About Me Loves Software Architecture Camera Man for Engineers.SG Polyglot Developer (C#, Java, NodeJS) Googles better than an average bear http://www.pogsdotnet.com/
Agenda I. Abstract II. What are API Gateways? III. Benefits IV. Implementations, Tools and Frameworks V. Demo VI. Docker Helps in Gateway Development VII. Desired State Management with Kubernetes VIII. Things to Consider
BOUNDED CONTEXT ISSUES Tightly Coupled Client and APIs CATALOG LEDGER CUSTOMERS Each team working on a bounded context will have a hard time releasing their changes
I. Sub-Domain Encapsulation II. Single Point of Contact III. Faster Cross Continental Communication IV. Centralized Authentication V. Single CORS, Domain Name and SSL VI. Added Layer of Security VII. Centralized Cross Cutting Concerns BENEFITS OF USING AN API GATEWAY
I. Authentication II. Logging III. Monitoring IV. Circuit Breaking V. Retries with Jitter VI. SSL Termination VII. Whitelisting VIII. Response Aggregation IX. Rate Limiting CROSS CUTTING CONCERNS
Cloud Provider PROS CONS 1. Can Get Up Quickly 2. Cheapest Solution 3. Wide Community Support 4. Good for Startups. 1. Coupled to Provider 2. Hard to migrate 3. Limited Features 4. Compliance Issues
PROS CONS 1. Can Get Up Quickly 2. Semi-Cheap Solution 3. Smaller Community Support 4. Plugins 1. Hard to migrate 2. Limited Features 3. Risk of dying plugins 4. Compliance Issues Generic Software
PROS CONS 1. Highest Form of Control 2. Unlimited options 3. Don’t need specialization 4. Highly decoupled solutions 5. Build and ship what you only need 6. No Compliance Issues 1. Takes time build 2. Expensive to build 3. Like investment CODED
PROS CONS 1. More control 2. Unlimited options 3. Flexible Approach 4. Average time to build 1. Confusion on which to pick between the two. 2. Compliance Issues with Libraries Coded Hybrid +
No Lockdown to old versions Web API Ledger Web API Catalog Web API Authentication API Gateway Node 6 - Promises Node 8 – Async / Await Node 10 – HTTP/2
Istio I. Inventory and Visibility of Services II. Performance Management III. Security Policy Management IV. Traffic Management V. Native Reliability VI. Chaos Engineering Testing