Upgrade to Pro — share decks privately, control downloads, hide ads and more …

A Hitchhiker's Guide to Cloud Native API Gateways #CDS19

A Hitchhiker's Guide to Cloud Native API Gateways #CDS19

Good APIs are the center piece of any successful digital product and cloud native application architecture. But for complex systems with many API consumers the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle and enforce concerns like routing, versioning, rate limiting, access control, diagnosability or service catalogs in a microservice architecture. So this session will have a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Kong, Tyc, KrakenD, et.al. But which one of these is the right one to use in your next project? Let's find out. Leander will start off by briefly explaining the API gateway pattern and derive a simple criteria catalog. He will then continue by comparing and showcasing the most promising ones.

M.-Leander Reimer

June 26, 2019
Tweet

More Decks by M.-Leander Reimer

Other Decks in Technology

Transcript

  1. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware A HITCHHIKER’S GUIDE TO CLOUD NATIVE API GATEWAYS
  2. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 2 Mario-Leander Reimer Principal Software Architect QAware GmbH
  3. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 3 Monolithic Legacy System Users system.example.com
  4. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 4 Users Monolithic Legacy System A Shared PasS A Namespace Service A system.example.com service-a.default.example.com Route
  5. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 5 Users Monolithic Legacy System A Shared PasS A Namespace Service A system.example.com service-a.default.example.com Route Service B Route service-b…
  6. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 6 Users Monolithic Legacy System A Shared PasS A Namespace Service A system.example.com service-a.default.example.com Route Service B Route service-b… Service C Route service-c…
  7. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 7 Users Monolithic Legacy System A Shared PasS A Namespace Service A’ system.example.com service-a.default.example.com Route Service B Route service-b… Service C' Route service-c… 3rd Party Apps
  8. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 8 Users Monolithic Legacy System A Shared PasS A Namespace Service A’ system.example.com service-a.default.example.com Route Service B Route service-b… Service C' Route service-c… 3rd Party Apps B Namespace Service X Service Y Service Z’ Unreliable Legacy Systems SOAP gRPC
  9. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 9 Users Monolithic Legacy System A Shared PasS A Namespace Service A’ system.example.com service-a.default.example.com Route Service B Route service-b… Service C' Route service-c… 3rd Party Apps B Namespace Service X Service Y Service Z’ Unreliable Legacy Systems SOAP gRPC Route Internal Systems
  10. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 10 APIs are the center piece of any successful digital product. Proper management of your APIs right from the start is crucial, to not end up in API hell. https://thenewstack.io/history-service-mesh/
  11. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 11 Users Monolithic Legacy System A Shared PasS A Namespace Service A Service B Service C 3rd Party Apps B Namespace Service X Service Y Service Z Unreliable Legacy Systems SOAP API Gateway Backend for Frontend Internal Systems API Gateway API
  12. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 12 API Gateways are like the Façade Pattern in
 Cloud Native Application Design and Microservice Architectures
  13. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware • Traffic Management: Path, Header, Host based Routing, Path Rewrite • Rollout and Deployment: A/B Deployment, Canary Release, et.al. • QoS and Resiliency: Circuit Breaker, Retry, Timeouts, Rate Limiting • Security: AAA, Terminate TLS, Support for JWT and JWKS, Open ID, … • Protocol Translation: XML to JSON, gRPC to JSON, … • Transformation: Fan Out / Collect, Backend for Frontend, GraphQL, … • Observability: Integration into Logging, Monitoring, Tracing Stacks 13
  14. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 14 W E N S Ingress Egress API Gateways for North-South Communication Service Meshes for East-West Communication
  15. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware API Gateways in a Nutshell • Benefits • Encapsulates internal structure of application • Provides client-specific APIs • BFF reduce the number of round trips • Simplifies client code 15 • Drawbacks • Yet another highly available component that needs to be managed and deployed • Risk of becoming a development bottleneck if managed centrally • Business logic in API gateway leads to accidental ESB
  16. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware Possible Criteria for a Comparison • Open Source: no initial $$$ and no vendor lock-in please • Maturity: good and active community, little issues, frequent releases • Supported Features: Traffic Management, Deployment, Security, Translation, Transformation, QoS, Resiliency, Observability • DevOps Friendly: Easy setup and operability, supported platforms, CI/CD • Performance: Small overhead, high throughput, super scalable • Observability: good logging, monitoring, tracing capabilities + integration 16
  17. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 17
  18. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 18
  19. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware Four Categories of API Gateways A. Build Your Own API Gateway B. API Management Solutions C. Service Proxies D. Cloud Native API Gateways 19
  20. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware A. Build Your Own API Gateway 20 • Several frameworks available: Netflix Zuul 2, Spring Cloud Gateway, Node, Vert.x, Ballerina, Camel, Express Gateway, Sentinel • Provides a lot of flexibility. • But: your team needs to develop, maintain and operate the gateway!
  21. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware B. API Management Solutions 21 • Several full-blown API Management solutions: Kong, Tyk, Mulesoft, 3scale, Apigee, … • Makes sense in Enterprise use cases. Generally cost $. • Provide additional features such as payment, developer portals with API key management, integrations into enterprise infrastructure. • Usually, centrally deployed and operated for the whole platform and all its applications.
  22. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware C. Service Proxies 22 • Many choices: Nginx, OpenResty, Envoy, Traefik, Apache, HA Proxy, … • Lightweight and simple to use. • Provided features vary a lot between products.
  23. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware D. Cloud Native API Gateways 23 • Few choices: KrakenD, Ambassador, Gloo • Usually build upon a service proxy such as Envoy and enhance it. • Provide tight integration with cloud native platform, like K8s.
  24. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 42. THE ANSWER TO LIFE, UNIVERSE, THE CLOUD AND API GATEWAYS. 24
  25. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native

    API Gateways | @LeanderReimer #cloudnativenerd #qaware 25 CompletableFuture<SoftwareIngenieurIn> ich = CompletableFuture.supplyAsync(() -> erfindergeist() .handwerksstolz() ); CompletableFuture<Projekthaus> qaware = CompletableFuture.supplyAsync(() -> professionalität() .lässigkeit() ); Erfolg start = qaware.thenCombine(ich, (i, q) -> i.sendeBewerbung(q)) .join(); More details at http://www.qaware.de/karriere/#jobs