1

I have deployed 2 independent simple spring boot java app on PCF .

customer-service-1
order-service-1

customer-service-1 exposes a Rest End Point /url/customerList Now i want to call /url/customerList from

  1. order-service-1
  2. And any application which isnt deployed on PCF

How can i do it?

Pale Blue Dot
  • 511
  • 2
  • 13
  • 33

1 Answers1

3

You didn't give a lot of information so it depends, but you have a couple of options.

  1. Map a route to your order-service-1, like order-service-1.example.com. You can then make requests to https://order-service-1.example.com. These requests will have some additional network hops, as the traffic will go out of the environment and back in through the load balancers and Gorouter.

    Note that example.com is just a place holder, you need to run cf domains and see what domains are available on your PCF foundation.

  2. Map an internal route to order-service-1, like order-service-1.apps.internal. Then cf add-network-policy customer-service-1 --destination-app order-service-1 --port 8080. This will allow traffic on port 8080 from your customer-service-1 app to the order-service-1 app on the internal container-to-container network (never goes outside the foundation).

    Note that in this case apps.internal should be a domain that exists on all foundations, unless your operator changed the name or disabled C2C networking, which is uncommon.

Both options should work, and if both applications are on the same PCF foundation then you'd likely want to use the second option. Requests will have slightly less latency and will not go outside the foundation. That said, there is, at the time I write this, no HTTPS[1] available on the container-to-container network. You'll note we used port 8080 in the example above, which is HTTP only. Thus if you need end-to-end HTTPS/encryption, you'll need to use the first option.

Aside from that, pick your HTTP client library of choice like Apache HTTPClient, Spring WebClient, or just use the one built-into the JVM to initiate HTTP/HTTPS requests.

[1] - Technically there is an HTTPS option through Envoy, which runs in every container. However, at the time of writing, Envoy will display a certificate where the subject does not match the hostname of your internal route. This means that if you try to use this option your HTTPS connections are going to fail with a hostname mismatch error. While an option, it's not recommended to just ignore this hostname mismatch error, so to make this work you'd need to write a custom hostname matcher. I know you can do that with Apache HTTPClient, but your options with other libraries may vary.

Daniel Mikusa
  • 13,716
  • 1
  • 22
  • 28
  • Both are java applications in same PCF foundation and in same org.So you mean i can simply use `Order order = restTemplate.getForObject( "https://order-service-1.example.com", Order.class);` – Pale Blue Dot Jul 01 '20 at 18:17
  • Can you let me know what do you mean by this `Map a route to your order-service-1, like order-service-1.example.com.`.I am new to PCF – Pale Blue Dot Jul 01 '20 at 18:19
  • https://docs.cloudfoundry.org/devguide/deploy-apps/routes-domains.html#map-route – Daniel Mikusa Jul 01 '20 at 20:34