ContainerDays 2019, Hamburg: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract: Good APIs are the center piece of any successful digital product and cloud native application architecture. But for complex systems with many API consumers the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle and enforce concerns like routing, versioning, rate limiting, access control, diagnosability or service catalogs in a microservice architecture. So this session will have a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Kong, Tyc, KrakenD, et.al. But which one of these is the right one to use in your next project? Let's find out. Leander will start off by briefly explaining the API gateway pattern and derive a simple criteria catalog. He will then continue by comparing and showcasing the most promising ones.
5CL-ADBA,5cladba, Chinese supplier, safety is guaranteed
A Hitchhiker's Guide to Cloud Native API Gateways
1. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
A
HITCHHIKER’S
GUIDE TO
CLOUD NATIVE
API GATEWAYS
2. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware2
Mario-Leander Reimer
Principal Software Architect
QAware GmbH
3. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware3
Monolithic
Legacy System
Users
system.example.com
4. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware4
Users
Monolithic
Legacy System
A Shared PasS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
5. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware5
Users
Monolithic
Legacy System
A Shared PasS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
6. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware6
Users
Monolithic
Legacy System
A Shared PasS
A Namespace
Service A
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service CRoute
service-c…
7. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware7
Users
Monolithic
Legacy System
A Shared PasS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service C'Route
service-c…3rd Party Apps
8. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware8
Users
Monolithic
Legacy System
A Shared PasS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service C'Route
service-c…3rd Party Apps
B Namespace
Service X
Service Y
Service Z’
Unreliable
Legacy
Systems
SOAP
gRPC
9. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware9
Users
Monolithic
Legacy System
A Shared PasS
A Namespace
Service A’
system.example.com
service-a.default.example.com
Route
Service BRoute
service-b…
Service C'Route
service-c…3rd Party Apps
B Namespace
Service X
Service Y
Service Z’
Unreliable
Legacy
Systems
SOAP
gRPC
Route
Internal
Systems
10. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware10
APIs are the center piece of any
successful digital product.
Proper management of your
APIs right from the start is crucial,
to not end up in API hell.
https://thenewstack.io/history-service-mesh/
11. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware11
Users
Monolithic
Legacy System
A Shared PasS
A Namespace
Service A
Service B
Service C
3rd Party Apps
B Namespace
Service X
Service Y
Service Z
Unreliable
Legacy
Systems
SOAP
API
Gateway
Backendfor
Frontend
Internal
Systems
APIGateway
API
12. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware12
API Gateways
are like the Façade Pattern in
Cloud Native Application Design
and Microservice Architectures
13. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
• Traffic Management: Path, Header, Host based Routing, Path Rewrite
• Rollout and Deployment: A/B Deployment, Canary Release, et.al.
• QoS and Resiliency: Circuit Breaker, Retry, Timeouts, Rate Limiting
• Security: AAA, Terminate TLS, Support for JWT and JWKS, Open ID, …
• Protocol Translation: XML to JSON, gRPC to JSON, …
• Transformation: Fan Out / Collect, Backend for Frontend, GraphQL, …
• Observability: Integration into Logging, Monitoring, Tracing Stacks
13
14. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware14
W E
N
S
Ingress
Egress
API Gateways for
North-South Communication
Service Meshes for
East-West Communication
15. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
API Gateways in a Nutshell
• Benefits
• Encapsulates internal
structure of application
• Provides client-specific APIs
• BFF reduce the number of
round trips
• Simplifies client code
15
• Drawbacks
• Yet another highly available
component that needs to be
managed and deployed
• Risk of becoming a
development bottleneck if
managed centrally
• Business logic in API gateway
leads to accidental ESB
16. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
Possible Criteria for a Comparison
• Open Source: no initial $$$ and no vendor lock-in please
• Maturity: good and active community, little issues, frequent releases
• Supported Features: Traffic Management, Deployment, Security,
Translation, Transformation, QoS, Resiliency, Observability
• DevOps Friendly: Easy setup and operability, supported platforms, CI/CD
• Performance: Small overhead, high throughput, super scalable
• Observability: good logging, monitoring, tracing capabilities + integration
16
17. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware17
18. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware18
19. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
Four Categories of API Gateways
A. Build Your Own API Gateway
B. API Management Solutions
C. Service Proxies
D. Cloud Native API Gateways
19
20. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
A. Build Your Own API Gateway
20
• Several frameworks available: Netflix Zuul 2, Spring Cloud Gateway,
Node, Vert.x, Ballerina, Camel, Express Gateway, Sentinel
• Provides a lot of flexibility.
• But: your team needs to develop, maintain and operate the gateway!
21. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
B. API Management Solutions
21
• Several full-blown API Management solutions: Kong, Tyc, Mulesoft,
3scale, Apigee, …
• Makes sense in Enterprise use cases. Generally cost $.
• Provide additional features such as payment, developer portals with
API key management, integrations into enterprise infrastructure.
• Usually, centrally deployed and operated for the whole platform and
all its applications.
22. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
C. Service Proxies
22
• Many choices: Nginx, OpenResty, Envoy, Traefik, Apache, HA Proxy, …
• Lightweight and simple to use.
• Provided features vary a lot between products.
23. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
D. Cloud Native API Gateways
23
• Few choices: KrakenD, Ambassador, Gloo
• Usually build upon a service proxy such as Envoy and enhance it.
• Provide tight integration with cloud native platform, like K8s.
24. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware
42.
THE ANSWER TO LIFE, UNIVERSE,
THE CLOUD AND API GATEWAYS.
24
25. | ContainerDays 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware25
CompletableFuture<SoftwareIngenieurIn> ich =
CompletableFuture.supplyAsync(()
-> erfindergeist()
.handwerksstolz()
);
CompletableFuture<Projekthaus> qaware =
CompletableFuture.supplyAsync(()
-> professionalität()
.lässigkeit()
);
Erfolg start = qaware.thenCombine(ich,
(i, q) -> i.sendeBewerbung(q))
.join();
More details at http://www.qaware.de/karriere/#jobs