Design of an Enterprise API gateway

design of an enterprise API Gateway

Table Table of Contents

Background

Role

Isolation

Decoupling

Scaffolding

Benefits to be brought

Requirements for enterprise API gateways

What elements the API gateway needs to consider in an enterprise environment

Industry-Common API Gateway Scenarios

How to design a good enterprise-Class API Gateway product

High-performance design for gateways

High-availability design for gateways

Background

An API-oriented, serial centralized, strong-control service that appears on the system boundary

The popularity of API gateways stems from the rise of the interconnection needs between mobile applications and enterprises in recent years. Mobile apps, Enterprise interconnects, and background service-enabled objects, extending from a single Web application to a variety of usage scenarios, have different requirements for back-office services for each usage scenario. This not only increases the responsiveness of the backend service, but also increases the complexity of the backend service. With the concept of MicroServices architecture, API gateway becomes a standard component of the microservices architecture.

Role

The first kind of function is the isolation function, as the enterprise system boundary, isolates the external network system and the intranet system.

The second kind of role is decoupling, through decoupling, so that the parties to the microservices system can be independent, free, efficient, flexible adjustment, without worrying about the impact on other aspects.

The third type of role is scaffolding, providing a location that facilitates a series of processing and processing of requests through an extended mechanism.

Isolation

API gateways are deployed outside the firewall to act as a barrier, and the internal system only accepts requests forwarded by the API Gateway. The gateway has a preliminary filtering of the access through whitelisting or validation rules. Compared to firewalls, this software implementation of the filtering rules, more dynamic and flexible.

Decoupling

With the API gateway layer, we can decouple the interdependence of the parties and let the parties focus more on their goals.

Decoupling function and non-function

Decoupling clients and service providers

Whether the gateway layer needs to implement service orchestration. No

Scaffolding

Gateway Layer In addition to the requested routing, forwarding, but also responsible for security, authentication, current limit, monitoring and so on. The way these functions are implemented is often adjusted as the business changes.

Benefits to be brought

The gateway layer is isolated from external and internal, which guarantees the security of the backend service.

External access control is transformed from the network level to the operational dimension, reducing the process of change and the cost of errors

By reducing the coupling between the client and the service, the service can evolve independently. Mapping is done through the gateway layer.

Through the gateway layer aggregation, reduce the frequency of external access, improve access efficiency.

Save back-end service development costs and reduce on-line risk.

Provides a simple solution for service fusing, grayscale publishing, and on-line testing.

Easy to expand.

Requirements for enterprise API gateways

To deal with a large number of external visits, on the other hand, but also to provide a certain degree of security protection of internal services.

In addition, the enterprise provides a variety of API services, API gateway to the full life cycle of these APIs can be easily managed, such as Service release, adjustment, shelving, billing, monitoring and so on.

What elements the API gateway needs to consider in an enterprise environment

Security issues

Performance issues

High Availability issues

Extensibility Issues

API efficient operation and maintenance issues

The issue of full lifecycle management of APIs

Industry-Common API Gateway Scenarios

nginx+ Lua

Springcloud Zuul

Mashapekong

How to design a good enterprise-Class API Gateway product

API Life Cycle Management features
Development and use of support features
Security Protection Features
Flow control function
Request management features
API Trading Features

High-performance design for gateways

Event-driven concurrency model (NIO) for high-performance design of gateways

High-availability design for gateways

1, the principle of non-state design
2. Elegant Downline principle
3. Slow Start feature