JavaLand, March 2021, online: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
Abstract: Good APIs are the center piece of any successful digital product and cloud native application architecture. But for complex systems with many API consumers the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle and enforce concerns like routing, versioning, rate limiting, access control, diagnosability or service catalogs in a microservice architecture.
So this session will have a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, KrakenD, Envoy, et.al. But which one of these is the right one to use in your next project? Let's find out. We will start off by briefly explaining the API gateway pattern and some basic criteria. We then continue by showcasing the most promising ones.
Report
Share
Report
Share
1 of 30
Download to read offline
More Related Content
A Hitchhiker's Guide to Cloud-Native API Gateways
1. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
A HITCHHIKER’S
GUIDE TO
CLOUD NATIVE
API GATEWAYS
6. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
6
Users
Monolithic
Legacy System
A Shared PaaS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
7. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
7
Users
Monolithic
Legacy System
A Shared PaaS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
Service B
Route
service-b…
8. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
8
Users
Monolithic
Legacy System
A Shared PaaS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
Service B
Route
service-b…
Service C
Route
service-c…
9. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
9
Users
Monolithic
Legacy System
A Shared PaaS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service B
Route
service-b…
Service C'
Route
service-c…
3rd Party Apps
10. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
10
Users
Monolithic
Legacy System
A Shared PaaS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service B
Route
service-b…
Service C'
Route
service-c…
3rd Party Apps
B Namespace
Service X
Service Y
Service Z’
Unreliable
Legacy
Systems
SOAP
gRPC
11. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
11
Users
Monolithic
Legacy System
A Shared PaaS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service B
Route
service-b…
Service C'
Route
service-c…
3rd Party Apps
B Namespace
Service X
Service Y
Service Z’
Unreliable
Legacy
Systems
SOAP
gRPC
Route
Internal
Systems
12. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
12
APIs are the center piece of any
successful digital product.
https://thenewstack.io/history-service-mesh/
13. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
13
APIs are the center piece of any
successful digital product.
Proper management of your
APIs right from the start is crucial,
to not end up in API hell.
https://thenewstack.io/history-service-mesh/
14. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
14
Users
Monolithic
Legacy System
A Shared PaaS
A Namespace
Service A
Service B
Service C
3rd Party Apps
B Namespace
Service X
Service Y
Service Z
Unreliable
Legacy
Systems
SOAP
API
Gateway
Backend
for
Frontend
Internal
Systems
API
Gateway
API
Proxy
15. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
15
API Gateways
are like the Façade Pattern in
Cloud Native Application Design
and Microservice Architectures
16. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
• Tra
ffi
c Management: Path, Header, Host based Routing, Path Rewrite
• Rollout and Deployment: A/B Deployment, Canary Release, et.al.
• QoS and Resiliency: Circuit Breaker, Retry, Timeouts, Rate Limiting
• Security: AAA, Terminate TLS, Support for JWT and JWKS, Open ID, …
• Protocol Translation: XML to JSON, gRPC to JSON, …
• Transformation: Fan Out / Collect, Backend for Frontend, GraphQL, …
• Observability: Integration into Logging, Monitoring, Tracing Stacks
16
17. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
17
W E
N
S
Ingress
Egress
API Gateways for
North-South Communication
Service Meshes for
East-West Communication
18. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
API Gateways in a Nutshell
• Bene
fi
ts
• Encapsulates internal
structure of application
• Provides client-speci
fi
c APIs
• B4Fs reduce the number of
client-server round trips
• Simpli
fi
es client code
18
• Drawbacks
• Yet another highly available
component that needs to be
managed and deployed
• Risk of becoming a DevOps
bottleneck if managed centrally
• Business logic in API gateway
leads to accidental ESB
19. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
Possible Criteria for a Comparison
• Maturity: good and active community, little issues, frequent releases
• License: open source or backed by commercial vendor
• Supported Features: Tra
ffi
c Management, Deployment, Security,
Translation, Transformation, QoS, Resiliency, Observability
• DevOps Friendly: Easy setup and operability, supported platforms, CI/CD
• Performance: Small overhead, high throughput, super scalable
• Observability: good logging, monitoring, tracing capabilities + integration
19
22. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
Four Categories of API Gateways
A. API Management Solutions
B. Build Your Own API Gateway
C. Service Proxies
D. Cloud Native API Gateways
22
23. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
A. API Management Solutions
23
• Several full-blown API Management solutions: Kong, Tyk, Mulesoft,
3scale, Apigee, …
• Makes sense in Enterprise use cases. Generally cost $$$.
• Provide additional features such as payment, developer portals with
API key management, integrations into enterprise infrastructure.
• Usually, centrally deployed and operated for the whole platform and all
the applications.
• 80/20 rule applies, like with any other COTS product.
24. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
B. Build Your Own API Gateway
24
• Several frameworks available: Net
fl
ix Zuul 2, Spring Cloud Gateway,
Node, Vert.x, Ballerina, Java EE 8, Camel, Express Gateway, …
• Provides a lot of
fl
exibility.
• But: your team needs to develop, maintain and operate the gateway!
25. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
C. Service Proxies
25
• Many choices: Apache, HA Proxy, Nginx, OpenResty, Trae
fi
k, Envoy, …
• Lightweight and simple to use.
• Provided features vary a lot between products.
26. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
D. Cloud Native API Gateways
26
• Few choices: KrakenD, Ambassador, Gloo, Maesh
• Usually build upon a service proxy such as Envoy and enhance it.
• Provide tight integration with cloud native platform, like K8s.
27. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
DEMOS
27
https://github.com/lreimer/hitchhikers-guide-api-gateways
https://github.com/lreimer/hands-on-krakend
28. | JavaLand 2021 | A Hitchhiker's Guide to Cloud native API Gateways | @LeanderReimer #cloudnativenerd #qaware @JavaLandConf
THE ANSWER TO LIFE, UNIVERSE,
THE CLOUD, AND API GATEWAYS.
28
42.