I'm pretty much new to spring cloud gateway. I have configured routing with two different apps with 'path'. Now, I need some help/docs on
1. How to route to different instance of an app from spring cloud gateway?
2. How to enable sticky session?
My apps are not using spring boot/eureka. I do see that I can use lb://service-name if i'm using any discovery client (unfortunately that is not my case).
Thanks in advance.
IMHO:
How to route to different instance of an app from spring cloud gateway?
Routing to different instances is the basic job of what spring cloud gateway is doing. Spring cloud gateway implements the pattern named client side routing along with the ease of service discovery. So if you are not using any discovery server or your apps are not registered with any discovery server, you loose the dynamic discovery and routing feature, BUT still you can specify your server list (refer to Netflix Ribbon). Until then you can think about your routing strategy.
How to enable sticky session?
I suppose that's one requirement of your routing strategy - implement sticky session because you are not using shared session store. According to my limited knowledge of spring cloud gateway, sticky seems not being supported out of box. But it could be customized with a Filter, see shipped LoadBalancerClientFilter for reference.
Good luck!
Related
I am working on a distributed application project where there is need for rate limiting and authentication depending on the client consuming the service on an api gateway. I am wondering the best solution for designing the gateway.
Should I go with Spring cloud gateway or Spring Cloud function/AWS Lambda to create the gateway service?
I'd argue that using AWS API Gateway will make your life easier...
The benefits of using AWS API Gateway are:
it will remove all the operational cost of maintaining, configuring, monitoring and operating a Spring Cloud Gateway instance,
it will be highly available, with failover,
it will give you instant features like rate limiting, api keys, caching, authorization, canary testing, proxying, integration mapping, environments
it is very very cheap ($3.50 x MM requests).
The benefits of using Spring Cloud Function:
Define your API's as code within the application code itself
Leverage the ecosystem integration within Spring, for example, to run it locally on a dev's PC.
Cons of using API Gateway:
Deployment of new API's will be harder than using Spring Cloud Gateway (you need to configure each new resource/method)
Your costs are now tied to the number of requests... if you have a 900.000.000 millons/months API it could get expensive
Vendor lock-in
Cons of using Spring Cloud Function:
Operative cost of maintenance
Single point of failure
You can use Amazon API Gateway.
For more info on request throttling and quotas, please refer to the docs:
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html
I will rather use Istio gateway Envoy proxy rather than both options if permitted. Keeping my operational and maintenance cost little and no code change.
I recently have learnt and practicing Microservice using Spring technology. I am currently writing a small program that has Eureka Server, Configuration Server, Gateway and Account service. I have all of my services register its instance to Eureka and have my Gateway gets its configuration from Configuration Server. After that, I got some question, should I my Account Service fetch its configuration directly from Configuration Server, or from Gateway because it can be done in both way. I think, if I decide to fetch it through Gateway, it might be better because Gateway is a load balancer, so in case if there are multiple Configuration Servers out there, I don't need to worry if any of them failed or down as Gateway can handle this for me. But, doing so, isn't I put too much weight on Gateway because it need to handle this and another requests. Furthermore, I am not sure and I can't find any information about if there is a way to load balancing Gateway or is it makes sense to do so?
Please advice and explain. Thank you.
Only user's requests from UI need to be passed via Gateway. Services should be able to fetch their configuration during startup disregarding whether gateway is online or doesn't exist at all.
Also I'd advise you to avoid registering config service in Discovery (Eureka). I suppose there is no need for your users to send requests to config service.
Along with spring cloud config and gateway documentation I'd recommend you to get familiar with these 2 books:
https://www.manning.com/books/enterprise-java-microservices
https://www.manning.com/books/spring-microservices-in-action
I implemented a Spring backend which is responsible to store different data (users, lectures, ...). This backend is secured with a JWT and everything is working fine. For my studies I want to enhance the backend and now I want to use a microservice architecture instead of a monolith. For this purpose I have the requirements to use Docker and Kubernetes. I always read articles which write that I need a Authorization Server and a Ressource Server when I want to use the JWT in a microservice architecture. Is that correct? And do I need a Gateway (e.g. Zuul) for my purpose? Can someone help me to structure the project and give advice for the technology stack. At the end the whole project will run in one single server.
I implemented a molotithical backend, secured with JWT.
Kubernetes officially supports authentication to API server within JSON Web Tokens(JWT) through OpenID Connect tool using OAuth 2.0 protocol for user request identification. However, this only represents a part of Authorization model, which determines how authenticated user can be granted with appropriate security policies or roles to manage Kubernetes cluster resources.
In order to build or migrate application to Kubernetes, you might consider to expose application outside the cluster, for that purpose Ingress proxies requests to exact service by matching request path. Actually, Ingress is a logical resource element which describes a set of rules for traffic management via Ingress Controller. Therefore, Ingress controller can play a role of API Gateway by delivering L7 network facilities like: load balancing, SSL termination and HTTP/HTTPS traffic routing for nested application services.
As you mentioned Zuul gateway can be one of the option for the edge proxying service in front of Kubernetes cluster, however I would recommend to look for some more Kubernetes oriented solutions. Istio is a good example, as it brings a wide set of network router functions with a quite simple integration into Kubernetes cluster via its core Service mesh design. Istio provides end user authentication via JWT within declared authentication policy.
Alternativelly, you can get through Nginx plus features with announced JWT authentication as well.
The setup:
I have a set of Spring Boot based microservices that are fronted by Spring Cloud Gateway, meaning every request that comes from UI or external API client first comes to Spring Cloud Gateway and is then forwarded to appropriate microservice.
The routes are configured in Consul, and Spring Cloud Gateway communicates with Consul to get the routes accordingly.
Requirement:
There is a need of some microservices communicating with each other with REST APIs. I would prefer this communication to happen via the Spring Cloud Gateway as well. This will help in reducing multiple services going to Consul for getting other service's details.
This means every service should know Gateway's detail at least. And there can be multiple instances of Gateways as well. How is this dealt with in bigger architectures?
Any example that I look up contains one service using Consul, or Gateway using the consul with one microservice. Couldn't understand how to extrapolate that design to a bigger system.
I am trying to build a simple application with microservices architecture.
Below are the details about 3 microservices I have created.
1] Customer.
database: mongodb
server : embeded tomcat server.
port : 8081
2] vendor.
database: mongodb
server : embeded tomcat server.
port : 8082
3] product.
database: mongodb
server : embeded tomcat server.
port : 8083
All the 3 micros runs on an embeded tomcat server.
Now I want to create a common gateway for all these micros [API gateway].
which help me to route my request based on the request I get for example:-
for example if I get a request of http://hostname:port_of_gateway/customer.
on reading this I need to route the request tom my customer micro and fetch its response and send it back to client.
Which of the spring tool I can use to achieve this?
Because your requirements are quite simple you can implement such a gateway by yourself. Here's an example.
But if you really want to use some Spring solution you can try to use Spring Cloud Netflix which is a part of Spring Cloud umbrella project. It includes router and filter features which in turn based on Netflix Zuul gateway service.
Note that this is not a complete standalone application but a library. Therefore you still should create another microservice that would act as API gateway in your application. To make it a gateway you should just add #EnableZuulProxy annotation to the same class that has #SrpingBootApplication annotation. You can find a very good example here.
Please also note that you should somehow inform the gateway about your microservices' addresses for redirection. It can be done in two general ways:
By statically defining the addresses in gateway microservice's configuration;
By applying service discovery pattern in conjunction with e.g. Netflix Eureka service registry.
The 1st approach is easy and straightforward but is not very well for large number of microservices and/or when microservices' locations can change dynamically (e.g. due to auto-scaling).
The 2nd approach requires additional component - service registry - and needs modification of other microservices (to let them register themselves in the registry). This is quite more complicated approach but is the only possible in case of complex architecture. Simple yet expressive example can be found in the same article.
UPDATE (January'19)
As of December 2018 the Spring Cloud team announced that almost all Netflix components in Spring Cloud (except Eureka) entered maintenance mode. It means that for the next year they won't receive any feature updates (only bugs and security fixes).
There are replacements for all the affected components, including Netflix Zuul aforementioned above. So please consider using Spring Cloud Gateway instead of it in new projects.