This document discusses using NGINX as an API gateway for microservices architectures. It describes how NGINX can provide essential API gateway functions like API routing, authentication, overload protection, and request tracing in a lightweight and efficient manner. The document advocates for separating the roles of a secure proxy and API gateway to handle north-south and east-west traffic respectively. Key API gateway capabilities of NGINX like API routing, authentication using API keys or JWT, and request tracing are demonstrated with code examples.
4. Source: Source information goes here.Source: Source information goes here.
#1for the busiest sites
The busiest sites choose NGINX
4
Source: W3Techs Web server ranking 20-Nov-2017
6. • NGINX v0.1 published in 2004
• NGINX, Inc. founded in 2011
• NGINX Plus released in 2013
• Offices in San Francisco, Cambridge, Cork, Moscow and Singapore
• 300M+ websites
• 1,200+ commercial customers
• 180+ employees across engineering, support, sales and marketing
7. Our Products
NGINX Plus
The only all-in-one load balancer, web server, application firewall and content cache.
Simplify your architecture while reducing costs.
NGINX Controller
Centralized monitoring and management for
NGINX Plus. Deploy and automate virtual
load balancers with a beautiful interface and
API.
NGINX Unit
The new, open source application server
from NGINX, Inc. Lightweight, with multi-
language support and an API-driven
configuration.
NGINX
Industry-defining, open source webserver, reverse proxy and web accelerator
NGINX Amplify
NGINX Monitoring Made Easy: out-of-the-box graphs for NGINX and OS metrics, static analyzer and
automated alerts
11. Monoliths are complex
11
• Tightly coupled to the
underlying infrastructure
• Nobody knows how it all
works
• Hard to maintain
• Impossible to debug
13. Microservices do one thing
13
• One function
• Easy to test
• Easy to scale
Photo http://www.thedieline.com/blog/2017/1/26/a-fresh-look-at-craft-beer-cans
14. Microservices do one thing
14
• Avoid duplicating
functionality
◦ Crypto
◦ Authentication
◦ Access Control
◦ Analytics
17. So deploy with redundancy
17
• Plan for failure
• At least 2 per service
• Scale independently
• Scale on demand
Photo:
https://twitter.com/clinkbeer/status/812324082809180161
26. API gateway functions
26
Things you need
• Fast proxying
• API routing
• Overload protection
• Authentication of clients
• TLS support (termination or
end-to-end encryption)
Things you don’t need
• Digital strategy alignment
• API design tools
• Monetization metrics
• Business value measures
• Developer portals
27. API routing
(URI mapping)
27
# conf.d/routing_map.conf
map $request_uri $upstream_api {
{
# Pricing API
"^/api/prices/.*$" pricing_api;
"^/v1/pricing/.*$" pricing_api;
"^/item/.*/price/.*$" pricing_api;
# Partcodes API
"^/api/partcodes/.*$" partcodes_api;
"^/v1/partno/.*$" partcodes_api;
"^/item/.*/sku/.*$" partcodes_api;
# More APIs
# ...
}
28. API routing
Overload protection
28
# conf.d/api_gateway.conf
upstream pricing_api {
server 172.16.0.1:80 max_conns=500;
server 172.16.0.2:80 max_conns=500;
}
upstream partcodes_api {
server partcodes.app.example.com resolve;
}
server {
listen 80;
location / {
proxy_pass http://$upstream_api;
limit_conn clientip 20;
limit_req zone=10persec;
}
}