Tech Talkin' About the Cloud: API Gateway Pattern for Microservices

I don’t know about you, but I can’t wait for Season 2 of The Night Agent to start streaming on Netflix. Every time I find myself binge watching, I reassure myself that I am doing it for the good of science, by live-testing the use of microservices and the API gateway that Netflix deploys in their architecture. Ok, that is a rather lame excuse, but ever since serverless frameworks like AWS Lambda have gained prominence, use of API gateways has emerged as a popular software design pattern for complex or large microservices-based applications.

I cut my teeth on object-oriented programming (OOP) with arguably the best-ever Windows 4GL (SQLWindows) and learned the four tenets of OOP: polymorphism, encapsulation, inheritance, and abstraction. They have stuck with me across multiple programming languages and design patterns: C++, Java, Swift, and JavaScript, and now I see them being used for good reasons in the API gateway. When designing microservices for an application, functionality for each microservice can be quite granular. Take an online credit card application as an example. When a user submits a credit card application form via a browser or a mobile device, several functions need to be invoked behind the scenes—SSN verification, address validation, anti-money laundering regulations, credit check, and so on. Each of those functions, in turn, could consist of multiple microservices. It is easy to see how so many moving parts can become problematic.

Microservices typically provide fine-grained APIs, which is less-than-ideal for a client app. Moreover, many client apps may require different data. For example, a PC browser-based interface could be more verbose than an iPhone or an Android screen. An API gateway addresses those issues by providing a layer of abstraction and encapsulation:

• A client application doesn’t need to “know” each and every microservice; this can be a huge burden on developers.
• Instead of having to invoke multiple microservices, the API gateway can aggregate those request/response round trips to the client application. That means after one API call to the gateway to “validate the address,” the API gateway then takes care of invoking all the necessary backend microservices, resulting in less network traffic and better overall performance. This also simplifies client apps by moving the logic from the apps to the API gateway.
• An API gateway can be mindful of various clients and offer different, adaptive APIs. One size does not fit all. For example, mobile apps might be working on 5G/LTE connections on a smaller screen, which is very different from working on a PC wired to Ethernet.
  

There are several API gateways available in the market today. Cloud providers like AWS, Microsoft, and Google have incarnations available, and several vendors like MuleSoft and TIBCO provide their own versions as well. You can find a helpful comparison of various API gateways at SourceForge. The API gateway that is best for you depends on requirements such as cost, functionality, integrations, performance, and security.

With an increase in cloud computing, more companies are looking to migrate their applications to the cloud and take advantage of serverless architectures that are offered by the cloud providers. API gateways help make this transition easier by providing a platform that can be used to connect multiple cloud services. A growing number of organizations are leveraging the scalability and flexibility of API gateways to manage their microservices architectures, allowing them to rapidly build and deploy highly available, robust systems.

While an API gateway provides several features that contribute to the overall performance, security, scalability, and observability of application architecture,
it is not without its drawbacks. Because it is another moving part, it increases complexity of the overall deployment architecture. It may also induce some additional latency to the request/response, although that may be mitigated by the reduced number of calls that client apps will need to make.

Back to binge watching…

contact the CTG Team