Slide 1

Slide 1 text

API Gateway in a Nutshell Allan A. Chua @FWD 0 0 0 0 ___

Slide 2

Slide 2 text

Use Cases 0 0 0 0 ___ Various Implementations 0 ------ 0 ------ 0 ------ Containers vs Functions ------ ------ ------ ------ ------ ------ - Caution Agenda

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

Products API Customers API Transactions API Orders API Deliveries API Microservices Monolith Application

Slide 6

Slide 6 text

Products API Customers API Transactions API Orders API Deliveries API Microservices Expectation

Slide 7

Slide 7 text

Products API Customers API Transactions API Consumers face a lot of challenges Orders API Deliveries API o X X ___

Slide 8

Slide 8 text

Multiple Retrieval + Attack Points 0 0 0 0 ___ Multiple Domain Names, SSL Certs and CORS http://foo.com http://bar.com http://ses.com Authentication Hell Client-side Issues

Slide 9

Slide 9 text

Products API Authentication Rate Limiting Logging Orders API Authentication Rate Limiting Caching Transactions API Authentication Logging Caching Clients / Consumers Inconsistencies and Duplications

Slide 10

Slide 10 text

To solve these, API Gateways are introduced

Slide 11

Slide 11 text

Products API Customers API Transactions API Orders API Deliveries API Stocks API API Gateway API Gateway to the Rescue

Slide 12

Slide 12 text

Do you mean a Reverse Proxy?

Slide 13

Slide 13 text

Proxying is one of the jobs of a gateway. API Gateway Authentication Rate Limiting Logging Reverse Proxy Caching Monitoring Tracing Authorization Authorization

Slide 14

Slide 14 text

Centralized Cross Cutting Concerns API Gateway - Logging - Authentication - Rate Limiting / QOS - Licensing - Monitoring - Tracing

Slide 15

Slide 15 text

Faster Cross- continental calls due to Response Aggregation

Slide 16

Slide 16 text

ASIA Europe Cost of Communication 55 MS Latency SSL Handshake

Slide 17

Slide 17 text

Consumer ASIA Europe Products Transactions Users Latency of 55 MS 55 MS x 3 = 165 MS Total Response Time W/O Gateway

Slide 18

Slide 18 text

Consumer API Gateway ASIA Europe Products Transactions Users Latency of 55 MS Latency of 2 MS With Gateway Asia to EU = 55 MS EU to EU = 2 MS x 3 instances TOTAL Response Time = 61 MS

Slide 19

Slide 19 text

Netflix GraphQL Story https://bit.ly/2SJdDDG 10MB of data -> 200KB

Slide 20

Slide 20 text

Public / Private APIs API Gateway Orders API Stocks API Products API A C B A B A B PUBLIC PRIVATE Jobs E D C D C D

Slide 21

Slide 21 text

Equivalent to defending Your pants From bullies

Slide 22

Slide 22 text

Variations

Slide 23

Slide 23 text

Cloud Provider Vendor Pluggable Gateways

Slide 24

Slide 24 text

Cloud Provider Pros Cons - Easy to Provision - Easy to Scale - Easy Integration - Low latency (Edge) - Compliance Issues - Vendor Lock-in! - Testing on Cloud ☺

Slide 25

Slide 25 text

AWS API Gateway Demo https://bit.ly/2PaVxK7 API Gateway Products Users Transactions

Slide 26

Slide 26 text

Infrastructure as Code https://bit.ly/2PaVxK7

Slide 27

Slide 27 text

Lambda Functions https://bit.ly/2PaVxK7

Slide 28

Slide 28 text

Vendor Provider Pros Cons - Compliance Friendly - Easy Integration - Plugins - Specialist Required - Additional Setup - Vendor Lock-in!

Slide 29

Slide 29 text

Kong Gateway Demo API Gateway Products Users Transactions https://bit.ly/2VOJiWd Dashboard Mapping Store

Slide 30

Slide 30 text

Pluggable Gateways Pros Cons - Open-source (Free) - On-Premise | Cloud - Compliance Friendly - Easy Migrations - Development Knowledge - Short Hype Lifespan - Framework Lock-in

Slide 31

Slide 31 text

Ocelot Gateway Demo API Gateway Products Users Transactions https://bit.ly/2ZhGdQz

Slide 32

Slide 32 text

Ocelot Gateway Demo

Slide 33

Slide 33 text

Containers VS Functions

Slide 34

Slide 34 text

Container - Predictable Traffic - Legacy Application - Latest Environments - King of On-Premise - Long Running Tasks Serverless - Unlimited Traffic - New Projects - No so latest (Node 8.10) - Better in Cloud Environments - Short Quick Processing Containers vs Functions as Downstream Sources

Slide 35

Slide 35 text

The bad sides

Slide 36

Slide 36 text

- Additional Development Cost - Added Latency - Single Point Failure - Configuration Monolith - Common point of check-in conflict CONS

Slide 37

Slide 37 text

Backends for Frontends Products Users Transactions Mobile App Customer Portal Admin Portal

Slide 38

Slide 38 text

Q&A

Slide 39

Slide 39 text

Links GITHUB: https://bit.ly/2KU1YCL Slides: https://bit.ly/2KOi6pr