The Problem
Microservices suffered from erratic traffic spikes, lack of centralized token validation, and rate-limiting issues that degraded downstream systems.
Architecture & Topology
Custom proxy server built with Node.js, Express, and Redis Cluster, acting as a reverse proxy, rate limiter, and JWT authenticator.
Client -> Nginx (SSL) -> API Gateway (Auth & Rate Limit via Redis) -> Downstream Microservices
Engineering Challenges
Parsing token validation and executing IP-based token bucket rate limiting under 5ms overhead.
Applied Solutions
Configured Lua scripts in Redis to execute atomic rate-limiting checks. Token blacklisting is updated in memory using Redis Pub/Sub.
Results & Benchmarks
Centralized routing for 5 microservices, maintaining sub-10ms response latencies while shielding database clusters from denial-of-service traffic.
API Routing Specifications
| Method | Path | Objective |
|---|---|---|
| ALL | /proxy/* | Forward request to downstream destination |
| POST | /api/auth/invalidate | Revoke and blacklist JWT token |
Performance Tuning
Implemented streaming file proxying to avoid loading heavy payloads in node RAM. Fine-tuned keep-alive connections on HTTP agents.
Lessons Learned
Lua scripting inside Redis guarantees operations are executed atomically without racing conditions.