25 minutesPrerequisites:
Deploy microservices in Open Liberty Docker containers to Kubernetes and manage them with the Kubernetes CLI, kubectl.
Kubernetes is an open source container orchestrator that automates many tasks involved in deploying, managing, and scaling containerized applications.
Over the years, Kubernetes has become a major tool in containerized environments as containers are being further leveraged for all steps of a continuous delivery pipeline.
Managing individual containers can be challenging. A few containers used for development by a small team might not pose a problem, but managing hundreds of containers can give even a large team of experienced developers a headache. Kubernetes is a primary tool for deployment in containerized environments. It handles scheduling, deployment, as well as mass deletion and creation of containers. It provides update rollout abilities on a large scale that would otherwise prove extremely tedious to do. Imagine that you updated a Docker image, which now needs to propagate to a dozen containers. While you could destroy and then re-create these containers, you can also run a short one-line command to have Kubernetes make all those updates for you. Of course, this is just a simple example. Kubernetes has a lot more to offer.
Deploying an application to Kubernetes means deploying an application to a Kubernetes cluster.
A typical Kubernetes cluster is a collection of physical or virtual machines called nodes that run containerized applications. A cluster is made up of one master node that manages the cluster, and many worker nodes that run the actual application instances inside Kubernetes objects called pods.
A pod is a basic building block in a Kubernetes cluster. It represents a single running process that encapsulates a container or in some scenarios many closely coupled containers. Pods can be replicated to scale applications and handle more traffic. From the perspective of a cluster, a set of replicated pods is still one application instance, although it might be made up of dozens of instances of itself. A single pod or a group of replicated pods are managed by Kubernetes objects called controllers. A controller handles replication, self-healing, rollout of updates, and general management of pods. One example of a controller that you will use in this guide is a deployment.
A pod or a group of replicated pods are abstracted through Kubernetes objects called services that define a set of rules by which the pods can be accessed. In a basic scenario, a Kubernetes service exposes a node port that can be used together with the cluster IP address to access the pods encapsulated by the service.
To learn about the various Kubernetes resources that you can configure, see the official Kubernetes documentation.
You will learn how to deploy two microservices in Open Liberty containers to a local Kubernetes cluster. You will then manage your deployed microservices using the kubectl command line interface for Kubernetes. The kubectl CLI is your primary tool for communicating with and managing your Kubernetes cluster.
The two microservices you will deploy are called system and inventory. The system microservice returns the JVM system properties of the running container and it returns the pod’s name in the HTTP header making replicas easy to distinguish from each other. The inventory microservice adds the properties from the system microservice to the inventory. This demonstrates how communication can be established between pods inside a cluster.
You will use a local single-node Kubernetes cluster.
Before you begin, you need a containerization software for building containers. Kubernetes supports various container runtimes. You will use Docker in this guide. For Docker installation instructions, refer to the official Docker documentation.
WINDOWS
MAC
LINUX
Use Docker Desktop, where a local Kubernetes environment is pre-installed and enabled. If you do not see the Kubernetes tab, then upgrade to the latest version of Docker Desktop.
Complete the setup for your operating system:
Set up Docker for Windows.
After you complete the Docker setup instructions for your operating system, ensure that Kubernetes (not Swarm) is selected as the orchestrator in Docker Preferences.
Use Docker Desktop, where a local Kubernetes environment is pre-installed and enabled. If you do not see the Kubernetes tab, then upgrade to the latest version of Docker Desktop.
Complete the setup for your operating system:
Set up Docker for Mac.
After you complete the Docker setup instructions for your operating system, ensure that Kubernetes (not Swarm) is selected as the orchestrator in Docker Preferences.
You will use Minikube as a single-node Kubernetes cluster that runs locally in a virtual machine. Make sure you have kubectl installed. If you need to install kubectl, see the kubectl installation instructions. For Minikube installation instructions, see the Minikube documentation.
The fastest way to work through this guide is to clone the Git repository and use the projects that are provided inside:
git clone https://github.com/openliberty/guide-kubernetes-intro.git
cd guide-kubernetes-introThe start directory contains the starting project that you will build upon.
The finish directory contains the finished project that you will build.
Start your Kubernetes cluster.
WINDOWS
MAC
LINUX
Start your Docker Desktop environment.
Ensure that Kubernetes is running on Docker Desktop and that the context is set to docker-desktop.
Run the following command from a command-line session:
minikube startNext, validate that you have a healthy Kubernetes environment by running the following command from the active command-line session.
kubectl get nodesThis command should return a Ready status for the master node.
WINDOWS
MAC
LINUX
You do not need to do any other step.
Run the following command to configure the Docker CLI to use Minikube’s Docker daemon. After you run this command, you will be able to interact with Minikube’s Docker daemon and build new images directly to it from your host machine:
eval $(minikube docker-env)The first step of deploying to Kubernetes is to build your microservices and containerize them with Docker.
The starting Java project, which you can find in the start directory, is a multi-module Maven project that’s made up of the system and inventory microservices. Each microservice resides in its own directory, start/system and start/inventory. Each of these directories also contains a Dockerfile, which is necessary for building Docker images. If you’re unfamiliar with Dockerfiles, check out the Containerizing Microservices guide, which covers Dockerfiles in depth.
Navigate to the start directory and run the following command to build the applications:
mvn clean packageRun the following command to download or update to the latest openliberty/open-liberty:kernel-java8-openj9-ubi Docker image:
docker pull openliberty/open-liberty:kernel-java8-openj9-ubiNext, run the docker build commands to build container images for your application:
docker build -t system:1.0-SNAPSHOT system/.
docker build -t inventory:1.0-SNAPSHOT inventory/.The -t flag in the docker build command allows the Docker image to be labeled (tagged) in the name[:tag] format. The tag for an image describes the specific image version. If the optional [:tag] tag is not specified, the latest tag is created by default.
During the build, you’ll see various Docker messages describing what images are being downloaded and built. When the build finishes, run the following command to list all local Docker images:
docker imagesVerify that the system:1.0-SNAPSHOT and inventory:1.0-SNAPSHOT images are listed among them, for example:
WINDOWS
MAC
LINUX
REPOSITORY TAG
inventory 1.0-SNAPSHOT
system 1.0-SNAPSHOT
openliberty/open-liberty kernel-java8-openj9-ubi
k8s.gcr.io/kube-proxy-amd64 v1.10.3
k8s.gcr.io/kube-scheduler-amd64 v1.10.3
k8s.gcr.io/kube-controller-manager-amd64 v1.10.3
k8s.gcr.io/kube-apiserver-amd64 v1.10.3
k8s.gcr.io/etcd-amd64 3.1.12
k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64 1.14.8
k8s.gcr.io/k8s-dns-sidecar-amd64 1.14.8
k8s.gcr.io/k8s-dns-kube-dns-amd64 1.14.8
k8s.gcr.io/pause-amd64 3.1REPOSITORY TAG
inventory 1.0-SNAPSHOT
system 1.0-SNAPSHOT
openliberty/open-liberty kernel-java8-openj9-ubi
k8s.gcr.io/kube-proxy-amd64 v1.10.0
k8s.gcr.io/kube-controller-manager-amd64 v1.10.0
k8s.gcr.io/kube-apiserver-amd64 v1.10.0
k8s.gcr.io/kube-scheduler-amd64 v1.10.0
quay.io/kubernetes-ingress-controller/nginx-ingress-controller 0.12.0
k8s.gcr.io/etcd-amd64 3.1.12
k8s.gcr.io/kube-addon-manager v8.6
k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64 1.14.8
k8s.gcr.io/k8s-dns-sidecar-amd64 1.14.8
k8s.gcr.io/k8s-dns-kube-dns-amd64 1.14.8
k8s.gcr.io/pause-amd64 3.1
k8s.gcr.io/kubernetes-dashboard-amd64 v1.8.1
k8s.gcr.io/kube-addon-manager v6.5
gcr.io/k8s-minikube/storage-provisioner v1.8.0
gcr.io/k8s-minikube/storage-provisioner v1.8.1
k8s.gcr.io/defaultbackend 1.4
k8s.gcr.io/k8s-dns-sidecar-amd64 1.14.4
k8s.gcr.io/k8s-dns-kube-dns-amd64 1.14.4
k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64 1.14.4
k8s.gcr.io/etcd-amd64 3.0.17
k8s.gcr.io/pause-amd64 3.0If you don’t see the system:1.0-SNAPSHOT and inventory:1.0-SNAPSHOT images, then check the Maven build log for any potential errors. In addition, if you are using Minikube, make sure your Docker CLI is configured to use Minikube’s Docker daemon and not your host’s as described in the previous section.
Now that your Docker images are built, deploy them using a Kubernetes resource definition.
A Kubernetes resource definition is a yaml file that contains a description of all your deployments, services, or any other resources that you want to deploy. All resources can also be deleted from the cluster by using the same yaml file that you used to deploy them.
Create the Kubernetes configuration file.
kubernetes.yamlkubernetes.yaml
1apiVersion: apps/v1
2kind: Deployment
3metadata:
4 name: system-deployment
5 # tag::labels1[]
6 labels:
7 # end::labels1[]
8 # tag::app1[]
9 app: system
10 # end::app1[]
11spec:
12 selector:
13 matchLabels:
14 # tag::app2[]
15 app: system
16 # end::app2[]
17 template:
18 metadata:
19 # tag::labels2[]
20 labels:
21 # end::labels2[]
22 # tag::app3[]
23 app: system
24 # end::app3[]
25 spec:
26 containers:
27 - name: system-container
28 # tag::image1[]
29 image: system:1.0-SNAPSHOT
30 # end::image1[]
31 ports:
32 # tag::containerPort1[]
33 - containerPort: 9080
34 # end::containerPort1[]
35---
36apiVersion: apps/v1
37kind: Deployment
38metadata:
39 name: inventory-deployment
40 # tag::labels3[]
41 labels:
42 # end::labels3[]
43 # tag::app4[]
44 app: inventory
45 # end::app4[]
46spec:
47 selector:
48 matchLabels:
49 # tag::app5[]
50 app: inventory
51 # end::app5[]
52 template:
53 metadata:
54 # tag::labels4[]
55 labels:
56 # end::labels4[]
57 # tag::app6[]
58 app: inventory
59 # end::app6[]
60 spec:
61 containers:
62 - name: inventory-container
63 # tag::image2[]
64 image: inventory:1.0-SNAPSHOT
65 # end::image2[]
66 ports:
67 # tag::containerPort2[]
68 - containerPort: 9080
69 # end::containerPort2[]
70---
71apiVersion: v1
72kind: Service
73metadata:
74 name: system-service
75spec:
76 # tag::NodePort1[]
77 type: NodePort
78 # end::NodePort1[]
79 selector:
80 # tag::app7[]
81 app: system
82 # end::app7[]
83 ports:
84 - protocol: TCP
85 port: 9080
86 targetPort: 9080
87 # tag::nodePort1[]
88 nodePort: 31000
89 # end::nodePort1[]
90
91---
92apiVersion: v1
93kind: Service
94metadata:
95 name: inventory-service
96spec:
97 # tag::NodePort2[]
98 type: NodePort
99 # end::NodePort2[]
100 selector:
101 # tag::app8[]
102 app: inventory
103 # end::app8[]
104 ports:
105 - protocol: TCP
106 port: 9080
107 targetPort: 9080
108 # tag::nodePort2[]
109 nodePort: 32000
110 # end::nodePort2[]This file defines four Kubernetes resources. It defines two deployments and two services. A Kubernetes deployment is a resource responsible for controlling the creation and management of pods. A service exposes your deployment so that you can make requests to your containers. Three key items to look at when creating the deployments are the labels, image, and containerPort fields. The labels is a way for a Kubernetes service to reference specific deployments. The image is the name and tag of the Docker image that you want to use for this container. Finally, the containerPort is the port that your container exposes for purposes of accessing your application. For the services, the key point to understand is that they expose your deployments. The binding between deployments and services is specified by the use of labels — in this case the app label. You will also notice the service has a type of NodePort. This means you can access these services from outside of your cluster via a specific port. In this case, the ports will be 31000 and 32000, but it can also be randomized if the nodePort field is not used.
Run the following commands to deploy the resources as defined in kubernetes.yaml:
kubectl apply -f kubernetes.yamlWhen the apps are deployed, run the following command to check the status of your pods:
kubectl get podsYou’ll see an output similar to the following if all the pods are healthy and running:
NAME READY STATUS RESTARTS AGE
system-deployment-6bd97d9bf6-4ccds 1/1 Running 0 15s
inventory-deployment-645767664f-nbtd9 1/1 Running 0 15sYou can also inspect individual pods in more detail by running the following command:
kubectl describe podsYou can also issue the kubectl get and kubectl describe commands on other Kubernetes resources, so feel free to inspect all other resources.
Next you will make requests to your services.
WINDOWS
MAC
LINUX
The default host name for Docker Desktop is localhost.
The default host name for minikube is 192.168.99.100. Otherwise it can be found using the minikube ip command.
Then curl or visit the following URLs to access your microservices, substituting the appropriate host name:
http://[hostname]:31000/system/properties
http://[hostname]:32000/inventory/systems/system-service
The first URL returns system properties and the name of the pod in an HTTP header called X-Pod-Name. To view the header, you may use the -I option in the curl when making a request to http://[hostname]:31000/system/properties. The second URL adds properties from system-service to the inventory Kubernetes Service. Visiting http://[hostname]:32000/inventory/systems/[kube-service] in general adds to the inventory depending on whether kube-service is a valid Kubernetes Service that can be accessed.
To use load balancing, you need to scale your deployments. When you scale a deployment, you replicate its pods, creating more running instances of your applications. Scaling is one of the primary advantages of Kubernetes because replicating your application allows it to accommodate more traffic, and then descale your deployments to free up resources when the traffic decreases.
As an example, scale the system deployment to three pods by running the following command:
kubectl scale deployment/system-deployment --replicas=3Use the following command to verify that two new pods have been created.
kubectl get podsNAME READY STATUS RESTARTS AGE
system-deployment-6bd97d9bf6-4ccds 1/1 Running 0 1m
system-deployment-6bd97d9bf6-jf9rs 1/1 Running 0 25s
system-deployment-6bd97d9bf6-x4zth 1/1 Running 0 25s
inventory-deployment-645767664f-nbtd9 1/1 Running 0 1mWait for your two new pods to be in the ready state, then curl -I or visit the http://[hostname]:31000/system/properties URL. You’ll notice that the X-Pod-Name header will have a different value when you call it multiple times. This is because there are now three pods running all serving the system application. Similarly, to descale your deployments you can use the same scale command with fewer replicas.
When you’re building your application, you may find that you want to quickly test a change. To do that, you can rebuild your Docker images then delete and re-create your Kubernetes resources. Note that there will only be one system pod after you redeploy since you’re deleting all of the existing pods.
mvn clean package
kubectl delete -f kubernetes.yaml
kubectl apply -f kubernetes.yamlThis is not how you would want to update your applications when running in production, but in a development environment this is fine. If you want to deploy an updated image to a production cluster, you can update the container in your deployment with a new image. Then, Kubernetes will automate the creation of a new container and decommissioning of the old one once the new container is ready.
pom.xml
1<?xml version="1.0" encoding="UTF-8"?>
2<project xmlns="http://maven.apache.org/POM/4.0.0"
3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
5 http://maven.apache.org/xsd/maven-4.0.0.xsd">
6
7 <modelVersion>4.0.0</modelVersion>
8
9 <groupId>io.openliberty.guides</groupId>
10 <artifactId>inventory</artifactId>
11 <version>1.0-SNAPSHOT</version>
12 <packaging>war</packaging>
13
14 <properties>
15 <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
16 <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
17 <maven.compiler.source>1.8</maven.compiler.source>
18 <maven.compiler.target>1.8</maven.compiler.target>
19 <!-- Default test properties -->
20 <!-- tag::cluster.ip[] -->
21 <cluster.ip>localhost</cluster.ip>
22 <!-- end::cluster.ip[] -->
23 <!-- tag::system.kube.service[] -->
24 <system.kube.service>system-service</system.kube.service>
25 <!-- end::system.kube.service[] -->
26 <!-- tag::system.node.port[] -->
27 <system.node.port>31000</system.node.port>
28 <!-- end::system.node.port[] -->
29 <!-- tag::inventory.node.port[] -->
30 <inventory.node.port>32000</inventory.node.port>
31 <!-- end::inventory.node.port[] -->
32 <!-- Liberty configuration -->
33 <liberty.var.default.http.port>9080</liberty.var.default.http.port>
34 <liberty.var.default.https.port>9443</liberty.var.default.https.port>
35 </properties>
36
37 <dependencies>
38 <!-- Provided dependencies -->
39 <dependency>
40 <groupId>jakarta.platform</groupId>
41 <artifactId>jakarta.jakartaee-api</artifactId>
42 <version>8.0.0</version>
43 <scope>provided</scope>
44 </dependency>
45 <dependency>
46 <groupId>org.eclipse.microprofile</groupId>
47 <artifactId>microprofile</artifactId>
48 <version>3.3</version>
49 <type>pom</type>
50 <scope>provided</scope>
51 </dependency>
52 <!-- Java utility classes -->
53 <dependency>
54 <groupId>org.apache.commons</groupId>
55 <artifactId>commons-lang3</artifactId>
56 <version>3.10</version>
57 </dependency>
58 <!-- For tests -->
59 <dependency>
60 <groupId>org.junit.jupiter</groupId>
61 <artifactId>junit-jupiter</artifactId>
62 <version>5.6.2</version>
63 <scope>test</scope>
64 </dependency>
65 <dependency>
66 <groupId>org.apache.cxf</groupId>
67 <artifactId>cxf-rt-rs-client</artifactId>
68 <version>3.3.6</version>
69 <scope>test</scope>
70 </dependency>
71 <dependency>
72 <groupId>org.apache.cxf</groupId>
73 <artifactId>cxf-rt-rs-extension-providers</artifactId>
74 <version>3.3.6</version>
75 <scope>test</scope>
76 </dependency>
77 <dependency>
78 <groupId>org.glassfish</groupId>
79 <artifactId>javax.json</artifactId>
80 <version>1.1.4</version>
81 <scope>test</scope>
82 </dependency>
83 </dependencies>
84
85 <build>
86 <finalName>${project.artifactId}</finalName>
87 <plugins>
88 <plugin>
89 <groupId>org.apache.maven.plugins</groupId>
90 <artifactId>maven-war-plugin</artifactId>
91 <version>3.2.3</version>
92 </plugin>
93 <plugin>
94 <groupId>io.openliberty.tools</groupId>
95 <artifactId>liberty-maven-plugin</artifactId>
96 <version>3.2</version>
97 </plugin>
98 <!-- Plugin to run unit tests -->
99 <plugin>
100 <groupId>org.apache.maven.plugins</groupId>
101 <artifactId>maven-surefire-plugin</artifactId>
102 <version>2.22.2</version>
103 </plugin>
104 <!-- Plugin to run functional tests -->
105 <plugin>
106 <groupId>org.apache.maven.plugins</groupId>
107 <artifactId>maven-failsafe-plugin</artifactId>
108 <version>2.22.2</version>
109 <configuration>
110 <systemPropertyVariables>
111 <cluster.ip>${cluster.ip}</cluster.ip>
112 <inventory.node.port>${inventory.node.port}</inventory.node.port>
113 <system.node.port>${system.node.port}</system.node.port>
114 <system.kube.service>${system.kube.service}</system.kube.service>
115 </systemPropertyVariables>
116 </configuration>
117 </plugin>
118 </plugins>
119 </build>
120</project>A few tests are included for you to test the basic functionality of the microservices. If a test failure occurs, then you might have introduced a bug into the code. To run the tests, wait for all pods to be in the ready state before proceeding further. The default properties defined in the pom.xml are:
| Property | Description |
|---|---|
| IP or host name for your cluster, |
| Name of the Kubernetes Service wrapping the |
| The NodePort of the Kubernetes Service |
| The NodePort of the Kubernetes Service |
Navigate back to the start directory.
WINDOWS
MAC
LINUX
Run the integration tests against a cluster running with a host name of localhost:
mvn failsafe:integration-testRun the integration tests with the IP address for Minikube:
mvn failsafe:integration-test -Dcluster.ip=$(minikube ip)If the tests pass, you’ll see an output similar to the following for each service respectively:
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running it.io.openliberty.guides.system.SystemEndpointIT
Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.372 s - in it.io.openliberty.guides.system.SystemEndpointIT
Results:
Tests run: 2, Failures: 0, Errors: 0, Skipped: 0-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running it.io.openliberty.guides.inventory.InventoryEndpointIT
Tests run: 4, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.714 s - in it.io.openliberty.guides.inventory.InventoryEndpointIT
Results:
Tests run: 4, Failures: 0, Errors: 0, Skipped: 0When you no longer need your deployed microservices, you can delete all Kubernetes resources by running the kubectl delete command:
kubectl delete -f kubernetes.yamlWINDOWS
MAC
LINUX
Nothing more needs to be done for Docker Desktop.
Perform the following steps to return your environment to a clean state.
Point the Docker daemon back to your local machine:
eval $(minikube docker-env -u)Stop your Minikube cluster:
minikube stopDelete your cluster:
minikube deleteYou have just deployed two microservices running in Open Liberty to Kubernetes. You then scaled a microservice and ran integration tests against miroservices that are running in a Kubernetes cluster.
Deploying microservices to Kubernetes by Open Liberty is licensed under CC BY-ND 4.0
Prerequisites:
Thank you for your feedback!
Raise an issue to share feedback
Create a pull request to contribute to this guide
Ask a question on Stack Overflow
