Slide 1

Slide 1 text

API Gateway in a Nutshell Allan A. Chua

Slide 2

Slide 2 text

About Me Loves Software Architecture Camera Man for Engineers.SG Polyglot Developer (C#, Java, NodeJS) Googles better than an average bear http://www.pogsdotnet.com/

Slide 3

Slide 3 text

Author of API Gateway in a Nutshell https://bit.ly/2O4IbAU https://bit.ly/2Dpq44B

Slide 4

Slide 4 text

Free E-Books https://www.microsoft.com/net/learn/dotnet/architecture-guides

Slide 5

Slide 5 text

Resources

Slide 6

Slide 6 text

Agenda I. Abstract II. What are API Gateways? III. Benefits IV. Implementations, Tools and Frameworks V. Demo VI. Docker Helps in Gateway Development VII. Desired State Management with Kubernetes VIII. Things to Consider

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

Lesson of the Story

Slide 10

Slide 10 text

HUGE complex problems DON’T NEED HUGE complicated solutions

Slide 11

Slide 11 text

all you need is a combination of small & simple solutions

Slide 12

Slide 12 text

microservices

Slide 13

Slide 13 text

Most engineering teams plan to build this Web API Ledger Web API Catalog Web API Authentication

Slide 14

Slide 14 text

I. Intense Coupling II. Hard to make changes III. Maintenance Chaos DEATH STAR PITFALL But they end up with this

Slide 15

Slide 15 text

Bounded Contexts LEDGER CATALOG AUTH https://martinfowler.com/bliki/BoundedContext.html

Slide 16

Slide 16 text

BOUNDED CONTEXT ISSUES Multiple Point of Contacts ???? ???? ???? ????

Slide 17

Slide 17 text

BOUNDED CONTEXT ISSUES Multiple Point of Attacks

Slide 18

Slide 18 text

BOUNDED CONTEXT ISSUES Authentication Issues JWT Token A JWT Token B JWT Token C Cookies Against N Servers?

Slide 19

Slide 19 text

BOUNDED CONTEXT ISSUES CORS, Domain Name and SSL Cross Origin Sharing is troublesome Buy multiple SSL Certificates + Domains?

Slide 20

Slide 20 text

BOUNDED CONTEXT ISSUES Tightly Coupled Client and APIs CATALOG LEDGER CUSTOMERS Each team working on a bounded context will have a hard time releasing their changes

Slide 21

Slide 21 text

API Gateway Web API Ledger Web API Catalog Web API Authentication API Gateway

Slide 22

Slide 22 text

API Gateway vs Reverse Proxy API Gateway Reverse Proxy Authentication Caching Rate Limiting Logging Response Aggregation

Slide 23

Slide 23 text

I. Sub-Domain Encapsulation II. Single Point of Contact III. Faster Cross Continental Communication IV. Centralized Authentication V. Single CORS, Domain Name and SSL VI. Added Layer of Security VII. Centralized Cross Cutting Concerns BENEFITS OF USING AN API GATEWAY

Slide 24

Slide 24 text

I. Authentication II. Logging III. Monitoring IV. Circuit Breaking V. Retries with Jitter VI. SSL Termination VII. Whitelisting VIII. Response Aggregation IX. Rate Limiting CROSS CUTTING CONCERNS

Slide 25

Slide 25 text

Implementation Choices CODE Generic Software Cloud Management Platform Code / Config Hybrid

Slide 26

Slide 26 text

Cloud Provider Azure API Management AWS API Gateway API Management Platforms Provided by Cloud Platforms

Slide 27

Slide 27 text

Azure API Management ✓ Aggregation ✓ Reverse Proxying ✓ Versioning ✓ Mock Responses ✓ Test Console ✓ Public vs Private APIs ✓ Rate Limiting ✓ Application Insights Integration ✓ Live Metrics System

Slide 28

Slide 28 text

Cloud Provider PROS CONS 1. Can Get Up Quickly 2. Cheapest Solution 3. Wide Community Support 4. Good for Startups. 1. Coupled to Provider 2. Hard to migrate 3. Limited Features 4. Compliance Issues

Slide 29

Slide 29 text

Generic Software

Slide 30

Slide 30 text

PROS CONS 1. Can Get Up Quickly 2. Semi-Cheap Solution 3. Smaller Community Support 4. Plugins 1. Hard to migrate 2. Limited Features 3. Risk of dying plugins 4. Compliance Issues Generic Software

Slide 31

Slide 31 text

PROS CONS 1. Highest Form of Control 2. Unlimited options 3. Don’t need specialization 4. Highly decoupled solutions 5. Build and ship what you only need 6. No Compliance Issues 1. Takes time build 2. Expensive to build 3. Like investment CODED

Slide 32

Slide 32 text

PROS CONS 1. More control 2. Unlimited options 3. Flexible Approach 4. Average time to build 1. Confusion on which to pick between the two. 2. Compliance Issues with Libraries Coded Hybrid +

Slide 33

Slide 33 text

Strangler Migration Web API Monolith API Gateway

Slide 34

Slide 34 text

Strangler Migrations Web API Authentication API Gateway Web API Monolith

Slide 35

Slide 35 text

Strangler Migrations Web API Authentication API Gateway Web API Monolith Web API Catalog

Slide 36

Slide 36 text

Demo Web API Ledger Web API Catalog Web API Authentication API Gateway

Slide 37

Slide 37 text

Dockerized Gateways Web API Ledger Web API Catalog Web API Authentication API Gateway https://bit.ly/2Ao0XeO

Slide 38

Slide 38 text

Polyglot Teams and Gateways Web API Ledger Web API Catalog Web API Authentication API Gateway

Slide 39

Slide 39 text

No Lockdown to old versions Web API Ledger Web API Catalog Web API Authentication API Gateway Node 6 - Promises Node 8 – Async / Await Node 10 – HTTP/2

Slide 40

Slide 40 text

Cluster Desired State Management AUTH LEDGER CATALOG

Slide 41

Slide 41 text

Service Necromancer RIP Works in my Machine

Slide 42

Slide 42 text

Service Necromancer DISCO TIME Works in my Production

Slide 43

Slide 43 text

API Gateway API Gateway Web API Web API Web API Ledger Catalog Authentication

Slide 44

Slide 44 text

Fat Gateway API Gateway Web API Ledger Web API Authentication Web API Catalog

Slide 45

Slide 45 text

Thin Gateway API Gateway Web API Ledger Web API Authentication Web API Catalog

Slide 46

Slide 46 text

Istio I. Inventory and Visibility of Services II. Performance Management III. Security Policy Management IV. Traffic Management V. Native Reliability VI. Chaos Engineering Testing

Slide 47

Slide 47 text

Canary Deployment API Gateway Web API Ledger V2 Web API Ledger V1 EU ASIA

Slide 48

Slide 48 text

Blue Green Deployment API Gateway Web API Ledger V2 Web API Ledger V1

Slide 49

Slide 49 text

Blue Green Deployment API Gateway Web API Ledger V2 Web API Ledger V1

Slide 50

Slide 50 text

NOT A SILVER BULLET Additional Development Cost Adds Little Communication Latency Highly Matured Team to Operate

Slide 51

Slide 51 text

Configuration Monolith Web API Ledger Web API Catalog Web API Authentication API Gateway

Slide 52

Slide 52 text

Consider Backends for Frontends (BFF) Web API Ledger Web API Catalog Web API Authentication API Gateway API Gateway Desktop Gateway Mobile Gateway

Slide 53

Slide 53 text

LINKS DEMO APP: https://bit.ly/2EM6Sii BLOG: http://www.pogsdotnet.com/2018/08/api-gateway-in-nutshell.html

Slide 54

Slide 54 text

QUESTIONS

Slide 55

Slide 55 text

API Gateway in a Nutshell Allan A. Chua Thank you for Attending and Listening!!