How to Deploy JHipster Microservices with Istio Service Mesh on Kubernetes

Overview of Istio

Istio is a service‑mesh platform that integrates tightly with Kubernetes, providing service discovery, load balancing, traffic routing, security, telemetry, and observability. It replaces many functions traditionally handled by tools like Netflix Eureka, Zuul, Ribbon, and ELK.

Preparing a Kubernetes Cluster

Both Azure Kubernetes Service (AKS) and Google Kubernetes Engine (GKE) can be used. Example commands for AKS:

$ az group create --name eCommerceCluster --location eastus

$ az aks create \
  --resource-group eCommerceCluster \
  --name eCommerceCluster \
  --node-count 4 \
  --kubernetes-version 1.13.7 \
  --enable-addons monitoring \
  --generate-ssh-keys

After creation, retrieve credentials:

$ az aks get-credentials \
  --resource-group eCommerceCluster \
  --name eCommerceCluster

For GKE, set region and zone, create a project, then create the cluster:

$ gcloud config set compute/region europe-west1

$ gcloud config set compute/zone europe-west1-b

$ gcloud projects create jhipster-demo-deepu

$ gcloud config set project jhipster-demo-deepu

$ gcloud container clusters create hello-hipster \
    --cluster-version 1.13 \
    --num-nodes 4 \
    --machine-type n1-standard-2

Obtain credentials with:

$ gcloud container clusters get-credentials hello-hipster

Installing Istio

Install Helm and kubectl, then download the desired Istio version and add it to the PATH:

$ cd ~
$ export ISTIO_VERSION=1.3.0
$ curl -L https://git.io/getLatestIstio | sh -
$ ln -sf istio-$ISTIO_VERSION istio
$ export PATH=~/istio/bin:$PATH

Create a cluster‑admin role binding and a namespace for Istio:

$ kubectl create clusterrolebinding cluster-admin-binding \
  --clusterrole=cluster-admin \
  --user="$(gcloud config get-value core/account)"
$ kubectl create namespace istio-system

Install Istio CRDs and the demo profile with Helm:

$ cd ~/istio-$ISTIO_VERSION
$ helm template install/kubernetes/helm/istio-init --name istio-init --namespace istio-system | kubectl apply -f -
$ helm template install/kubernetes/helm/istio --name istio --namespace istio-system \
    --values install/kubernetes/helm/istio/values-istio-demo.yaml | kubectl apply -f -
$ watch kubectl get pods -n istio-system

Expose the ingress gateway and store its external IP:

$ export INGRESS_IP=$(kubectl -n istio-system get svc istio-ingressgateway \
  -o jsonpath='{.status.loadBalancer.ingress[0].ip}')

Defining Microservices with JDL

A JDL file describes four applications (gateway and three microservices) and their entities. Service discovery is disabled because Istio will handle it.

application {
  config {
    baseName store
    applicationType gateway
    packageName com.jhipster.demo.store
    serviceDiscoveryType no
    authenticationType jwt
    prodDatabaseType mysql
    cacheProvider hazelcast
    buildTool gradle
    clientFramework react
    useSass true
    testFrameworks [protractor]
  }
  entities *
}

application {
  config {
    baseName product
    applicationType microservice
    packageName com.jhipster.demo.product
    serviceDiscoveryType no
    authenticationType jwt
    prodDatabaseType mysql
    cacheProvider hazelcast
    buildTool gradle
    serverPort 8081
  }
  entities Product, ProductCategory, ProductOrder, OrderItem
}
... (other applications omitted for brevity) ...

deployment {
  deploymentType kubernetes
  appsFolders [store, invoice, notification, product]
  dockerRepositoryName "deepu105"
  serviceDiscoveryType no
  istio true
  kubernetesServiceType Ingress
  kubernetesNamespace jhipster
  ingressDomain "34.90.236.124.nip.io"
}

Generating Code and Manifests

Create a working directory, place the JDL file, and run the JHipster import command:

$ mkdir istio-demo && cd istio-demo
$ jhipster import-jdl app-istio.jdl

The command generates all applications, installs required NPM dependencies, and produces Kubernetes deployment manifests.

Building and Pushing Docker Images

In each application folder, build the Docker image with Gradle and push it to a registry (replace the repository name as needed):

$ ./gradlew bootJar -Pprod jibDockerBuild
$ docker image tag store deepu105/store
$ docker push deepu105/store
... (repeat for invoice, notification, product) ...

Deploying to Kubernetes

Run the generated kubectl-apply.sh script (or execute the commands manually on Windows) and monitor pod status:

$ cd kubernetes
$ ./kubectl-apply.sh
$ watch kubectl get pods -n jhipster

Accessing the Application and Monitoring

After the gateway pods are running, the store URL can be obtained with: $ echo store.jhipster.$INGRESS_IP.nip.io Grafana, Prometheus, Jaeger, and Kiali are installed by Istio. Access them via URLs such as grafana.istio-system.$INGRESS_IP.nip.io, jaeger.istio-system.$INGRESS_IP.nip.io, and kiali.istio-system.$INGRESS_IP.nip.io. Use admin/admin credentials for Kiali. Port‑forward Prometheus if needed:

$ kubectl -n istio-system \
    port-forward $(kubectl -n istio-system get pod -l app=prometheus -o jsonpath='{.items[0].metadata.name}') 9090:9090

Conclusion

Istio abstracts service‑mesh concerns—service discovery, routing, resilience, security, and observability—allowing developers to focus on business logic. While powerful, it adds resource overhead and is best suited for complex, distributed systems. The tutorial demonstrates a functional, cloud‑native deployment that can be further tuned for production.