This is a demo banking applicaiton built around modern technolgies. The key pillars of this application are:
- Self-contained microservices deployed into Kubernetes
- Polyglot applicatoin with microservices written in different languages and communicate with each other over standard network protocols.
- Every microservice supports observability with metrics and distributed tracing. Use opencensus and Prometheus to be compatbile with both on-premise stack with Jaeger, Prometheus and Elastic; or Stackdriver in GCP.
- Use Istio service mesh to perform traffic management within and inter kubernetes clusters
- High performance inter microservice communication with gRPC. The gRPC services can be directly exposed to external client or use Envoy gRPC-Web filter for clients that do not support HTTP/2 natively.
| Directory | Language | Conent |
|---|---|---|
| protos | protobuf | protobuf API definition used in all across the application. |
| dashboard | Go | dashboard microservice, calls casa-account services, either v1 or v2, controlled by istio virtualservice configuration |
| customer-v1 | Java | customer microservice built using spring boot. It reads customer data stored in MySQL |
| casa-account-v1 | Java | casa account microservice built using micronaut framework. It reads account data stored in Cassandra |
| casa-account-v2 | nodejs | casa account microservice, only returns dummy data. |
| ext-cust-svc | python | a simple http server written using aiohttp to mock an external REST server that provides customer info |
| load-generator | python | uses Locust to generate API calls |
| testdata | python | generates test data and write them to Cassandra |
| istio | yaml | istio manifest files to traffice management |
| gcp | shell | script and manifests to provision GKE cluster. |
The code in this repo has been tested with minikube and GKE. Details below
Local Minikue
- Ubuntu Linux 20.04
- minikube v1.11.0
- Kubernetes 1.16.8
- Istio 1.4.8
- Apache Cassandra version 4.0.0
Google Kubernetes Engine
- Kubernetes provisioned using regular channel provided by GKE, v1.16.8-gke.15 as of now
- Istio is provisioned as a feature of GKE cluster, 1.4.6-gke.0 as of now
- Datastax Astra running in GCP
Development Tools:
Below are steps tesed on Ubutnu Bionic and Focal, should work on other linux flavors too.
Get prerequites first
- Install minikube
- Download Istio from 1.4.8 from Istio release pages from Github
- Install Skaffold
- Get Evans gRPC utility from Github release pages
first, then
#
# the k8s and istio versions below matches to versions in GKE's regular channel
#
# start minikube. for
minikube start \
--driver=kvm2 \
--disk-size='30000mb' \
--cpus='2' \
--memory='12000mb' \
--kubernetes-version='1.16.8'
# install istio with auto mTLS enabled
cd istio-1.4.8
bin/istioctl manifest apply --set profile=demo \
--set values.global.mtls.auto=true \
--set values.global.mtls.enabled=true
# istio takes sometime to get installed, wait till all the
# pods are in Running status
# expose port 31400 for use grpc services
# this port is enabled on GCP and later versions of Istio
kubectl patch svc istio-ingressgateway -n istio-system \
--type='json' \
-p='[{"op":"add","path":"/spec/ports/0", value: {"name": "tcp", "port":31400,"targetPort":31400, "protocol":"TCP"}}]'
#
# come back to this directory and run all the services
# the script should build and start microservices
./deploy
# if all goes well, you should see output similiar to the one below
{
"customer": {
"customerId": "10001000",
"loginName": "10001000"
}
}
- better integration of logging and tracing. ability to navigate from trace to log with high accuracy. (implemeneted logic for adding data to trace span, and use custom data, e.g. login_name to search trace span. same custom data is added to log entries)
- use an external OpenID Connect provide for authentication.
- enable mTLS for inter microservice communication. (done)
- use Istio for oauth token validation