preloader
🗓️ December 28, 2023 | 7

Microcks on Kind 🚢

I’m still on housekeeping duty! I went through my notes on installing Microcks on Kind and decided to refresh them. Network and Ingress configuration here is actually easier than in the Minikube setup.

This installation notes were ran on my Apple Mac book M2 but those steps would sensibly be the same on any Linux machine. Let’s go 🚀

Preparation

As a Mac user, I used brew to install kind. However, it is also available from several different package managers out there. You can check the Quick Start guide for that. Obviously, you’ll also need the kubectl utility to interact with your cluster.

$ brew install kind

$ kind --version
kind version 0.20.0

In a dedicated folder, prepare a cluster-kind.yaml configuration file like this:

$ cd ~/tmp
$ mkdir microcks && cd microcks
$ cat > cluster-kind.yaml <<EOF
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
  kubeadmConfigPatches:
  - |
    kind: InitConfiguration
    nodeRegistration:
      kubeletExtraArgs:
        node-labels: "ingress-ready=true"
  extraPortMappings:
  - containerPort: 80
    hostPort: 80
    protocol: TCP
  - containerPort: 443
    hostPort: 443
    protocol: TCP
EOF

Start and configure a cluster

We’re now going to start a Kube cluster. Start your kind cluster using the cluster-kind.yaml configuration file we just created before:

$ kind create cluster --config=cluster-kind.yaml
--- OUTPUT ---
Creating cluster "kind" ...
 ✓ Ensuring node image (kindest/node:v1.27.3) 🖼 
 ✓ Preparing nodes 📦  
 ✓ Writing configuration 📜 
 ✓ Starting control-plane 🕹️ 
 ✓ Installing CNI 🔌 
 ✓ Installing StorageClass 💾 
Set kubectl context to "kind-kind"
You can now use your cluster with:

kubectl cluster-info --context kind-kind

Have a question, bug, or feature request? Let us know! https://kind.sigs.k8s.io/#community 🙂

Install an Ingress Controller in this cluster, we selected nginx but other options are available (see https://kind.sigs.k8s.io/docs/user/ingress).

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml

Wait for the controller to be available:

$ kubectl wait --namespace ingress-nginx \
  --for=condition=ready pod \
  --selector=app.kubernetes.io/component=controller \
  --timeout=90s

Install Microcks with default options

We’re now going to install Microcks with basic options. We’ll do that using the Helm Chart so you’ll also need the helm binary. You can use brew install helm on Mac for that.

$ kubectl create namespace microcks

$ helm repo add microcks https://microcks.io/helm

$ helm install microcks microcks/microcks --namespace microcks --set microcks.url=microcks.127.0.0.1.nip.io --set keycloak.url=keycloak.127.0.0.1.nip.io --set keycloak.privateUrl=http://microcks-keycloak.microcks.svc.cluster.local:8080
--- OUTPUT ---
NAME: microcks
LAST DEPLOYED: Sun Dec  3 19:27:27 2023
NAMESPACE: microcks
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Thank you for installing microcks.

Your release is named microcks.

To learn more about the release, try:

  $ helm status microcks
  $ helm get microcks

Microcks is available at https://microcks.127.0.0.1.nip.io.

GRPC mock service is available at "microcks-grpc.127.0.0.1.nip.io".
It has been exposed using TLS passthrough on the Ingress controller, you should extract the certificate for your client using:

  $ kubectl get secret microcks-microcks-grpc-secret -n microcks -o jsonpath='{.data.tls\.crt}' | base64 -d > tls.crt
Keycloak has been deployed on https://keycloak.127.0.0.1.nip.io to protect user access.
You may want to configure an Identity Provider or add some users for your Microcks installation by login in using the
username and password found into 'microcks-keycloak-admin' secret.

Wait for images to be pulled, pods to be started and ingresses to be there:

$ kubectl get pods -n microcks
--- OUTPUT ---
NAME                                            READY   STATUS    RESTARTS   AGE
microcks-577874c5b6-z97zm                       1/1     Running   0          73s
microcks-keycloak-7477cd4fbb-tbmg7              1/1     Running   0          21s
microcks-keycloak-postgresql-868b7dbdd4-8zrbv   1/1     Running   0          10m
microcks-mongodb-78888fb67f-47fwh               1/1     Running   0          10m
microcks-postman-runtime-5d8fc9695-kp45w        1/1     Running   0          10m

$ kubectl get ingresses -n microcks
--- OUTPUT ---
NAME                CLASS    HOSTS                            ADDRESS     PORTS     AGE
microcks            <none>   microcks.127.0.0.1.nip.io        localhost   80, 443   10m
microcks-grpc       <none>   microcks-grpc.127.0.0.1.nip.io   localhost   80, 443   10m
microcks-keycloak   <none>   keycloak.127.0.0.1.nip.io        localhost   80, 443   10m

Start opening https://keycloak.127.0.0.1.nip.io in your browser to validate the self-signed certificate. Once done, you can visit https://microcks.127.0.0.1.nip.io in your browser, validate the self-signed certificate and start playing around with Microcks!

The default user/password is admin/microcks123

Install Microcks with asynchronous options

In this section, we’re doing a complete install of Microcks, enabling the asynchronous protocols features. This requires deploying additional pods and a Kafka cluster. Microcks install can install and manage its own cluster using the Strimzi project.

To be able to expose the Kafka cluster to the outside of Kind, you’ll need to enable SSL passthrough on nginx: This require updating the default ingress controller deployment:

$ kubectl patch -n ingress-nginx deployment/ingress-nginx-controller --type='json' \
    -p '[{"op":"add","path":"/spec/template/spec/containers/0/args/-","value":"--enable-ssl-passthrough"}]'

Then, you have to install the latest version of Strimzi that provides an easy way to setup Kafka on Kubernetes:

$ kubectl apply -f 'https://strimzi.io/install/latest?namespace=microcks' -n microcks

Now, you can install Microcks using the Helm chart and enable the asynchronous features:

$ helm install microcks microcks/microcks --namespace microcks --set microcks.url=microcks.127.0.0.1.nip.io --set keycloak.url=keycloak.127.0.0.1.nip.io --set keycloak.privateUrl=http://microcks-keycloak.microcks.svc.cluster.local:8080 --set features.async.enabled=true --set features.async.kafka.url=kafka.127.0.0.1.nip.io
--- OUTPUT ---
NAME: microcks
LAST DEPLOYED: Sun Dec  3 20:14:38 2023
NAMESPACE: microcks
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Thank you for installing microcks.

Your release is named microcks.

To learn more about the release, try:

  $ helm status microcks
  $ helm get microcks

Microcks is available at https://microcks.127.0.0.1.nip.io.

GRPC mock service is available at "microcks-grpc.127.0.0.1.nip.io".
It has been exposed using TLS passthrough on the Ingress controller, you should extract the certificate for your client using:

  $ kubectl get secret microcks-microcks-grpc-secret -n microcks -o jsonpath='{.data.tls\.crt}' | base64 -d > tls.crt

Keycloak has been deployed on https://keycloak.127.0.0.1.nip.io to protect user access.
You may want to configure an Identity Provider or add some users for your Microcks installation by login in using the
username and password found into 'microcks-keycloak-admin' secret.

Kafka broker has been deployed on microcks-kafka.kafka.127.0.0.1.nip.io.
It has been exposed using TLS passthrough on the Ingress controller, you should extract the certificate for your client using:

  $ kubectl get secret microcks-kafka-cluster-ca-cert -n microcks -o jsonpath='{.data.ca\.crt}' | base64 -d > ca.crt

Watch and check the pods you should get in the namespace:

$ kubectl get pods -n microcks
--- OUTPUT ---
NAME                                              READY   STATUS    RESTARTS        AGE
microcks-6ffcc7dc54-c9h4w                         1/1     Running   0               68s
microcks-async-minion-7f689d9ff7-ptv4c            1/1     Running   2 (40s ago)     48s
microcks-kafka-entity-operator-585dc4cd45-24tvp   3/3     Running   0               2m19s
microcks-kafka-kafka-0                            1/1     Running   0               2m41s
microcks-kafka-zookeeper-0                        1/1     Running   5 (4m56s ago)   6m43s
microcks-keycloak-77447d8957-fwhv6                1/1     Running   0               87s
microcks-keycloak-postgresql-868b7dbdd4-pb52g     1/1     Running   0               2m43s
microcks-mongodb-78888fb67f-7t2vf                 1/1     Running   4 (3m57s ago)   8m2s
microcks-postman-runtime-857c577dfb-d597r         1/1     Running   0               8m2s
strimzi-cluster-operator-95d88f6b5-p8bvs          1/1     Running   0               16m

Now you can extract the Kafka cluster certificate using kubectl get secret microcks-kafka-cluster-ca-cert -n microcks -o jsonpath='{.data.ca\.crt}' | base64 -d > ca.crt and apply the checks found at Async Features with Docker Compose

Start with loading the User signed-up API sample within your Microcks instance - remember that you have to validate the self-signed certificates like in the basic install first.

Now connect to the Kafka broker pod to check a topic has been correctly created and that you can consume messages from there:

$ kubectl -n microcks exec microcks-kafka-kafka-0 -it -- /bin/sh
--- INPUT ---
sh-4.4$ cd bin
sh-4.4$ ./kafka-topics.sh --bootstrap-server localhost:9092 --list
UsersignedupAPI-0.1.1-user-signedup
__consumer_offsets
microcks-services-updates

sh-4.4$ ./kafka-console-consumer.sh --bootstrap-server microcks-kafka-kafka-bootstrap:9092 --topic UsersignedupAPI-0.1.1-user-signedup
{"id": "eNc5TNaPlHAKa38XQA8N7HkSRHl7Yvm1", "sendAt": "1703699907417", "fullName": "Laurent Broudoux", "email": "laurent@microcks.io", "age": 41}
{"id":"g9uDUhXPOPtwK9bZYSGmqbxHAC3tTxAz","sendAt":"1703699907428","fullName":"John Doe","email":"john@microcks.io","age":36}
{"id": "kllBuhcv3kTRNg75sFxWH6HGLtSbpXwZ", "sendAt": "1703699917413", "fullName": "Laurent Broudoux", "email": "laurent@microcks.io", "age": 41}
{"id":"YE2ZAdVwSK9JLGEyLFebHxMOVfmYlzs1","sendAt":"1703699917426","fullName":"John Doe","email":"john@microcks.io","age":36}
^CProcessed a total of 4 messages
sh-4.4$ exit
exit
command terminated with exit code 130

And finally, from your Mac host, you can install the kcat utility to consume messages as well. You’ll need to refer the ca.crt certificate you previsouly extracted from there:

$ kcat -b microcks-kafka.kafka.127.0.0.1.nip.io:443 -X security.protocol=SSL -X ssl.ca.location=ca.crt -t UsersignedupAPI-0.1.1-user-signedup
--- OUTPUT ---
% Auto-selecting Consumer mode (use -P or -C to override)
{"id": "zYcAzFlRoTGvu9Mu4ajg30lr1fBa4Kah", "sendAt": "1703699827456", "fullName": "Laurent Broudoux", "email": "laurent@microcks.io", "age": 41}
{"id":"v0TkDvd1Z7RxynQvi1i0NmXAaLPzuYXE","sendAt":"1703699827585","fullName":"John Doe","email":"john@microcks.io","age":36}
{"id": "JK55813rQ938Hj50JWXy80s5KWC61Uvr", "sendAt": "1703699837416", "fullName": "Laurent Broudoux", "email": "laurent@microcks.io", "age": 41}
{"id":"MZnR6UeKVXMhJET6asTjafPpfldiqXim","sendAt":"1703699837430","fullName":"John Doe","email":"john@microcks.io","age":36}
[...]
% Reached end of topic UsersignedupAPI-0.1.1-user-signedup [0] at offset 30
^C%  

Delete everything and stop the cluster

Deleting the microcks Helm release from your cluster is straightforward. Then you can finally delete your Kind cluster to save some resources!

$ helm delete microcks -n microcks
--- OUTPUT ---
release "microcks" uninstalled

$ kind delete cluster
--- OUTPUT ---
Deleting cluster "kind" ...
Deleted nodes: ["kind-control-plane"]

Happy testing!

Laurent Broudoux

Laurent Broudoux

Co-founder of Microcks | Director of Engineering at Postman Open Technologies

comments powered by Disqus