A Microgateway Kubernetes sidecar deployment can be established by creating a pod containing two containers; one container runs the native service, and the other container runs the Microgateway protecting the native service.
The native services are accessed by consumers through the Microgateway endpoint.
To access the native service from the Microgateway container, Microgateway has to use localhost as URL together with the port exposed by the native service as both the containers are treated as being within the same host.
There are two types of sidecar deployment models:
- A stand-alone Kubernetes sidecar deployment
- A Kubernetes sidecar connected to API Gateway
In this article we will see how we can realize Microgateway as a stand-alone Kubernetes sidecar deployment model.
This document is intended for users who wants to deploy Microgateway as a stand-alone deployment to protect the native services deployed in the Kubernetes environment.
- Basic Knowledge on Docker, Kubernetes
- The native service Docker images are pushed to a Docker registry to make them available for the Kubernetes environment
- Create API in API Gateway
- Export of APIs and related assets from the API Gateway
- Understanding on Microgateway
- Docker and Kubernetes environment setup
In this article we will be creating the standalone microgateway deployment with the below assets
PostalCode Native Service Docker Image – Simple Java application which will return the postalCode when queried with the specific latitude and longitude.
PostalCodeAPI.zip – Export of the API created in the API gateway, which will invoke the native service.
Below are the steps about how we can deploy a stand-alone Kubernetes sidecar. Stand-alone means that the Microgateways are not connected to an API Gateway. The API definitions are provided through API Gateway export archives.
1. Create a Microgateway Docker image
Navigate to the Microgateway installation directory
Create an export of API from API Gateway and name the file PostalCodeAPI.zip
Run the below docker command to create docker file
.\microgateway.bat createDockerFile --docker_dir . -p 9090 -a PostalCodeAPI.zip
Run the below command to create a docker image
docker build -f Microgateway_DockerFile -t sag:mcgwimg107 .
2. Push the image to the docker repository
Tag the image created in the Step 1 and push it to docker registry.
docker tag sag:mcgwimg107 <<dockerRepo>>:mcgwimg107
docker push <<dockerRepo>>:mcgwimg107
3. Create new namespace in Kubernetes
Below command creates new namespace in Kubernetes.
kubectl create namespace postalcode
4. Set Kubernetes context
Below command sets the Kubernetes context to the namespace created in step 3.
kubectl config set-context --current --namespace= postalcode
5. Create a template for Kubernetes sidecar deployment
Microgateway offers a function to generate a Kubernetes YAML file, which can be used for a convenient deployment.
We can specify the sidecar parameters together with the Microgateway image parameters to have the two containers created within one pod.
The below command creates the Kubernetes YAML file.
./microgateway.bat createKubernetesFile --docker_image <<dockerRepo>>:mcgwimg107 --pod_name postalcode-sidecar --sidecar_docker_image <<dockerRepo>>/apiserver:latest --sidecar_pod_name postalcode-service --output postalcode-sidecar-deployment.yml
<<dockerRepo>>:mcgwimg107 is the microgateway image created in Step 1
<<dockerRepo>>/apiserver:latest is the native service image
6. Create and check the Kubernetes deployment
Create the Kubernetes deployment with the below command
kubectl create –f postalcode-sidecar-deployment.yml
If the deployment is successful we should see 2 out of 2 containers running
7. Expose Microgateway sidecar deployment as a Kubernetes service.
Run the below command to expose the deployment created in Step 4.
kubectl expose deployment postalcode-sidecar --type=LoadBalancer --port=9090
8. Verify the Microgateway Kubernetes service definition including the exposed IP and port
Run the below command to see if the Kubernetes service as created along with the port details.
kubectl get svc
9. Check Microgateway service and Invoke the API
Once the deployment is exposed as service, we can check the Microgateway server status with the below
We can also invoke the API with the below endpoint.
Note here since the native services are not exposed by the Kubernetes configuration the Microgateway can’t be by-passed. Consumer requests are routed by the Microgateway to the native services.
For more information, please refer documentation Kubernetes Sidecar Deployment (softwareag.com)