API Gateways in a Nutshell

Transcript

1. API Gateway in a Nutshell Allan A. Chua

2. About Me Loves Software Architecture Camera Man for Engineers.SG Polyglot

   Developer (C#, Java, NodeJS) Googles better than an average bear http://www.pogsdotnet.com/

3. Author of API Gateway in a Nutshell https://bit.ly/2O4IbAU https://bit.ly/2Dpq44B

4. Free E-Books https://www.microsoft.com/net/learn/dotnet/architecture-guides

5. Resources

6. Agenda I. Abstract II. What are API Gateways? III. Benefits

   IV. Implementations, Tools and Frameworks V. Demo VI. Docker Helps in Gateway Development VII. Desired State Management with Kubernetes VIII. Things to Consider
7. None
8. None

9. Lesson of the Story

10. HUGE complex problems DON’T NEED HUGE complicated solutions

11. all you need is a combination of small & simple

    solutions

12. microservices

13. Most engineering teams plan to build this Web API Ledger

    Web API Catalog Web API Authentication

14. I. Intense Coupling II. Hard to make changes III. Maintenance

    Chaos DEATH STAR PITFALL But they end up with this

15. Bounded Contexts LEDGER CATALOG AUTH https://martinfowler.com/bliki/BoundedContext.html

16. BOUNDED CONTEXT ISSUES Multiple Point of Contacts ???? ???? ????

    ????

17. BOUNDED CONTEXT ISSUES Multiple Point of Attacks

18. BOUNDED CONTEXT ISSUES Authentication Issues JWT Token A JWT Token

    B JWT Token C Cookies Against N Servers?

19. BOUNDED CONTEXT ISSUES CORS, Domain Name and SSL Cross Origin

    Sharing is troublesome Buy multiple SSL Certificates + Domains?

20. BOUNDED CONTEXT ISSUES Tightly Coupled Client and APIs CATALOG LEDGER

    CUSTOMERS Each team working on a bounded context will have a hard time releasing their changes

21. API Gateway Web API Ledger Web API Catalog Web API

    Authentication API Gateway

22. API Gateway vs Reverse Proxy API Gateway Reverse Proxy Authentication

    Caching Rate Limiting Logging Response Aggregation

23. I. Sub-Domain Encapsulation II. Single Point of Contact III. Faster

    Cross Continental Communication IV. Centralized Authentication V. Single CORS, Domain Name and SSL VI. Added Layer of Security VII. Centralized Cross Cutting Concerns BENEFITS OF USING AN API GATEWAY

24. I. Authentication II. Logging III. Monitoring IV. Circuit Breaking V.

    Retries with Jitter VI. SSL Termination VII. Whitelisting VIII. Response Aggregation IX. Rate Limiting CROSS CUTTING CONCERNS

25. Implementation Choices CODE Generic Software Cloud Management Platform Code /

    Config Hybrid

26. Cloud Provider Azure API Management AWS API Gateway API Management

    Platforms Provided by Cloud Platforms

27. Azure API Management ✓ Aggregation ✓ Reverse Proxying ✓ Versioning

    ✓ Mock Responses ✓ Test Console ✓ Public vs Private APIs ✓ Rate Limiting ✓ Application Insights Integration ✓ Live Metrics System

28. Cloud Provider PROS CONS 1. Can Get Up Quickly 2.

    Cheapest Solution 3. Wide Community Support 4. Good for Startups. 1. Coupled to Provider 2. Hard to migrate 3. Limited Features 4. Compliance Issues

29. Generic Software

30. PROS CONS 1. Can Get Up Quickly 2. Semi-Cheap Solution

    3. Smaller Community Support 4. Plugins 1. Hard to migrate 2. Limited Features 3. Risk of dying plugins 4. Compliance Issues Generic Software

31. PROS CONS 1. Highest Form of Control 2. Unlimited options

    3. Don’t need specialization 4. Highly decoupled solutions 5. Build and ship what you only need 6. No Compliance Issues 1. Takes time build 2. Expensive to build 3. Like investment CODED

32. PROS CONS 1. More control 2. Unlimited options 3. Flexible

    Approach 4. Average time to build 1. Confusion on which to pick between the two. 2. Compliance Issues with Libraries Coded Hybrid +

33. Strangler Migration Web API Monolith API Gateway

34. Strangler Migrations Web API Authentication API Gateway Web API Monolith

35. Strangler Migrations Web API Authentication API Gateway Web API Monolith

    Web API Catalog

36. Demo Web API Ledger Web API Catalog Web API Authentication

    API Gateway

37. Dockerized Gateways Web API Ledger Web API Catalog Web API

    Authentication API Gateway https://bit.ly/2Ao0XeO

38. Polyglot Teams and Gateways Web API Ledger Web API Catalog

    Web API Authentication API Gateway

39. No Lockdown to old versions Web API Ledger Web API

    Catalog Web API Authentication API Gateway Node 6 - Promises Node 8 – Async / Await Node 10 – HTTP/2

40. Cluster Desired State Management AUTH LEDGER CATALOG

41. Service Necromancer RIP Works in my Machine

42. Service Necromancer DISCO TIME Works in my Production

43. API Gateway API Gateway Web API Web API Web API

    Ledger Catalog Authentication

44. Fat Gateway API Gateway Web API Ledger Web API Authentication

    Web API Catalog

45. Thin Gateway API Gateway Web API Ledger Web API Authentication

    Web API Catalog

46. Istio I. Inventory and Visibility of Services II. Performance Management

    III. Security Policy Management IV. Traffic Management V. Native Reliability VI. Chaos Engineering Testing

47. Canary Deployment API Gateway Web API Ledger V2 Web API

    Ledger V1 EU ASIA

48. Blue Green Deployment API Gateway Web API Ledger V2 Web

    API Ledger V1

49. Blue Green Deployment API Gateway Web API Ledger V2 Web

    API Ledger V1

50. NOT A SILVER BULLET Additional Development Cost Adds Little Communication

    Latency Highly Matured Team to Operate

51. Configuration Monolith Web API Ledger Web API Catalog Web API

    Authentication API Gateway

52. Consider Backends for Frontends (BFF) Web API Ledger Web API

    Catalog Web API Authentication API Gateway API Gateway Desktop Gateway Mobile Gateway

53. LINKS DEMO APP: https://bit.ly/2EM6Sii BLOG: http://www.pogsdotnet.com/2018/08/api-gateway-in-nutshell.html

54. QUESTIONS

55. API Gateway in a Nutshell Allan A. Chua Thank you

    for Attending and Listening!!