Exercise 2 - Change code, build, save and deploy the Authors Microservice

Step 1: Open the server.xml file

echo $keycloakurl
cd $ROOT_FOLDER/authors-java-jee-cloud/liberty
nano server.xml

Step 2: Change following source code

Replace the [keycloakurl] with the value, you got before for in and save the file.

<mpJwt
     id="myMpJwt"
     jwksUri="[keycloakurl]/auth/realms/cloudnativestarter/protocol/openid-connect/certs"
     issuer="[keycloakurl]/auth/realms/cloudnativestarter"
     userNameAttribute="preferred_username"
     audiences="account">
</mpJwt>

Step 3: Open the microprofile-config.properties file

cd $ROOT_FOLDER/authors-java-jee-cloud/src/webapp/META-INF
nano microprofile-config.properties

Step 4: Change following source code

Replace the [keycloakurl] with the value, you got before for in Step 1 and save the file.

mp.jwt.verify.publickey.location=/META-INF/keycloak-cloudnativestarter-key.pem
mp.jwt.verify.issuer=[keycloakurl]/auth/realms/cloudnativestarter

Step 5: Insert the RS256 JWT key in the file keycloak-public-key.pem

The file is saved in that folder src/main/webapp/META-INF/keycloak-public-key.pem.

cd $ROOT_FOLDER/authors-java-jee-cloud/src/main/webapp/META-INF
nano keycloak-public-key.pem
-----BEGIN PUBLIC KEY-----
YOUR_KEY
-----END PUBLIC KEY-----

Get the key using the URL http://[keycloakurl]/auth/admin/master/console/#/realms/cloudnativestarter/keysand then press public key. The following image shows the invocation.

Step 6: Build and save the "Authors" container image in the IBM Cloud Container Registry

cd $ROOT_FOLDER/authors-java-jee-cloud
ibmcloud cr build -f Dockerfile --tag $REGISTRY/$REGISTRY_NAMESPACE/authors:1 .

Step 7: List the container images to verify the upload.

ibmcloud cr images

Step 8: Apply the deployment of the Authors service

  1. Ensure you are in the $ROOT_FOLDER/web-app-cloud/deployment

    cd $ROOT_FOLDER/authors-java-jee-cloud/deployment
nano kubernetes.yaml

  2. Open the ../authors-java-jee-cloud/deployment/kubernetes.yaml file with a editor and replace the value for the container image location with the path we got from the IBM Container Registry and just replace the authors:1 text, and add following statement imagePullPolicy: Always and save the file.

Note: With the specification imagePullPolicy: Always we force that the image is pulled from the IBM Cloud Container Registry and not cashed image in Kubernetes is possible used, when we change our container image IBM Cloud Container Registry.

Before:

    image: authors:1

Example for the change:

   spec:
      containers:
      - name: authors
        image: de.icr.io/cloud-native-tsuedbro/authors:1 
        ports:
        - containerPort: 80
      restartPolicy: Always

  1. Now we apply the yaml to create the Authors Pod.

     kubectl apply -f kubernetes.yaml

  2. Insert this command and verify the output.

      kubectl get pods

    Sample output:

      NAME                      READY   STATUS    RESTARTS   AGE
  authors-7b6dd98db-wl9wc   1/1     Running   0          6m9s

  3. Cluster/Workernode IP

      export workernodeip=$(ibmcloud ks workers --cluster cloud-native | awk '/Ready/ {print $2;exit;}')

  4. authors NodePort

      export authorsnodeport=$(kubectl get svc authors --ignore-not-found --output 'jsonpath={.spec.ports[*].nodePort}')

  5. Open the service in a browser

      export authorsurl=http://${workernodeip}:${authorsnodeport}
  echo $authorsurl
PreviousExercise 1 - Setup Keycloak on KubernetesNextExercise 3 - Change code, build, save and deploy the Web-App

Last updated

Was this helpful?