Today we will talk about API integration. Through the understanding of the previous two days, we learned that microservices are multi-service, loosely coupled service sets. Since multi-services are involved, it is essential to call external APIs.
Designing an application's external API becomes more challenging due to the diversity of customers. These clients often have different data requirements.
1. Direct communication
This way the API is designed in such a way that the client directly calls the service. Microservices architectures currently rarely take this approach due to the following drawbacks.
- Clients must make multiple requests through the fine-grained service API to retrieve the data they need, which is not only inefficient, but can lead to a poor user experience.
- Schema and API changes are difficult due to the lack of encapsulation caused by the client's knowledge of each service and its API.
- Clients may find it neither convenient nor practical to use the service's IPC mechanisms.
When we are developing, we cannot leave maintaining backward compatibility to the developers of backend services. A separate public API needs to be developed instead of exposing the service directly to third parties.
This hard work is done by the API Gateway's architectural components.
2. API gateway mode
Accessing services directly has a number of disadvantages. API Gateway is a better service access pattern.
Basically, an API Gateway is also a service that acts as an entry point for external applications. This component is responsible for request routing, API composition, and other cross-cutting concerns such as authentication, monitoring, and rate limiting. API Gateway is similar to facade design pattern in OOPS (design pattern). An API gateway encapsulates an application's internal architecture and provides an API to its clients.
The API Gateway is also responsible for request routing, API composition, and protocol translation. API requests from external clients go through the API Gateway, and the API Gateway routes some requests to the corresponding services. API Gateway can also handle other requests by calling multiple services and aggregating the results. Servers can also convert between client- friendly protocols , such as HTTP and WebSockets, and client- unfriendly protocols used by services.
3. Request routing
Request routing is one of the most important functions of an API Gateway. An API Gateway implements API operations by routing requests to the appropriate service. When API Gateway receives a request, it queries the route map to determine which service to route the request to. For example, a route map might map an HTTP method and path to a service's HTTP URL. Web servers such as NGINX provide reverse proxies as part of this functionality.
4. API composition
API gateways usually do more than just reverse proxies. They can also perform API operations using API composition. An API Gateway provides clients with a coarse-grained API that enables them to retrieve the data they need with a single request.
The Aggregator/Composite pattern has two subpatterns.
- Chained Pattern : Basically, this type of composite pattern follows a chained structure. In this pattern, clients communicate with services, all services are chained together, and the output of one service becomes the input of the next service.
- Fork pattern : Fork pattern is an extended version of Aggregator and Chain pattern. A client can communicate directly with a service, and in this design pattern, a service can communicate with multiple services at the same time.
5. Protocol conversion
API Gateway can also convert protocols. Although an application service uses various protocols internally, including REST and gRPC, it may expose a REST API to external clients. Some API operations translate between the RESTful external API and the internal gRPC-based API when needed.
Some foreign technical websites directly call this function: Protocol Translation, the direct translation is: protocol translation, I directly call it: protocol conversion according to the ability
6. The backend of the frontend model
An API gateway can provide a common API. One problem with a single API is that different clients often have different needs. The solution to this problem is to give the client the option to specify in the request which fields and related objects the server should return, just like with GraphQL. For public APIs that must provide services to third-party applications, this approach is sufficient, but it cannot provide customers with more optional operations.
It is a good choice to provide personalized APIs for clients through API gateways. I also like this ability, which reduces the pressure of communication data to a certain extent.
7. Implement crosscutting concerns
API gateways primarily handle API routing and composition, but they may also handle cross-cutting concerns. Examples of crosscutting concerns include:
- Authentication : Verify the identity of the client making the request.
- Authorization : Verify that the client is authorized to perform that particular action.
- Rate Limiting : Limit the number of requests per second from a specific client or from all clients.
- Caching : Caching responses to reduce the number of requests to the service.
- Metrics collection : API usage metrics are collected for billing analysis purposes.
- Request Logging : Log requests.
Note: Cross-cutting concerns refer to some special concerns that have behaviors that span multiple modules, and traditional software development methods cannot achieve effective modularization. For example, in a typical case, the log function
8. API gateway architecture
API Gateway has a layered, modular architecture. It consists of two layers, the API layer and the public layer. One or more API modules make up the API layer. The API module implements the API according to customer requirements.
9. Benefits of API Gateway
- The main advantage of using an API Gateway is that it encapsulates the internal structure of the application.
- API gateways provide clients with client-specific APIs, reducing the number of round trips between clients and applications
- Simplified client code.
10. Disadvantages of API Gateway
- Adding maintenance costs is also a highly available component that can be developed, deployed, and managed.
- The API Gateway has the potential to become a development bottleneck, as developers must update the API Gateway from time to time to expose their service APIs.
11. Ready-made API Gateway
There are several off-the-shelf services and products that implement API gateway functionality.
AWS API Gateway : An AWS API Gateway API is a set of REST resources, each of which supports one or more HTTP methods. You can configure API Gateway to route every request to a backend service. You need to implement API composition in your backend service, AWS API Gateway does not support API composition.
Kong : Kong is based on the NGINX HTTP server, which allows you to define flexible routing rules based on HTTP methods, headers, and paths to decide which backend service to use.
12. Develop API Gateway
Using web frameworks, you can build your own API gateways that proxy requests to other services. Let's take a look at Netflix Zuul and Spring Cloud Gateway.
Netflix Zuul : Zuul is a Netflix framework that implements crosscutting features such as routing, rate limiting, and authentication. Zuul uses the concept of filters, which are reusable request interceptors similar to servlet filters. Zuul handles HTTP requests by assembling a series of filters that transform the request, invoke backend services, and transform the response before sending it to the client.
Spring Cloud Gateway : Spring Cloud Gateway is an API gateway framework based on Spring Framework, Spring Boot and Spring Webflux, a reactive web framework.
Spring Cloud Gateway provides a simple yet comprehensive way to:
- Route requests to backend services.
- Implement a request handler that performs API composition.
- Handles cross-cutting concerns such as authentication.