Geek Culture
Published in

Geek Culture

Zuul API Gateway

In this tutorial, we are mainly focused on the Zuul API gateway. We have so many API gateways are available. In Spring Cloud we have a Zuul API gateway. If you are working on AWS based environment then you will have different AWS API gateways. So you can use any of them.

What is Microservices?

Microservices — also known as the microservice architecture — is an architectural style that structures an application as a collection of services that are. Highly maintainable and testable. Loosely coupled. Independently deployable. Organized around business capabilities.

If you want more details about Microservices please refer my previous article.

What is Eureka Server?

Eureka Server is an application that holds information about all client-service applications. Every Microservice will register into the Eureka server and the Eureka server knows all the client applications running on each port and IP address. Eureka Server is also known as Discovery Server. With Netflix Eureka each client can simultaneously act as a server, to replicate its status to a connected peer. In other words, a client retrieves a list of all connected peers of a service registry and makes all further requests to any other services through a load-balancing algorithm.

Zuul API Gateway

Zuul Server is an API Gateway application. It handles all the requests and performs the dynamic routing of microservice applications. It is also known as Edge Server. Zuul is built to enable dynamic routing, monitoring, resiliency, and security. It can also route the requests to multiple Amazon Auto Scaling Groups.

For Example, /api/products are mapped to the product service and /api/user is mapped to the user service. The Zuul Server dynamically routes the requests to the respective back-end application.

How to use the Zuul API gateway in the Micro-Service Applications?

So let’s say we have a registry server called Eureka Registry and we have different Microservice applications. MicroService1 and MicroService2. And those are deployed in the different hosts and the ports are different. And also we have a UI service that is registered in Netflix Eureka. And now all the Microservices are Registered in the Eureka Registry server.

Now let’s say we need to communicate from the UI service to the Micro-service here the security is very risky here. In this kind of scenario, we need to provide security for all the microservices. Let’s say we have 100 microservices and if you want to provide security for all these 100 microservices under auth2 and JWT, it is going to risky. We need to write the same code for all these 100 microservices and we need to do the authorization and authentication. That is not Good.

In real-time what we do is, all the microservices will be deployed in a private network so that these microservices will not expose to the outside. Nobody can access it. Then how we are going to provide the security here?.

Then the Zuul API gateway comes into the picture.

Let’s say we have Micro Service Registry and we have multiple microservices. All the microservices are registered in the Netflix Eureka and also we have an API gateway which is one of the microservice and it is a part of the Spring Cloud. So once all the services are registered all the services are available in the Netflix Eureka Registry. Now the MicroService1 and MicroService2 are in a private network and they are not exposed outside. Now how we are going to communicate Web UI Micro Service to MicroService1?

Whenever any request from the User comes, to any UI service the request will go to the Zuul API Gateway. Zuul will route all the requests to the corresponding Micro Service. So here instead of exposing all the Micro Services to the UI, UI needs to send the request to the API Gateway and Gateway should provide security(Authorization and the Authentication) and the routes. Here we need to filter all the Requests(Users) where this particular user is authorized or not and if Authorized allow the route to the User to particular Micro Service.

We will see how to do that programmatically by creating a sample project in the next tutorial.

Zuul Components

Zuul has mainly four types of filters that enable us to intercept the traffic in different timelines of the request processing for any particular transaction. We can add any number of filters for a particular URL pattern.

  • pre-filters — are invoked before the request is routed
  • post-filers — are invoked after the request has been routed
  • route-filters — are used to route the request
  • error-filters — are invoked when an error occurs while handling the request.

Common Responsibilities of Gateway Services

  • Apply micro-service authentication and security in the gateway layer to protect the actual services
  • We can do micro-services insights and monitoring of all the traffic that is going into the ecosystem by enabling some logging to get meaningful data and statistics at the edge in order to give us an accurate view of production.
  • Dynamic Routing can router requests to different back-end clusters as needed.
  • We can do runtime stress testing by gradually increasing the traffic to a new cluster in order to gauge performance in many scenarios. e.g: a cluster has new Hardware and network setup or that has a new version of production code deployed.
  • We can do dynamic load shedding. e.g: allocating capacity for each type of request and dropping requests that go over the limit.
  • We can apply static response handling e.g: building some responses directly at the edge instead of forwarding them to an internal cluster for processing.

Steps to create a Zuul API Gateway

  • Eureka Service: No changes required in Eureka Service/Naming Server
  • Producer Service: Assume that our MicroService1
  • Consumer Service: Assume that our MicroService2
  • Zuul Service: Write a Zuul service and route all the requests which are coming from UI to the corresponding Producer Service

We will see how to design a Zuul API Gateway programmatically by creating a sample project in the next tutorial.

I hope you get an idea about Zuul API Gateway. See you in the next tutorial.

Thank You!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kasun Dissanayake

Senior Software Engineer at IFS R & D International || Former Software Engineer at Pearson Lanka || Former Associate Software Engineer at hSenid Mobile