No application is an island. In this journey, we'll explore how to deploy a system of services to kubernetes, including what happens next: How to add resilience, monitoring, end-to-end trace, content-aware routing, etc.
We're basing this journey on Game On! A throwback text adventure built from the ground up to facilitate exploration of Cloud Native systems and concepts. The application will be deployed to a Kubernetes cluster, and operates in several levels: there is a set of replaceable platform-provided services, like backing storage, that vary depending on where the application runs; and there is a set of core game services. Most of the core game services are written with Java 8, and run on OpenLiberty with MicroProfile features. There are a few that are simple nginx processes serving static content from different projects.
There is an additional pseudo-layer for services that extend the game by defining "rooms". Rooms in the game are single-service sandboxes for experimenting with backend technologies. In this journey, you'll also experiment with adding your own room to the system.
Using this Code Pattern, you will:
- Deploy a system of microservices to Kubernetes using
kubectl
- Deploy a system of microservices to Kubernetes using helm charts
- Make changes to an existing Kubernetes cluster
- Create and deploy your own service to a Kubernetes cluster
- Game Play: The user visits the GameOn! deployment on Kubernetes through a proxy, which surfaces the collection of service APIs as a single facade for the entire application. The proxy retrieves the front-end client, a single-page web application, from a stand-alone nginx process and serves it to the user's browser.
- Game Play: The user pushes the button to play the game. The user selects a Social Sign-On service from a list of options. The front-end client makes a RESTful request to the Auth service to begin the login process.
- Game Play: The Auth service uses the OAuth2 protocol to authenticate the user with the selected Social Sign-On service. At the end of the login process, the Auth service returns a signed JWT that identifies the user.
- Game Play: The front-end client includes the signed JWT in REST requests to the Player service to retrieve, and create if necessary, the user's profile.
- Game Play: (a) The front-end client establishes a WebSocket connection with the Mediator service to begin playing the game. (b) The Mediator establishes WebSocket connections to backend rooms, and passes messages back and forth.
- Game Play: The Mediator manages connections to individual microservices providing each room. It calls an API on the Map service to find neighboring rooms.
- Game Play: When a user changes location, the Mediator calls an API on the Player service to update the user's stored location.
- Room development: The user creates and deploys a new service to create a new room for the game (from scratch or using an exiting walkthrough).
- Room development: The user uses the Room Management panel in the front-end client to make a RESTful request to the Map service to register their service.
- Room development: The Map service makes a RESTful request to the Player service to check that the user has required permissions. If all is well, the room is registered and added to the game's map.
- Apache CouchDB: An open-source database software that focuses on ease of use and having an architecture that “completely embraces the Web.”
- Apache Kafka: A distributed streaming platform for building pipelines and apps.
- Istio: An open platform to connect, manage, and secure microservices.
- JAX-RS: Java API for RESTful Web Services or JAX-RS is an API specifications for creating web services using the Representational State Transfer (REST) architectural pattern.
- Kubernetes Cluster: Create and manage your own cloud infrastructure and use Kubernetes as your container orchestration engine.
- MicroProfile: Optimize Enterprise Java for a microservices architecture.
- Swagger: A framework of API developer tools for the OpenAPI Specification that enables development across the entire API lifecycle.
- Cloud: Accessing computer and information technology resources through the Internet.
- Container Orchestration: Automating the deployment, scaling and management of containerized applications.
- Containers: Virtual software objects that include all the elements that an app needs to run.
- Java: A secure, object-oriented programming language for creating applications.
- Messaging: Messaging is a key technology for modern applications using loosely decoupled architecture patterns such as microservices.
- Microservices: Collection of fine-grained, loosely coupled services using a lightweight protocol to provide building blocks in modern application composition in the cloud.
-
A Kubernetes cluster. Consider the following, or choose your own:
- Minikube for local testing
- IBM Cloud Private
- IBM Bluemix Container Service
The code here is regularly tested against Minikube using Travis CI.
- Clone the gameontext/gameon repository
- Setup the game to work with your cluster
- Start the game
- Wait for services to be available
- Play!
- Stop the game
$ git clone https://github.com/gameontext/gameon.git
$ cd gameon # cd into the project directory
$ ./go-admin.sh choose 2 # choose Kubernetes
$ eval $(./go-admin.sh env) # set aliases for admin scripts
$ alias go-run # confirm kubernetes/go-run.sh
Instructions below will reference go-run
, the alias created above. Feel free to invoke ./kubernetes/go-run.sh
directly if you prefer.
The go-run.sh
and k8s-functions
scripts encapsulate setup and deployment of core game services to kubernetes. Please do open the scripts to see what they do! We opted for readability over shell script-fu for that reason.
$ go-run setup
This will ensure you have the right versions of applications we use, prompt to use helm or not, and create a cerficate for signing JWTs.
$ go-run up
This step will also create a gameon-system
name space and a generic kubernetes secret containing that certificate.
$ go-run wait
Visit your external cluster IP address and poke around. Now that the game is working locally, let's venture off into other related adventures:
$ go-run down