Spring Cloud API Gateway

-
Introduction

Introduction

API Gateway is one of the important microservice design pattern to insulate the clients from downstream micro-services.

Tip
 Read more about microservice design patterns here

Following additional benefits that API Gateway can provide

  • Cross cutting concerns

    • Security

    • Monitoring/metrics

    • Resiliency

  • API Governance

    • Rate limiting for external clients, read more about stripe rate limiter

    • Channel/Country Based Routing

    • SSL Offloading

Following scenarios enforces to have API Gateway

  • The granularity of APIs provided by micro-services is often different than what a client needs. Micro-services typically provide fine-grained APIs, which means that clients need to interact with multiple services.

  • Different clients need different data. example external client have limited apis to integrate where as mobile client different set of apis to integrate.

  • Network performance is different for different types of clients. For example, a mobile network is typically much slower and has much higher latency than a non-mobile network.

  • The server-side web application can make multiple requests to backend services without impacting the user experience where as a mobile client can only make a few.

  • Partitioning into services can change over time and should be hidden from clients

  • Services might use a diverse set of protocols, some of which might not be web friendly

Variation

Single API Gateway

Implement an API gateway that is the single entry point for all clients. The API gateway handles requests in one of two ways.

  1. Some requests are simply proxied/routed to the appropriate service.

  2. It handles other requests by fanning out to multiple services.

Channel Based API Gateway

Rather than provide a one-size-fits-all style API, the API gateway can expose a different API for each client. A variation of this pattern is the Backends for front-ends pattern. It defines a separate API gateway for each kind of client.

SpringCloudApiGateway

Benefits of Api Gateway

  • Insulates the clients from how the application is partitioned into microservices

  • Insulates the clients from the problem of determining the locations of service instances

  • Provides the optimal API for each client

  • Reduces the number of requests/round-trips. For example, the API gateway enables clients to retrieve data from multiple services with a single round-trip. Fewer requests also means less overhead and improves the user experience. An API gateway is essential for mobile applications.

  • Simplifies the client by moving logic for calling multiple services from the client to API gateway

  • Translates from a “standard” public web-friendly API protocol to whatever protocols are used internally

Spring Cloud API Gateway

Zuul is Netflix’s API gateway. it was not originally reactive but it is aground-up rewrite to make it reactive.

Unfortunately, Spring Cloud does not support Zuul and it likely never will.

Spring Cloud gateway is now the preferred API gateway implementation from the Spring Cloud Team. It is build on Spring 5, Reactor and Spring WebFlux.

It also includes following additional integrations:

  • Circuit breaker integration

  • Service discovery with Eureka

  • Integrations with OAuth2.0

Other Alternatives to Spring Cloud Gateway:

  • Zuul2

  • Nginx

  • Linkerd

  • Lyft’s Envoy

  • UnderTow

  • MuleSoft API Gateway (proprietary)

  • AWS Api Gateway

  • IBM BlueMix Gateway

Note
 Spring Cloud Gateway called SCG henceforth.

SCG Core Components

Following are core components of SCG

  • Route - Basic building block of the gateway. It is defined by an ID, a destination URI, a collection of predicates, and a collection of filters. A route is matched if the aggregate predicate is true.

  • Predicate - This is a Java 8 Function Predicate. The input type is a Spring Framework ServerWebExchange. This lets you match on anything from the HTTP request, such as headers or parameters.

  • Filter - These are instance of Spring Framework GatewayFilter that have been constructed with a specific factory. Here, you can modify requests and responses before or after sending the downstream request.

Caution
 Spring Cloud Gateway requires the Netty runtime provided by Spring Boot and Spring Webflux. It does not work in a traditional Servlet Container or when built as a WAR.

Route Predicate Factories

SCG comes with many built-in route predicate factories. These predicates match on different attributes of the HTTP request.

Cross Origin Resource Sharing

cors.yaml
# CORS CONFIGURATION
      globalcors:
        cors-configurations:
          '[/**]':
            allowedOrigins: "https://docs.spring.io"
            allowedMethods:
            - GET
            - POST
            - PUT
            - DELETE

Route based timeouts

timeouts
      - id: per_route_timeouts
        uri: http://httpbin.org
        predicates:
          - name: Path
            args:
              pattern: /ip
        metadata:
          response-timeout: 20000
          connect-timeout: 20000

Header Predicate

Header predicate route the traffic based on headers

HeaderBasedPredicateFactory
  cloud:
    gateway:
      enabled: true
      routes:
      - id: ccdLogin
        uri: http://internal.login.com (1)
        predicates:
        - Path=/login/**
        - Header=X-Channel, INTERNAL
      - id: externalLogin
        uri: http://external.login.com/ (2)
        predicates:
        - Path=/login/**
        - Header=X-Channel, EXTERNAL
httpie.sh
http GET  http://localhost:8080/login "X-Channel:INTERNAL" (1)

Weight Route Predicate Factory

Weight route predicate helps to route limited percentage of traffic to newly implemented api to monitor functionality

WeightPredicate
      - id: weight_high
        uri: http://stable.environment.com (1)
        predicates:
        - Weight=group1, 2
      - id: weight_low
        uri: http://feature.environment.com (2)
        predicates:
        - Weight=group1, 1

RequestHeader GatewayFilter Factory

GatewayFilter helps to add additional headers at gateway level before it make down-stream call.

RequestResponseHeaderFilter
      - id: add_request_header_route
        uri: http://account-serviecec.com
        predicates:
        - Path=/headers
        filters:
         - AddRequestHeader=X-Caller,SCG (1)

RequestRateLimiter GatewayFilter Factory

RateLimiter implementation to determine if the current request is allowed to proceed. If it is not, a status of HTTP 429 - Too Many Requests (by default) is returned.

This filter takes an optional keyResolver parameter and parameters specific to the rate limiter.

Redis RateLimiter

It need to properties

  • redis-rate-limiter.replenishRate How many requests per second you want a user to be allowed to do

  • redis-rate-limiter.burstCapacity The maximum number of requests a user is allowed to do in a single second.

application.yaml
      - id: request_ratelimiter_route
        uri: http://httpbin.org
        predicates:
        - Path=/bearer
        filters:
        - name: RequestRateLimiter
          args:
            redis-rate-limiter.replenishRate: 2
            redis-rate-limiter.burstCapacity: 4
#           rate-limiter: "#{@redisRateLimiter}"
#           key-resolver: "#{@userKeyResolver}"

CAUTION : Make sure redis-server up and running and configured properly

RateLimiterResponse
o.s.c.g.f.ratelimit.RedisRateLimiter     : response: Response{allowed=false, headers={X-RateLimit-Remaining=0, X-RateLimit-Burst-Capacity=2, X-RateLimit-Replenish-Rate=1}, tokensRemaining=-1}
o.s.w.s.adapter.HttpWebHandlerAdapter    : [4de952ca] Completed 429 TOO_MANY_REQUESTS

Circuit Breakers

Spring Cloud CircuitBreaker supports two libraries that can be used with Spring Cloud Gateway

  1. Hystrix (Maintanance mode)

  2. Resilience4J (Recommended) Documentation

Resilience4j

Resilience4j is a lightweight, easy-to-use fault tolerance library designed for Java 8 and functional programming.

Resilience4j provides higher-order functions (decorators) for

  • Circuit Breaker

  • Rate Limiter

  • Retry

  • Bulkhead

Refer Resilience4j configuration

Refer CircuitBreaker Configuration with Resilience4j

CircuitBreaker
      - id: Resilience4J
        uri: http://httpbin.org
        predicates:
        - Path=/base64/**
        filters:
        - name: CircuitBreaker
          args:
            name: helloworld
            fallbackUri: forward:/fallback
        - RewritePath= /base64/(?<segment>.*), /$\{segment}

resilience4j:
  circuitbreaker:
    configs:
      default:
        #registerHealthIndicator: true
        ringBufferSizeInClosedState: 1
        ringBufferSizeInHalfOpenState: 1
        automaticTransitionFromOpenToHalfOpenEnabled: true
        waitDurationInOpenStateMillis: 10000
        failureRateThreshold: 2
        eventConsumerBufferSize: 1
    instances:
      helloworld:
        baseConfig: default
        ringBufferSizeInClosedState: 1

Open API Specification V3 (Swagger UI) Integration

It is easy to integrate swagger UI with CDN urls.

Read more about Open API Specifications at swagger ui

Refer source code API Gateway

Comments

Post a Comment

Popular posts from this blog

IBM Datapower GatewayScript

-
Introduction IBM API Assembly Language Introduction GatewayScript is a new transformation technology for API, Web, and Mobile and is available in DataPower. GatewayScript is based on the JavaScript programming language. More precisely, it supports the ECMAScript 5.1 version of the specification. On the DataPower appliance, JavaScript runs in ‘strict’ mode only. The strict mode provides a more consistent and more disciplined behavior. For example, if a script attempts to write a property of a DataPower API object and that object is frozen, an immediate exception is thrown. The ‘strict’ mode behavior supports stronger error checking and handling and increases security. DataPower Playground (GatewayScript Fiddle) IBM DataPower Playground is an interactive website that lets you write GatewayScript code and execute it on a cloud-hosted DataPower Gateway for learning purposes. Available at : https://datapower-playground.mybluemix.net/ GatewayScript provides
Read more

Spring boot Kafka Integration

-
Image
Introduction Introduction K afka is an open source streaming platform which scales very well in a horizontal way without compromising speed and efficiency. The Kafka core is written in Scala , and Kafka Streams and KSQL are written in Java . Features Kafka is a service bus To connect heterogeneous applications, we need to implement a message publication mechanism to send and receive messages among them. A message router is known as message broker . Kafka is a message broker , a solution to deal with routing messages among clients in a quick way. Kafka architecture has two directives The first is to not block the producers (to deal with back pressure). The second is to isolate producers and consumers . The producers should not know who their consumers are, hence the kafka follows the dumb broker and smart clients model. Tip Back pressure is to make applications robust against data surges. when producer generates data higher rate tha
Read more

Spring boot SOAP Web Service Performance

-
Image
Consumng This tutorial walks you through the process of consuming a SOAP-based web service with Spring. It elucidates following items Making parallel calls with RxJava (or WebFlux ) Sending large SOAP message payloads using AXIOM( AXis Object Model) AxiomSoapMessageFactory .(which improves performance) Marshalling( is the process of transforming the memory representation of an object to a data format suitable for storage or transmission) Marshalling (XML Serialization) done with O/X Mappers, different types of mappers out there and choose appropriate one for your need. Castor XML mapping is an open source XML binding framework. It allows you to transform the data contained in a java object model into/from an XML document. By default, it does not require any further configuration, though a mapping file can be used to have more control over the behavior of Castor. The Spring integration classes reside in the org.springframework.oxm.castor pa
Read more