Edge Service serves as an API Gateway to connect users to downstream services while managing cross-cutting concerns. The functionality is mainly provided through the Spring Cloud Gateway library, which is built on top of Spring WebFlux.
- Cors Handling
- Centralized Routing
- Circuit Breakers
- Fallbacks
- Retries
- Rate Limiting
- Session Management
- Group Service Architecture
Currently, only GET
, POST
, OPTIONS
, and HEAD
requests are allowed, along with the Authorization
header.
The allowed origins depends on the environment the application is deployed in.
http://localhost:4200
ws://localhost:4200
https://localhost
wss://localhost
https://grouphq.org
wss://grouphq.org
The following routes are currently supported:
/api/groups
: retrieves list of currently active groups from Group Service through Group Sync/api/rsocket
: establishes a websocket connection to the RSocket server in Group Sync/
: serves the frontend application via a GroupHQ UI NGINX container
Each route is configured with a circuit breaker using the Spring Cloud Circuit Breaker library with the Resilience4j implementation. Circuit breakers mimic the behavior of a physical circuit breaker, where if a downstream service is unavailable, the circuit breaker will transition to an open state after several failed attempts. Once the circuit breaker is open, all requests to the downstream service will be rejected for a specified amount of time. After that time has elapsed, the circuit breaker will transition to a half-open state, where the next few requests will be allowed to pass through. If enough requests succeed, the circuit breaker will transition to a closed state, allowing all requests to be processed as normal.
Fallbacks are configured for each route. If a route's circuit breaker is open, or if the downstream service is unavailable, then a response given by the configured fallback for that route will be returned instead.
Retries are configured for each route as a default filter with an exponential backoff strategy. A request is retried if the downstream service responds with:
- A server error (5xx)
- A
java.io.IOException
- A
java.util.concurrent.TimeoutException
Learn more about the retry filter
Rate limiting is configured for each route as a default filter using the token bucket algorithm.
Learn more about the rate limiter filter
Session management is configured for each route as a default filter. Spring Security is integrated with Spring Session, so that any authenticated user will have their authentication saved into a session, and this session will be passed along with each request to the downstream service. The session is stored in a Redis database and managed with the help of the Spring Session library.
Learn more about the session filter
The following container diagram shows Edge Service's place in the GroupHQ Software System.
Shown in the diagram, Edge Service communicates with three downstream services (Session Store, Group Sync, and the
frontend application), while being called by the user.