The Battle-Tested API Gateway for VMware Tanzu Application Service Gets Even Better

May 13, 2022 Chris Sterling

Spring Cloud Gateway for VMware Tanzu has released another amazing minor release! Version 1.2 adds new capabilities that improve your API developer user experience along with increased operational monitoring options for your API runtime. All of this is available in the application marketplace within VMware Tanzu Application Service, with native hooks into the platform. Let’s take a deeper look at these new capabilities.

Spring Cloud Gateway for VMware Tanzu delivers a native Tanzu Application Service API gateway to expose application APIs, written in any programming language, with a secure, consistent operational and application development experience.

Improved API developer experience

API developers can now apply service-level configuration for all API routes being exposed by a bound application. Rather than defining API routes with the same authentication requirements and filters, these can now be defined in the service property. The following options are available for service-level configuration for exposing an application’s APIs:

  • sso-enabled – All API routes are only accessible to authenticated users with a valid bearer token

  • token-relay – Forward authenticated JWT token to the bound application that the API request is routed to

  • filters – An array of specified API route filters to apply on all requests to the bound application

  • predicates – An array of specified API route predicates to match on all requests to the bound application

Example of service-level configuration for all of a bound application’s API routes along with the ability to override on a per-API route configuration

Individual API routes can still override the service-level configuration with their own authentication requirements and filters. This reduces duplication while still allowing fine-grained control of how APIs are exposed for a given bound application.

Easily configure operational monitoring and tracing

We’ve added VMware Tanzu Observability by Wavefront tile configuration that will automatically be added to all API gateway service instances created on the Tanzu Application Service foundation. Just put in your organization’s Tanzu Observability URI and API token and choose whether to enable metrics, tracing, or both. It is that easy!

Spring Cloud Gateway for VMware Tanzu allows tile configuration for integration with Tanzu Observability by Wavefront

Once the tile configuration is applied to the Tanzu Application Service foundation, dashboards can be made visible for all of your API gateway service instances. These dashboards can provide visibility into the number of API routes, error rates, response times, rate limiting, authentication success, and tracing of API requests.

New commercial extensions added

In addition to the improvements in the API developer and operational experience, our team has added more commercial filters that you can use for your own API routes:

  • RewriteAllResponseHeaders – Modify all response headers with a regular expression, which can be useful when there are naming or client-specific modifications needed for API responses

  • RewriteResponseBody – Modify response payload with regular expressions, which can be useful for changing URLs, paths, or text content

  • RemoveJsonAttributesResponseBody – Remove specific JSON attributes from a response based on regula so they are not sent to the client, either to reduce payload size or protect information

  • ClaimHeader – Pass JWT claim as header on API when routed to the bound application for a specified route

Let’s wrap it up

With Spring Cloud Gateway for VMware Tanzu, you will enjoy a unique application development experience for exposing APIs using a secure and consistent approach on Tanzu Application Service. There is an abundance of API route predicate matchers and composable filters available out of the box. And operational requirements can now be monitored with Tanzu Observability by Wavefront including performance, error rates, authentication issues, rate limiting, and traceability of request routes. Give this battle-tested API gateway a try today!

Resources

About the Author

Chris Sterling

Chris Sterling is Product Line Manager focused on API management at VMware. He has held multiple high-level roles in his 25+ years in the software industry. Chris published the book Managing Software Debt: Building for Inevitable Change with Addison-Wesley in 2010 to provide a framework for teams and organizations to assess and manage debt in their software systems. Chris has successfully supported organizational transformation across multiple verticals with organizations of 10 up to 800 people. After a successful entrepreneurial endeavor as co-founder of Agile Advantage, Chris has brought his diverse experience and deep passion for technology when presenting on topics such as Continuous Delivery, Cloud Native architecture, DevOps, Lean, and Agile to the products he helps bring to market.

Follow on Twitter Follow on Linkedin More Content by Chris Sterling
Previous
Contour Joins Forces with Community Leaders to Build New Envoy Gateway Project
Contour Joins Forces with Community Leaders to Build New Envoy Gateway Project

Contour’s VMware maintainers will be the founding members of a new Envoy Gateway project: Project Envoy’s o...

Next
How Infrastructure Virtualization Accelerates Data Science: VMware Tanzu and Domino Data Lab
How Infrastructure Virtualization Accelerates Data Science: VMware Tanzu and Domino Data Lab

With Domino Data Lab and VMware Tanzu, code-first data science teams can accelerate research, increase coll...