- infrastructure/
- docker/
- docker-compose infrastructure
- kubernetes/1.19.3
- kubernetes infrastructure
- docker/
- services/
- gateways/
- rabbitmq/
- grafana/
- grafana monitoring configurations
- prometheus/
- prometheus metrics collecting configurations
- promtail/
- promtail log files parser configurations
- apis/
- api-client-subscriptions/
- public subscriptions api
- api-core-subscriptions/
- private subscriptions api
- api-core-mail/
- private email deliverer api
- api-client-subscriptions/
Please, take a look at the general documentation in this section apis/
The architecture for running this project is based on docker-compose and follows the schema bellow
for more details you can take a look at:
There are two different types of networks: public and private.
The public network
- stands for hosting public APIs and applications that need to be reachable from the internet.
The private network
- stands for hosting core services (private or the most critical services so to speak).
it’s hosted in the public network
- it cannot reach private services.
- it routes incomming requests thru:
- the public api-client-subscriptions
- the private-gateway
- it exposes specific internal/private services
- it takes control of what resources have been accessed
- it authenticate internal endpoints
- it take control over one first layer of security ( like validating auth tokens against an identity server, for instance)
- it produces interesting logs
- it routes traffic to specific services in the private network
- it increases control over security (when exposing internal dashboards)
- it increases control over monitoring
- it restricts access to the private network
- it exposes partial private services to the public network
- it stands for basically handling requests for subscriptions creation
- it can reach services in the public network
- it can reach services in the private network
- it is an Nginx load balancer
- it is composed by two rabbitMQ servers in the cluster (rabbit-1, rabbit2)
- it is only reachable inside the private network
- it provides dashboards with metrics about the existing message queues
- it provides a way of publishing new event messages without needing of external tools and API’s
The SMTP server
- it is a simple SMTP/Mail Inbox server
- the SMTP port can only be reachable in the private network
- the Mailing box is exposed thru the private and public gateways for testing purposes
The SEQ log server
- it’s a simple tool for monitoring logs produced by the APIs.
- it can produce nice dashboards to take control over what’s happening the APIs
- the dashboard service is exposed thru the private and public gateway for testing purposes
Make sure that you have docker installed on your local machine
https://www.docker.com/get-started
optional: if you want to download the dotnet core SDK in order to build the APIs locally, you can download it from here: https://dotnet.microsoft.com/download
Clone the repository
git clone git@bitbucket.org:jsoliveira/iban-services-poc.gitSet the current working directory
cd infrastructure/dockerClean up your docker environment
#!/bin/sh
rm -f ~/.docker/config.json;
docker-compose down
docker system prune --all
docker network prune -fStartup all containers
docker-compose -f "infrastructure/docker/docker-compose.yml" up --force-recreate --remove-orphans --buildStartup a single container
# docker-compose build <api_name>;
docker-compose -f "infrastructure/docker/docker-compose.yml" up --force-recreate --remove-orphans --build api-client-subscription;if you want to debug or startup an API using the dotnet core SDK please take a look at the existing API documentation in this repository apis/
For demo purposes the public gateway is exposed using a NodePort service infrastructure/kubernetes/1.19.3/gateways/public-gateway/service.yml
kubectl kustomize "infrastructure/kubernetes/1.19.3/" | kubectl apply -f -The public gateway is exposed on port 8080.
These are the URLs available :
http://localhost:8080/public/subscriptions/swagger/index.html
http://localhost:8080/private/mq/
http://localhost:8080/private/seq/
http://localhost:8080/private/seq/
The links below are also available thru HTTPS over port 30443
In a production environment with multiple nodes (VM) the public gateway would be exposed thru an ingress controller or thru a LoadBalance service.
RabbitMQ cluster can take up to 2 minutes to get up and running (clustering)
While it is initializing, if core.subscription API gets requested it will not responding until it reaches the MQ cluster
Check the following documentation for more details: api-core-subscriptions/
How to make sure that RabbitMQ is already up and running
Try to reach the RabbitMQ management portal, if you don’t get a warning message then you’re good to go.
http://localhost:8080/private/mq/
How to check if the public API is also running
If you see the OpenAPI documentation in the following link then it’s all set.
http://localhost:8080/public/subscriptions/swagger/
RabbitMQ cluster manager
http://localhost:8080/private/mq/
credentials : user: guest | pass: guest
SEQ Logging dashboards
http://localhost:8080/private/seq/
Mail inbox dashboards
http://localhost:8080/private/smtp/
Public API Swagger
http://localhost:8080/public/subscriptions/swagger/
authentication token: any string
you’ll need the following credentials in order to get authorized by the public gateway to access the private links above
username: admin
password: admin
This repository has configurations to deploy container images into a container registry.
Docker hub was used as the main container registry for the purpose of this demo)
https://github.com/jsoliveir/ch1-docker
Leave a Reply