/
Introduction to the Architecture

Introduction to the Architecture

Owned by Patricia DeStefano
Mar 06, 2025

Modern applications require modular, scalable, and secure architectures. The Eureka Platform embodies this philosophy, leveraging industry-trusted open-source technologies to offer seamless integration, role-based authorization, and decentralized communication between modules. Let’s explore the core components of Eureka and how they enhance application development.

Kong Gateway: Traffic Manager

At the heart of Eureka’s API management lies the Kong Gateway. This cloud-native, Lua-based API gateway acts as a reverse proxy, providing traffic control, rate limiting, request/response transformations, logging, and monitoring out of the box. With its open-source core, Kong ensures scalability and flexibility, allowing developers to configure it via Kong’s Admin API, declarative configuration, or the Kong Manager. Whether routing requests or applying security policies, Kong streamlines API management across distributed systems.

Kong Gateway: The Traffic Manager

At the heart of Eureka’s API management lies the Kong Gateway. This cloud-native, Lua-based API gateway acts as a reverse proxy, providing traffic control, rate limiting, request/response transformations, logging, and monitoring out of the box. With its open-source core, Kong ensures scalability and flexibility, allowing developers to configure it via Kong’s Admin API, declarative configuration, or the Kong Manager. Whether routing requests or applying security policies, Kong streamlines API management across distributed systems.

Keycloak: Seamless Identity and Access Management

Security is paramount in any modern software stack, and Keycloak is the backbone of Eureka’s Identity and Access Management (IAM). Developed by Red Hat, Keycloak supports OpenID Connect, OAuth 2.0, and SAML 2.0, making it a robust solution for authentication and authorization. It employs a realm-based model to support multi-tenancy and provides fine-grained authorization services. Through Roles, Clients, Resources, Policies, and Permissions, developers can define and enforce access control dynamically.

MGR-Applications: Managing Modular Components

Eureka’s modular nature is facilitated by MGR-Applications, which handles module discovery and management. Built with Spring, OpenAPI, Feign, PostgreSQL, and Kafka, this component maintains application descriptors—grouping UI and backend modules based on functionality. By leveraging Semantic Versioning, MGR-Applications ensures dependency compatibility and smooth integration. Additionally, it registers services in Kong and communicates changes via Kafka, keeping the system synchronized and responsive.

MGR-Tenants: Multi-Tenancy Made Simple

A key feature of Eureka is its ability to support multiple tenants efficiently. MGR-Tenants manages the lifecycle of tenants, creating and deleting them while synchronizing with Keycloak. It automates realm setup, populates necessary configurations, and maintains additional tenant attributes. For developers building SaaS applications, this ensures seamless onboarding and administration of tenant environments.

MGR-Tenant-Entitlements: Streamlining Application Installation

Installation and management of applications are handled by MGR-Tenant-Entitlements, the most complex component of Eureka. It is responsible for the following:

  • Retrieving tenant and application data

  • Creating an installation flow and dependency tree

  • Calling tenant APIs to enable modules

  • Registering modules in Kong and Keycloak

  • Publishing Kafka messages for system-wide updates

  • Logging every step and supporting rollbacks

MGR-Tenant-Entitlements uses a structured approach to ensure smooth deployment while maintaining consistency across the ecosystem.

Sidecars: Lightweight, Decentralized Communication

To eliminate a centralized message-passing bottleneck, Eureka employs Sidecars for inter-module communication. Built with Quarkus and Kafka, these lightweight proxies intercept all ingress and egress requests, filtering and manipulating headers such as x-okapi-url, x-okapi-user-id, and x-okapi-tenant. Sidecars also perform authorization checks in Keycloak, ensuring secure module-to-module communication.

Eureka Platform: Management

Managing a modular platform requires visibility, control, and automation. Eureka Platform Management provides a centralized approach to overseeing services, tenants, and applications. It enables developers and administrators to monitor component interactions, enforce policies, and ensure system-wide consistency. With API-driven configurations and automated workflows, managing deployments, security, and operational states becomes seamless. This ensures high availability, reduced operational overhead, and an optimized development workflow.

platformmanagement.png

Eureka Platform: Runtime

The Eureka Platform Runtime is designed to ensure optimal performance, resilience, and fault tolerance for applications. By leveraging a distributed architecture, it dynamically adjusts to workload demands, ensuring high availability. Components communicate through event-driven mechanisms via Kafka, while Sidecars handle service-to-service interactions securely and efficiently. Eureka’s runtime infrastructure is built with containerized deployments, allowing seamless scaling and rolling updates. This ensures minimal downtime and efficient resource utilization, making it an ideal solution for modern, cloud-native applications.

platformruntime.png

By integrating Kong Gateway, Keycloak, and microservices-driven components, Eureka empowers developers to create dynamic, multi-tenant, and resilient software ecosystems.

Further Reading

Related content