API Gateway – Key Enabler Of MicroServices
Welcome Gate to MicroServices
Who says welcome to micro services? Truth be told…it is an API Gateway 🙂
Unlike, many other components, there are several responsibilities that API gateway handles.
It is a gateway and not a API management tool. This acts as a gateway between consumers and microservices.
Consumers would need to talk to services. Given the dynamic nature of services in terms of hosting and different versions of the service being available, it becomes difficult for client to take the responsibility to locate and call the respective service.
API Gateway comes handy here, it guides and routes the communication.
Routing Communication and Gating Security
When consumer wants to call the service, it makes a call to the API gateway.
API gateway can integrate with central security service to ensure secured access to the service.
In such cases, consumers credentials need to be sent in the request to API gateway which then validates with the authorization mechanism.
A token is granted to the consumer post successful validation. This token must be introduced in the subsequent requests.
API gateway then sends the token to the micro-service, here the service can verify with the authorization system or take the itself to grant the requested operation.
Thus authentication can be facilitated by an API gateway and in cases security can be enforced through the gateway. It depends on how gateway is leveraged in the given micro-service architecture implementation.
API gateway can route the to requests to respective geography.
API gateway not only helps in routing but also greatly improves performance by load Balancing helps in distributed load and scales.
Throttling can be applied here at the API gateway level to limit the traffic as per business subscription model. It also helps in DDOS attack and that way becomes system requirement.
While acting as a facade, it can fulfill multiple other functions.
API Gateway Helping Functions
Caching In an ecosystem, there are pieces of information, some type/kind of response data which is needed frequently and it is used for read only purpose.
Such data, once requested usually does not change or changes at regular intervals. Such kind of information can be cached. Static information, images, media data can be an example of this. Caching reduces number of calls and reduces latency.
Protocol Abstraction: There could be different type consumers such as browser application, server application or a mobile application.
These application will talk through the protocol exposed by API Gateway. It could be REST API or GraphQL etc.
API Gateway would then talk to various microservices beneath it. Those could be REST API, SOAP or a RPC. API Gateway does the protocol translation and keeps consumer abstract from it.
Circuit breaker/Error management: If API gateway learns that one of the micro services is failing it can send the cached response, or route the request to the other component. In adverse cases, it can help default to an implementation. It can send the defined error/exception response message which consumer can act on.
This way the degraded service is not bombarded with requests and the traffic is short circuited.
Simulation or Mocked testing
While development team is working on a feature within a service A and in the workflow of the service it is dependent on the response from of the other service B. Both service A and B are getting built parallel. In such cases, API gateway can simulate the few possible responses to unblock the development team.
API gateway can provide mocking.
In this article we have touched many concepts such as caching, circuit breaker, mocking or simulation ability. We would visit those in details.
Below is the comparison of two API gateways.
Comparison Factor Kong AWS API Gateway
What is it? Kong offers open-source platforms and cloud services to manage, monitor and scale Application Programming Interface and Microservices. Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale.
Throttling Yes Yes
Circuit breaker Yes No
Open Source Yes No
Payload size 128MB (default) can be increased 10 MB fixed
Supports compression and encoding Yes No
Kong API gateway is undoubtedly a popular, feature rich and better performing.