Introduction

rApp is a combination of microservice & platform service components. The PF components could be Policy, Service Orchestrator, etc.

When the rApp is installed, it requires certain level of composition work to wire all the components & microservices in rApp.

A simple rApp can be imaged as the combination of below,

1. one or more microservice
2. Policy configuration
3. Camunda Workflow

Tools Used

A study is done to understand how rApp behaves in the Nonrtric & SMO environment. For this analysis we need below components as prerequisite,

1. Kong Gateway
2. Istio
3. Keycloak
4. Network Policy - Calico
5. Nonrtric functions - ECS & Policy Service

Kong Gateway

Kong is an open-source API gateway. More information on Kong installation & configuration can be found at https://docs.konghq.com/gateway-oss/2.6.x/kong-for-kubernetes/install/

Istio

Istio is an open source service mesh which provides extensive control over traffic flow between the services. More information can be found at https://istio.io/latest/docs/setup/install/istioctl/

Keycloak

Keycloak is an open source identity & access management solution. Further information can be found at https://www.keycloak.org/docs/latest/getting_started/

Network policy

Kubernetes supports different network policies like Calico, Cilium. For this study we have used Calico https://docs.projectcalico.org/getting-started/kubernetes/helm

Nonrtric

Install the nonrtric functions and Make sure the sidecar injection is enabled for nonrtric namespace,

kubectl label namespace nonrtric istio-injection=enabled --overwrite

Once the sidecar injection is enabled in nonrtric namespace, the envoy sidecar is injected into all the pods in nonrtric.

kubectl -n nonrtric get pod

// Add pods output pic

Open the Istio console to view the traffic flow between services in nonrtric namespace. 

// Add istio network traffic pic

Configure Istio & Keycloak

We use Keycloak as the identity & access management system and Istio connects to Keycloak over OIDC (OpenID Connect).