chapter five

5 Engaging throttling, monitoring, and access control

This chapter covers

An introduction to throttling and why we need to apply throttling on our microservices.
Different dimensions of throttling and their impacts.
Setting up Zuul as an API gateway for throttling.
An introduction to observability and its importance in a microservice architecture.
The main aspects of observability and why they matter.
Using Prometheus and Grafana to monitor our microservices.
An introduction to Open Policy Agent (OPA) and its fundamentals.
Applying access control policies via Zuul and OPA.

In chapter 3 we introduced the API gateway architectural pattern and discussed its applicability in microservice architectures. Zuul is an open source API gateway developed by Netflix and used in its microservices deployments. Zuul provides dynamic routing, monitoring, resiliency, security and more. It acts as the front door to Netflix’s server infrastructure, handling traffic from Netflix users around the globe. In chapter 3 we discussed how to enforce security based on OAuth 2.0 for your microservices using Zuul as the gateway. In this chapter we extend those samples to use Zuul to handle throttling, apply access control policies and we also discuss the monitoring aspects of our microservices.

5.1 Throttling at the API Gateway with Zuul

5.1.1 Quota based throttling for applications

5.1.2 Fair usage policy for users

5.1.3 Running the sample

5.1.4 Maximum handling capacity for microservices

5.1.5 Operation level throttling

5.1.6 Throttling the OAuth2 token and authorize endpoints

5.1.7 Privilege based throttling

5.2 Monitoring and Analytics with Prometheus and Grafana

5.2.1 Monitoring the Spring Boot Microservice

5.2.2 The need for observability

5.2.3 Observability

5.2.4 Using Prometheus to monitor our microservices

5.3 Enforcing access control policies at the API gateway with Open Policy Agent

5.3.1 Open Policy Agent

5.3.2 Running the OPA sample to query an OPA engine for authorization

5.3.3 Summary