Essa aplicaçãp foi construida utilizando as seguinstes versões de cada tecnologia
Istio versão 1.14 Kubernetes Client Version 1.24.3 Kubernetes Server Version 1.23.8
Habilitando o kubernetes no docker desktop
Instalando o minikube Link
Iniciando o minikube
minikube start --memory=16384 --cpus=4Instalando o istioctl Command-line Link
curl -L https://istio.io/downloadIstio | sh -Após iniciar o cluster kubernetes, execute os comandos abaixo
Iniciando o istio
$ sh init-istio.shVerifique se os containers estão rodando (READY) antes de iniciar os outros containers
$ watch kubectl get po --all-namespacesSe estiver usando o minikube, será necessário alterar o arquivo 2-config-map.yaml para o ip e porta do seu cluster
apiVersion: v1
kind: ConfigMap
metadata:
namespace: on-premise
name: config-map-graphql
labels:
type: middleware
data:
END_POINT_API_GRAPHQL: http://{CLUSTER_IP}:{PORT}/graphqlArmazenando a porta de entrada do cluster (minikube)
export INGRESS_PORT=$(kubectl get svc istio-ingressgateway -n istio-system -o jsonpath='{.spec.ports[1].nodePort}')Alterando o arquivo 2-config-map.yaml (minikube)
sed -e "s|http://localhost/graphql|http://$(minikube ip):$INGRESS_PORT/graphql|g" 2-config-map.yaml | kubectl apply -f -sh init-demo-1.shsh init-demo-2.shInserindo dados de exemplo
Se estiver usando o minikube, alterar o localhost por $(minikube ip)
curl POST \
http://localhost:30080/expense \
-H 'Content-Type: application/json' \
-d '{
"idUser": "5000",
"companyName": "Arcos Dourados",
"value": 50.01,
"details": {
"cardNumber": "4716650221230609",
"cnpj": "55.474.589/0001-51",
"timeStamp": 1578243141,
"mapLocation": "https://p2.trrsf.com/image/fget/cf/640/0/images.terra.com/2020/09/24/maps.JPG"
}
}'Viasualizando a aplicação
open -a "Google Chrome" http://localhostminikube
open -a "Google Chrome" http://$(minikube ip):$INGRESS_PORTImplanta o container do dashboard kubernetes
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yamlRecupera o token de acesso
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')Disponibilizando o dashboard
kubectl proxyAcesse o dashboard informando o token
Visualizando as ferramentas de observability
istioctl dashboard kialiistioctl dashboard grafanaistioctl dashboard jaegeristioctl dashboard prometheuskubectl apply -f ./istio/Mirroring/1-mirroring-api-graphql.yamlCaso não tenha habilitado o mTLS
kubectl apply -f ./istio/Mirroring/2-destination-rule.yamlCaso tenha habilitado o mTlS kubectl apply -f ./istio/Mirroring/2-enable-tls-destination-rule.yaml
export V1_POD=$(kubectl get pod -l app=api-graphql,version=v1 -o jsonpath={.items..metadata.name} -n on-premise) \
&& kubectl logs -f $V1_POD -c api-graphql -n on-premiseexport V2_POD=$(kubectl get pod -l app=api-graphql,version=v2 -o jsonpath={.items..metadata.name} -n on-premise) \
&& kubectl logs -f $V2_POD -c api-graphql -n on-premisewhile true; \
do curl -X POST \
http://localhost/graphql \
-H 'Content-Type: application/json' \
-d '{"query":"mutation { simulate(simulation: { \n interestRate: 1.99, loanAmount: 500.00, days: 20 \n}) {value tax}}"}'; \
sleep 0.5; echo; \
donedocker run -e HOST=192.168.0.14 --name k6-loadimpact --rm -i loadimpact/k6:master run - <./test/service-middleware-java.jskubectl exec -it {pod_name} -c authz -n on-premise -- /bin/shcat /configMap/validate-profile.regoultrahook policy http://localhost:30078kubectl logs -f -c policy-manager -n security {pod_name}