The document discusses WSO2 API Microgateway's role in managing microservices architecture, highlighting its features such as scalability, cloud-native capabilities, and support for CI/CD. It outlines the benefits of microservices, like increased agility and failure isolation, while also addressing the complexities and liabilities associated with deployment. The document also covers operational workflows and integration patterns for microservices within a service mesh environment.

1. API Management for Microservices
Architecture using WSO2 API
Microgateway
Vidura Gamini Abhaya
Senior Director — Solutions Architecture
WSO2

2. Microservices

3. A Monolithic Application
Products
Orders
Inventory
Shipping
Client Application
Load Balancer

4. A Microservices Architecture
Products
Orders
Inventory
Shipping
Client Application

5. ● Componentization
● Organization around business capability
● Single responsibility
● Smart endpoints and dumb pipes
● Mandatory CI/CD
Characteristics of a Microservices Architecture

6. ● Increased agility in development
● Ability to scale easily and independently
● Replaceability
● Failure isolation and predictability
● Polyglot development
● Alignment with organisational structures
Advantages of Microservices Architecture

7. ● Inter-service communication
● Service governance
● Management complexity
● Heavily dependent on deployment methodology
Liabilities of Microservices Architecture

8. The Role of API Management in
Microservices Architecture

9. APIs to Simplify Things
APIGATEWAY
Products
Inventory
Orders
Shipping
Client Application

10. • Uniformity in exposing heterogeneous services
• Discovery of endpoints
• Organizing security perimeters/boundaries
• Policy definition and enforcement
• Business value reporting
API Management Brings Order to MS Chaos

11. Load Balancing and Discovery
APIGATEWAY
Products
Client Application
Products
Service Directory

12. Transitioning a Monolith into Microservices
APIGATEWAY
Products
Client Application
Orders
Inventory
Shipping
Microservice
Legacy Application

13. SOA Architecture
APIGATEWAY
Products
Inventory
Orders
Shipping
Client Application
ESB

14. Microservices Architecture
APIGATEWAY
Products
Inventory
Orders
Shipping
Client Application
Integration
MS1
Integration
MS2

15. Decentralized API Management

16. • Deploying API gateways closer to the microservices
Decentralizing API Gateways
API Gateways
Microservices
Products Orders

17. Optimizing per client type
Optimization
MobileWebPublic
The same API (REST
Interface) defined on the API
Manager is exposed via three
types of gateways, each
optimized for the client type it
serves.
Products
Orders

18. WSO2 API Microgateway

19. ● Designed to scale
○ Self-validating tokens
○ Localized rate limiting
○ Offline analytics
○ Immutable
● Native support for Docker/K8S
● Private Jet Gateway for microservices
● First-class support for lifecycle management across
environments
Introducing WSO2 API Microgateway

20. WSO2 API Microgateway

21. Cloud-native Capabilities
● Low footprint
○ 70 MB of distribution size.
○ < 100 MB of memory.
○ < 1 core CPU.
● Faster scaling
○ < 1s startup time (fixed)
○ Independent execution with no dependencies
on other components.
● Portability
○ Works natively on Docker/Kubernetes.
○ Immutable gateway runtimes.
○ Fully automated CI/CD.
○ Regionally resilient.
○ Platform independent.
● Observable
○ Metrics available through
Prometheus
○ Tracing available through
Jaeger.

22. WSO2
API Microgateway
Architecture
Components
Gateway Runtime
Toolkit

23. AGILE
INTEGRATION SIMPLE

24. ● Command line interface (CLI) to manage microgateway projects
● Initialize microgateway projects with open API definitions
● Builds the projects to create
○ Runtime artifacts (APIs packed in) for runtime containers and
distributions
○ Immutable containers with APIs built in
○ Kubernetes artifacts used to deploy in k8s clusters
● Import APIs from WSO2 API Manager
● Download from : https://wso2.com/api-management/api-microgateway/
Toolkit

25. ● Serves the requests applying
○ Security, Rate limiting, Transformations, Analytics, and more
● Available as archived distributions as well as docker images [1]
● Can be built by burning APIs into container images to spawn immutable
containers
● Runs on top of artifacts generated by the toolkit
[1]- https://hub.docker.com/r/wso2/wso2micro-gw
Runtime

26. Microgateway Security - Standard OAuth2.0
Microgateway
Request
Access Token
(with scopes)
Provide Opaque
Token
Client Application sends
Token to Microgateway
Validate Token
1 2
3
4

27. Microgateway Security - Signed JWT
Products
Orders
Client Application sends Signed
JWT to Microgateways
Microgateway
Microgateway
Request
Access Token
(with scopes)
Provide Signed
JWT
1 2
3
3
4
4

28. Rate-limiting policies are built into the microgateway runtime
Microgateway - Localized Rate Limiting
Microgateway
OrdersProducts
Apply 1000 req/min on
Products microservice
Apply 500 req/min on
Orders microservice

29. Microgateway - Offline Analytics
Microgateway
Microgateway
Accumulate data in files
and upload offline

30. Typical Use cases

31. Compose Microservices into APIs
Per resource endpoints ...
Use Case
● Composing multiple microservices into a single API (e.g., an online
store).
● Each microservice with different IPs.
● Defines a single open API definition for all microservices.
● Expose microservices as APIs via the API gateway.
Implementation
● Extend the API definition with microgateway specific vendor
extensions to add per resource endpoints.
paths:
"/products":
get:
summary: Get the list of products available
x-wso2-production-endpoints:
urls:
- http://35.226.63.174:30941
post:
summary: Add a new product
x-wso2-production-endpoints:
urls:
- http://35.226.63.174:31891

32. Service Discovery
Use Case
● In a microservices architecture, services are dynamic.
● Services get dynamically assigned IP addresses each time they are redeployed.
● Central (key/value store) place maintains the dynamically assigned IPs for services.
Implementation

33. On-the-fly Transformations
Request/response interceptors
Use Case
● Services would require requests to be enriched with certain data, which are not accessible to clients.
● Server responses should be transformed in a way that all clients can understand them.
● This would require intercepting request and responses and performing modifications on them.
Implementation
● Write reusable, pluggable Ballerina functions
● Refer functions in the open API definition
paths:
"/pet/findByStatus":
get:
summary: Finds Pets by status
description: Multiple status values can be provided with comma separated strings
operationId: findPetsByStatus
x-wso2-request-interceptor: validateRequest
x-wso2-response-interceptor: validateResponse

34. API Gateway for East-West and North-South Traffic
Use Case
• In a microservice architecture, service-to-service communication and client-facing services may
require different security schemas
• Microservices might enforce different security mechanisms to restrict access control
Implementation
● Supports a variety range of security mechanisms
○ Self-contained jwt tokens
○ OAuth2
○ Basic Authentication
○ Mutual SSL (introduced with v3.0)

35. Rate Limiting for Distributed Gateway Clusters
Use Case
• Monetizing an API would require keeping a track of an
API’s usage.
• When an API is deployed on a cluster of gateways, we
need a centralized counter to track its usage.
Implementation
• The microgateway submits local counters to the central
Traffic Manager asynchronously.
• The Traffic Manager accumulates the counters and
notifies the gateways whenever traffic should be rate
limited.
Microgateway Microgateway
Traffic Manager
Microgateway

36. WSO2 API Manager Integration with Istio
• Helps exposing microservices deployed on Istio to be managed as APIs.
• Provides an API portal for microservices.
• Allows managing the state of microservices via an API lifecycle.
• Provides end-user authentication and authorization for microservices deployed on Istio.
• Provides business insights for service requests via API portals.

37. Development Workflow

39. ● Developer starts creating microservices
● Defines the open API definition for the microservices
● Initiates microgateway project from open API definition
● Builds the microgateway project
● Locally tests the service exposed via microgateway
Develop

40. Operational Workflow

42. ● Individual microservices are included in the microgateway project
● Request comes to deploy in the development environment
● Operations team checkouts the project
● Creates the deployment configuration for the project
● Build the project with deployment configuration
● Deploy the microgateways using the build artifacts (In Docker/k8s)
Deploy

43. Deployment Patterns

44. Shared Gateway Mode
MGW MGW MGW

45. Private Jet or Sidecar Mode

46. Expose Microservices as APIs in a Service Mesh

47. Composite Microservices

48. Composite Service
Cell API Gateway
Cell
Managing Groups of Microservices

50. Self-contained
Deployable as a unit
API Centric
Data plane and control plane
Cells are the Building Blocks of a Composable
Enterprise

51. https://wso2-cellery.github.io/
• Define composites using
type-safe coding
• Cells are API-first
microservices composites
• Automatic enablement of
microgateway and global
API management
• Code, build, run, test,
push/pull, deploy, and
operate cells as units
• Native support on
Kubernetes and Istio

52. Cellery - Simple Composition and Graphical View

53. API Microgateway 3.0 is released -
https://wso2.com/blogs/thesource/2019/07/wso2-api-microgateway-3-0-is-released/
Cellery
https://wso2-cellery.github.io/
More Information

54. THANK YOU
wso2.com