WORK IN PROGRESS
This sample demonstrates gRPC connectivity between a gRPC server running in the Kyma runtime and a gRPC client running outside of the Kyma runtime. The sample utilizes the root certificate used by the Kyma runtime to establish a TLS connection between the client and server and verifies the connection with a token. The client app streams auto generated order data to the server and receives back the amount of orders created and the elapsed time. Then will request a stream of existing orders which are displayed within the terminal. Running locally established a insecure connection which is based on an environment variable _DEV_
being set to true. A secure connection is required when running the server app within the Kyma runtime. In this case the variable _DEV_
most be set to false.
- SAP BTP, Kyma runtime instance
- Docker
- Python
- pip
- kubectl configured to use the
KUBECONFIG
file downloaded from the Kyma runtime.
-
Clone the project.
-
Install grpcio-tools:
pip install grpcio-tools
-
Within the sample directory set the environment variable
_DEV_
to true and start the serverexport _DEV_=true python orders-server.py
-
In another terminal within the sample directory set the environment variable
_DEV_
to true and start the clientexport _DEV_=true python orders-client.py
-
Download the root certificate used by Kyma from and save the certificate content as kyma.pem in the directory of the sample.
-
Build and push the image to your Docker repository:
docker build -t {your-docker-account}/grpcorderserver -f docker/Dockerfile . docker push {your-docker-account}/grpcorderserver
-
Adjust the image of the deployment.yaml to reference your docker hub account.
-
Within the deployment.yaml you will find the envirnoment variable GRPC_TOKEN being set for the image. This is used as an authentication measure and requires that the client sends a matching token in the request.
-
Create a new
grpc
Namespace:kubectl create namespace grpc kubectl label namespaces grpc istio-injection=enabled
-
Apply the Resources:
kubectl -n grpc apply -f ./k8s/deployment.yaml kubectl -n grpc apply -f ./k8s/apirule.yaml
-
Prepare the client environment by setting the
_DEV_
to false and the_GRPC_TOKEN_
to match the value set, defaulted to 12345678, on the server within the deployment.yaml as well are the_GRPC_SERVER_
.export _DEV_="false" export _GRPC_TOKEN_="12345678" export _GRPC_SERVER_=grpcorderserver.*********.kyma.shoot.live.k8s-hana.ondemand.com:443
-
Run the client
python orders-client.py
-
To regenerate the protocol
python -m grpc_tools.protoc -I./ --python_out=. --grpc_python_out=. orders.proto
-
To regenerate the requirements
pip3 freeze > requirements.txt