From 12bb6a60f2da8b3c0b8046150bed6122a30952ce Mon Sep 17 00:00:00 2001 From: Tobias Kurzydym Date: Mon, 2 Oct 2023 16:03:45 +0200 Subject: [PATCH] feat(service-mesh): deployment linkerd --- ca.crt | 11 +++++++++++ ca.key | 5 +++++ delivery-service/pom.xml | 16 ---------------- .../address/infrastructure/CORSFilter.java | 15 +-------------- .../address-validation-service/deployment.yaml | 1 + deployment/base/billing-service/deployment.yaml | 1 + deployment/base/customer-service/deployment.yaml | 1 + deployment/base/delivery-service/deployment.yaml | 1 + issuer.crt | 12 ++++++++++++ issuer.key | 5 +++++ skaffold.yaml | 14 ++++++++++++++ 11 files changed, 52 insertions(+), 30 deletions(-) create mode 100644 ca.crt create mode 100644 ca.key create mode 100644 issuer.crt create mode 100644 issuer.key diff --git a/ca.crt b/ca.crt new file mode 100644 index 0000000..3dafbd6 --- /dev/null +++ b/ca.crt @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBjDCCATOgAwIBAgIQAQLOxYi/wHJEzliDjlHjHzAKBggqhkjOPQQDAjAlMSMw +IQYDVQQDExpyb290LmxpbmtlcmQuY2x1c3Rlci5sb2NhbDAeFw0yMzA5MjIxNDU4 +MThaFw0zMzA5MTkxNDU4MThaMCUxIzAhBgNVBAMTGnJvb3QubGlua2VyZC5jbHVz +dGVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDPPltuWri9JncM/t +OSpE7OKQumK14yf+lnIE0c9rsgBiqn/7rc8Wps4FCZtHiQdOYEify7VSo+ytagIR +VsDxaqNFMEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYD +VR0OBBYEFCbAZMdByHcvt2YDQCybWtd6HcjlMAoGCCqGSM49BAMCA0cAMEQCIFLk +UB0Yj+3T/3CKz5bAbRMz7Zaz7p8G1yiCdP+WFOwaAiAoQqh4nVqqV/EMKjuKMIVX +6X3uB1BOc9NxqI0gEhPEYg== +-----END CERTIFICATE----- diff --git a/ca.key b/ca.key new file mode 100644 index 0000000..23640d7 --- /dev/null +++ b/ca.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIEAZRZYzJZildqEfLuVcXMTFrJ7xyJGhAW9nYYOy/z3VoAoGCCqGSM49 +AwEHoUQDQgAEDPPltuWri9JncM/tOSpE7OKQumK14yf+lnIE0c9rsgBiqn/7rc8W +ps4FCZtHiQdOYEify7VSo+ytagIRVsDxag== +-----END EC PRIVATE KEY----- diff --git a/delivery-service/pom.xml b/delivery-service/pom.xml index 608a328..e62e327 100644 --- a/delivery-service/pom.xml +++ b/delivery-service/pom.xml @@ -26,18 +26,6 @@ 5.8.2 - - - - io.opentelemetry - opentelemetry-bom - 1.27.0 - pom - import - - - - org.apache.meecrowave @@ -138,10 +126,6 @@ geronimo-metrics 1.0.6 - - io.opentelemetry - opentelemetry-api - ${project.artifactId} diff --git a/delivery-service/src/main/java/de/openknowledge/sample/address/infrastructure/CORSFilter.java b/delivery-service/src/main/java/de/openknowledge/sample/address/infrastructure/CORSFilter.java index db9fe51..577fc35 100644 --- a/delivery-service/src/main/java/de/openknowledge/sample/address/infrastructure/CORSFilter.java +++ b/delivery-service/src/main/java/de/openknowledge/sample/address/infrastructure/CORSFilter.java @@ -27,14 +27,12 @@ import java.io.IOException; import java.util.logging.Logger; -import io.opentelemetry.api.trace.Span; - /** * Filter to allow cross origin calls. */ @Provider @ApplicationScoped -public class CORSFilter implements ContainerRequestFilter, ContainerResponseFilter { +public class CORSFilter implements ContainerResponseFilter { private static final Logger LOG = Logger.getLogger(CORSFilter.class.getSimpleName()); @Override @@ -45,16 +43,5 @@ public void filter(final ContainerRequestContext requestContext, cres.getHeaders().add("Access-Control-Allow-Credentials", "true"); cres.getHeaders().add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD"); cres.getHeaders().add("Access-Control-Max-Age", "1209600"); - - ThreadContext.remove("traceId"); - ThreadContext.remove("spanId"); - } - - @Override - public void filter(ContainerRequestContext requestContext) throws IOException { - LOG.info("Current Span: " + Span.current().getSpanContext().getTraceId() + " " + Span.current().getSpanContext().getSpanId()); - - ThreadContext.put("traceId", Span.current().getSpanContext().getTraceId()); - ThreadContext.put("spanId", Span.current().getSpanContext().getSpanId()); } } diff --git a/deployment/base/address-validation-service/deployment.yaml b/deployment/base/address-validation-service/deployment.yaml index 812e9e1..ce4088a 100644 --- a/deployment/base/address-validation-service/deployment.yaml +++ b/deployment/base/address-validation-service/deployment.yaml @@ -16,6 +16,7 @@ spec: annotations: sidecar.opentelemetry.io/inject: "otel-collector" instrumentation.opentelemetry.io/inject-java: "true" + linkerd.io/inject: enabled spec: containers: - name: address-validation-service diff --git a/deployment/base/billing-service/deployment.yaml b/deployment/base/billing-service/deployment.yaml index 693632f..cc7ef61 100644 --- a/deployment/base/billing-service/deployment.yaml +++ b/deployment/base/billing-service/deployment.yaml @@ -16,6 +16,7 @@ spec: annotations: sidecar.opentelemetry.io/inject: "otel-collector" instrumentation.opentelemetry.io/inject-java: "true" + linkerd.io/inject: enabled spec: containers: - name: billing-service diff --git a/deployment/base/customer-service/deployment.yaml b/deployment/base/customer-service/deployment.yaml index f1880cc..09e0893 100644 --- a/deployment/base/customer-service/deployment.yaml +++ b/deployment/base/customer-service/deployment.yaml @@ -16,6 +16,7 @@ spec: annotations: sidecar.opentelemetry.io/inject: "otel-collector" instrumentation.opentelemetry.io/inject-java: "true" + linkerd.io/inject: enabled spec: containers: - name: customer-service diff --git a/deployment/base/delivery-service/deployment.yaml b/deployment/base/delivery-service/deployment.yaml index fdfe342..bf16481 100644 --- a/deployment/base/delivery-service/deployment.yaml +++ b/deployment/base/delivery-service/deployment.yaml @@ -16,6 +16,7 @@ spec: annotations: sidecar.opentelemetry.io/inject: "otel-collector" instrumentation.opentelemetry.io/inject-java: "true" + linkerd.io/inject: enabled spec: containers: - name: delivery-service diff --git a/issuer.crt b/issuer.crt new file mode 100644 index 0000000..47127ee --- /dev/null +++ b/issuer.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBtDCCAVmgAwIBAgIRAPbHRnaTtCA1/5S6VmsslNwwCgYIKoZIzj0EAwIwJTEj +MCEGA1UEAxMacm9vdC5saW5rZXJkLmNsdXN0ZXIubG9jYWwwHhcNMjMwOTIyMTQ1 +ODI4WhcNMjQwOTIxMTQ1ODI4WjApMScwJQYDVQQDEx5pZGVudGl0eS5saW5rZXJk +LmNsdXN0ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQh08K8b8H9 +PmGGq1vHaRjzdb6evQcOj+sbXkTURD+4iOi3SmG10LjCK4yHn2zW0NEL4MjuGtgu +C2KYFq8ndx2No2YwZDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIB +ADAdBgNVHQ4EFgQUA2/apk2leRx751eVB93l74Q9mV4wHwYDVR0jBBgwFoAUJsBk +x0HIdy+3ZgNALJta13odyOUwCgYIKoZIzj0EAwIDSQAwRgIhAJC2hV1msCCHzzc/ +25RCzvZCFS62Y9B0lkCBqsstyDjxAiEAstJZVnzuS7vcaN17nLpRcfhuiixT6VgG +g7zgWh7A/g4= +-----END CERTIFICATE----- diff --git a/issuer.key b/issuer.key new file mode 100644 index 0000000..9c0521c --- /dev/null +++ b/issuer.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIG8AgHlbZm+45zY0CBI7vtzPyroETnKYOuEbwAU8whr7oAoGCCqGSM49 +AwEHoUQDQgAEIdPCvG/B/T5hhqtbx2kY83W+nr0HDo/rG15E1EQ/uIjot0phtdC4 +wiuMh59s1tDRC+DI7hrYLgtimBavJ3cdjQ== +-----END EC PRIVATE KEY----- diff --git a/skaffold.yaml b/skaffold.yaml index d0187ef..f1a5984 100644 --- a/skaffold.yaml +++ b/skaffold.yaml @@ -31,6 +31,20 @@ deploy: createNamespace: true valuesFiles: - ./ingress-nginx-values.yaml + - name: linkerd-crds + repo: https://helm.linkerd.io/stable + remoteChart: linkerd-crds + namespace: linkerd + createNamespace: true + - name: linkerd-control-plane + repo: https://helm.linkerd.io/stable + remoteChart: linkerd-control-plane + namespace: linkerd + createNamespace: true + setFiles: + identityTrustAnchorsPEM: ./ca.crt + "identity.issuer.tls.crtPEM": ./issuer.crt + "identity.issuer.tls.keyPEM": ./issuer.key statusCheckDeadlineSeconds: 300 tolerateFailuresUntilDeadline: true