Spring Cloud Gateway: Resilience and Security • Thomas Vitale • GOTO 2021

Подписаться 991 тыс.

Просмотров 15 тыс.

50% 1

This presentation was recorded at GOTO Copenhagen 2021. #GOTOcon #GOTOcph
gotocph.com
Thomas Vitale - Senior Software Engineer at Systematic & Author of "Cloud Native Spring in Action"
ABSTRACT
Do you want to use a microservices architecture? Are you looking for a solution to manage access to single services from clients? How can you ensure resilience and security for your entire system?
Spring Cloud Gateway is a project based on Reactor, Spring WebFlux, and Spring Boot which provides an effective way to route traffic to your APIs and address cross-cutting concerns.
In this session, Thomas will show you how to configure an API gateway to route traffic to your microservices architecture and implement solutions to improve the resilience of your system with patterns like circuit breakers, retries, fallbacks, and rate limiters using Spring Cloud Circuit Breaker and Resilience4J. Since the gateway is the entry point of your system, it’s also an excellent candidate to implement security concerns like user authentication. He'll show you how to do that with Spring Security, OAuth2 and OpenID Connect, relying on Spring Redis Reactive [...]
TIMECODES
00:00 Intro
01:24 API gateway
05:34 Demo
14:38 Routing
14:50 Resilience
15:32 Retry
15:51 Demo
18:04 Circuit breaker
20:10 Demo
27:17 User authentication
33:10 Demo
40:34 Observability
43:08 Outro
Read the full abstract here:
gotocph.com/2021/sessions/195...
RECOMMENDED BOOKS
Thomas Vitale • Cloud Native Spring in Action (available soon) • amzn.to/3kLu1ns
Aaron Parecki • OAuth 2.0 Simplified • amzn.to/2A3IMOf
Aaron Parecki • OAuth 2.0 Servers • amzn.to/3ecHEsz
Aaron Parecki • The Little Book of OAuth 2.0 RFCs • amzn.to/3i7qnlC
Erdal Ozkaya • Cybersecurity: The Beginner's Guide • amzn.to/2T6OIj3
Richer & Sanso • OAuth 2 in Action • amzn.to/3hXiAH6
Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • amzn.to/2U8iLY2
/ gotocon
/ goto-
/ gotoconferences
#Spring #SpringCloud #Security #Resilience #Microservices #MicroserviceArchitecture #CloudNative #Observability #SpringCloudGateway #Reactor #SpringWebFlux #WebFlux #SpringBoot #APIs #Resilience4J #OAuth2 #OpenID #OpenIDConnect #SpringRedisReactive
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at gotopia.tech
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
ru-vid.com...

Наука

Опубликовано:

11 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 22

@GOTO- 2 года назад

The source code repo is available here: github.com/ThomasVitale/spring-cloud-gateway-goto-cph-2021

@litlwizl 2 года назад

So nice. So tidy. So useful. This must be one of the most bootiful presentations ever. Thank you.

@maneshipocrates2264 Год назад

Great talk and example which is very understandable.

@cronus663 2 года назад

Nice talk, very clearly and understandable, thumbs up!

@corssobv Год назад

This is so useful! Thank you Thomas!

@mohammadnasr6725 Год назад

good conferences . you are explain excellent detail of gateway and concern behind that

@dasunwahalathanthrige5872 2 года назад

Nice presentation. I got good idea about API gateway and its functionalities.

@albertoneto1180 Год назад

How neat and simple is that !!! Omg ❤

@victorrocha4503 Год назад

Amazing presentation

@cscelo 2 года назад

A very usefull presentation. I liked so much . Thanks so much.

@codecoffee-farsi3392 2 года назад

Fantastic presentation.

@hea8973 2 года назад

Will there be a link to the github?

@SLEEPERER 2 года назад

Hi Thomas, what is the best practice of handling fallback? Beside cache. What else we can do there.

@mukulbichkar7857 Год назад

Can we have multiple ratelimiters one per route using customKeyResolvers for each one ?

@georgecherian5691 2 года назад

Github link will help a lot

@devang.jayswal 2 года назад

Can we have a Github link please ?

@buddy6670 2 года назад

github link please

@mrinalsaha5918 2 года назад

Thanks a lot for covering api gateway security, I have two question, 1. Can we not just implement securityconfigure class with WebSecurityConfigurerAdapter class and authenticate using jwt instead of using keycloak in the apigateway service project? 2. Lets assume we have a microserviceB which is also a rest service. We do not want that service end point to be exposed externally, they only just be invoked via internal other micfroservices. How can we achieve this? Is creating filter on such services is a standard solution?