Forward requests to auth service within a Kubernetes microservices architecture

Prerequisites

1. Backend

// Auth-service without TEST_HEADER
alexantonica$ curl localhost:9998/authorize/request
Can't touch this--------------// Auth-service with TEST_HEADER
aantonica$ curl-H "test-header: test" localhost:9998/authorize/request
Proceed milord---------------// Doc-serviceaantonica$ curl localhost:9999/doc/fetch{"test":"value"}

2. Deployments

apiVersion: apps/v1
kind: Deployment
metadata:
name: auth-service-deployment
labels:
name: auth-service-deployment
spec:
replicas: 1
selector:
matchLabels:
name: auth-service
template:
metadata:
labels:
name: auth-service
spec:
containers:
- image: aantonica/forward-req:auth-service
name: auth-service
imagePullPolicy: Always
ports:
- containerPort: 9998
restartPolicy: Always
apiVersion: apps/v1
kind: Deployment
metadata:
name: doc-service-deployment
labels:
name: doc-service-deployment
spec:
replicas: 1
selector:
matchLabels:
name: doc-service
template:
metadata:
labels:
name: doc-service
spec:
containers:
- image: aantonica/forward-req:doc-service
name: doc-service
imagePullPolicy: Always
ports:
- containerPort: 9999
restartPolicy: Always
kubectl apply -f infrastructure/deployments/auth-deployment.yaml
kubectl apply -f infrastructure/deployments/doc-deployment.yaml

3. Services

apiVersion: v1
kind: Service
metadata:
name: auth-service
spec:
type: NodePort
selector:
name: auth-service
ports:
- protocol: TCP
port: 9998
targetPort: 9998
apiVersion: v1
kind: Service
metadata:
name: doc-service
spec:
type: NodePort
selector:
name: doc-service
ports:
- protocol: TCP
port: 9999
targetPort: 9999
kubectl apply -f infrastructure/services/auth-service.yaml
kubectl apply -f infrastructure/services/doc-service.yaml
Kubernetes services in default namespace

3. Igresses

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: doc-ingress
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/auth-url: http://auth-service.default.svc.cluster.local:9998/authorize/request
spec:
rules:
- http:
paths:
- path: /doc/fetch
pathType: Prefix
backend:
service:
name: doc-service
port:
number: 9999

4. Ingress Controller

5. Testing

c.a.a.c.AuthorizeRequestController       : Started checking the request
c.a.a.c.AuthorizeRequestController : Request failed the check, throwing 403
Full flow testing

Conclusion

--

--

--

Software engineer in my 5th year now, passionate and curious about new technologies, practices and ways of thinking. Never stop growing.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Views in Data Analysis with SQL

Dockerizing Spring boot application

What is AWS Storage Class?

Build you own Raffle Solution using the Power Platform and more

DevOps Team Building — Define and Collaborate in the Real World

Flutter — Firebase Performance and Crashlytics

3 different ways of escaping the usual loop in Python

How Scripting Helps with IT Automation

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ALex Antonica

ALex Antonica

Software engineer in my 5th year now, passionate and curious about new technologies, practices and ways of thinking. Never stop growing.

More from Medium

From Monolith to Kubernetes Architecture — Part II — Dockerfile

Simple Java application development with Spring, Rancher Desktop , CircleCI and ArgoCD.

StreamNative Pulsar Operator Tutorial Part 2

Spring Cloud Stream Kafka errors to Dead Letter Queue (DLQ)