Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

A Hitchhikers Guide to Cloud Native API Gateways

101 views

Published on

O'Reilly Software Architecture Conference Europe, November 2019, Berlin: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)

=== Please download slides if blurred! ===

Abstract: Good APIs are the centerpiece of any successful digital product. But for complex systems with many API consumers, the proper management of these APIs is of utmost importance. The API gateway pattern is well established to handle concerns like routing, versioning, rate limiting, access control, or diagnosability in a cloud native application architecture. Mario-Leander Reimer guides you to cloud native API gateways.

You’ll take a closer look at the cloud native API gateway ecosystem: Ambassador, Gloo, Tyc, KrakenD, etc., and find out which one of these is right for your next project. Leander explains the API gateway pattern with its possible usage scenarios and defines a criteria catalog with essential characteristics in order to compare the current ecosystem. And he puts some of them to the test and demonstrates their usage live and uncut.

Published in: Data & Analytics
  • Be the first to comment

  • Be the first to like this

A Hitchhikers Guide to Cloud Native API Gateways

  1. 1. A Hitchhiker’s Guide to Cloud Native API Gateways
  2. 2. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware2 Mario-Leander Reimer Principal Software Architect QAware GmbH
  3. 3. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware3 Monolithic Vintage System Users system.example.com
  4. 4. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware4 Users Monolithic Vintage System A Shared PasS A Namespace Service A system.example.com service-a.default.example.com Route
  5. 5. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware5 Users Monolithic Vintage System A Shared PasS A Namespace Service A system.example.com service-a.default.example.com Route Service BRoute service-b…
  6. 6. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware6 Users Monolithic Vintage System A Shared PasS A Namespace Service A system.example.com service-a.default.example.com Route Service BRoute service-b… Service CRoute service-c…
  7. 7. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware7 Users Monolithic Vintage System A Shared PasS A Namespace Service A’ system.example.com service-a.default.example.com Route Service BRoute service-b… Service C'Route service-c…3rd Party Apps
  8. 8. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware8 Users Monolithic Vintage System A Shared PasS A Namespace Service A’ system.example.com service-a.default.example.com Route Service BRoute service-b… Service C'Route service-c…3rd Party Apps B Namespace Service X Service Y Service Z gRPC
  9. 9. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware9 Users Monolithic Vintage System A Shared PasS A Namespace Service A’ system.example.com service-a.default.example.com Route Service BRoute service-b… Service C'Route service-c…3rd Party Apps B Namespace Service X Service Y Service Z’ Unreliable Legacy Systems SOAP gRPC
  10. 10. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware10 Users Monolithic Vintage System A Shared PasS A Namespace Service A’ system.example.com service-a.default.example.com Route Service BRoute service-b… Service C'Route service-c…3rd Party Apps B Namespace Service X Service Y Service Z’ Unreliable Legacy Systems SOAP gRPC Route Internal Systems
  11. 11. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware11 APIs are the center piece of any successful digital product. Proper management of your APIs right from the start is crucial, to not end up in API hell. https://thenewstack.io/history-service-mesh/
  12. 12. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware12 APIs are the center piece of any successful digital product. Proper management of your APIs right from the start is crucial, to not end up in API hell. https://thenewstack.io/history-service-mesh/
  13. 13. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware13 Users Monolithic Vintage System A Shared PasS A Namespace Service A Service B Service C 3rd Party Apps B Namespace Service X Service Y Service Z Unreliable Legacy Systems SOAP API Gateway Backendfor Frontend Internal Systems APIGateway API
  14. 14. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware14 API Gateways are like the Façade Patternin
 Cloud Native Application Design and Microservice Architectures
  15. 15. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware • Traffic Management: Path, Header, Host based Routing, Path Rewrite • Rollout and Deployment: A/B Deployment, Canary Release, et.al. • QoS and Resiliency: Circuit Breaker, Retry, Timeouts, Rate Limiting • Security: AAA, Terminate TLS, Support for JWT and JWKS, Open ID, … • Protocol Translation: XML to JSON, gRPC to JSON, … • Transformation: Fan Out / Collect, Backend for Frontend, GraphQL, … • Observability: Integration into Logging, Monitoring, Tracing Stacks 15
  16. 16. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware16 W E N S Ingress Egress API Gateways for North-South Communication Service Meshes for East-West Communication
  17. 17. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware API Gateways in a Nutshell • Benefits • Encapsulates internal structure of application • Provides client-specific APIs • BFF reduce the number of round trips • Simplifies client code 17 • Drawbacks • Yet another highly available component that needs to be managed and deployed • Risk of becoming a development bottleneck if managed centrally • Business logic in API gateway leads to accidental ESB
  18. 18. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware Possible Criteria for a Comparison • Open Source: no initial $$$ and no vendor lock-in please • Maturity: good and active community, little issues, frequent releases • Supported Features: Traffic Management, Deployment, Security, Translation, Transformation, QoS, Resiliency, Observability • DevOps Friendly: Easy setup and operability, supported platforms, CI/CD • Performance: Small overhead, high throughput, super scalable • Observability: good logging, monitoring, tracing capabilities + integration 18
  19. 19. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware19
  20. 20. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware20
  21. 21. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware Four Categories of API Gateways A. Build Your Own API Gateway B. API Management Solutions C. Service Proxies D. Cloud Native API Gateways 21
  22. 22. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware A. Build Your Own API Gateway 22 • Several frameworks available: Netflix Zuul 2, Spring Cloud Gateway, Node, Vert.x, Ballerina, Camel (K), Express Gateway, Sentinel • Provides a lot of flexibility. • But: your team needs to develop, maintain and operate the gateway!
  23. 23. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware B. API Management Solutions 23 • Several full-blown API Management solutions: Kong, Tyk, Mulesoft, 3scale, Apigee, … • Makes sense in Enterprise use cases. Generally cost $. • Provide additional features such as payment, developer portals with API key management, integrations into enterprise infrastructure. • Usually, centrally deployed and operated for the whole platform and all its applications.
  24. 24. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware C. Service Proxies 24 • Many choices: Nginx, OpenResty, Envoy, Traefik, Apache, HA Proxy, … • Lightweight and simple to use. • Provided features vary a lot between products.
  25. 25. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware D. Cloud Native API Gateways 25 • Few choices: KrakenD, Ambassador, Gloo • Usually build upon a service proxy such as Envoy and enhance it. • Provide tight integration with cloud native platform, like K8s.
  26. 26. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware Demos 26 https://github.com/lreimer/hitchhikers-guide-api-gateways https://speakerdeck.com/lreimer/a-hitchhikers-guide-to-cloud-native-api-gateways
  27. 27. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware 42. THE ANSWER TO LIFE, UNIVERSE, THE CLOUD AND API GATEWAYS. 27
  28. 28. Visit us @
 Booth 321
  29. 29. | #OReillySACon Berlin 2019 | A Hitchhiker’s Guide to Cloud Native API Gateways | @LeanderReimer #cloudnativenerd #qaware Please rate today’s session 29 Session page on conference website O’Reilly Events App
  30. 30. &

×