 Hi, welcome to the IBM Developer Workshop on deploying microservices on OpenShift. Today we're going to be deploying the back end of a demo microservices application called Example Bank. My name is Jan. I'm a software engineer at IBM with us, our Anton and Max, who are also software engineers at IBM Developer, the developer advocacy part of the IBM Developer Ecosystems Group. You guys want to say hello? Hi, I'm Anton. I'm an engineering manager and I helped contribute code to this example. I'm really glad to be able to participate at the open source summit and see how things turn out. Hi, I'm Max Shapiro. I'm a software engineer here at IBM and I will be one actually going through the demo today. Thanks, Max, for volunteering to do that. So we're going to start by looking at the requirements if you're participating in the lab. We're going to look at the architecture of this application. It uses something called a Kubernetes operator for part of it and we're going to talk about that. And then finally, we're actually going to walk through the whole process of installing Postgres and the rest of the Example Bank components in OpenShift on IBM Cloud. And then we're going to test the application once it's running in your cluster. So if you want to participate and follow along, you're going to need an account, a free account of IBM Cloud, a Docker Hub account for storing the images that we're going to be building here, and the ability to log into IBM Skills Network, which provides a web-based terminal and editor that we're going to be using to interact with the OpenShift cluster. So the application that we're going to be deploying is called Example Bank. There's a live instance at this address that we can play with. And the backend is powered by Java and Node microservices, as well as AppID on IBM Cloud, which is an identity and authentication service. If you use this application, you can create an account and this will create an instance in the user database in AppID. All the interaction with the application is reflected in the Postgres database that we're going to be installing and the points column is populated by Knative service that is not part of this lab, but the instructions are available in the GitHub repository, for example, Bank. The architecture, here's the architecture of the application. So everything except the AppID user identity service is running in the OpenShift cluster, including database, OpenLibertyJava services, and the Node front-end service. So we're going to start by installing a Postgres operator and operator is a mechanism for providing business-specific logic in the OpenShift cluster. In our case, we're going to be using the operator hub, which is part of OpenShift 4 on IBM Cloud and it provides you with an App Store-like experience for installing new functionality into your cluster. There's a variety of databases and message brokers and many other services you can install and we're going to be using a community Postgres operator to create an instance of our database. For the terminal, Max is going to be using the terminal at IBM skills network because it runs in the browser and it's operating system agnostic. But if you have all the tools set up in a different environment, it'll probably work also. The lab is in the Gitbook that Max is going to be following along while doing the work. So I'm going to just turn it over to him now if he's got the instructions up. I think I have to stop sharing. I think it's worth mentioning just the purpose of the lab is twofold. One is to enable deployment of this system. But the system is a reference architecture and all of the code is available too. So it's good to be able to see how it all fits together but you can also dig into the code itself and see how it's programmed at more detailed level to help sort of learn more about how the node and Java microservices fit in as well as the wider architecture. Max, can you refresh this Gitbook? There is on the left you're going to see an OSS microservice section. If you scroll down, there it is. If you go to lab under microservice workshop OSS on the left there and then database setup is the first step. Okay. Yep, over here. Thanks. So first thing, let's see, open the OpenShift web console. And so I've already done that. So open to here. Next thing, create an example bank namespace. All right. So go to projects. Create project. Example bank. Okay. And go to operators operator hub on the left navigation menu. We're looking for Postgres and the Postgres operator for devs for devs. Okay. This one. Continue. And install. And we have to change any configurations. No, you don't as long as you do it while the example bank namespace is selected, it'll automatically choose to install in that. Okay, so only for this name. Yes, this only will only work in this namespace. All right. So let's do that. Let's see what's next. Status will show succeeded up to date when complete. And it was. Okay, so that's done. Next we want to switch over to the developer view. And at the database. Okay. So we go over here, switch to developer. Add. Database. We're choosing database database. Yes, that's so these are the objects that are created when you install the operator. The operator by itself doesn't create the database, but it gives you these special purpose objects for creating anything in here. Yes, change the name. The default is database. We want it to be credit DB. We want it to be used in Kubernetes SQL one word or one word. And that's it. That's changing. Create. Well, that's creating. See what's next. It's just said what we did. Now we're just, we've already created it. And we're just going to start the session for it to complete. So it's currently pending. Once it gets this nice dark blue circle. Whether it's done. Let's see what's next in the meantime. Going to the CLI access. Okay. So we can do this in the meantime. So let's go to here. I'm already logged in over here. And we are selecting. Cloud ID with open shift. Okay. So this one. Yeah, I think the with open shift part means that the tools for open shift are installed like the OC CLI, which is like a more specialized. Cube control. That understands open shift objects. So what is this setting up. So this is launching. A container that's going to run a terminal and a web based code editor. Okay. Well, that's loading up. See what's going on here. It's like it's running now. Okay. So this is up and running too. Let's see what's next. Log into the cluster. With a special command line token. Let's go ahead. Log in command. From here we want to open. Terminal. Yep. We can just add like control plus a couple of times will make it easier to see things. Okay. Yeah, we're logged in now. The context of this terminal points to this. To the same cluster that Max was just installing that database on. Switch to the example bank project. No. Secret. So the script that loads the schema can access the database. You want to check out. You want to clone the example bank. I'm going to call it a repo and there should be a step in here for that somewhere or. Maybe I missed it. Do you get clone. And then can you see if the, I don't remember the exact URL. It's. I think it's good hub.com slash IBM slash example bank. Okay. So if you click here, then you can just grab the URL from another. Yeah, we can do it from a different lab. You can just do it from a different lab from any of the, any of the other labs have, have the instruction. So you go to the beginning of the microservice one. Here it is. Yep. Okay. Yeah. Is this the right one that I clicked? Go back to database setup because we were at the running at the end of database setup. Okay. We were here. So let me copy this over. Creating the schema. Okay. So you can verify that you're in the right place to steal, like, OC get pods. This is like, this is like cube control get pods, but specific to, to this open shift cluster. And you want to just run OC gets secrets. We can verify that, that. Secret is in this namespace. Okay. There's the bank DB. The first one, the first one. Yeah, exactly. Okay. So we're, we're ready now to. Yeah. Okay. Okay. Now we can run it. Yep. Want to do like an OC get pods. Dash W. And we'll see that verify that it's finished running. So it's completed. Let's look at the logs. For that job. For that pod and verify that all the tables got created. How do I do that? The OC logs and then give it the CC dash schema pod name. OC logs. Dash one. Just the name of the. The pod. C. C schema load. Yeah. Okay. This is good. This is what we want. You can see the tables and schema were created for our. If you want, if you go back to the database set up, there should be a diagram there. So there's a primarily two tables, users and transactions. That are both only used internally by the. The Java microservices that use JPA and JDBC to, to talk to the database. Okay. Yeah. And this is what we just talked about. Okay. So we'll move on to part one. So this is. App ID. Yes. We're going to start with. There's this. This is a scripted app ID setup that. Does require you to log into your IBM cloud. Account. First. So CD into scripts. Logging in. And because I have an IBM account, I have to do dash dash SSO. Right. Is there, I think this is running because this is running inside the terminal. I think we can't, we can't talk to your browser that way. This account. Don't have to update it right now. Okay. We're logged in. So all I have to do is just run this. Just run that script. Yes. You said it failed. What was that? It's just looking for an existing instance of app ID. And. Since it didn't find it, it creates one for you. Just a little bit of background on. Yeah. Identity management. Solution. Right. So. I guess in this case, we're using it. Locally to. Create. You know, our own create and manage our own side of users. But it also allows. For integration with other. Identity management. Yeah. So we're using it. So we're using it. We're using it. We're using it. We're using it. We're using it. You know, our own create and manage our own side of users. But it also allows. For integration with other. Identity management systems. This is a, I guess a convenient way to. That sort of first level of. Authentication around application. Right. Right. Exactly. Yeah, in this, in this case, it's being used standalone without. What secrets is this creating that I'm doing. So this creates secrets primarily for the services to be able to communicate with app ID. To authenticate when you go into that mobile UI. And you put in a user. It stores every user in app ID. And when you log in as a user. All of the underlying services can verify with a special token with app ID that. You're. Authorized. To create transactions. Okay. Yeah, one of the things that we wanted to poke into with this. Example was. By security and building. Building more private and secure applications in the public client, especially. So this is the first. Sort of piece of that. In this example. Right. So the next time you've deployed the front end service and we're just going to, we're going to build and deploy the back end services now. So this is doing a maven build of the. Java part. And it's going to. After this step, when we build the Docker image, it's going to copy the artifacts from this build into an open Liberty based container. And we have to build this. Right. And this is going to tag it with your Docker hub. Username so that. When we push it later on, yeah. It'll go into the right place. So well, this is building. How exactly is the database talking to. The service that we're building now. Well, they, they services that we're building. When they're deployed. So the YAML file specifies a secret that bank DB secret that you created earlier. And it takes the contents of that secret and it creates environment variables. In the environment of the pod. Which is picked up by the Liberty. Java application. Okay. So you mentioned Liberty area. So, so I know, having worked on me. The node side of the application. It's using node express just as a framework within that. So it's pretty simple. Receiving. Http requests and processing them. Within the microservice and passing them on between the microservices. Can you tell us a little bit more about the frameworks inside our applications? Well, the Java application uses something called micro profile. Which is a set of features for Java apps running in a cloud microservice environment. So it has access to. Http clients and servers. Jason parsing utilities. And it has access to some telemetry and tracing and metrics. And health checking features. And it's intended to be a lightweight. Application server, essentially. But a fully, but a fully featured one. So what is this utility that I'm building. This takes care of deleting. Users who asked to have their information. Deleted in the UI and it runs as a cron job once an hour. And again, we were. You know, exploring. Well, the privacy and security and you know, so GDPR. Requires that users can control. If their accounts are deleted or not. So. This was. We're just sort of. Roughing in lots of. The different end points and application points to be able wants to be able to design for a privacy. And that's another sort of aspect that we wanted to show within this example. Exactly, just as GDPR has a user erasure requirement, you're supposed to be able to delete your data. And this is our implementation of that. So what exactly are we doing in part two? So in part two, we're gonna start by taking the deployment YAML files for three of the services. And edit the image specification to point at the Docker Hub image that you just built and pushed. So you're gonna be able to use the editor that's built right into the web terminal. Okay. So if you can just go to file, open here, it's gonna be opening up to browse the example bank project. Back end transaction service. Right. And then deployment.yaml. And what are we changing here? So there's gonna be a reference to an image here that's gonna be pointing to an existing Docker Hub image. And you can replace that with the one that you just built here. That's it? That's the only thing we're changing here? Yes, that's the only thing that's being changed. Okay. And have to do this to another part. Right, so there's a separate deployment YAML for each service. So we did the transactions go to the user service under bank app backend user, user service. The same thing? The same thing, exactly. And just point to the different image. Yep, that's it. And then just one more after this is the cleanup utility. Call on job. That will be under bank user cleanup utility. And this time it's called job.yaml instead of deployment. Okay. So this one is, this is a cron job that's scheduled to run once an hour and goes through all the users that requested that they be, that they want their data deleted. Okay. Yep. And I think that was it for editing the YAML files. Now we can go ahead and deploy everything. We're gonna OC apply, which is like kube control apply. And we can specify, we're gonna specify in that command all three of these services all at once. And then after you do this, if you wanna do, just back out one level, cd.yaml. So after running this, if you wanna do like an OC get pods dash w, you can watch the images get pulled and the containers get created. And there's also a way to see this in the OpenShift web console, right? Yeah. That's right. It'll update. If you look, go to the topology or workloads view. Here it is. You can see them come up. Looks like they're done. Yep. Run. Okay. Cool. And I think that was the last deployment step. And now in the initial front end node deployment, it created an OpenShift route, which creates a subdomain in this clusters address space. So you'll be able to just put that in your browser and visit the application. This URL? It's the long one there that ends in aptomain.cloud. Okay. Oh, here it is. Here it is. So this is talking to app ID now. So I hit bank. You got a bank. Yeah. Exactly. And then we're signing in or signing up? Well, there should be nothing in the dropdown right now since this is a new instance of app ID. So it wouldn't be able to populate that with anything. So if you do sign up, it'll insert once you hit the consent checkbox and create account. This, the node service is going to talk to app ID with, through a node app ID library. And I don't have to change any of this. Well, you can actually edit the username if you don't like them, but it's kind of a randomly generated. So you can experiment with this app without having to come up with a username. So this is the list of transactions. If you go back out, click the round home button at the bottom and then click on some of these other buttons out there. Does it matter? No, there's a matter. But as you click on them you'll see that there's a little analytics view that takes data from the Postgres database and draws a nice little visualization once you go back to bank. So you'll see your transactions here. The little pie chart at the bottom there that looks like Pac-Man. That's a little, that's a visualization from the purchases that this user made. And if you click on the little person there next to it you have the option to delete the user or just log out. If you delete, it's not gonna disappear right away since the deletion service is a crime job that runs out hourly. But if you log out long back in you should see your transaction is being, transactions were persistent in clustered database. If there's the person signing, there they are. So that's it, the points are populated by a Knative service that we didn't deploy but that is available in the GitHub repository if you wanna follow along with those instructions for the remaining part of Example Bank. I just wanted to note as well that we built this also experimentally with web components which is an emerging spec and we've only really tested it on Chrome. So we know for sure it works on Chrome really well. We're still experimenting on other browsers with web components. So if you run into any issues please try again on Chrome at this point. Are there any other steps that I need to follow? No, that is it. Might be nice just to, if you could go back to that that view and click on the cloud architecture link. So here, just alongside there we had a whole bunch of links with that point to related tutorials and code patterns. So just to refresh everyone's memory what Max has just deployed is this little system of microservices built with Java Liberty and load on OpenShift and connected with app ID for authentication connected by an operator to the PostgreSQL database. I just wanted to flash that up just to remind everyone what you've just deployed and all the codes are to dig into the different services and see how it's implemented and of course we're all around to answer any questions and be happy to hear feedback and answer questions on this stuff as well. So, yeah, so the example bank code is at this public repository. If you go to developer.ibm.com there's further patterns and tutorials around example bank and other OpenShift applications and feel free to reach out to any of us with any questions or feedback. Thank you. Yeah. Thanks again everyone. Bye bye. Bye.