What is API Gateway Pattern?
The API gateway pattern is also sometimes known as “Backend for frontends” (BFF) because you need to develop thinking the needs of the Client Application. The API Gateway sits between the frontend application and the collection of backend Microservices.
An API Gateway acts as a reverse proxy that accepts all the Application Programming Interface calls (API), aggregates the various services according to the front end needs, and fulfils the appropriate data.
Consider a product details page, and the Client UI has to display a lot of information related to the product. For example, the Amazon product details page has the following information.
- Basic Product Information such as Product Name, Brand, Price
- Ratings and Review of the Product
- Product Availability
- Offers and Discounts
- Seller Information & Ranking
- Related Products
Amazon’s online store uses a Microservice architecture pattern, and the Product detail data would spread across multiple services. For example, let’s assume the below services are used.
- Product Info Service — Provides information about the product such as title, description, brand etc
- Pricing Service — Provides pricing information
- Ratings and Review Service — Provide customer rating and reviews for a particular product
- Product Availability Service — Based on the seller inventory displays whether the product is in stock or out of stock
- Offers and Discounts Service — Provides details on promotion and discount rules for a given product
- Seller Information & Ranking — Total sellers selling the product and each seller ranking
- Related Products — Similar products purchased by other users
The client application needs to access seven different services to display the data on the page. Following are the challenges of using these services.
- The granularity of APIs provided by microservices is often different from what a client needs. Microservices typically provide fine-grained APIs, which means that clients need to interact with multiple services. For example, as described above, a client needing the details for a product needs to fetch data from numerous services.
- Different clients need different data. For example, the desktop browser version of a product details page is typically more elaborate than the mobile version.
- Network performance is different for different types of clients. For example, a mobile network is typically slower and has much higher latency than a non-mobile network. And, of course, any WAN is much slower than a LAN. It means that a native mobile client uses a network with very different performance characteristics than a LAN used by a server-side web application. The server-side web application can make multiple requests to backend services without impacting the user experience, whereas a mobile client can only make a few.
- The number of service instances and their locations (host+port) changes dynamically
- Partitioning into services can change over time and should be hidden from clients
- Services might use a diverse set of protocols, some of which might not be web-friendly
Implement an API gateway pattern that acts as the single entry point for all clients, as shown below. The API gateway handles requests in one of two ways. Some requests are proxied/routed to the appropriate service. It handles other requests by fanning out to multiple services.
When to consider API using Gateway Pattern?
You should consider using the API Gateway pattern if :
- You already have an existing frontend system, and you choose to convert the existing Monolith system to Microservices
- In case you need to expose Single API to the frontend aggregating the data from several Microservices
- You have low latency requirements
- The Client App has a hardbound and requires a synchronous response from the Microservice
- The number of dependencies for a Microservice does not grow over time, and you can manage it.
Top 10 Features of API Gateway Pattern
- Reverse Proxy/ Gateway Routing
- Request Aggregation
- Identity Provide Authentication and Authorization
- Service Discovery
- Rate Limiting, Throttling and Quota
- Response Caching
- Retry Policy, Circuit Breaker and Qos
- Load Balancing
- Logging, Tracing, Correlation
- IP whitelisting
Benefits of API Gateway Pattern
- API Gateway encapsulates the clients from how the application is partitioned into microservices.
- It simplifies the client code; rather than invoking multiple services, it directly talks to the API gateway.
- It reduces the number of API requests/roundtrips. The API gateway enables clients to retrieve data from Multiple microservices with single roundtrip, aggregates the response according to client needs.
- Simplifies the Microservices source code, as the cross-cutting concerns are externalized through API Gateway.
- Improved security since the requests are managed at the centralized place and will be more consistent.
Drawbacks of API Gateway Pattern
- Since the API Gateway acts as a medium for requests and responses, it can lead to a single point of failure.
- Microservices should be appropriately scaled else, API Gateway could become a bottleneck.
- Performance degradation
- Synchronous calls are made to Microservices, which means latency caused by these services will affect the overall response time.
- Over time, it can become more complex if not managed and maintained correctly since all the API rules are in one place.
Popular API Gateway Patterns
Netflix API Gateway Pattern
One of the most popular and oft-cited examples of API Gateway is Netflix API Gateway. In 2013 Netflix created their service called Zuul, which provides dynamic routing, monitoring, resiliency, security, and more. It also can route requests to multiple Amazon Auto Scaling Groups as appropriate.
Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, secure, and operate APIs at any scale. API Gateway handles all the tasks involved in accepting and processing hundreds of thousands of concurrent API calls, including traffic management, CORS support, authorization, access control, throttling, monitoring, and API version management.
Kong API Gateway
Kong Gateway is one of the most popular open-source cloud-native API Gateways built on top of lightweight proxy. It is written in Lua and runs with the help of Nginx. Some of the key features Kong API Gateway offers are Authentication, Traffic Management, Analytics, Transformation, Logging, Serverless, etc.
Other API Gateway
There are several other API gateways such as Ocelot, Azure, APIGEE, KrakenD, Express Gateway, Tyk, etc. we will explore the features of these API Gateways in a separate article.