Exercise 2 - Change code, build, save and deploy the Authors Microservice
Step 1: Open the server.xml
file
server.xml
fileecho $keycloakurl
cd $ROOT_FOLDER/authors-java-jee-cloud/liberty
nano server.xml
Step 2: Change following source code
Replace the [keycloakurl]
with the value, you got before for in and save the file.
<mpJwt
id="myMpJwt"
jwksUri="[keycloakurl]/auth/realms/cloudnativestarter/protocol/openid-connect/certs"
issuer="[keycloakurl]/auth/realms/cloudnativestarter"
userNameAttribute="preferred_username"
audiences="account">
</mpJwt>
Step 3: Open the microprofile-config.properties
file
microprofile-config.properties
filecd $ROOT_FOLDER/authors-java-jee-cloud/src/webapp/META-INF
nano microprofile-config.properties
Step 4: Change following source code
Replace the [keycloakurl]
with the value, you got before for in Step 1 and save the file.
mp.jwt.verify.publickey.location=/META-INF/keycloak-cloudnativestarter-key.pem
mp.jwt.verify.issuer=[keycloakurl]/auth/realms/cloudnativestarter
Step 5: Insert the RS256 JWT key in the file keycloak-public-key.pem
keycloak-public-key.pem
The file is saved in that folder src/main/webapp/META-INF/keycloak-public-key.pem
.
cd $ROOT_FOLDER/authors-java-jee-cloud/src/main/webapp/META-INF
nano keycloak-public-key.pem
-----BEGIN PUBLIC KEY-----
YOUR_KEY
-----END PUBLIC KEY-----
Get the key using the URL http://[keycloakurl]/auth/admin/master/console/#/realms/cloudnativestarter/keys
and then press public key. The following image shows the invocation.

Step 6: Build and save the "Authors" container image in the IBM Cloud Container Registry
cd $ROOT_FOLDER/authors-java-jee-cloud
ibmcloud cr build -f Dockerfile --tag $REGISTRY/$REGISTRY_NAMESPACE/authors:1 .
Step 7: List the container images to verify the upload.
ibmcloud cr images
Step 8: Apply the deployment of the Authors service
Ensure you are in the
$ROOT_FOLDER/web-app-cloud/deployment
cd $ROOT_FOLDER/authors-java-jee-cloud/deployment nano kubernetes.yaml
Open the
../authors-java-jee-cloud/deployment/kubernetes.yaml
file with a editor and replace the value for the container image location with the path we got from the IBM Container Registry and just replace theauthors:1
text, and add following statementimagePullPolicy: Always
and save the file.
Note: With the specification imagePullPolicy: Always
we force that the image is pulled from the IBM Cloud Container Registry and not cashed image in Kubernetes is possible used, when we change our container image IBM Cloud Container Registry.
Before:
image: authors:1
Example for the change:
spec:
containers:
- name: authors
image: de.icr.io/cloud-native-tsuedbro/authors:1
ports:
- containerPort: 80
restartPolicy: Always
Now we apply the yaml to create the Authors Pod.
kubectl apply -f kubernetes.yaml
Insert this command and verify the output.
kubectl get pods
Sample output:
NAME READY STATUS RESTARTS AGE authors-7b6dd98db-wl9wc 1/1 Running 0 6m9s
Cluster/Workernode IP
export workernodeip=$(ibmcloud ks workers --cluster cloud-native | awk '/Ready/ {print $2;exit;}')
authors
NodePort
export authorsnodeport=$(kubectl get svc authors --ignore-not-found --output 'jsonpath={.spec.ports[*].nodePort}')
Open the service in a browser
export authorsurl=http://${workernodeip}:${authorsnodeport} echo $authorsurl
Last updated
Was this helpful?