Skip to content

PrivacyEngineering/purpl-pizza-boutique

 
 

Repository files navigation

Pizza Boutique

We modified the sample microservice architecture Online Boutique from the Google Cloud Platform to a pizza delivery service. The original README is included below.

We use this project to demonstrate purpl, our tool for hook-in privacy techniques for gRPC-based microservice communication.

Food delivery platforms, being global services, handle sensitive personal information, including addresses, payment details, and demographic data, which is shared with various parties such as restaurants and delivery personnel, and used internally for research and marketing. It's crucial to limit access to certain data, like banking information, to prevent misuse and comply with regulations like GDPR, emphasizing the importance of data minimization. For targeted marketing, generalized data, such as age ranges or residential districts, is sufficient, avoiding the need for detailed personal information.

Citation

To cite the preprint version of the paper to appear in the Proceedings of the 24th International Conference on Web Engineering (ICWE 2024), use the following BibTeX entry:

@InProceedings{loechel2024hookin,
      author={Louis Loechel and Siar-Remzi Akbayin and Elias Grünewald and Jannis Kiesel and Inga Strelnikova and Thomas Janke and Frank Pallas},
      editor={Stefanidis, Kostas and Systa, Kari and Matera, Maristella and Heil, Sebastian and Kondylakis, Haridimos and Quintarelli, Elisa},
      title={{Hook-in Privacy Techniques for gRPC-based Microservice Communication}}, 
      year={2024},
      publisher="Springer Nature Switzerland",
      address="Cham",
      note={to appear in the Proceedings of the 24th International Conference on Web Engineering (ICWE 2024)},
      eprint={2404.05598},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
}

Setup

This project is designed to run on Kubernetes, and we provide Terraform scripts to deploy it on Google Kubernetes Engine (GKE) and Amazon Web Services.

Set up on AWS

Set up on GCP

Screenshots

Home Page Checkout Screen
Screenshot of store homepage Screenshot of checkout screen








Original README

Online Boutique

Continuous Integration

Online Boutique is a cloud-first microservices demo application. Online Boutique consists of an 11-tier microservices application. The application is a web-based e-commerce app where users can browse items, add them to the cart, and purchase them.

Google uses this application to demonstrate the use of technologies like Kubernetes, GKE, Istio, Stackdriver, and gRPC. This application works on any Kubernetes cluster, like Google Kubernetes Engine (GKE). It’s easy to deploy with little to no configuration.

If you’re using this demo, please ★Star this repository to show your interest!

Note to Googlers (Google employees): Please fill out the form at go/microservices-demo.

Screenshots

Home Page Checkout Screen
Screenshot of store homepage Screenshot of checkout screen

Interactive quickstart (GKE)

Open in Cloud Shell

Quickstart (GKE)

  1. Ensure you have the following requirements:

  2. Clone the repository.

    git clone https://github.com/GoogleCloudPlatform/microservices-demo
    cd microservices-demo/
  3. Set the Google Cloud project and region and ensure the Google Kubernetes Engine API is enabled.

    export PROJECT_ID=<PROJECT_ID>
    export REGION=us-central1
    gcloud services enable container.googleapis.com \
      --project=${PROJECT_ID}

    Substitute <PROJECT_ID> with the ID of your Google Cloud project.

  4. Create a GKE cluster and get the credentials for it.

    gcloud container clusters create-auto online-boutique \
      --project=${PROJECT_ID} --region=${REGION}

    Creating the cluster may take a few minutes.

  5. Deploy Online Boutique to the cluster.

    kubectl apply -f ./release/kubernetes-manifests.yaml
  6. Wait for the pods to be ready.

    kubectl get pods

    After a few minutes, you should see the Pods in a Running state:

    NAME                                     READY   STATUS    RESTARTS   AGE
    adservice-76bdd69666-ckc5j               1/1     Running   0          2m58s
    cartservice-66d497c6b7-dp5jr             1/1     Running   0          2m59s
    checkoutservice-666c784bd6-4jd22         1/1     Running   0          3m1s
    currencyservice-5d5d496984-4jmd7         1/1     Running   0          2m59s
    emailservice-667457d9d6-75jcq            1/1     Running   0          3m2s
    frontend-6b8d69b9fb-wjqdg                1/1     Running   0          3m1s
    loadgenerator-665b5cd444-gwqdq           1/1     Running   0          3m
    paymentservice-68596d6dd6-bf6bv          1/1     Running   0          3m
    productcatalogservice-557d474574-888kr   1/1     Running   0          3m
    recommendationservice-69c56b74d4-7z8r5   1/1     Running   0          3m1s
    redis-cart-5f59546cdd-5jnqf              1/1     Running   0          2m58s
    shippingservice-6ccc89f8fd-v686r         1/1     Running   0          2m58s
    
  7. Access the web frontend in a browser using the frontend's external IP.

    kubectl get service frontend-external | awk '{print $4}'

    Visit http://EXTERNAL_IP in a web browser to access your instance of Online Boutique.

  8. Once you are done with it, delete the GKE cluster.

    gcloud container clusters delete online-boutique \
      --project=${PROJECT_ID} --region=${REGION}

    Deleting the cluster may take a few minutes.

Use Terraform to provision a GKE cluster and deploy Online Boutique

The /terraform folder contains instructions for using Terraform to replicate the steps from Quickstart (GKE) above.

Other deployment variations

Deploy Online Boutique variations with Kustomize

The /kustomize folder contains instructions for customizing the deployment of Online Boutique with different variations such as:

Architecture

Online Boutique is composed of 11 microservices written in different languages that talk to each other over gRPC.

Architecture of microservices

Find Protocol Buffers Descriptions at the ./protos directory.

Service Language Description
frontend Go Exposes an HTTP server to serve the website. Does not require signup/login and generates session IDs for all users automatically.
cartservice C# Stores the items in the user's shopping cart in Redis and retrieves it.
productcatalogservice Go Provides the list of products from a JSON file and ability to search products and get individual products.
currencyservice Node.js Converts one money amount to another currency. Uses real values fetched from European Central Bank. It's the highest QPS service.
paymentservice Node.js Charges the given credit card info (mock) with the given amount and returns a transaction ID.
shippingservice Go Gives shipping cost estimates based on the shopping cart. Ships items to the given address (mock)
emailservice Python Sends users an order confirmation email (mock).
checkoutservice Go Retrieves user cart, prepares order and orchestrates the payment, shipping and the email notification.
recommendationservice Python Recommends other products based on what's given in the cart.
adservice Java Provides text ads based on given context words.
loadgenerator Python/Locust Continuously sends requests imitating realistic user shopping flows to the frontend.

Features

  • Kubernetes/GKE: The app is designed to run on Kubernetes (both locally on "Docker for Desktop", as well as on the cloud with GKE).
  • gRPC: Microservices use a high volume of gRPC calls to communicate to each other.
  • Istio: Application works on Istio service mesh.
  • Cloud Operations (Stackdriver): Many services are instrumented with Profiling and Tracing. In addition to these, using Istio enables features like Request/Response Metrics and Context Graph out of the box. When it is running out of Google Cloud, this code path remains inactive.
  • Skaffold: Application is deployed to Kubernetes with a single command using Skaffold.
  • Synthetic Load Generation: The application demo comes with a background job that creates realistic usage patterns on the website using Locust load generator.

Development

See the Development guide to learn how to run and develop this app locally.

Demos featuring Online Boutique


This is not an official Google project.

About

Proof of concept for the purpl gRPC interceptor

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 45.1%
  • Go 21.8%
  • HTML 8.8%
  • C# 6.8%
  • Dockerfile 3.5%
  • HCL 3.4%
  • Other 10.6%