Gateway in Microservices

Gateway
Responsibility of Gateway
Spring Cloud Netflix
Links
References

Gateway

In Microservice Architecture (MSA), a gateway is a single entry point for all incoming requests to the microservices. It acts as a reverse proxy, routing requests from clients to the appropriate microservice based on the request URL. The gateway may also perform additional tasks such as authentication, rate limiting, logging, and caching. The use of a gateway can provide several benefits, including reducing the load on individual microservices, improving security, and providing a unified interface for clients.

API Gateway 는 Facade 패턴과 같이 뒤에 있는 복잡한 서비스를 심플한 인터페이스로 제공하는 Edge Server 로 모든 API 의 Endpoint 를 받아서 내부의 마이크로서비스로 라우팅해주는 역할을 한다.

Responsibility of Gateway

Authentication
Monitoring
Logging
Flow Control
Message Change
Orchestration

Authentication

서버간 API 통신의 경우에는 Api Key 를 사용할 수 있다.

API keys can be used for API communication between servers in a microservice application that uses an API gateway. An API key is a unique identifier that is used to track and control access to the API. When a client wants to access the API, it needs to provide the API key, which the API gateway will use to verify the identity of the client and determine if it has permission to access the API.

Here's an example:

The client generates an API key and sends a request to access the API.
The API gateway receives the request and checks if the API key is valid.
If the API key is valid, the API gateway routes the request to the appropriate microservice.
The microservice processes the request and sends a response back to the API gateway.
The API gateway returns the response to the client.
In this example, the API key is used as a means of authentication and authorization for accessing the API. By requiring clients to provide an API key, the API gateway can control access to the API and ensure that only authorized clients can access it.

다수의 클라이언트와 서버간 API 통신의 경우에는 JWT 와 같은 Token based Authentication 를 사용할 수 있다.

Logging

Distributed Tracing

Metering & Charging

API 의 호출량을 모니터링 해서 호출 Amount 기반으로 API 호출 횟수를 통제하거나 또는 유료 API 의 경우에는 과금을 하는 등의 정책에 필요하다.

Youtube Data API - Quota usage

Metering and charging in an API gateway refers to the process of tracking and billing for the usage of an API. This is commonly used in a business context where API providers want to monetize their API and charge their clients for the usage of the API.

Here are some common examples of metering and charging in an API gateway:

Usage tracking: The API gateway tracks the number of API requests made by each client, the amount of data transferred, and the amount of time spent processing requests. This information can be used to generate usage reports and bill clients for their API usage.
Billing models: API providers can choose from different billing models, such as pay-per-request, pay-per-usage, or a monthly subscription model. The API gateway can be configured to implement the selected billing model and generate invoices for clients based on their API usage.
Quotas: The API gateway can enforce usage quotas for each client, limiting the number of API requests that can be made in a given time period. This helps API providers control the cost of their API and avoid overcharging their clients.
Usage analysis: The API gateway can provide usage analysis and reporting tools to help API providers understand the usage patterns of their API and identify opportunities for optimization and cost savings.

Metering and charging in an API gateway is an important aspect of API management and helps API providers to monetize their API and generate revenue from their API offerings.

Flow Control

Flow Control 은 클라이언트로부터 들어온 메시지 흐름을 바꾸는 것을 의미한다. 클라이언트의 Locale 에 따라서 미국, 독일, 한국 등의 서비스로 라우팅 하는 로직을 구현할 수 있다.

Flow control in an API gateway refers to the process of managing and regulating the flow of incoming requests to the API. This includes tasks such as rate limiting, request prioritization, and traffic management. The goal of flow control is to ensure that the API is performing optimally and to prevent overloading of the underlying microservices.

Here are some common examples of flow control in an API gateway:

Rate limiting: The API gateway can be configured to limit the number of requests that a client can make in a given time period. This helps to prevent overloading of the microservices and protect against denial-of-service (DoS) attacks.
Request prioritization: The API gateway can prioritize requests based on various criteria such as the importance of the request, the client's subscription level, or the time-sensitivity of the request.
Traffic management: The API gateway can distribute incoming requests to different microservices based on the load on each microservice. This helps to balance the workload and improve the overall performance of the API.
Request filtering: The API gateway can be configured to filter incoming requests based on specific criteria, such as the request method, the client's IP address, or the request payload. This helps to protect the underlying microservices from malicious or invalid requests.

Overall, flow control in an API gateway is an important aspect of API management and helps to ensure the stability and performance of the API.

Spring Cloud Netflix

References

마이크로서비스 인 액션 / 모건 브루스, 파울로 페레이라 저 / 위키북스