About the CNCF Microcks Project
Microcks is a cloud-native tool for mocking and testing APIs (REST, SOAP, and more). As part of the LFX Mentorship program under CNCF, my project aims to build a centralized repository of real-world, production-grade deployment strategies for Microcks across various cloud platforms including AWS, GCP, Azure, OVH, Oracle and Scaleway. The goal is to help adopters confidently deploy Microcks in production environments by learning from shared experiences and expertise.
Understanding Microcks and Exploring Documentation
In the first week, most of my time was spent exploring Microcks documentation and understanding the internal architecture of Microcks. This foundational phase was essential to gain a solid grasp of the project and identify key areas for improvement. Understanding how MongoDB, Keycloak, and Kafka work within the Microcks ecosystem allowed me to dive into deployment options and optimize the setup for cloud environments.
Checkout Documentation
My Contributions
1. Organizing Cloud Deployments
One of my early contributions was creating a centralized folder structure under the installation/ directory of the documentation. This new structure categorizes deployment guides for each cloud provider, making it easy for users to find platform-specific instructions. Whether you're deploying on AWS, GCP, or Azure, everything is now neatly organized and easily accessible.
View folder structure
2. Deploying External Keycloak on GKE Using Google Cloud SQL
Microcks uses Keycloak for authentication, and I was tasked with setting up an external Keycloak instance on Google Kubernetes Engine (GKE). I integrated Cloud SQL (PostgreSQL) as the backend for Keycloak to provide a robust, scalable, production-ready authentication system.
The process involved setting up GCP authentication, service accounts, IAM roles, and VPC peering for secure connectivity between GKE and Cloud SQL. I used Helm to deploy Keycloak and configured DNS via nip.io to expose it securely. I documented the entire process to make it easier for others to follow.
External Keycloak on GKE guide
3. Deploying Microcks on GKE with External Keycloak
Once Keycloak was deployed, the next step was to deploy Microcks on GKE. Instead of using MongoDB, I connected Microcks to Firestore, Google Cloud's managed NoSQL database, to align with GCP-native services. I used Helm to deploy Microcks, integrated it with the external Keycloak for authentication, and configured it to use External MangoDB for data storage. This deployment setup ensures scalability and simplifies management, showcasing a production-grade configuration using GCP services. I also documented this deployment to guide others in setting up similar environments.
Microcks on GKE guide
Challenges Faced
Permission Configuration: One of the main hurdles was ensuring that the IAM user/service account had the correct permissions for deploying Microcks and related services on GKE. It was essential to grant the minimum required permissions for security and functionality, which required careful attention.
Overriding Helm Chart Values: Another challenge was customizing the Helm chart to integrate external Keycloak and Cloud SQL instead of Microcks’ default MongoDB and internal Keycloak. This required modifying the chart values and ensuring everything worked smoothly with the GCP-native services.
🙌 Looking Ahead
- Deploy Microcks with asynchronous options on GKE
- Add a Troubleshooting Guide for Microcks & Keycloak
- Create comman GUIDELINES.md for all cloud providers
Conclusion
It's been an exciting first month contributing to the Microcks community, and I'm eager to continue helping develop cloud deployment strategies. My goal is to empower users to confidently deploy Microcks in various cloud environments using best practices. Feel free to check out my contributions on the Microcks community repository - feedback and contributions are always welcome!
That's all for my first month as an LFX Mentee. See you in the next update! 👋
