API Gateway in a Nutshell 2019

1ecd28bc47e222fdbe77ab1b73248d0d?s=47 Allan Chua
April 18, 2019

API Gateway in a Nutshell 2019

This presentation describes API gateways, the use case why you would be in need of it, the different implementation variations and common pitfalls associated with using them.

1ecd28bc47e222fdbe77ab1b73248d0d?s=128

Allan Chua

April 18, 2019
Tweet

Transcript

  1. API Gateway in a Nutshell Allan A. Chua @FWD 0

    0 0 0 ___
  2. Use Cases 0 0 0 0 ___ Various Implementations 0

    ------ 0 ------ 0 ------ Containers vs Functions ------ ------ ------ ------ ------ ------ - Caution Agenda
  3. None
  4. None
  5. Products API Customers API Transactions API Orders API Deliveries API

    Microservices Monolith Application
  6. Products API Customers API Transactions API Orders API Deliveries API

    Microservices Expectation
  7. Products API Customers API Transactions API Consumers face a lot

    of challenges Orders API Deliveries API o X X ___
  8. Multiple Retrieval + Attack Points 0 0 0 0 ___

    Multiple Domain Names, SSL Certs and CORS http://foo.com http://bar.com http://ses.com Authentication Hell Client-side Issues
  9. Products API Authentication Rate Limiting Logging Orders API Authentication Rate

    Limiting Caching Transactions API Authentication Logging Caching Clients / Consumers Inconsistencies and Duplications
  10. To solve these, API Gateways are introduced

  11. Products API Customers API Transactions API Orders API Deliveries API

    Stocks API API Gateway API Gateway to the Rescue
  12. Do you mean a Reverse Proxy?

  13. Proxying is one of the jobs of a gateway. API

    Gateway Authentication Rate Limiting Logging Reverse Proxy Caching Monitoring Tracing Authorization Authorization
  14. Centralized Cross Cutting Concerns API Gateway - Logging - Authentication

    - Rate Limiting / QOS - Licensing - Monitoring - Tracing
  15. Faster Cross- continental calls due to Response Aggregation

  16. ASIA Europe Cost of Communication 55 MS Latency SSL Handshake

  17. Consumer ASIA Europe Products Transactions Users Latency of 55 MS

    55 MS x 3 = 165 MS Total Response Time W/O Gateway
  18. Consumer API Gateway ASIA Europe Products Transactions Users Latency of

    55 MS Latency of 2 MS With Gateway Asia to EU = 55 MS EU to EU = 2 MS x 3 instances TOTAL Response Time = 61 MS
  19. Netflix GraphQL Story https://bit.ly/2SJdDDG 10MB of data -> 200KB

  20. Public / Private APIs API Gateway Orders API Stocks API

    Products API A C B A B A B PUBLIC PRIVATE Jobs E D C D C D
  21. Equivalent to defending Your pants From bullies

  22. Variations

  23. Cloud Provider Vendor Pluggable Gateways

  24. Cloud Provider Pros Cons - Easy to Provision - Easy

    to Scale - Easy Integration - Low latency (Edge) - Compliance Issues - Vendor Lock-in! - Testing on Cloud ☺
  25. AWS API Gateway Demo https://bit.ly/2PaVxK7 API Gateway Products Users Transactions

  26. Infrastructure as Code https://bit.ly/2PaVxK7

  27. Lambda Functions https://bit.ly/2PaVxK7

  28. Vendor Provider Pros Cons - Compliance Friendly - Easy Integration

    - Plugins - Specialist Required - Additional Setup - Vendor Lock-in!
  29. Kong Gateway Demo API Gateway Products Users Transactions https://bit.ly/2VOJiWd Dashboard

    Mapping Store
  30. Pluggable Gateways Pros Cons - Open-source (Free) - On-Premise |

    Cloud - Compliance Friendly - Easy Migrations - Development Knowledge - Short Hype Lifespan - Framework Lock-in
  31. Ocelot Gateway Demo API Gateway Products Users Transactions https://bit.ly/2ZhGdQz

  32. Ocelot Gateway Demo

  33. Containers VS Functions

  34. Container - Predictable Traffic - Legacy Application - Latest Environments

    - King of On-Premise - Long Running Tasks Serverless - Unlimited Traffic - New Projects - No so latest (Node 8.10) - Better in Cloud Environments - Short Quick Processing Containers vs Functions as Downstream Sources
  35. The bad sides

  36. - Additional Development Cost - Added Latency - Single Point

    Failure - Configuration Monolith - Common point of check-in conflict CONS
  37. Backends for Frontends Products Users Transactions Mobile App Customer Portal

    Admin Portal
  38. Q&A

  39. Links GITHUB: https://bit.ly/2KU1YCL Slides: https://bit.ly/2KOi6pr