Docker & Kubernetes (#1)

* added builder stage to the envoy proxy to create descriptior file

* updated the dockerfile for the book service to remove references to hello. Updated the readme with some documentation. Updated docker-compose to change hello to books

* minor improvements to the readme to explain which ports are exposed

* fixed service dockerfile to reference the correct binary. Updated envoy to use the correct container name

* created kubernetes deployment called books for deploying the books api and envoy sidecar

* updated readme with details on how to run the books service locally and how to compile the protocol buffers

* added the google api location to the makefile. Reduce the space identation on the docker-compose.yaml from 4 to 2 spaces

* added comments to the books.proto file

* added docs to books endpoint. Fixed docker-compose file

* updated readme to reflect changes in folder structure. Updated envoy container to swap out yaml in the container

* added kubernetes version of the envoy config

* added a config map for kubernetes to maintain the envoy config. Added this configmap to the deployment spec

* updated the envoy docker file to move the proto descriptor file into its own sub directory in ect. Fixed the kubernetes deployment to enable the volumne to work correctly. Removed envoy-kube.yaml file since this is managed in the config map

* add docs on the readme about kubernetes

* corrections to the readme for the kubernetes section

Author: ryan95f

.dockerignore

@@ -1,2 +1 @@
 googleapis/*
-hello

.gitignore

@@ -88,4 +88,5 @@ Temporary Items
 
 # Application files
 googleapis/*
+books-service
 protos/books.pb

Dockerfile.envoy

@@ -1,19 +1,18 @@
 # Build stage
-# FROM alpine:3.7 as builder
-# WORKDIR /app/protoc/
-# COPY protos/* .
-# RUN apk update && \
-#     apk add --no-cache protoc && \
-#     apk add --no-cache wget
-# RUN wget https://github.com/googleapis/googleapis.git && \
-#     protoc -I./googleapis -I. \
-# 		--include_imports \
-# 		--include_source_info \
-#     	--descriptor_set_out=envoy/books.pb protos/books.proto
+FROM ubuntu:20.10 as builder
+WORKDIR /app/protoc/
+COPY protos/ .
+RUN apt update && \
+    apt install -y wget protobuf-compiler unzip && \
+    wget https://github.com/googleapis/googleapis/archive/master.zip && \
+    unzip master.zip -d googleapis
+
+RUN protoc -I./googleapis/googleapis-master -I. \
+		--include_imports \
+		--include_source_info \
+    	--descriptor_set_out=books.pb books.proto
 
 # Output stage
 FROM envoyproxy/envoy:v1.17-latest
-COPY ./envoy.yaml /etc/envoy/envoy.yaml
-COPY ./protos/books.pb /etc/envoy/protos/books.pb
-RUN chmod go+r /etc/envoy/envoy.yaml && \ 
-    chmod go+r /etc/envoy/protos/books.pb
+COPY --from=builder /app/protoc/books.pb /etc/protos/books.pb
+RUN chmod go+r /etc/protos/books.pb

Dockerfile.service

@@ -7,8 +7,8 @@ RUN CGO_ENABLED=0 GOOS=linux go build .
 # output stage
 FROM alpine:3.7
 WORKDIR /app
-COPY --from=builder /go/src/app/hello /app/
+COPY --from=builder /go/src/app/books-service /app/
 ENV HOST "0.0.0.0"
 ENV PORT 9000
 EXPOSE 9000
-CMD ["./hello"]
+CMD ["./books-service"]

Makefile

@@ -1,6 +1,7 @@
 GO := go
 APP_NAME := books-service
 PROTOC_DESCRIPTOR := protos/books.pb
+GOOGLE_APIS_DIR := ../googleapis
 
 edit: build run
 
@@ -11,7 +12,7 @@ run:
 	@${APP_NAME}
 
 protoc:
-	@protoc -I./googleapis -I. \
+	@protoc -I./${GOOGLE_APIS_DIR} -I. \
 		--include_imports \
 		--include_source_info \
     	--descriptor_set_out=${PROTOC_DESCRIPTOR} \
@@ -20,4 +21,4 @@ protoc:
 
 clean:
 	@rm ${APP_NAME}
-	@rm ${PROTOC_DESCRIPTOR}
+	@rm ${PROTOC_DESCRIPTOR}

README.md

@@ -1,37 +1,116 @@
-# Golang gRPC to REST Envoy example
+# gRPC to REST Envoy example
+
+An example of how to use the envoy proxy to transcode REST requests to gRPC calls and expose the gRPC service on a single port.
 
 ## Requirements
 
 The following are required:
 
 * Docker
-* Golang
+* Golang 15 or greater
 * protoc (Protocal Buffer compiler)
 
+## Set Up
+
+In order to compile the `books.proto` file, you first need to clone the [Google API](https://github.com/googleapis/googleapis) repository from Github. This will include the `annotations.proto` file, which is required to provide the capabilities to transcode between REST and gRPC. Then you need to add the Google repository to your local path:
+
+```bash
+git clone https://github.com/googleapis/googleapis
+
+GOOGLE_APIS_DIR = <local-google-api-location>
+```
+
 ## Compiling the protocal buffers
 
-This will compile the `books.proto` protocol buffer and create the descriptor binary required for the envoy proxy.
+In order to compile the `books.proto` file, you need to run the `protoc` compiler. This can be done with the included `Makefile`:
 
 ```bash
 make protoc
 ```
 
-## Creating the Docker containers
+Alternatively, you can directly run the `protoc` compiler:
+
+```bash
+protoc -I./${GOOGLE_APIS_DIR} -I. \
+       --include_imports \
+       --include_source_info \
+       --descriptor_set_out=protos/books.pb \
+       --go-grpc_out=. \
+       --go_out=. protos/books.proto
+```
+
+## Creating the Docker images
+
+To build the Docker containers, run:
 
 ```bash
 docker-compose build
 ```
 
+This will create two images:
+
+* `books-envoy` which is the envoy proxy
+* `books` which is the book service
+
+To build a specific image, run:
+
+```bash
+docker-compose build <service-name>
+```
+
+Where `<service-name>` can be replaced with `envoy` for the envoy image or `books` for the book service.
+
 ## Running the Docker containers
 
+To create containers for both `books` and `envoy`, run:
+
 ```bash
 docker-compose up -d
 ```
 
-## Validating the envoy config
+This will run the API on port `8080` and the envoy admin view on port `9901`.
+
+## Running the Books service locally
+
+In order to run the books service locally, first build the application:
+
+```bash
+make build
+```
+
+Then run the application. By default it will be on port `9000`:
+
+```bash
+make run
+```
+
+## Deploying on Kubernetes
+
+The books service with envoy can be deployed with Kubernetes. The following files are provided:
+
+* `books-configmap.yaml` - Defines a config map that contains the envoy config for running the service on Kubernetes.
+* `books.yaml` - Defines the deployment and service for running the application. The service uses a `NodePort` and will expose the deployment on port `30001`, which can accept REST and gRPC calls.
+
+To deploy the config map:
+
+```bash
+kubectl apply -f books-configmap.yaml
+```
+
+Then to deploy the service and deployment:
+
+```bash
+kubectl apply -f books.yaml
+```
+
+**Note**: By default the number of replicas in the deployment is set to 1. Since the data is stored within memory on the container and not in a database, scaling the deployment above 1 may result in differences in the responses with each request.
+
+## Validating the Envoy config
+
+To validate that your Envoy config is valid, run:
 
 ```bash
 docker run --rm \
-       -v $(pwd)/envoy/envoy.yaml:/envoy.yaml envoyproxy/envoy:v1.17-latest \
+       -v $(pwd)/envoy.yaml:/envoy.yaml envoyproxy/envoy:v1.17-latest \
        --mode validate -c envoy.yaml
 ```

books-configmap.yaml

@@ -0,0 +1,76 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: books-config-map
+data:
+  envoy-yaml-config: |
+    admin:
+      access_log_path: /tmp/admin_access.log
+      address:
+        socket_address: { address: 0.0.0.0, port_value: 9901 }
+
+    static_resources:
+      listeners:
+      - name: listener1
+        address:
+          socket_address: { address: 0.0.0.0, port_value: 8080 }
+        filter_chains:
+        - filters:
+          - name: envoy.filters.network.http_connection_manager
+            typed_config:
+              "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+              stat_prefix: grpc_json
+              codec_type: AUTO
+              route_config:
+                name: local_route
+                virtual_hosts:
+                - name: local_service
+                  domains: ["*"]
+                  routes:
+                  # NOTE: by default, matching happens based on the gRPC route, and not on the incoming request path.
+                  # Reference: https://www.envoyproxy.io/docs/envoy/latest/configuration/http_filters/grpc_json_transcoder_filter#route-configs-for-transcoded-requests
+                  - match: { prefix: "/" }
+                    route: { cluster: books_service, timeout: 60s}
+                  cors:
+                    allow_origin_string_match:
+                    - prefix: "*"
+                    allow_methods: GET, PUT, DELETE, POST, OPTIONS
+                    allow_headers: keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout
+                    max_age: "1728000"
+                    expose_headers: grpc-status,grpc-message
+              http_filters:
+              - name: envoy.filters.http.grpc_json_transcoder
+                typed_config:
+                  "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_json_transcoder.v3.GrpcJsonTranscoder
+                  proto_descriptor: "/etc/protos/books.pb"
+                  services: ["books.v1.BookService"]
+                  print_options:
+                    add_whitespace: true
+                    always_print_primitive_fields: true
+                    always_print_enums_as_ints: false
+                    preserve_proto_field_names: false
+              - name: envoy.filters.http.cors
+              - name: envoy.filters.http.router
+
+      clusters:
+      - name: books_service
+        connect_timeout: 1.25s
+        type: LOGICAL_DNS
+        lb_policy: ROUND_ROBIN
+        dns_lookup_family: V4_ONLY
+        typed_extension_protocol_options:
+          envoy.extensions.upstreams.http.v3.HttpProtocolOptions:
+            "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions
+            explicit_http_config:
+              http2_protocol_options: {}
+        load_assignment:
+          cluster_name: books_service
+          endpoints:
+          - lb_endpoints:
+            - endpoint:
+                health_check_config:
+                  port_value: 9000
+                address:
+                  socket_address:
+                    address: localhost
+                    port_value: 9000

books.yaml

@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: books-deployment
+  labels:
+    app: books
+    stage: dev
+    version: v1
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: books
+      stage: dev
+      version: v1
+  template:
+    metadata:
+      labels:
+        app: books
+        stage: dev
+        version: v1
+    spec:
+      containers:
+        - name: books
+          image: books:v1
+          imagePullPolicy: Never
+          ports:
+            - containerPort: 9000
+              protocol: TCP
+        - name: envoy
+          image: books-envoy:v1
+          volumeMounts:
+          - name: envoy-config
+            mountPath: /etc/envoy
+          imagePullPolicy: Never
+          ports:
+            - containerPort: 8080
+              protocol: TCP
+            - containerPort: 9901
+              protocol: TCP
+      volumes:
+        - name: envoy-config
+          configMap:
+            name: books-config-map
+            items:
+              - key: envoy-yaml-config
+                path: envoy.yaml
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: books-service
+spec:
+  selector:
+    app: books
+    stage: dev
+    version: v1
+  type: NodePort
+  ports:
+    - protocol: TCP
+      port: 8080
+      targetPort: 8080
+      nodePort: 30001