Download as PDF, PPTX
Uploaded byapidays
apidays Hong Kong - Why is API Gateway essential to business, Zhiyuan Ju, API7.ai
The document discusses the evolution of API architecture, highlighting the transition from monolithic applications to microservices and service meshes. It emphasizes the importance of API gateways, particularly Apache APISIX, for efficient API management, security, and performance in modern cloud-native applications. Additionally, it addresses the role of community contributions and support for Apache APISIX, underscoring its open-source nature and extensive feature set.
More Related Content
Similar to apidays Hong Kong - Why is API Gateway essential to business, Zhiyuan Ju, API7.ai
![[Workshop] API-driven Integration](https://cdn.slidesharecdn.com/ss_thumbnails/workshopapidrivenintegration1-200207075321-thumbnail.jpg?width=640&height=640&fit=bounds)
apidays Hong Kong - Why is API Gateway essential to business, Zhiyuan Ju, API7.ai
- 1. API Gateway isessential to business Zhiyuan Ju Aug 24, 2022
- 2. - Head ofGlobal, API7.ai - Apache APISIX PMC Member - Apache Software Foundation Member - freeCodeCamp China Core Organizer @jjzhiyuan @juzhiyuan juzhiyuan@apache.org About me Zhiyuan Ju / 琚致远 July 1997
- 3.
- 4.
- 5. The monolithic architectureis considered to be a traditional way of building applications. A monolithic application is built as a single and indivisible unit. Usually, such a solution comprises a client-side user interface, a server side-application, and a database. It is unified and all the functions are managed and served in one place. Disadvantages - Large code base - Lack modularity - … API Evolution #1 Monolithic from n-ix.com
- 6. The microservice architecturalstyle is an approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API. Challenge - Manage massive amounts of APIs - API Security - Quick Debug (Observability) - Circuit Breaker - … API Evolution #2 Microservice from n-ix.com
- 7. A service meshis a dedicated infrastructure layer for handling service-to-service communication. It’s responsible for the reliable delivery of requests through the complex topology of services that comprise a modern, cloud-native application. In practice, the service mesh is typically implemented as an array of lightweight network proxies that are deployed alongside application code, without the application needing to be aware. API Evolution #3 Service Mesh from DZone and RedHat
- 8.
- 9. API Management - Design -Develop - Test - Publish (API Gateway) - Monitor (API Gateway with Prometheus, etc.) - Retirement Full Lifecycle API Management
- 10.
- 11. API Gateway - Implementnon-business-related logic on the API Gateway - Reduces the number of requests/roundtrips. For example, the API gateway enables clients to retrieve data from multiple services with a single round-trip. - Simplifies the client by moving logic for calling multiple services from the client to API gateway - Translates from a “standard” public web-friendly API protocol to whatever protocols are used internally Benefit from microservices.io and Apache APISIX
- 12. API Gateway Security “API securityrefers to the practice of preventing or mitigating attacks on APIs. APIs work as the backend framework for mobile and web applications. Therefore, it is critical to protect the sensitive data they transfer. “ Cases: - Broken User Authentication - Security Misconfiguration - Code Injection - Insufficient Logging & Monitoring - Functional Level Authorization - … from fortinet.com
- 13. API Gateway Connect anyAPIs efficiently and securely in any environment ⚡ Performance
- 14. API Gateway Hundreds ofglobal contributors building the open-sourced but well-tested Infra software :) Open Source
- 15.
- 16. - Apache SoftwareFoundation Top-level Project - Donated by API7.ai Inc in 2019 - Dynamic, real-time, high performance API Gateway - Rich traffic management - Dynamic upstream - Authentication - Observability - and more - API Gateway, Ingress Controller, Service Mesh Apache APISIX What’s Apache APISIX?
- 17. Apache APISIX “The ApacheSoftware Foundation (ASF) incorporated in 1999 with the mission of providing software for the common good. Today the ASF is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing $22B+ worth of software to the public at 100% no cost. ASF projects are integral to nearly every aspect of modern computing, benefitting billions worldwide.” from The ASF’s 2021 Annual Report Apache Software Foundation
- 18. Apache APISIX - Nginx -Nginx doesn’t support hot reloading the nginx.conf - Kong - PostgreSQL becomes a bottleneck - Route matching’s efficiency decreases when having many routes - Unify API Infrastructure by Apache APISIX: API Gateway, Ingress Controller, Service Mesh Why build a new API Gateway?
- 19. Apache APISIX Dynamic - What? -Route/Upstream/Service/Consumer/SSL hot reload - Plugin hot updates - Dynamic load balancer and heath check - Why? - Connection failed (HTTP, WebSocket, …) when reloading configurations - How? - LuaJIT + Nginx
- 20. Apache APISIX - Why -Nginx takes very long time to reload thousands of configuration files - Kong usually takes 5 seconds to fetch configurations (PostgreSQL) - How - ETCD’s Watch API provides an event-based interface for asynchronously monitoring changes to keys less than one millisecond Real-time
- 21. Apache APISIX - Routematching algorithm - Apache APISIX: O(K) (K is URI length) - Kong: O(n), (n is total number of Routes) - IP matching algorithm: O(1) - APISIX’s every plugin is carefully optimized - APISIX’s dataplane is stateless (etcd), no SPOF issue, higly scaleable - … High Performance
- 22. Apache APISIX Security - OpenIDConnect - TLS/mTLS - Authentication - Rate Limiting - CORS - Request Validation - …
- 23. Apache APISIX - Lua -Plugin Runner - Java - Golang - Python - Node.js - WASM Plugins
- 24. Apache APISIX - GitHub:nearly 10K stars and 470+ contributors - Slack: 930+ community users - Mailing List - Meetup Join in → https://apisix.apache.org/docs/general/join/ Community Developers https://lists.apache.org/list.html?dev@apisix.apache.org
- 25. Apache APISIX - 27PMC Members - 19 Committers - 470+ Contributors (apache/apisix-*) Community Contributors from https://git-contributor.com/
- 26. Apache APISIX - CommunityMeeting, Meetup: https://apisix.apache.org/docs/general/join/ - Apache APISIX Summit: https://apisix-summit.org/ Community Meetings
- 27. Apache APISIX 1. Askquestions on GitHub, Slack, Mailing List a. https://apisix.apache.org/docs/general/join/ 2. Maintainers check and reply 3. Schedule a quick online meeting if necessary: https://meetings.hubspot.com/zhiyuan Community Support
- 28. Apache APISIX Global Users fromhttps://apisix.apache.org/blog/ags/case-studies/
- 29.