Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Api gateway or No Api Gateway

I am developing an application based on the microservice architecture. Here, each service is an independently deployable play-scala application exposing rest apis. I want to implement an Api gateway on top of these services for mapping incoming requests.I am following the architecture discussed here: Building Microservices.

There are very few projects with substantial maturity that are based on the microservice architecture. One of them is Reactive Microservices. But this project is not using the api gateway pattern and seems to be following the Anti Pattern There is an issue opened for this project regarding the missing Api Gateway here. The contributors here claim that they did not follow the api gateway pattern because it has the risk of single-point of failure.

This varying opinion is very confusing to me. So, I am looking for the suggestions on whether I should be using Api Gateway or not. What is the right practice here?

like image 350
oblivion Avatar asked Dec 23 '15 19:12

oblivion


1 Answers

The API gateway doesn't introduce a single point of failure any more than a load balancer does. Any serious API gateway should be able to run in high availability mode removing the single point of failure.

The API gateway encourages good documentation & planning within teams. Some API gateways allow you to import Swagger Specifications https://swagger.io/ in order to create the API.

Some gateways allow you to create virtual endpoints to mock responses of an upstream target. That way, if your service is not available quite yet, you can still code to it, and switch to the targets when ready.

API gateways should be able to round robin load balance your upstream targets, negating the necessity for adding a dedicated load balancer. You can also configure your gateway to periodically hit a healthcheck endpoint, and automatically remove targets from LB if service is not available.

Gateways will handle auth for you. Whether that be via JWT, Oauth, Simple, Open etc. Your developers can concentrate on building their microservices. Your microservices can be micro. The gateway would sit at the edge of the infrastructure, and handle security for you.

like image 79
Gravy Avatar answered Sep 19 '22 13:09

Gravy