Java (Spring Boot, Vert.x and Microprofile) + Istio on Kubernetes/OpenShift

Before Start
ssh -i ocp-workshop.pem ec2-user@bastion......
sudo su -
for A in {1..<NUM_NODES>}; do ssh ec2-user@node$A.$(oc get nodes|grep master|perl -lne 'print $1 if /(...............internal)/') echo "vm.max_map_count = 262144" | sudo tee /etc/sysctl.d/99-elasticsearch.conf; sudo sysctl vm.max_map_count=262144; done
exit
  • Make sure to use the following file as Control Plane configuration:

apiVersion: istio.openshift.com/v1alpha3
kind: ControlPlane
metadata:
  name: basic-install
spec:
  istio:
    global:
      proxy:
        resources:
          requests:
            cpu: 100m
            memory: 128Mi
          limits:
            cpu: 500m
            memory: 128Mi

    gateways:
      istio-egressgateway:
        autoscaleEnabled: false
      istio-ingressgateway:
        autoscaleEnabled: false
        ior_enabled: false

    mixer:
      policy:
        autoscaleEnabled: false

      telemetry:
        autoscaleEnabled: false
        resources:
          requests:
            cpu: 100m
            memory: 1G
          limits:
            cpu: 500m
            memory: 4G

    pilot:
      autoscaleEnabled: false
      traceSampling: 100.0

    kiali:
     dashboard:
        user: admin
        passphrase: admin

After the installation:

  • Give users the capability to see istio-system

oc adm policy add-role-to-group view system:authenticated -n istio-system
  • Give privileged access to containers

oc adm policy add-scc-to-group  privileged system:authenticated
  • Remove weird resource limit

oc delete -n istio-system limitrange  istio-system-core-resource-limits
oc delete pods -n istio-system --all --grace-period=0 --force

There are three different and super simple microservices in this system and they are chained together in the following sequence:

customer → preference → recommendation

For now, they have a simple exception handling solution for dealing with a missing dependent service: it just returns the error message to the end-user.