Spring Cloud Gateway: Resilience, Security, and Observability

Voting no longer possible
Voting enabled when talk has started

Do you want to use a microservices architecture? Are you looking for a solution to manage access to single services from clients? How can you ensure resilience and security for your entire system? Spring Cloud Gateway is a project based on Reactor, Spring WebFlux, and Spring Boot which provides an effective way to route traffic to your APIs and address cross-cutting concerns.

In this session, I'll show you how to configure an API gateway to route traffic to your microservices architecture and implement solutions to improve the resilience of your system with patterns like circuit breakers, retries, fallbacks, and rate limiters using Spring Cloud Circuit Breaker and Resilience4J. Since the gateway is the entry point of your system, it’s also an excellent candidate to implement security concerns like user authentication. I'll show you how to do that with Spring Security, OAuth2, and OpenID Connect, relying on Spring Redis Reactive to manage sessions. Finally, I'll show you how to improve the observability of your system using Spring Boot Actuator and Spring Cloud Sleuth and relying on the Grafana stack.

Thomas Vitale


Thomas is a Software Architect specialized in building highly-scalable, resilient, and secure enterprise applications. He develops software solutions at Systematic, Denmark, where he’s been working on modernizing platforms and applications for the cloud-native world, focusing on developer experience and security. Thomas likes contributing to open-source projects like Spring Security and Spring Cloud. He’s the author of “Cloud Native Spring in Action - With Spring Boot and Kubernetes”, published by Manning, where some of his main interests converged, such as Kubernetes, Buildpacks, Knative, and other cloud-native technologies.