Skip to content
/ todoapp-istio-kubernetes Public

A simple two tier kubernetee/istio app written in node.js express (API) and React (Frontend)

4 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RafalJachimczyk/todoapp-istio-kubernetes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
docs
docs
 
 
src
src
 
 
README.md
README.md
 
 

Repository files navigation

TLDR

A sample express/REACT TODO app deployed in Kubernetes with ISTIO service mesh.

Goal is to evaluate ISTIO Service Mesh in the context of the three below scenarios:

  1. In a single Google Cloud account we have an Web UI and API application. We want to measure traffic and apply security rules.
  2. Expose the API from the above (step 1) Google Cloud account via sensible method - authentication might be OAUTH, Mutual TLS or simply API Key - we want to understand what's available
  3. Create another Google Cloud account (but within the same organisation) and try to consume the API from the above account (step 1) and have available the same level of analytics and security as in step 1.

scenarios

Installing Istio in Kubernetees

Versions used Istio 1.0.4

  1. Launch your GCP panel and Activate Cloud Shell

  2. Create new ISTIO cluster

gcloud container clusters create istio-tutorial --machine-type=n1-standard-2 --num-nodes=4 --no-enable-legacy-authorization --zone=europe-west1-b
  1. grant cluster admin permissions to the current user. You need these permissions to create the necessary role based access control (RBAC) rules for Istio:
kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user="$(gcloud config get-value core/account)"
  1. Install Istio

https://cloud.google.com/kubernetes-engine/docs/tutorials/installing-istio#step_1_install_istio

4.5) Add ISTIO to $PATH

export PATH=$PWD/bin:$PATH

  1. Verify Istio installation https://cloud.google.com/kubernetes-engine/docs/tutorials/installing-istio#step_2_verify_istio_installation

  2. Clone TODO app into your Google Cloud Shell

$ git clone https://github.com/RafalJachimczyk/todoapp-istio-kubernetes.git
$ cd todoapp-istio-kubernetes/src/

6.1) Build your docker images

$ cd src/todo-api && ./build-service.sh && cd ../todo-app && ./build-service.sh && cd ../..

6.2) Push docker images to GCR docker images registry

$ gcloud docker -- push gcr.io/todoapp-221909/todoapp-api:v1
$ gcloud docker -- push gcr.io/todoapp-221909/todoapp-app:v1
  1. Inject Istio image into TODO app manifest file
$ istioctl kube-inject -f todo.yaml -o todo-istio.yaml
  1. Deploy TODO app into your new Cluster
$ kubectl apply -f todo-istio.yaml
  1. Find your ingress gateway IP address
$ kubectl get svc istio-ingressgateway -n istio-system
  1. Hit the Todos App

$ export GATEWAY_URL=xxx.xxx.xxx.xxx:80

$ curl -vv -I http://${GATEWAY_URL}/todos
  1. Check out the Grafana (or other services)
kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 &

References

https://cloud.google.com/kubernetes-engine/docs/tutorials/installing-istio

About

A simple two tier kubernetee/istio app written in node.js express (API) and React (Frontend)

Resources

Readme
Activity

Stars

4 stars

Watchers

0 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages