{"id":17765634,"url":"https://github.com/thomasvitale/spring-cloud-gateway-resilience-security-observability","last_synced_at":"2025-03-15T12:30:24.202Z","repository":{"id":111459147,"uuid":"549799563","full_name":"ThomasVitale/spring-cloud-gateway-resilience-security-observability","owner":"ThomasVitale","description":"Example with Spring Boot 3 focused on resilience, security and observability. It uses Spring Cloud Gateway, Spring Security and Spring Cloud Circuit Breaker.","archived":false,"fork":false,"pushed_at":"2023-09-10T11:29:02.000Z","size":313,"stargazers_count":72,"open_issues_count":3,"forks_count":34,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-02-27T02:54:09.279Z","etag":null,"topics":["grafana","grafana-loki","grafana-tempo","keycloak","microservices","opentelemetry","prometheus","redis","spring-boot","spring-cloud","spring-cloud-gateway","spring-security"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ThomasVitale.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-11T18:57:09.000Z","updated_at":"2025-02-19T19:06:45.000Z","dependencies_parsed_at":"2023-11-21T14:04:05.462Z","dependency_job_id":null,"html_url":"https://github.com/ThomasVitale/spring-cloud-gateway-resilience-security-observability","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ThomasVitale%2Fspring-cloud-gateway-resilience-security-observability","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ThomasVitale%2Fspring-cloud-gateway-resilience-security-observability/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ThomasVitale%2Fspring-cloud-gateway-resilience-security-observability/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ThomasVitale%2Fspring-cloud-gateway-resilience-security-observability/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ThomasVitale","download_url":"https://codeload.github.com/ThomasVitale/spring-cloud-gateway-resilience-security-observability/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243730802,"owners_count":20338720,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["grafana","grafana-loki","grafana-tempo","keycloak","microservices","opentelemetry","prometheus","redis","spring-boot","spring-cloud","spring-cloud-gateway","spring-security"],"created_at":"2024-10-26T20:14:33.844Z","updated_at":"2025-03-15T12:30:24.192Z","avatar_url":"https://github.com/ThomasVitale.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Spring Cloud Gateway - Resilience, Security, and Observability\n\nDo you want to use a microservices architecture? Are you looking for a solution to manage access to single services\nfrom clients? How can you ensure resilience and security for your entire system? Spring Cloud Gateway is a project\nbased on Reactor, Spring WebFlux, and Spring Boot which provides an effective way to route traffic to your APIs and\naddress cross-cutting concerns.\n\nIn this session, I'll show you how to configure an API gateway to route traffic to your microservices architecture and\nimplement solutions to improve the resilience of your system with patterns like circuit breakers, retries, fallbacks,\nand rate limiters using Spring Cloud Circuit Breaker and Resilience4J. Since the gateway is the entry point of your\nsystem, it’s also an excellent candidate to implement security concerns like user authentication. I'll show you how\nto do that with Spring Security, OAuth2, and OpenID Connect, relying on Spring Redis Reactive to manage sessions.\nFinally, I'll show you how to improve the observability of your system using Spring Boot Actuator\nand Spring Cloud Sleuth and relying on the Grafana stack.\n\n## Stack\n\n* Java 17\n* Spring Boot 3\n* Grafana OSS\n\n## Usage\n\nYou can use Docker Compose to set up the entire system, including applications, data services, and the Grafana observability stack.\n\nFirst, package both the Edge Service and Book Service application as container images leveraging the Cloud Native Buildpacks integration\nprovided by Spring Boot. For each application, run the following task:\n\n```bash\n./gradlew bootBuildImage\n```\n\nThen, from the project root folder, run Docker Compose.\n\n```bash\ndocker-compose up -d\n```\n\nThe Edge Service application is exposed on port 9000 while Book Service on port 9001. The applications require authentication through\nOAuth2/OpenID Connect. You can log in as Isabelle (isabelle/password) or Bjorn (bjorn/password).\n\n## Observability Stack\n\nBoth Spring Boot applications are observable, as any cloud native application should. Prometheus metrics are backed by Spring Boot Actuator and Micrometer Metrics. Distributed tracing is backed by OpenTelemetry and Micrometer Tracing.\n\n**Grafana** lets you query and visualize logs, metrics, and traces from your applications. After running the Docker Compose\nconfiguration as explained in the previous section, you can access Grafana on port 3000. It provides already dashboards\nto visualize metrics from Spring Boot, Spring Cloud Gateway, and Spring Cloud Circuit Breaker. In the \"Explore\" panel,\nyou can query logs from Loki, metrics from Prometheus, and traces from Tempo.\n\n**Loki** is a log aggregation system part of the Grafana observability stack. \"It's like Prometheus, but for logs.\"\nLogs are available for inspecting from Grafana.\n\n**Tempo** is a distributed tracing backend part of the Grafana observability stack. Spring Boot applications sends traces to Tempo,\nwhich made them available for inspecting from Grafana. The traces follows the OpenTelemetry format and protocol.\n\n**Prometheus** is a monitoring system part of the Grafana observability stack. It parses the metrics endpoints exposed by Spring Boot\napplications (`/actuator/prometheus`). Metrics are available for inspecting and dashboarding from Grafana.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthomasvitale%2Fspring-cloud-gateway-resilience-security-observability","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthomasvitale%2Fspring-cloud-gateway-resilience-security-observability","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthomasvitale%2Fspring-cloud-gateway-resilience-security-observability/lists"}