- Rate Limiter
- Circuit Breaker
- Encryption and Decryption of request and response body
- Google Re-Captcha validation at gateway for all microservices
- TLS/SSL
mvn clean package -DskipTests=true
java -jar target/spring-cloud-gateway-0.0.1-SNAPSHOT.jar
Encryption of request body and response body is implemented in global filter and in route 2.
f.filter(encryptDecryptFilter.apply(new EncryptDecryptFilter.Config()))
i.e Service Denial
Redis is used for rate limiter, which is used for protecting application from API throttling (Service Denial)
Circuit Breaker has three states Closed State, Open State, Half Open State. The image below shows how the flow from one state to another changes.
-
The Circuit Breaker will be in the
Closed statewhen everything is running as expected when failure starts coming it waits until the setthreshold limitis reached then goes toOpen state. -
While in
Open statesno calls will be going to failing remote service until certain wait time, then it goes toHalf-Open state, in this stage reduced amount of calls goes to remote service to make sure the calls are successful,IFthe calls are responding asexpectedit will go toClosed stateor it goes back toOpen stateavoiding calls to failing remote service.
Google Recaptcha can be verified at gateway instead of verifying it in each microservices. Avoid code duplication
To Enable SSL, add the following properties in the yml file and add the certificate in .p12 format
server:
port: 9095
ssl:
enabled: true
key-store: classpath:keystore.p12
key-store-password: thirumal
key-store-type: PKCS12
key-alias: gateway
compression:
enabled: true
Get free SSL certificate from Let's Encrypt
To Generate the .p12 from .pem use the following commands
openssl pkcs12 -export -in fullchain1.pem -inkey privkey1.pem -out keystore.p12 -name gateway -CAfile chain1.pem -caname root