O'Reilly Software Architecture Conference Europe, November 2019, Berlin: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract: Good APIs are the centerpiece of any successful digital product. But for complex systems with many API consumers, the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle concerns like routing, versioning, rate limiting, access control, or diagnosability in a cloud native application architecture. Mario-Leander Reimer guides you to cloud native API gateways.
You’ll take a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Tyc, KrakenD, etc., and find out which one of these is right for your next project. Leander explains the API gateway pattern with its possible usage scenarios and defines a criteria catalog with essential characteristics in order to compare the current ecosystem. And he puts some of them to the test and demonstrates their usage live and uncut.
2. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware2
Mario-Leander Reimer
Principal Software Architect
QAware GmbH
3. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware3
Monolithic
Vintage System
Users
system.example.com
4. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware4
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
5. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware5
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
6. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware6
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service CRoute
service-c…
7. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware7
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service C'Route
service-c…3rd Party Apps
8. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware8
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service C'Route
service-c…3rd Party Apps
B Namespace
Service X
Service Y
Service Z
gRPC
9. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware9
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service C'Route
service-c…3rd Party Apps
B Namespace
Service X
Service Y
Service Z’
Unreliable
Legacy
Systems
SOAP
gRPC
10. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware10
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service C'Route
service-c…3rd Party Apps
B Namespace
Service X
Service Y
Service Z’
Unreliable
Legacy
Systems
SOAP
gRPC
Route
Internal
Systems
11. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware11
APIs are the center piece of any
successful digital product.
Proper management of your
APIs right from the start is crucial,
to not end up in API hell.
https://thenewstack.io/history-service-mesh/
12. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware12
APIs are the center piece of any
successful digital product.
Proper management of your
APIs right from the start is crucial,
to not end up in API hell.
https://thenewstack.io/history-service-mesh/
13. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware13
Users
Monolithic
Vintage System
A Shared PasS
A Namespace
Service A
Service B
Service C
3rd Party Apps
B Namespace
Service X
Service Y
Service Z
Unreliable
Legacy
Systems
SOAP
API
Gateway
Backendfor
Frontend
Internal
Systems
APIGateway
API
14. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware14
API Gateways
are like the Façade Patternin
Cloud Native Application Design
and Microservice Architectures
15. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
• Traffic Management: Path, Header, Host based Routing, Path Rewrite
• Rollout and Deployment: A/B Deployment, Canary Release, et.al.
• QoS and Resiliency: Circuit Breaker, Retry, Timeouts, Rate Limiting
• Security: AAA, Terminate TLS, Support for JWT and JWKS, Open ID, …
• Protocol Translation: XML to JSON, gRPC to JSON, …
• Transformation: Fan Out / Collect, Backend for Frontend, GraphQL, …
• Observability: Integration into Logging, Monitoring, Tracing Stacks
15
16. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware16
W E
N
S
Ingress
Egress
API Gateways for
North-South Communication
Service Meshes for
East-West Communication
17. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
API Gateways in a Nutshell
• Benefits
• Encapsulates internal
structure of application
• Provides client-specific APIs
• BFF reduce the number of
round trips
• Simplifies client code
17
• Drawbacks
• Yet another highly available
component that needs to be
managed and deployed
• Risk of becoming a
development bottleneck if
managed centrally
• Business logic in API gateway
leads to accidental ESB
18. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
Possible Criteria for a Comparison
• Open Source: no initial $$$ and no vendor lock-in please
• Maturity: good and active community, little issues, frequent releases
• Supported Features: Traffic Management, Deployment, Security,
Translation, Transformation, QoS, Resiliency, Observability
• DevOps Friendly: Easy setup and operability, supported platforms, CI/CD
• Performance: Small overhead, high throughput, super scalable
• Observability: good logging, monitoring, tracing capabilities + integration
18
19. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware19
20. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware20
21. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
Four Categories of API Gateways
A. Build Your Own API Gateway
B. API Management Solutions
C. Service Proxies
D. Cloud Native API Gateways
21
22. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
A. Build Your Own API Gateway
22
• Several frameworks available: Netflix Zuul 2, Spring Cloud Gateway, Node,
Vert.x, Ballerina, Camel (K), Express Gateway, Sentinel
• Provides a lot of flexibility.
• But: your team needs to develop, maintain and operate the gateway!
23. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
B. API Management Solutions
23
• Several full-blown API Management solutions: Kong, Tyk, Mulesoft, 3scale,
Apigee, …
• Makes sense in Enterprise use cases. Generally cost $.
• Provide additional features such as payment, developer portals with API
key management, integrations into enterprise infrastructure.
• Usually, centrally deployed and operated for the whole platform and all its
applications.
24. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
C. Service Proxies
24
• Many choices: Nginx, OpenResty, Envoy, Traefik, Apache, HA Proxy, …
• Lightweight and simple to use.
• Provided features vary a lot between products.
25. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
D. Cloud Native API Gateways
25
• Few choices: KrakenD, Ambassador, Gloo
• Usually build upon a service proxy such as Envoy and enhance it.
• Provide tight integration with cloud native platform, like K8s.
26. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
Demos
26
https://github.com/lreimer/hitchhikers-guide-api-gateways
https://speakerdeck.com/lreimer/a-hitchhikers-guide-to-cloud-native-api-gateways
27. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
42.
THE ANSWER TO LIFE, UNIVERSE,
THE CLOUD AND API GATEWAYS.
27