Upgrade to Pro — share decks privately, control downloads, hide ads and more …

API Gateways in a Nutshell

Allan Chua
November 15, 2018
83

API Gateways in a Nutshell

Presentation showcasing API Gateway use cases and implementation options with pros and cons of each.

Allan Chua

November 15, 2018
Tweet

Transcript

  1. API Gateway in a Nutshell Allan A. Chua

    View Slide

  2. About Me
    Loves Software Architecture
    Camera Man for Engineers.SG
    Polyglot Developer (C#, Java, NodeJS)
    Googles better than an average bear
    http://www.pogsdotnet.com/

    View Slide

  3. Author of API Gateway in a Nutshell
    https://bit.ly/2O4IbAU https://bit.ly/2Dpq44B

    View Slide

  4. Free E-Books
    https://www.microsoft.com/net/learn/dotnet/architecture-guides

    View Slide

  5. Resources

    View Slide

  6. Agenda
    I. Abstract
    II. What are API Gateways?
    III. Benefits
    IV. Implementations, Tools and Frameworks
    V. Demo
    VI. Docker Helps in Gateway Development
    VII. Desired State Management with Kubernetes
    VIII. Things to Consider

    View Slide

  7. View Slide

  8. View Slide

  9. Lesson of the Story

    View Slide

  10. HUGE
    complex
    problems
    DON’T NEED
    HUGE
    complicated
    solutions

    View Slide

  11. all you need is
    a combination of
    small & simple
    solutions

    View Slide

  12. microservices

    View Slide

  13. Most engineering teams plan to build this
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication

    View Slide

  14. I. Intense Coupling
    II. Hard to make changes
    III. Maintenance Chaos
    DEATH STAR PITFALL
    But they end up with this

    View Slide

  15. Bounded Contexts
    LEDGER CATALOG AUTH
    https://martinfowler.com/bliki/BoundedContext.html

    View Slide

  16. BOUNDED CONTEXT ISSUES
    Multiple Point of Contacts
    ????
    ????
    ????
    ????

    View Slide

  17. BOUNDED CONTEXT ISSUES
    Multiple Point of Attacks

    View Slide

  18. BOUNDED CONTEXT ISSUES
    Authentication Issues
    JWT Token A
    JWT Token B
    JWT Token C
    Cookies Against
    N Servers?

    View Slide

  19. BOUNDED CONTEXT ISSUES
    CORS, Domain Name and SSL
    Cross Origin Sharing
    is troublesome
    Buy multiple SSL
    Certificates + Domains?

    View Slide

  20. BOUNDED CONTEXT ISSUES
    Tightly Coupled Client and APIs
    CATALOG
    LEDGER
    CUSTOMERS
    Each team working on
    a bounded context
    will have a hard time
    releasing their changes

    View Slide

  21. API Gateway
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication
    API Gateway

    View Slide

  22. API Gateway vs Reverse Proxy
    API Gateway
    Reverse Proxy
    Authentication
    Caching
    Rate Limiting Logging Response Aggregation

    View Slide

  23. I. Sub-Domain Encapsulation
    II. Single Point of Contact
    III. Faster Cross Continental Communication
    IV. Centralized Authentication
    V. Single CORS, Domain Name and SSL
    VI. Added Layer of Security
    VII. Centralized Cross Cutting Concerns
    BENEFITS OF USING AN API GATEWAY

    View Slide

  24. I. Authentication
    II. Logging
    III. Monitoring
    IV. Circuit Breaking
    V. Retries with Jitter
    VI. SSL Termination
    VII. Whitelisting
    VIII. Response Aggregation
    IX. Rate Limiting
    CROSS CUTTING CONCERNS

    View Slide

  25. Implementation Choices
    CODE
    Generic
    Software
    Cloud
    Management
    Platform
    Code / Config
    Hybrid

    View Slide

  26. Cloud
    Provider Azure API
    Management
    AWS API Gateway
    API Management Platforms
    Provided by Cloud Platforms

    View Slide

  27. Azure API
    Management
    ✓ Aggregation
    ✓ Reverse Proxying
    ✓ Versioning
    ✓ Mock Responses
    ✓ Test Console
    ✓ Public vs Private APIs
    ✓ Rate Limiting
    ✓ Application Insights Integration
    ✓ Live Metrics System

    View Slide

  28. Cloud
    Provider
    PROS CONS
    1. Can Get Up Quickly
    2. Cheapest Solution
    3. Wide Community Support
    4. Good for Startups.
    1. Coupled to Provider
    2. Hard to migrate
    3. Limited Features
    4. Compliance Issues

    View Slide

  29. Generic
    Software

    View Slide

  30. PROS CONS
    1. Can Get Up Quickly
    2. Semi-Cheap Solution
    3. Smaller Community Support
    4. Plugins
    1. Hard to migrate
    2. Limited Features
    3. Risk of dying plugins
    4. Compliance Issues
    Generic
    Software

    View Slide

  31. PROS CONS
    1. Highest Form of Control
    2. Unlimited options
    3. Don’t need specialization
    4. Highly decoupled solutions
    5. Build and ship what you only need
    6. No Compliance Issues
    1. Takes time build
    2. Expensive to build
    3. Like investment
    CODED

    View Slide

  32. PROS CONS
    1. More control
    2. Unlimited options
    3. Flexible Approach
    4. Average time to build
    1. Confusion on which to
    pick between the two.
    2. Compliance Issues with
    Libraries
    Coded
    Hybrid
    +

    View Slide

  33. Strangler Migration
    Web API
    Monolith
    API Gateway

    View Slide

  34. Strangler Migrations
    Web API
    Authentication
    API Gateway
    Web API
    Monolith

    View Slide

  35. Strangler Migrations
    Web API
    Authentication
    API Gateway
    Web API
    Monolith
    Web API
    Catalog

    View Slide

  36. Demo
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication
    API Gateway

    View Slide

  37. Dockerized Gateways
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication
    API Gateway
    https://bit.ly/2Ao0XeO

    View Slide

  38. Polyglot Teams and Gateways
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication
    API Gateway

    View Slide

  39. No Lockdown to old versions
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication
    API Gateway
    Node 6 - Promises
    Node 8 – Async / Await
    Node 10 – HTTP/2

    View Slide

  40. Cluster Desired State Management
    AUTH
    LEDGER
    CATALOG

    View Slide

  41. Service Necromancer
    RIP
    Works in my Machine

    View Slide

  42. Service Necromancer
    DISCO TIME
    Works in my Production

    View Slide

  43. API Gateway
    API Gateway
    Web API
    Web API
    Web API
    Ledger
    Catalog
    Authentication

    View Slide

  44. Fat Gateway
    API Gateway
    Web API
    Ledger
    Web API
    Authentication
    Web API
    Catalog

    View Slide

  45. Thin Gateway
    API Gateway
    Web API
    Ledger
    Web API
    Authentication
    Web API
    Catalog

    View Slide

  46. Istio
    I. Inventory and Visibility of Services
    II. Performance Management
    III. Security Policy Management
    IV. Traffic Management
    V. Native Reliability
    VI. Chaos Engineering Testing

    View Slide

  47. Canary Deployment
    API Gateway
    Web API
    Ledger V2
    Web API
    Ledger V1
    EU
    ASIA

    View Slide

  48. Blue Green Deployment
    API Gateway
    Web API
    Ledger V2
    Web API
    Ledger V1

    View Slide

  49. Blue Green Deployment
    API Gateway
    Web API
    Ledger V2
    Web API
    Ledger V1

    View Slide

  50. NOT A SILVER BULLET
    Additional
    Development Cost
    Adds Little
    Communication Latency
    Highly Matured
    Team to Operate

    View Slide

  51. Configuration Monolith
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication
    API Gateway

    View Slide

  52. Consider Backends for Frontends (BFF)
    Web API
    Ledger
    Web API
    Catalog
    Web API
    Authentication
    API Gateway
    API Gateway
    Desktop Gateway
    Mobile Gateway

    View Slide

  53. LINKS
    DEMO APP: https://bit.ly/2EM6Sii
    BLOG: http://www.pogsdotnet.com/2018/08/api-gateway-in-nutshell.html

    View Slide

  54. QUESTIONS

    View Slide

  55. API Gateway in a Nutshell Allan A. Chua
    Thank you for
    Attending and Listening!!

    View Slide