BankNext Case Study : ServiceMesh with Docker-K8-Istio-Sidecar

KYC — ServiceMesh Architecture with Istio
$ minikube delete
! "minikube" profile does not exist, trying anyways.
* Removed all traces of the "minikube" cluster.
$ minikube stop
E1112 13:02:54.085434 10628 daemonize_windows.go:38] error terminating scheduled stop for profile minikube: Error loading existing host. Please try running [minikube delete], then run [minikube start] again.: filestore "minikube": Docker machine "minikube" does not exist. Use "docker-machine ls" to list machines. Use "docker-machine create" to add a new one.
* Profile "minikube" not found. Run "minikube profile list" to view all profiles.
To start a cluster, run: "minikube start"

$ minikube start --driver=docker
* minikube v1.21.0 on Microsoft Windows 10 Pro 10.0.19042 Build 19042
! Both driver=docker and vm-driver=virtualbox have been set.
Since vm-driver is deprecated, minikube will default to driver=docker.
If vm-driver is set in the global config, please run "minikube config unset vm-driver" to resolve this warning.
* minikube 1.24.0 is available! Download it: https://github.com/kubernetes/minikube/releases/tag/v1.24.0
* To disable this notice, run: 'minikube config set WantUpdateNotification false'
* Using the docker driver based on user configuration
* Starting control plane node minikube in cluster minikube
* Pulling base image ...
* Creating docker container (CPUs=2, Memory=2200MB) ...
! Executing "docker container inspect minikube --format={{.State.Status}}" took an unusually long time: 2.3729385s
* Restarting the docker service may improve performance.
! This container is having trouble accessing https://k8s.gcr.io
* To pull new external images, you may need to configure a proxy: https://minikube.sigs.k8s.io/docs/reference/networking/proxy/
* Preparing Kubernetes v1.20.7 on Docker 20.10.7 ...
- Generating certificates and keys ...
- Booting up control plane ...
- Configuring RBAC rules ...
* Verifying Kubernetes components...
- Using image gcr.io/k8s-minikube/storage-provisioner:v5
* Enabled addons: default-storageclass, storage-provisioner
* Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default
$ docker loginAuthenticating with existing credentials...
time="2021-11-12T13:09:16-08:00" level=error msg="(3a53acc8) a5b58191-CredentialHelperPKG C<-S No response POST /registry/credstore-updated (1.5370461s): Post \"http://ipc/registry/credstore-updated\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)[[STACK]]"
time="2021-11-12T13:09:18-08:00" level=error msg="(6dc7cfbd) a5b58191-CredentialHelperPKG C<-S No response GET /ping (1.1539758s): Get \"http://ipc/ping\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)[[STACK]]"
time="2021-11-12T13:09:21-08:00" level=error msg="(40232350) a5b58191-CredentialHelperPKG C<-S No response POST /registry/credstore-updated (1.0127004s): Post \"http://ipc/registry/credstore-updated\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)[[STACK]]"
Login Succeeded
$ minikube docker-envexport DOCKER_TLS_VERIFY="1"
export DOCKER_HOST="tcp://127.0.0.1:49962"
export DOCKER_CERT_PATH="C:\Users\user\.minikube\certs"
export MINIKUBE_ACTIVE_DOCKERD="minikube"# To point your shell to minikube's docker-daemon, run:
# eval $(minikube -p minikube docker-env)
$ istioctl install --set profile=demo -y✔ Istio core installed
✔ Istiod installed
✔ Egress gateways installed
✔ Ingress gateways installed
✔ Installation complete
*If any errors, re-run this cmd till you get the items checked as shown
$ kubectl label namespace default istio-injection=enablednamespace/default labeled
$ minikube ip! Executing "docker container inspect minikube --format={{.State.Status}}" took an unusually long time: 3.0719554s
* Restarting the docker service may improve performance.
192.168.49.2*This is your Istio Gateway IP
$ kubectl -n istio-system get service istio-ingressgateway -o jsonpath='{.spec.ports[?(@.name=="http2")].nodePort}'32716*This is your Istio Gateway Port.
http://192.168.49.2:32716
istio-base-url=http://192.168.49.2:
istio-gateway-port
=32716
$ cd  /c/Vijay/Java/projects/kyc-k8-docker-istio/kyc-aggregator-mgt$ docker rmi kyc-aggregator-mgt:latest
$ docker rmi -f kyc-aggregator-mgt:latest
$ docker rmi -f vijayredkar/kyc-aggregator-mgt:latest
$ mvn clean install
$ docker build -t kyc-aggregator-mgt -f Dockerfile .
$ docker tag kyc-aggregator-mgt vijayredkar/kyc-aggregator-mgt:latest

$ docker push vijayredkar/kyc-aggregator-mgt
$ cd  /c/Vijay/Java/projects/kyc-k8-docker-istio/kyc-credit-check-basic

$ docker rmi -f kyc-credit-check-basic:latest
$ docker rmi -f vijayredkar/kyc-credit-check-basic:latest
$ mvn clean install
$ docker build -t kyc-credit-check-basic -f Dockerfile .
$ docker tag kyc-credit-check-basic vijayredkar/kyc-credit-check-basic:latest
$ docker push vijayredkar/kyc-credit-check-basic
$ cd  /c/Vijay/Java/projects/kyc-k8-docker-istio/kyc-credit-check-advanced

$ docker rmi -f kyc-credit-check-advanced:latest
$ docker rmi -f vijayredkar/kyc-credit-check-advanced:latest
$ mvn clean install
$ docker build -t kyc-credit-check-advanced -f Dockerfile .
$ docker tag kyc-credit-check-advanced vijayredkar/kyc-credit-check-advanced:latest
$ docker push vijayredkar/kyc-credit-check-advanced
$ docker image lsREPOSITORY                              TAG       IMAGE ID    
kyc-credit-check-advanced latest f5694be8631d
vijayredkar/kyc-credit-check-advanced latest f5694be8631d
vijayredkar/kyc-credit-check-basic latest 49568e4da791
kyc-credit-check-basic latest 49568e4da791
kyc-aggregator-mgt latest 6ae3c011d1e3
vijayredkar/kyc-aggregator-mgt latest 6ae3c011d1e3
$ kubectl delete service kyc-aggregator-mgt
$ kubectl delete deployment kyc-aggregator-mgt
$ kubectl delete service kyc-credit-check-basic
$ kubectl delete deployment kyc-credit-check-basic
$ kubectl delete service kyc-credit-check-advanced
$ kubectl delete deployment kyc-credit-check-advanced
$ kubectl delete gateway kyc
$ kubectl delete virtualservice kyc
$ kubectl delete destinationrule kyc-aggregator-mgt
$ kubectl delete gateway kyc-credit-check
$ kubectl delete virtualservice kyc-credit-check
$ kubectl delete destinationrule kyc-credit-check-basic$ kubectl delete destinationrule kyc-credit-check-advanced
$ cd /c/Vijay/Java/projects/kyc-k8-docker-istio/networking$ kubectl apply -f kyc-aggregator-mgt-k8-istio.yml
$ kubectl apply -f kyc-aggregator-mgt-istio-routing.yaml
$ kubectl apply -f kyc-aggregator-mgt-destination-rule.yaml
$ kubectl apply -f kyc-credit-check-basic-k8-istio.yml
$ kubectl apply -f kyc-credit-check-basic-destination-rule.yaml
$ kubectl apply -f kyc-credit-check-advanced-k8-istio.yml
$ kubectl apply -f kyc-credit-check-advanced-destination-rule.yaml
$ kubectl apply -f kyc-credit-check-istio-routing.yaml
$ kubectl get podsNAME                                         READY   STATUS 
kyc-aggregator-mgt-7f6ddc8bbd-sfjvg 2/2 Running
kyc-credit-check-advanced-799795b457-bh2p8 2/2 Running
kyc-credit-check-basic-d87477769-szd96 2/2 Running
*wait until the pods show "2/2 Running"
$ kubectl get servicesNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP
kyc-aggregator-mgt ClusterIP 10.105.20.233 <none> 8080/TCP
kyc-credit-check-advanced ClusterIP 10.102.235.90 <none> 8080/TCP
kyc-credit-check-basic ClusterIP 10.105.250.45 <none> 8080/TCP
$ kubectl get deploymentsNAME READY UP-TO-DATE AVAILABLE AGE
kyc-aggregator-mgt 1/1 1 1 37m
kyc-credit-check-advanced 1/1 1 1 37m
kyc-credit-check-basic 1/1 1 1 37m
*ensure that deployments show "1/1 Ready"
$ kubectl get virtualservicesNAME GATEWAYS HOSTS AGE
kyc ["kyc"] ["*"] 26s
kyc-credit-check ["kyc"] ["*"] 19s
$ kubectl get gateways
NAME AGE

kyc 28s
$ kubectl get destinationrulesNAME HOST AGE
kyc-aggregator-mgt kyc-aggregator-mgt 25s
kyc-credit-check-advanced kyc-credit-check-advanced 9s
kyc-credit-check-basic kyc-credit-check-basic 18s
$ export POD_NAME=$(kubectl get pods --no-headers -o custom-columns=":metadata.name"  --selector app=kyc-aggregator-mgt)$ kubectl port-forward $POD_NAME 8080:8080URLs for browser access -
http://localhost:8080/kyc/v1/customer
Alternately Swagger UI can be launched with -
http://localhost:8080/
kyc-credit-check-istio-routing.yaml — VirtualService-50–50-LoadDistribution-Config
kyc-aggregator-mgt-Swagger UI
kyc-aggregator-mgt-Response-WeightDistributed-Basic
kyc-aggregator-mgt-Response-WeightDistributed-Advanced

--

--

--

15+ years Java professional with extensive experience in Digital Transformation, Banking, Payments, eCommerce, Application architecture and Platform development

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Why Perl 6 isn’t Perl 5 & why you should care: a quick look at styles

Laravel: using phpDoc to write more readable code

What, Why, and How Cloudstate?

Knoldus-blog-footer-image

Strategy Design Pattern with Lambdas

Hiring the right custom software company: The 9 survival tips you should know

Ricer’s Diaries #10 — Screenshots

InsureDAO updates November 2021

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vijay Redkar

Vijay Redkar

15+ years Java professional with extensive experience in Digital Transformation, Banking, Payments, eCommerce, Application architecture and Platform development

More from Medium

On-premise to cloud migration mock drills using Istio

Distributed Load Testing on K8s Using Locust

JGroups clustering in AWS EKS using KUBE_PING with a Spring boot App

The debate in the community about Istio and service mesh