Save 37% off PRO during our Black Friday Sale! »

API Gateways - Dealing with Distributed Backends

1ecd28bc47e222fdbe77ab1b73248d0d?s=47 Allan Chua
November 21, 2018

API Gateways - Dealing with Distributed Backends

The presentation aims to showcase how API gateways solves the issues associated with distributed back-ends (Microservices and APIs) from a front-end developer's point of view.

1ecd28bc47e222fdbe77ab1b73248d0d?s=128

Allan Chua

November 21, 2018
Tweet

Transcript

  1. Dealing with Distributed Backends using API Gateways

  2. About Me Software Architecture Advocate Camera Man @ Engineers.SG Polyglot

    Developer https://www.pogsdotnet.com
  3. Author of API Gateway in a Nutshell https://bit.ly/2O4IbAU https://bit.ly/2Dpq44B

  4. Free E-Books https://www.microsoft.com/net/learn/dotnet/architecture-guides

  5. Resources

  6. Table of Contents I. Abstract II. What are API Gateways?

    III. Benefits IV. Implementations, Tools and Frameworks V. Demo VI. Things to Consider
  7. None
  8. None
  9. Microservices

  10. Microservices Pros Independent Pieces Independent Teams Independent Releases

  11. How a client app communicates with distributed backend APIs. Web

    API Ledger Web API Catalog Web API Authentication
  12. Dealing with Microservice APIs as a frontend developer is apparently

    HARD
  13. Multiple Point of Contacts ???? ???? ???? ???? Distributed API

    Challenges
  14. Multiple Point of Attacks Distributed API Challenges

  15. Authentication Issues JWT Token A JWT Token B JWT Token

    C Cookies Against N Servers? Distributed API Challenges
  16. CORS, Domain Name and SSL Cross Origin Sharing is troublesome

    Buy multiple SSL Certificates + Domains? Distributed API Challenges
  17. Tightly Coupled Client and APIs CATALOG LEDGER CUSTOMERS Each team

    working on a bounded context will have a hard time releasing their changes Distributed API Challenges
  18. API Gateway Web API Transactions Web API Catalog Web API

    Users API Gateway
  19. API Gateway vs Reverse Proxy API Gateway Reverse Proxy Authentication

    Caching Rate Limiting Logging Response Aggregation
  20. I. Sub-Domain Encapsulation II. Single Point of Contact III. Faster

    Cross Continental Communication IV. Centralized Authentication V. Single CORS, Domain Name and SSL VI. Added Layer of Security VII. Centralized Cross Cutting Concerns BENEFITS OF USING AN API GATEWAY
  21. I. Authentication II. Logging III. Monitoring IV. Circuit Breaking V.

    Retries with Jitter VI. SSL Termination VII. Whitelisting VIII. Response Aggregation IX. Rate Limiting CROSS CUTTING CONCERNS
  22. Define Downstream Services Downstream services in the context of API

    gateways are independent backend APIs that you want to aggregate and encapsulate.
  23. Define Public Endpoints Expose Public Endpoints. Public endpoints not exposed

    on the gateway Are considered private which introduces a more secured way of aggregating APIs
  24. Define Pipelines Policies Pipelines are an ordered list of policies

    that are executed for requests received from all linked apiEndpoints.
  25. Implementation Choices CODE Generic Software Cloud Management Platform Code /

    Config Hybrid
  26. Azure API Management AWS API Gateway Kong NGINX API Gateway

    Express API Gateway Ocelot API Gateway Spring Cloud Gateway JHipster
  27. NOT A SILVER BULLET Additional Development Cost Adds Little Communication

    Latency Highly Matured Team to Operate
  28. Configuration Monolith Web API Ledger Web API Catalog Web API

    Authentication API Gateway
  29. Consider Backends for Frontends (BFF) Web API Ledger Web API

    Catalog Web API Authentication API Gateway API Gateway Desktop Gateway Mobile Gateway
  30. Question and Answers

  31. Resources Speaker Deck: https://bit.ly/2FvBzZa Github Demo: https://bit.ly/2Q6CNhM API Gateway Articles:

    https://bit.ly/2O4IbAU