I’ve been working with microservices for several years now, and one challenge consistently emerges: how to manage client requests across multiple services without creating a fragile system. When downstream services fail, the entire application can crumble like dominoes. That’s why I decided to build a robust API gateway using Node.js and Express, incorporating the Circuit Breaker pattern to prevent cascading failures. If you’ve ever struggled with service outages affecting your entire system, you’ll appreciate what we’re about to implement.
Setting up the foundation is straightforward. We start with a new Node.js project and install essential packages. Security comes first, so we include Helmet for HTTP header protection and CORS for cross-origin safety. For resilience, we add libraries like Opossum for circuit breaking and Redis for caching. Here’s how I initialize the project:
npm init -y
npm install express helmet cors opossum ioredis axiosThe gateway’s configuration lives in a dedicated file. I define service endpoints with critical parameters like timeouts and retry limits. Notice how each service gets its own circuit breaker settings—this granular control prevents one failing service from taking down others:
// gateway.config.js
export const services = {
users: {
url: 'http://user-service:3001',
timeout: 3000,
circuitBreaker: {
failureThreshold: 3,
resetTimeout: 30000
}
},
orders: {
url: 'http://order-service:3002',
timeout: 5000,
circuitBreaker: {
failureThreshold: 5,
resetTimeout: 60000
}
}
};Now, what happens when a service starts failing repeatedly? Without protection, those failed requests would exhaust resources. The Circuit Breaker pattern solves this by tripping after a threshold of failures, temporarily blocking requests. I implement it using the Opossum library:
import { CircuitBreaker } from 'opossum';
const orderServiceBreaker = new CircuitBreaker(async (request) => {
return axios({ ...request, timeout: services.orders.timeout });
}, {
timeout: services.orders.timeout,
errorThresholdPercentage: 40,
resetTimeout: services.orders.circuitBreaker.resetTimeout
});
orderServiceBreaker.fallback = () => ({
status: 503,
data: { error: 'Order service unavailable' }
});When the breaker trips, requests immediately return fallback responses instead of hitting the struggling service. This gives the service breathing room to recover. But how do we know when it’s safe to try again? Health checks continuously monitor service status. I implement a simple endpoint checker that runs every 15 seconds:
setInterval(async () => {
const status = await axios.get(`${service.url}/health`);
if(status === 'OK' && breaker.halfOpen) {
breaker.close(); // Resume normal operations
}
}, 15000);For authentication, I centralize JWT verification at the gateway level. This prevents duplicate auth logic in every microservice. The middleware validates tokens before any request reaches downstream services:
app.use((req, res, next) => {
const token = req.headers.authorization?.split(' ')[1];
if (!verifyToken(token)) {
return res.status(401).json({ error: 'Unauthorized' });
}
next();
});Caching frequently requested data reduces load on services. I use Redis with a 5-minute TTL for GET requests. Notice how cache keys include the user ID to personalize responses:
const cacheMiddleware = async (req, res, next) => {
if (req.method !== 'GET') return next();
const key = `user:${req.user.id}:${req.originalUrl}`;
const cachedData = await redis.get(key);
if (cachedData) {
return res.json(JSON.parse(cachedData));
}
// Cache miss - proceed and cache response later
res.sendResponse = res.json;
res.json = (body) => {
redis.setex(key, 300, JSON.stringify(body));
res.sendResponse(body);
};
next();
};Monitoring is crucial for production resilience. I expose Prometheus metrics for request volumes, error rates, and circuit breaker states. This helps identify issues before they cause outages. Ever wonder how many requests fail silently? These metrics reveal the truth:
import { register } from 'prom-client';
register.metrics().then(metrics => {
app.get('/metrics', (req, res) => {
res.set('Content-Type', register.contentType);
res.send(metrics);
});
});For deployment, I package the gateway in Docker with resource limits. Kubernetes liveness probes ensure automatic restarts during failures. The Dockerfile optimizes production performance:
FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY dist/ .
EXPOSE 8080
CMD ["node", "gateway.js"]Testing resilience involves deliberate chaos. I use Artillery to simulate traffic while randomly killing services. This verifies if the circuit breakers and fallbacks activate correctly. Could your gateway survive this simulated onslaught?
# chaos-test.yaml
scenarios:
- flow:
- loop:
- get:
url: "/orders"
- get:
url: "/users"
count: 100
- function: "randomlyKillService"The final gateway handles 2,000+ requests per second on a single instance. More importantly, when I intentionally crash the order service, user requests continue unaffected—the circuit breaker contains the failure. This isolation transforms system reliability.
Building this changed how I design distributed systems. Centralizing cross-cutting concerns at the gateway simplifies services while improving resilience. Give this implementation a try in your next project—you’ll immediately notice fewer midnight outages. If you found this guide helpful, share it with your team and leave a comment about your API gateway experiences! What resilience patterns have worked best for you?
