loading...

Explain API gateway to me like I’m five

inidaname profile image Hassan Sani ・1 min read

Many large applications uses the Microservice architecture, which has an API gateway. How would you explain an API gateway to a newbie to Microservice architecture?

Discussion

markdown guide
 

I'll take a stab at it.

Imagine that you have 3 friends John, Johnny, And Jake. Each of your friend is awesome at one task. You decided to use your friends awesomeness
to help your neigbours. Everytime a neighbour comes in with a request you decide who's the suitable candidate, and assign him the task.
When the task is done, your friend tells you the result, and you convey that to the neighbour.

a- In this scenario you are acting as front door guy. You decide who can ask for help, how many times,
and which one of your friend should tackle the task/job
b- You all are sitting in the same room/garage*.

In a way here you are doing the job of an api gateway. Without you the neighbours won't know whether John or Jake is suitable for the
job. With you in the picture the customer don't even need to know about this. One sad day Jake had to change school, and you had replace his
position with Becky whose doing a better job now. And your neighbours don't really know or care whose handling the job. Then one day few other friends
joined you, and you being the front guy informed your neighbour about you new friends(endpoint)

API Garage

  • there's a lot of metaphors we can get into with each of your friends sitting in a different garage (say, lambda) with each garage configured and scaling as needed.

To a new developer:
API gateway is way to expose all the awesome capabilities you are developing. Say you developed an algorithm for video compression,
and picture compression. To run this algo you need a server. Now at this point while you are capable of running the said algo,
its still not exposed to any other user. And that's where API gateway comes in, you use that as a "front" for your servers running
your super awesome algo.

 

An API gateway is like a supermarket.

You could go to a farmer and buy vegetables and go to a bakery to buy bread, but you could also simply go to a supermarket and buy both.

The supermarket doesn't make these things, it just gives it to you after it bought them from a producer.

An API gateway doesn't make data, it just gives it to you after it got them from a microservice.

 

Quite possibly the best definition I've heard/read.

Maybe add in something about rate limiting/smoothing though (like the farmers etc having a set quota every month thanks to bulk purchase from the supermarket), but then you're probably talking to a 14 year old, rather than a 5 year old.

 

In Germany we have some laws for rate limiting.

You are not allowed to buy bulk (unreasonable amounts for one household) from a supermarket, only from bulk traders.

But in practice nobody follows them, because its really rare that someone buys all pizzas. (I did once, haha)

We have similar in the UK, especially thanks to Covid restrictions.

What I meant though, was that the individual farmers/bakers/etc are protected from spikes & low periods in demand, by the supermarket doing bulk orders with each supplying service, and caching (effectively) the products. Simultaneously, the customers can buy the products they need near instantly, no need to wait for a cow to grow, in order to get milk, etc.

Switching to microservice terminology for a moment, rate limiting at the gateway allows you to decide if each microservice should live in an EC2, or a Lambda (etc), because of the load profile. There's no point paying for an EC2 if you have large periods of inactivity, and equally, if your load is always constant, Lambda's probably won't save you much money (in fact, more often than not, it'd be more expensive).

Rate limits can also be used to help with scalability - eg, if there's too many customers, the supermarket can open more checkouts to serve more customers in parallel.

 

An API gateway has two primary roles:

  • to provide a centralized controller for routing traffic to a single point to many other endpoints (both local and external).

  • to bundle and abstract common, business-agnostic functionality away from your services and into that centralized controller instead, such as authentication and rate limiting.

 

As long as your five year old is from the 90s...

API gateway is a phone book. You've gone to it looking for a plumber, or a brick layer, or a bakery. You can get in touch with all of them through the phone numbers in the book, but the book itself only tells you how to get in touch with them, it's still the plumber that fixes the sink. You also hopefully don't end up asking the bricklayer to make you a loaf.