Modern Application Development

Overcome challenges in modern application development with pre-packaged enterprise components from Tanzu geared towards distributed architectures.

ServiceRegistryAPIGatewayConfigServerMicroservicesMicroservicesMicroservicesDistributedTracingLogging, Monitoring,Dashboards, etc.Storage, Databases, Messaging, Caches,Security, etc.loTMobileB2BBrowser

API Gateway

Challenge

As micro-services proliferate, they tend to expose APIs for integration across applications and domains. Over time, these APIs may be based on an ever-changing landscape of:

  • Competing API specifications such as JSON, REST, GraphQL, XML web services and beyond
  • Different security approaches such as LDAP, SAML, OAuth, OpenID Connect, etc...
  • Governance policies based on OWASP, FIPS, PCI-DSS, and more

API consumers must deal with these cross-cutting concerns and standards differences. An API Gateway can provide a more consistent consumer experience and apply security and governance changes over time without updating all applications that expose their valuable APIs.

Solution

Spring Cloud Gateway is an OSS library that provides support for building an API Gateway on top of Spring WebFlux, thus taking advantage of its high performance non-blocking I/O reactive underpinnings. Spring Cloud Gateway aims to provide a simple, yet effective way to route to APIs and provide cross cutting concerns to them such as: security, monitoring/metrics, and resiliency.

Spring Cloud Gateway for VMware Tanzu packages an enterprise-ready implementation of Spring Cloud Gateway as a Tanzu Platform for Cloud Foundry enabled managed service. The Spring Cloud Gateway integrates with the underlying platform to ensure applications do not expose their APIs directly to external consumers and handles secure routing on an internal domain. The Spring Cloud Gateway service includes additional filters, predicates and actuator content that tackle enterprise API Gateway needs such as:

  • Single Sign-On integration with OpenID Connect identity providers
  • Dynamic application route configuration to allow continuous integration and delivery pipeline API route updates
  • High availability configuration to set the number of Gateway instances to handle all of your traffic throughput needs
  • Gateway service instance dashboard to view health and configuration details
  • Rate limiting configuration including partitioning by HTTP header, JWT claim or IP address
  • GraphQL filters to manage operations and authorization
  • Additional authentication and authorization filters for Role-based Access Control (RBAC), Scopes and redirecting to custom login
  • Additional traffic control filters including client certificate validation and request route management
  • Additional transformation filters such as JSON to XML and vise versa, extracting JWT claim into header value and JSON body manipulation

In addition to powerful runtime integrations with Tanzu Platform for Cloud Foundry and enhanced enterprise-ready capabilities on top of Spring Cloud Gateway, there is extensive support for use of OpenAPI. Applications can expose their API routes by providing an OpenAPI specification and apply filters and predicates dynamically to individual or all routes. As in many micro-services architectures that leverage an API Gateway, Spring Cloud Gateway for VMware Tanzu also provides API aggregation so that API consumers only see a single OpenAPI generated specification even though there may be multiple applications providing API routes behind it.

Centralized Configuration

Challenge

In a micro-services architecture, managing properties for applications across multiple environments can prove to be challenging. Keeping track of variations, versions and environment specific properties necessitates a configuration management process that eases this burden. Having a central place to manage properties for all applications across all environments is crucial to meet these requirements.

Solution

Spring Cloud Config is an OSS library that provides support for externalized configuration in a distributed system. It includes support for a number of backends, including Git, HashiCorp Vault, and CredHub.

Spring Cloud Services for VMware Tanzu packages an enterprise-ready implementation of Spring Cloud Config’s server-side components as a Tanzu Platform for Cloud Foundry enabled managed service. The Spring Cloud Config Server service integrates with the underlying platform to generate secure communication between client applications that are bound to a service instance. Its architecture is designed to minimize calls from the Config Server to external Git servers for the Git backend and to give operators greater control over the data fetched and served by the Config Server. Each of the Spring Cloud Services services has a corresponding Spring Boot starter. Similar to a Spring Cloud OSS project, a Spring Cloud Services starter bundles the dependencies used by a client app to consume the service, thus keeping the same programming model when working with the VMware Tanzu components.

Service Discovery

Challenge

A modern cloud-native application typically runs in a virtualized or containerized environment where the number of instances of an application service and each instance’s location changes dynamically. This can also be scaled across multiple availability zones to achieve higher availability of those services. How do clients of these services discover the location of a service instance in this type of dynamic environment?

Solution

Spring Cloud Netflix is an OSS library that provides Netflix Eureka integration for Spring Boot apps through auto-configuration and binding to the Spring Environment and other Spring programming model idioms. With a few simple annotations, you can quickly enable and configure the service discovery pattern for your distributed applications with battle-tested Netflix components.

Solution Solution

Spring Cloud Services for VMware Tanzu packages the enterprise-ready implementation of Spring Cloud Netflix Eureka as a Tanzu Platform for Cloud Foundry enabled managed service named Service Registry. The Spring Cloud Service Registry service integrates with the underlying platform to generate secure communication between client applications that are bound to a service instance. This service can also be scaled across multiple instances to share service locations across availability zones using peer replication. Similar to the Config Server, there is a Spring Cloud Services starter for Eureka which bundles the dependencies used by a client app to consume the service.