). I have containerised my application and tried running it from a stand-alone VM and it hits the AD and gets SAML response back. But when I deployed the same image inside a Pod , it is not hitting the AD and unable to find any error from passport module .
I tried disabling the AD call and access my application without authorisation enabled in it and it is successful.
Can anyone guide me where exactly the problem is , do I need to take care of any config changes at Kubernetes
Side Note: I’m from Application team and our environment team is taking care of pulling image and deploy inside pod .
I'm migrating a nodeJS project from GCP to DigitalOcean.
I'm running this nodeJS code on a kubernetes cluster in DigitalOcean. I'm using GitHub Actions to automatically build a docker image and deploy it to my kubernetes cluster. Everything works as expected, but I have a question.
On GCP, I used the secret manager to inject secrets (database credentials, API keys, ...) into my NodeJS project. I am looking for a similar solution on DigitalOcean. I have found SecretHub, it looks interesting but I'm unable to sign up.
I have found this from 1password connect, but it looks like I have to setup a server?
Does anyone know some interesting tool or trick to secure inject secrets into my nodejs code?
Yes, you can check out the Hashi corp vault which is mainly used with Kubernetes as a secret solution to inject the configuration and variables to the deployment of Kubernetes.
It's easy to set up and integrate with Kubernetes.
Hashi corp vault : https://www.hashicorp.com/products/vault
Enterprise version is paid one however you can open-source version which will solve your all needs with UI and login panel, you can use it for Production purpose it's safe, secure, and easy to integrate.
You can run one simple POD(deployment) on the Kubernetes server.
here you can follow the demo with minikube setup: https://learn.hashicorp.com/tutorials/vault/kubernetes-minikube?in=vault/kubernetes
We use Web App for Containers to operate Docker containers hosted on our Azure registry. This web app has been configured to pull the latest changes from the registry which in turns has lead to the creation of the following env variables:
DOCKER_REGISTRY_SERVER_URL
DOCKER_REGISTRY_SERVER_USERNAME
DOCKER_REGISTRY_SERVER_PASSWORD
DOCKER_ENABLE_CI
All values are correct and in the first place the Docker based setup worked well for us. Since monday, however, Kudu is longer able to pull docker images from our registry (neither from any registry that requires auth at all). The Kudu log is:
docker pull returned STDERR>> Error response from daemon: Get OUR_REGISTRY: unauthorized: authentication required
which suggests that Kudu is omitting the required Docker login call. Has anyone observed the same behaviour or is aware of Azure changes that require any adoption form our site. Thanks!
What we have tried so far:
creating a new registry
creating a new web app
creating a new service plan
restarting/stopping the web apps
I am using entity sub generator to generate entities in my jhipster gateway app by giving path of microservice app.
but looks like I have to run sub generator for every entity in microservice . is there any way that it can read all the .json file and in micro service and generate all the entities ?
I personally do as following :
Copy repository ".jhipster" from the microservice repository into the Gateway repository
Generate the gateway with the following command:
yo jhipster --with-entities
If you create your entities with jdl-studio you can specify microservices for them like in the doc.
microservice * with mysuperjhipsterapp except C
microservice C with myotherjhipsterapp
You can then generate the entitites with jhipster import-jdl my_file.jdl in both the gateway and the microservice.
You can skip entities from the gateway or the microservice by using this options in your jdl file:
skipClient for A
skipServer for B
I'm using Service Fabric as a container for deploying existing executables.
I intend to spawn a listener on the endpoint configured at deployment time, is it possible to get the endpoint settings somehow from the context? I know that using the Stateful/stateless/actor boilerplate type of projects allow the retrieval of CodePackageActivationContext, but how about a basic console project deployed as an exe?
Thanks
You should be able to retrieve the activation context using FabricRuntime.GetActivationContext()