Servicec Discovery and Registry
This is service registry, based on Spring Cloud Netflix, Eureka and Spring Cloud Config.
Full documentation is available on the Ausloans documentation for microservices.
Running locally
To run the cloned repository;
- For development run
./mvnw -Pdev,webapp
to just start in development or run./mvnw
and runnpm install && npm start
for hot reload of client side code. - For production profile run
./mvnw -Pprod
Build Docker Image
To build a Docker image of your application using Jib connecting to the local Docker daemon:
- NPM:
npm run java:docker
, on Apple Silicon:npm run java:docker:arm64
- Maven:
./mvnw package -Pprod verify jib:dockerBuild --offline
- Gradle:
gradlew -Pprod bootJar jibDockerBuild --offline
To build a Docker image of your application without Docker and push it directly into your Docker registry, run:
- Maven:
./mvnw package -Pprod verify jib:build -Djib.to.image=<dockerhub-username>/<artifact-id>
- Gradle:
./gradlew -Pprod bootJar jib -Djib.to.image=<dockerhub-username>/<artifact-id>
Deploy to Heroku
Click this button to deploy your own instance of the registry:
There are a few limitations when deploying to Heroku.
- The registry will only work with [native configuration]#spring-cloud-config (and not Git config).
- The registry service cannot be scaled up to multiple dynos to provide redundancy. You must deploy multiple applications (i.e. click the button more than once). This is because Eureka requires distinct URLs to synchronize in-memory state between instances.
HashiCorp Vault Integration
Development Mode
Service-registry
default integration uses a vault
server with an in-memory backend. The data shall not be persisted and shall require you to configure secrets after every restart. The in-memory configuration provides an easy way to test out the integration and later switch to the recommended server mode.
- Start vault server docker container:
docker-compose -f src/main/docker/vault.yml up -d
- The default configured root token is
jhipster-registry
. We shall use the default secrets engine backend mounted on thesecrets
path. Configure secrets using either ofui
,cli
orhttp
. - Create a new secret sub-path
Service-registry/dev
and add the following secret in JSON format. HereService-registry
refers to the application name anddev
refers to the development profile. Do follow the same convention to configure secrets of other applications.
{
"spring.security.user.password": "admin123!"
}
- Start
Service-registry
server in development mode using the following command (skipping execution of test cases):
./mvnw -DskipTests
- After successful start, open
http://localhost:8761/
in a browser. You shall require entering a new password as provided in the above vault configuration.
Server Mode
Service-registry
also provides configuration to use the native file system as the persistent backend.
- Uncomment the following configurations in vault.yml. You can refer config.hcl to view provided vault server configurations:
command: server
volumes:
- ./vault-config/config:/vault/config
- ./vault-config/logs:/vault/logs
- ./vault-config/data:/vault/file
- Start vault server docker container:
docker-compose -f src/main/docker/vault.yml up -d
- Open
vault
serverui
to initialize master key shares. In this guide, we shall enter1
as the number of key shares and1
as the key threshold value. Do refer to vault documentation for recommended configuration. Note down the initialroot token
and thekey
and keep it at a safe place. You shall require thekey
to unseal the vault server after a restart. - Enable secret engine backend
kv
and usesecret
as the mount path. - Create a new secret sub-path
Service-registry/dev
and add the following secrets in JSON format. HereService-registry
refers to the application name anddev
refers to the development profile. Do follow the same convention to configure secrets of other applications.
{
"spring.security.user.password": "admin123!"
}
- In this guide, we shall use the
token
authentication mechanism to retrieve secrets from thevault
server. Updatebootstrap.yml
to specifyroot token
in place of default dev token.
vault:
authentication: token
token: Service-registry # In server mode, provide a token having read access on secrets
- Start
Service Registry
server in development mode using the following command (skipping execution of test cases):
./mvnw -DskipTests
- After successful start, you shall require entering a new password as provided in vault.
Creating Docker Image
mvnw package -Pprod verify jib:build -Djib.to.image=dailyfx/data2ml-service-registry-server:v7.4.0 -Djib.to.auth.username=dailyfx -Djib.to.auth.password=******** -DskipTests
Commit to github
Run the following command in console:
git init
git add .
git commit -m “message here”
git branch -M main
git remote add origin https://github.com/nuruzzaman/data2ml-service-registry-server.git
git push -u origin main