Foreword

In this guide I will explain setup a production grade cloud on your bare metal with kubernetes (aka. k8s), including edge routing. When I started my own research on k8s several months ago, I faced the fact this system is only available fully functioning mostly on cloud providers such as GCE, Azure etc. I found a lot of guides, how to deploy k8s onto different cloud systems as CloudStack, Openstack or Juju. But all these guides were specific to more advanced cloud system, or meant to purchase cloud services, which I find expensive. There were also different bare metal guides, which were like guides from hell, covering the entire k8s stack and ended up in tons of pages to read. So this was not a good introduction for someone, who has actually no idea, how the k8s ecosystem works, and just wants some best practice or working sample, to slightly become familiar with the components.

Today I am writing about a continuous delivery pipeline, built on top of GitLab and GitLab CI. As a very simple but production tested deployment solution, I will push to a Dokku cloud.

In short, we will:

• setup GitLab with CI
• secure connections with TLS certificates using LetsEncrypt and Certbot
• setup GitLab Container Registry
• configure a pipeline for staging and production using a Dokku host
• run the pipeline

The first part will cover the configuration part of GitLab, the second will demonstrate one possible deployment configuration to zero-downtime-deploy a microservice application, built with JHipster. But before we dig into the details, I will discuss what this setup is supposed to achieve.

This article introduces the core feature set of JHipster UAA, in particular building HTTP clients for service-to-service communication, security configuration and testing.

Intro

It has been a while since my last article. For those, who might be crazy enough to follow my blog should remember the statement of my last article on how to get started with JHipster microservices, which became a core feature since version 3.0.

A word on security

While developing modern web or even cloud applications, using tools like Spring, JHipster or Rails or whatever, security comes in many different facets. This article is not bound on a specific framework. This is a general concept.

Today I am going to talk about how to bring access management in a easy business friendly, but mighty concept. It’s about, how to organize access grant to your business resources. You maybe think, this is “authorization”. While authorization is a technological implementation of bringing authorizing information when it’s needed, “privileging” is the way of what authorities exists and how they are related to the system users.

Introduction

It has been a while since my last post, so since JHipster 3.0 was releases during past week, it’s a perfect time to talk about microservices, and how JHipster can help.

The subtopics today are:

1. scaffolding a microservice architecture with JHipster 3.0
2. communication between services with decentralized load balancing (Ribbon) and optional circuit switching (Hystrix)
3. (maybe in next article) applying the full power of OAuth2 client credential grant to apply fine-grained securing (with possible use cases for this)