SlideShare ist ein Scribd-Unternehmen logo

Api gateway : To be or not to be

Als PPTX, PDF herunterladen
Jaewoo Ahn
Jaewoo Ahn

In this presentation, we're discussing whether we need API gateway or not on Micro-Services Architecture. We'll see pros and cons of several ways how clients access to services. [Updated : 13 Jan 2015] Additional cons of API gateway is added, as commented by Hyunsik Kang(강현식), Coupang.

Software
1 von 23
API Gateway : To be or not to be? Platform Architecture Team SK Planet
Synopsis • You’re developing based on MSA(Micro- Services Architecture) • How do the clients access the individual Micro-services?
#1 : I don’t care for clients, DIY Client A (Web) Client B (App) MS-A MS-ALB MS-A MS-BLB MS-A MS-CLB MS-A MS-DLB Security Logging Version … Security Logging Version … Security Logging Version … Security Logging Version …
#1 : I don’t care for clients, DIY • Clients need to access individual Micro-Services by themselves • Pros – No SPOF – No cost for developing API Gateway • Cons – Clients need to know endpoints of Micro-Services – If Micro-Services changes something(ex: LB VIP), all clients need to update – Each Micro-Services needs to handle these by themselves • Securities to protect their APIs (Auth, ACL, IP Blacklist, Rate Limiting, …), Versioning • Logging, Analytics, and any requirements from clients (ex : Batch APIs) – You’re adding another security path whenever new Micro-Service is added – If there is no API standard nor API spec sharing point between Micro-Services, clients will go to hell – Cannot handle composition scenario to prevent REST chattiness problem – You need to place Load Balancer in front of each Micro-services and consider fail-over of LB, too
#2 : Wrapper (Library/SDK) Wrapper * Wrapper * MS-A MS-ALB MS-A MS-BLB MS-A MS-CLB MS-A MS-DLB Client A (Web) Client B (App) * Wrapper could be created by individual Micro-Services Security Logging Version … Security Logging Version … Security Logging Version … Security Logging Version …
#2 : Wrapper (Library/SDK) • Clients use Wrapper(Library/SDK) to access Micro-Services • Pros – No SPOF – No cost for developing API Gateway – Higher Abstraction than REST APIs, so easy to use • Cons – Clients Wrapper needs to know endpoints of Micro-Services – If Micro-Services changes something(ex: LB VIP), all clients need to update Wrapper needs to be updated, QA, and re-deployed – Wrapper is responsible for backward compatibility – Each Micro-Services needs to handle these by themselves • Securities to protect their APIs (Auth, ACL, IP Blacklist, Rate Limiting, …), Versioning, Logging, Analytics, and any requirements from clients (ex : Batch APIs) – You’re adding another security path whenever new Micro-Service is added – If there is no API standard nor API spec sharing point between Micro-Services, clients will go to hell You need to update Wrapper document/manual, provide download location, manage achieve, maintain release notes, send notices, and maybe cause forced-update of your app – Cannot handle composition scenario to prevent REST chattiness problem, but need to update/re-deploy your wrapper – You need to place Load Balancer in front of each Micro-services and consider fail-over of LB, too – Becoming big burden if you need to support polyglot clients
Checkpoint • It’s all about level of “Abstraction” – Provide it as REST APIs – Provide it as Wrapper (Library/Wrapper) • Higher abstraction – Makes client happy (but only if you maintain versions/backward compatibility well) – Makes Wrapper developer unhappy – Even worst if API Provider != Wrapper developer • Common RoR problems – If client fails, who’s responsible for investigate it? While stacktraces says problem is raised on the Wrapper, they will call Wrapper developer even though client mis-use wrapper or server fails 
API Gateway #3 : API Gateway Client A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version …
#3 : API Gateway • Single endpoint for clients, handle requests proxied/routed to the appropriate service (or service instance) • Pros – Can solve most problems – Separation of Concerns • Micro-Services focus on business features • API Gateway provides protection/common feature layer – Minimize/Isolate services’ change impacts • Cons – Possibility of SPOF/bottleneck – Performance tradeoff due to processing time in API Gateway and more network hops – Need to manage routing rule or APIs – Needs Service Discovery/Registry – Cost for developing API Gateway – Additional Hardware/Network/Management cost – Risk of management bottleneck
SPOF/bottleneck : Scale-out API Gateway Client A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version … API Gateway Security Logging Version … LB
SPOF/bottleneck : Partitioning API Gateway Client A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version … API Gateway Security Logging Version … LB API Gateway Security Logging Version … API Gateway Security Logging Version … LB DNS/ LB A or B C or D
SPOF/bottleneck : Partitioning API GatewayClient A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version … API Gateway Security Logging Version … LB API Gateway Security Logging Version … API Gateway Security Logging Version … LB
Performance Tradeoff • Network hop/latency depends on network topology • API Gateway processing time depends on what you want to do in API Gateway • Consider Tradeoff : What’s more important? • Some Tips – Don’t parse request/response body if you don’t need it – Caching on API Gateway
Managing Routing Rule or APIs • Routing Rule-based Control – Define Coarse-grained routing rule – Gateway knows MSs but don’t care for specific APIs – Micro-Services need to resolve APIs and validate whether they are valid request • API-based Control – Register APIs want to be managed in Gateway – API Gateway resolve APIs and validate request/response with exact match – Gateway should know APIs
Managing Routing Rule or APIs Client A (Web) API Gateway MS-A /A/InvalidResources with ValidCredential /InvalidResources 404 Not Found404 Not Found Security : Passed Client A (Web) API Gateway /A/InvalidResources with ValidCredential 404 Not Found Security : Passed /A/* -> MS-A /A/ValidResources -> MS-A/ValidResources - params : … - result: … MS-A /A/ValidResources?invalid with ValidCredential 400 Bad Request (Invalid Parameter) /A/ValidResources?invalid with ValidCredential 400 Bad Request (Invalid Parameter) /A/ValidResources?invalid with ValidCredential 400 Bad Request (Invalid Parameter) Routing Rule Based Control(per MS) API Based Control (per API)
Managing Routing Rules or APIs • Routing rule based is preferred when • Clients are 1st parties • Coarse-grained control is enough • You can provide API spec/document from Micro-Services directly • API is changed frequently • API based is preferred when • Clients are including 3rd parties • Minimize Micro-Services’ overhead from invalid request • Fine-grained control is needed • If you require mediation or some manipulation per APIs • You need to provide API spec/document from API Gateway • Recommendations – Use routing rule based control primarily, then append API-based control as you need
Managing API specification • You can manage it – Deeply coupled with API Gateway API-based Control requires for API Gateway to know API specification – Externally (ex : Swagger, ProtocolBuffer) Both Routing Rule-based and API-based control • If you have a API spec, – Client developer can create client codes (even wrapper) – Server developer can create server codes
Service Discovery/Registry MS-A Container API Gateway UI UI MS-A HA Proxy HA Proxy HA Proxy Service Registry Service Agent MS-A Container MS-A HA Proxy Service Agent MS-B Container MS-B Service Agent MS-B Container MS-B Service Agent
Cost for developing API Gateway • Depends on what you want to do with API Gateway • Simple requirements = Simple API Gateway (nginx/HA proxy might be enough for you) • Node.js is a good start point to implement • But going complex – If you need to consider 3rd parties and Open API since Developer portal and Onboarding process is required – If you want some GUI and management console (= Publisher portal) – Consider API Gateway as Silver Bullet (ESB?)…
Additional Hardware/Network/Management cost • Another tradeoff : What’s more important? • Depends on how you implement it and what you want to do • Cost could be issue – If you consider adopting commercial products – If you consider doing a lot of manipulation in API Gateway
Risk of management bottleneck • If API Gateway is managed by single team, there are risks of management bottleneck – API Gateway team has primary responsibility for changes/failure/backward compatibility, … – API Gateway team could be a bottleneck (going worse if you do a lot of manipulations in it) • Recommendation : separate managements – API Gateway itself (API Gateway team) – Services on the API Gateway (each service teams)
API Gateway: To be or not to be • Consider your scenario • But generally, API Gateway is a good choice… and it begins API Managements of your organization • To adopt it, start with simple one – again, nginx/HA proxy might be enough for you – Consider complex product/solution later
Send a feedback var you = {}; if (you.like||you.dislike||you.suggest||you.request) { var url = "https://www.linkedin.com/in/lancersahn"; linkedin.contact(url); }

Empfohlen

Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayAmazon Web Services
 
Postman: An Introduction for Developers
Postman: An Introduction for DevelopersPostman: An Introduction for Developers
Postman: An Introduction for DevelopersPostman
 
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...Amazon Web Services Korea
 
API Lifecycle, Part 2: Monitor and Deploy an API
API Lifecycle, Part 2: Monitor and Deploy an APIAPI Lifecycle, Part 2: Monitor and Deploy an API
API Lifecycle, Part 2: Monitor and Deploy an APIPostman
 
개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스
개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스
개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스Amazon Web Services Korea
 
다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트
다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트
다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트Amazon Web Services Korea
 
AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019
AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019
AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019Amazon Web Services Korea
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 

Empfohlen

Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayAmazon Web Services
 
Postman: An Introduction for Developers
Postman: An Introduction for DevelopersPostman: An Introduction for Developers
Postman: An Introduction for DevelopersPostman
 
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...
Amazon EKS를 통한 빠르고 편리한 컨테이너 플랫폼 활용 – 이일구 AWS 솔루션즈 아키텍트:: AWS Cloud Week - Ind...Amazon Web Services Korea
 
API Lifecycle, Part 2: Monitor and Deploy an API
API Lifecycle, Part 2: Monitor and Deploy an APIAPI Lifecycle, Part 2: Monitor and Deploy an API
API Lifecycle, Part 2: Monitor and Deploy an APIPostman
 
개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스
개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스
개발자를 위한 클라우드 기술 트렌드- 윤석찬, AWS 테크에반젤리스트 :: Hello T 개발자 컨퍼런스Amazon Web Services Korea
 
다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트
다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트
다양한 배포 기법과 AWS에서 구축하는 CI/CD 파이프라인 l 안효빈 솔루션즈 아키텍트Amazon Web Services Korea
 
AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019
AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019
AWS를 위한 도커, 컨테이너 (이미지) 환경 보안 방안 - 양희선 부장, TrendMicro :: AWS Summit Seoul 2019Amazon Web Services Korea
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 
천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017
천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017
천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017Amazon Web Services Korea
 
AWS API Gateway
AWS API GatewayAWS API Gateway
AWS API GatewayMuhammed YALÇIN
 
浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターンAmazon Web Services Japan
 
The never-ending REST API design debate
The never-ending REST API design debateThe never-ending REST API design debate
The never-ending REST API design debateRestlet
 
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway PatternAPI Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway PatternVMware Tanzu
 
[AWSマイスターシリーズ] AWS Billingについて
[AWSマイスターシリーズ] AWS Billingについて[AWSマイスターシリーズ] AWS Billingについて
[AWSマイスターシリーズ] AWS BillingについてAmazon Web Services Japan
 
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要Amazon Web Services Japan
 
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQLAmazon Web Services Japan
 
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012Amazon Web Services
 
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...Amazon Web Services Korea
 
API strategy with IBM API connect
API strategy with IBM API connectAPI strategy with IBM API connect
API strategy with IBM API connectKellton Tech Solutions Ltd
 
API Gateway를 이용한 토큰 기반 인증 아키텍처
API Gateway를 이용한 토큰 기반 인증 아키텍처API Gateway를 이용한 토큰 기반 인증 아키텍처
API Gateway를 이용한 토큰 기반 인증 아키텍처Yoonjeong Kwon
 
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)Amazon Web Services Japan
 
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series Amazon Web Services Korea
 
Lambda layerをDeployする方法を調べる
Lambda layerをDeployする方法を調べるLambda layerをDeployする方法を調べる
Lambda layerをDeployする方法を調べるshotaueda3
 
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハック
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハックAWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハック
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハックAmazon Web Services Japan
 
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019Amazon Web Services Korea
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAMAmazon Web Services
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 
Federated api management with wso2 api manager
Federated api management with wso2 api managerFederated api management with wso2 api manager
Federated api management with wso2 api managerChanaka Fernando
 
Whitebase : Assault Carrier for Micro-Services
Whitebase : Assault Carrier for Micro-ServicesWhitebase : Assault Carrier for Micro-Services
Whitebase : Assault Carrier for Micro-ServicesJaewoo Ahn
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways Kong Inc.
 

Weitere ähnliche Inhalte

Was ist angesagt?

천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017
천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017
천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017Amazon Web Services Korea
 
浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターンAmazon Web Services Japan
 
The never-ending REST API design debate
The never-ending REST API design debateThe never-ending REST API design debate
The never-ending REST API design debateRestlet
 
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway PatternAPI Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway PatternVMware Tanzu
 
[AWSマイスターシリーズ] AWS Billingについて
[AWSマイスターシリーズ] AWS Billingについて[AWSマイスターシリーズ] AWS Billingについて
[AWSマイスターシリーズ] AWS BillingについてAmazon Web Services Japan
 
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要Amazon Web Services Japan
 
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQLAmazon Web Services Japan
 
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012Amazon Web Services
 
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...Amazon Web Services Korea
 
API Gateway를 이용한 토큰 기반 인증 아키텍처
API Gateway를 이용한 토큰 기반 인증 아키텍처API Gateway를 이용한 토큰 기반 인증 아키텍처
API Gateway를 이용한 토큰 기반 인증 아키텍처Yoonjeong Kwon
 
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)Amazon Web Services Japan
 
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series Amazon Web Services Korea
 
Lambda layerをDeployする方法を調べる
Lambda layerをDeployする方法を調べるLambda layerをDeployする方法を調べる
Lambda layerをDeployする方法を調べるshotaueda3
 
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハック
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハックAWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハック
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハックAmazon Web Services Japan
 
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019Amazon Web Services Korea
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 
Federated api management with wso2 api manager
Federated api management with wso2 api managerFederated api management with wso2 api manager
Federated api management with wso2 api managerChanaka Fernando
 

Was ist angesagt? (20)

천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017
천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017
천만 사용자를 위한 AWS 클라우드 아키텍쳐 진화하기- AWS Summit Seoul 2017
 
AWS API Gateway
AWS API GatewayAWS API Gateway
AWS API Gateway
 
浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン浸透するサーバーレス 実際に見るユースケースと実装パターン
浸透するサーバーレス 実際に見るユースケースと実装パターン
 
The never-ending REST API design debate
The never-ending REST API design debateThe never-ending REST API design debate
The never-ending REST API design debate
 
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway PatternAPI Gateway How-To: The Many Ways to Apply the Gateway Pattern
API Gateway How-To: The Many Ways to Apply the Gateway Pattern
 
[AWSマイスターシリーズ] AWS Billingについて
[AWSマイスターシリーズ] AWS Billingについて[AWSマイスターシリーズ] AWS Billingについて
[AWSマイスターシリーズ] AWS Billingについて
 
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要
20190730 AWS Black Belt Online Seminar Amazon CloudFrontの概要
 
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL
20190424 AWS Black Belt Online Seminar Amazon Aurora MySQL
 
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012
Best Practices: Operational Checklists for the AWS Cloud - AWS NYC Summit 2012
 
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...
 
API strategy with IBM API connect
API strategy with IBM API connectAPI strategy with IBM API connect
API strategy with IBM API connect
 
API Gateway를 이용한 토큰 기반 인증 아키텍처
API Gateway를 이용한 토큰 기반 인증 아키텍처API Gateway를 이용한 토큰 기반 인증 아키텍처
API Gateway를 이용한 토큰 기반 인증 아키텍처
 
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)
[AWSマイスターシリーズ]Amazon Elastic Load Balancing (ELB)
 
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series
AWS 서비스로 웹 애플리케이션 만들기 – 김주영, AWS 솔루션즈 아키텍트:: AWS Builders Online Series
 
Lambda layerをDeployする方法を調べる
Lambda layerをDeployする方法を調べるLambda layerをDeployする方法を調べる
Lambda layerをDeployする方法を調べる
 
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハック
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハックAWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハック
AWS Black Belt Online Seminar 2017 Amazon Pinpoint で始めるモバイルアプリのグロースハック
 
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAM
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?
 
Federated api management with wso2 api manager
Federated api management with wso2 api managerFederated api management with wso2 api manager
Federated api management with wso2 api manager
 

Andere mochten auch

Whitebase : Assault Carrier for Micro-Services
Whitebase : Assault Carrier for Micro-ServicesWhitebase : Assault Carrier for Micro-Services
Whitebase : Assault Carrier for Micro-ServicesJaewoo Ahn
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways Kong Inc.
 
DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...
DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...
DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...Gleicon Moraes
 
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIsAmazon Web Services
 
Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...
Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...
Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...CA Technologies
 
API Management architect presentation
API Management architect presentationAPI Management architect presentation
API Management architect presentationsflynn073
 
MSA를 이용해 구현하는 고가용/고확장성 서비스
MSA를 이용해 구현하는 고가용/고확장성 서비스MSA를 이용해 구현하는 고가용/고확장성 서비스
MSA를 이용해 구현하는 고가용/고확장성 서비스DoHyun Jung
 
마이크로서비스 아키텍처로 개발하기
마이크로서비스 아키텍처로 개발하기마이크로서비스 아키텍처로 개발하기
마이크로서비스 아키텍처로 개발하기Jaewoo Ahn
 
Microservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David BorsosMicroservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David BorsosOpenCredo
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice ArchitectureYoonsung Jung
 
기술적 변화를 이끌어가기
기술적 변화를 이끌어가기기술적 변화를 이끌어가기
기술적 변화를 이끌어가기Jaewoo Ahn
 
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldAn Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldVMware Tanzu
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservicesAlvaro Sanchez-Mariscal
 

Andere mochten auch (20)

Whitebase : Assault Carrier for Micro-Services
Whitebase : Assault Carrier for Micro-ServicesWhitebase : Assault Carrier for Micro-Services
Whitebase : Assault Carrier for Micro-Services
 
Microservices & API Gateways
Microservices & API Gateways Microservices & API Gateways
Microservices & API Gateways
 
API Gateway report
API Gateway reportAPI Gateway report
API Gateway report
 
Oracle API Gateway
Oracle API GatewayOracle API Gateway
Oracle API Gateway
 
DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...
DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...
DNAD 2015 - Como a arquitetura emergente de sua aplicação pode jogar contra ...
 
Oracle api gateway overview
Oracle api gateway overviewOracle api gateway overview
Oracle api gateway overview
 
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
 
Oracle API Gateway Installation
Oracle API Gateway InstallationOracle API Gateway Installation
Oracle API Gateway Installation
 
Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...
Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...
Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Enviro...
 
API Management architect presentation
API Management architect presentationAPI Management architect presentation
API Management architect presentation
 
MSA를 이용해 구현하는 고가용/고확장성 서비스
MSA를 이용해 구현하는 고가용/고확장성 서비스MSA를 이용해 구현하는 고가용/고확장성 서비스
MSA를 이용해 구현하는 고가용/고확장성 서비스
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
마이크로서비스 아키텍처로 개발하기
마이크로서비스 아키텍처로 개발하기마이크로서비스 아키텍처로 개발하기
마이크로서비스 아키텍처로 개발하기
 
Kong
KongKong
Kong
 
Microservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David BorsosMicroservices Manchester: Authentication in Microservice Systems by David Borsos
Microservices Manchester: Authentication in Microservice Systems by David Borsos
 
Microservice Architecture
Microservice ArchitectureMicroservice Architecture
Microservice Architecture
 
기술적 변화를 이끌어가기
기술적 변화를 이끌어가기기술적 변화를 이끌어가기
기술적 변화를 이끌어가기
 
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices WorldAn Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices World
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservices
 
Zuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne PlatformZuul @ Netflix SpringOne Platform
Zuul @ Netflix SpringOne Platform
 

Ähnlich wie Api gateway : To be or not to be

apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...
apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...
apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...apidays
 
OpenStack Summit Fall 2018: LBaaS
OpenStack Summit Fall 2018: LBaaSOpenStack Summit Fall 2018: LBaaS
OpenStack Summit Fall 2018: LBaaSPraveen Yalagandula
 
Azure API Management - why should I care?
Azure API Management - why should I care?Azure API Management - why should I care?
Azure API Management - why should I care?Jouni Heikniemi
 
Monitoring API Performance and Delivering a Scalable API Solution
Monitoring API Performance and Delivering a Scalable API SolutionMonitoring API Performance and Delivering a Scalable API Solution
Monitoring API Performance and Delivering a Scalable API SolutionWSO2
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60PolarSeven Pty Ltd
 
Extend soa with api management Sangam18
Extend soa with api management Sangam18Extend soa with api management Sangam18
Extend soa with api management Sangam18Vinay Kumar
 
Business-friendly library for inter-service communication
Business-friendly library for inter-service communicationBusiness-friendly library for inter-service communication
Business-friendly library for inter-service communicationPivorak MeetUp
 
Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayAmazon Web Services
 
WSO2 Use Case - API Facade Pattern
WSO2 Use Case - API Facade PatternWSO2 Use Case - API Facade Pattern
WSO2 Use Case - API Facade PatternWSO2
 
PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg
PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg
PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg PROIDEA
 
Extend soa with api management spoug- Madrid
Extend soa with api management spoug- MadridExtend soa with api management spoug- Madrid
Extend soa with api management spoug- MadridVinay Kumar
 
Nginx Conference 2016 - Learnings and State of the Industry
Nginx Conference 2016 - Learnings and State of the IndustryNginx Conference 2016 - Learnings and State of the Industry
Nginx Conference 2016 - Learnings and State of the IndustryBenjamin Scholler
 

Ähnlich wie Api gateway : To be or not to be (20)

REST APIs
REST APIsREST APIs
REST APIs
 
apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...
apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...
apidays LIVE Hong Kong 2021 - Multi-Protocol APIs at Scale in Adidas by Jesus...
 
Microservice Powered Orchestration
Microservice Powered OrchestrationMicroservice Powered Orchestration
Microservice Powered Orchestration
 
Operating your Production API
Operating your Production APIOperating your Production API
Operating your Production API
 
OpenStack Summit Fall 2018: LBaaS
OpenStack Summit Fall 2018: LBaaSOpenStack Summit Fall 2018: LBaaS
OpenStack Summit Fall 2018: LBaaS
 
Startups without Servers
Startups without ServersStartups without Servers
Startups without Servers
 
Azure API Management - why should I care?
Azure API Management - why should I care?Azure API Management - why should I care?
Azure API Management - why should I care?
 
Monitoring API Performance and Delivering a Scalable API Solution
Monitoring API Performance and Delivering a Scalable API SolutionMonitoring API Performance and Delivering a Scalable API Solution
Monitoring API Performance and Delivering a Scalable API Solution
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60
 
The DNA of a great API
The DNA of a great APIThe DNA of a great API
The DNA of a great API
 
Extend soa with api management Sangam18
Extend soa with api management Sangam18Extend soa with api management Sangam18
Extend soa with api management Sangam18
 
APITalkMeetupSharable
APITalkMeetupSharableAPITalkMeetupSharable
APITalkMeetupSharable
 
Business-friendly library for inter-service communication
Business-friendly library for inter-service communicationBusiness-friendly library for inter-service communication
Business-friendly library for inter-service communication
 
Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API Gateway
 
WSO2 Use Case - API Facade Pattern
WSO2 Use Case - API Facade PatternWSO2 Use Case - API Facade Pattern
WSO2 Use Case - API Facade Pattern
 
MSB Deep Dive
MSB Deep DiveMSB Deep Dive
MSB Deep Dive
 
PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg
PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg
PLNOG15: The Power of the Open Standards SDN API’s - Mikael Holmberg
 
Extend soa with api management spoug- Madrid
Extend soa with api management spoug- MadridExtend soa with api management spoug- Madrid
Extend soa with api management spoug- Madrid
 
Overview xs en
Overview xs enOverview xs en
Overview xs en
 
Nginx Conference 2016 - Learnings and State of the Industry
Nginx Conference 2016 - Learnings and State of the IndustryNginx Conference 2016 - Learnings and State of the Industry
Nginx Conference 2016 - Learnings and State of the Industry
 

Kürzlich hochgeladen

SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 
How To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTROHow To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTROmotivationalword821
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identityteam-WIBU
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 

Kürzlich hochgeladen (20)

SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 
How To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTROHow To Manage Restaurant Staff -BTRESTRO
How To Manage Restaurant Staff -BTRESTRO
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 

Api gateway : To be or not to be

  • 1. API Gateway : To be or not to be? Platform Architecture Team SK Planet
  • 2. Synopsis • You’re developing based on MSA(Micro- Services Architecture) • How do the clients access the individual Micro-services?
  • 3. #1 : I don’t care for clients, DIY Client A (Web) Client B (App) MS-A MS-ALB MS-A MS-BLB MS-A MS-CLB MS-A MS-DLB Security Logging Version … Security Logging Version … Security Logging Version … Security Logging Version …
  • 4. #1 : I don’t care for clients, DIY • Clients need to access individual Micro-Services by themselves • Pros – No SPOF – No cost for developing API Gateway • Cons – Clients need to know endpoints of Micro-Services – If Micro-Services changes something(ex: LB VIP), all clients need to update – Each Micro-Services needs to handle these by themselves • Securities to protect their APIs (Auth, ACL, IP Blacklist, Rate Limiting, …), Versioning • Logging, Analytics, and any requirements from clients (ex : Batch APIs) – You’re adding another security path whenever new Micro-Service is added – If there is no API standard nor API spec sharing point between Micro-Services, clients will go to hell – Cannot handle composition scenario to prevent REST chattiness problem – You need to place Load Balancer in front of each Micro-services and consider fail-over of LB, too
  • 5. #2 : Wrapper (Library/SDK) Wrapper * Wrapper * MS-A MS-ALB MS-A MS-BLB MS-A MS-CLB MS-A MS-DLB Client A (Web) Client B (App) * Wrapper could be created by individual Micro-Services Security Logging Version … Security Logging Version … Security Logging Version … Security Logging Version …
  • 6. #2 : Wrapper (Library/SDK) • Clients use Wrapper(Library/SDK) to access Micro-Services • Pros – No SPOF – No cost for developing API Gateway – Higher Abstraction than REST APIs, so easy to use • Cons – Clients Wrapper needs to know endpoints of Micro-Services – If Micro-Services changes something(ex: LB VIP), all clients need to update Wrapper needs to be updated, QA, and re-deployed – Wrapper is responsible for backward compatibility – Each Micro-Services needs to handle these by themselves • Securities to protect their APIs (Auth, ACL, IP Blacklist, Rate Limiting, …), Versioning, Logging, Analytics, and any requirements from clients (ex : Batch APIs) – You’re adding another security path whenever new Micro-Service is added – If there is no API standard nor API spec sharing point between Micro-Services, clients will go to hell You need to update Wrapper document/manual, provide download location, manage achieve, maintain release notes, send notices, and maybe cause forced-update of your app – Cannot handle composition scenario to prevent REST chattiness problem, but need to update/re-deploy your wrapper – You need to place Load Balancer in front of each Micro-services and consider fail-over of LB, too – Becoming big burden if you need to support polyglot clients
  • 7. Checkpoint • It’s all about level of “Abstraction” – Provide it as REST APIs – Provide it as Wrapper (Library/Wrapper) • Higher abstraction – Makes client happy (but only if you maintain versions/backward compatibility well) – Makes Wrapper developer unhappy – Even worst if API Provider != Wrapper developer • Common RoR problems – If client fails, who’s responsible for investigate it? While stacktraces says problem is raised on the Wrapper, they will call Wrapper developer even though client mis-use wrapper or server fails 
  • 8. API Gateway #3 : API Gateway Client A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version …
  • 9. #3 : API Gateway • Single endpoint for clients, handle requests proxied/routed to the appropriate service (or service instance) • Pros – Can solve most problems – Separation of Concerns • Micro-Services focus on business features • API Gateway provides protection/common feature layer – Minimize/Isolate services’ change impacts • Cons – Possibility of SPOF/bottleneck – Performance tradeoff due to processing time in API Gateway and more network hops – Need to manage routing rule or APIs – Needs Service Discovery/Registry – Cost for developing API Gateway – Additional Hardware/Network/Management cost – Risk of management bottleneck
  • 10. SPOF/bottleneck : Scale-out API Gateway Client A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version … API Gateway Security Logging Version … LB
  • 11. SPOF/bottleneck : Partitioning API Gateway Client A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version … API Gateway Security Logging Version … LB API Gateway Security Logging Version … API Gateway Security Logging Version … LB DNS/ LB A or B C or D
  • 12. SPOF/bottleneck : Partitioning API GatewayClient A (Web) Client B (App) MS-A MS-A MS-A MS-B MS-A MS-C MS-A MS-D Security Logging Version … API Gateway Security Logging Version … LB API Gateway Security Logging Version … API Gateway Security Logging Version … LB
  • 13. Performance Tradeoff • Network hop/latency depends on network topology • API Gateway processing time depends on what you want to do in API Gateway • Consider Tradeoff : What’s more important? • Some Tips – Don’t parse request/response body if you don’t need it – Caching on API Gateway
  • 14. Managing Routing Rule or APIs • Routing Rule-based Control – Define Coarse-grained routing rule – Gateway knows MSs but don’t care for specific APIs – Micro-Services need to resolve APIs and validate whether they are valid request • API-based Control – Register APIs want to be managed in Gateway – API Gateway resolve APIs and validate request/response with exact match – Gateway should know APIs
  • 15. Managing Routing Rule or APIs Client A (Web) API Gateway MS-A /A/InvalidResources with ValidCredential /InvalidResources 404 Not Found404 Not Found Security : Passed Client A (Web) API Gateway /A/InvalidResources with ValidCredential 404 Not Found Security : Passed /A/* -> MS-A /A/ValidResources -> MS-A/ValidResources - params : … - result: … MS-A /A/ValidResources?invalid with ValidCredential 400 Bad Request (Invalid Parameter) /A/ValidResources?invalid with ValidCredential 400 Bad Request (Invalid Parameter) /A/ValidResources?invalid with ValidCredential 400 Bad Request (Invalid Parameter) Routing Rule Based Control(per MS) API Based Control (per API)
  • 16. Managing Routing Rules or APIs • Routing rule based is preferred when • Clients are 1st parties • Coarse-grained control is enough • You can provide API spec/document from Micro-Services directly • API is changed frequently • API based is preferred when • Clients are including 3rd parties • Minimize Micro-Services’ overhead from invalid request • Fine-grained control is needed • If you require mediation or some manipulation per APIs • You need to provide API spec/document from API Gateway • Recommendations – Use routing rule based control primarily, then append API-based control as you need
  • 17. Managing API specification • You can manage it – Deeply coupled with API Gateway API-based Control requires for API Gateway to know API specification – Externally (ex : Swagger, ProtocolBuffer) Both Routing Rule-based and API-based control • If you have a API spec, – Client developer can create client codes (even wrapper) – Server developer can create server codes
  • 18. Service Discovery/Registry MS-A Container API Gateway UI UI MS-A HA Proxy HA Proxy HA Proxy Service Registry Service Agent MS-A Container MS-A HA Proxy Service Agent MS-B Container MS-B Service Agent MS-B Container MS-B Service Agent
  • 19. Cost for developing API Gateway • Depends on what you want to do with API Gateway • Simple requirements = Simple API Gateway (nginx/HA proxy might be enough for you) • Node.js is a good start point to implement • But going complex – If you need to consider 3rd parties and Open API since Developer portal and Onboarding process is required – If you want some GUI and management console (= Publisher portal) – Consider API Gateway as Silver Bullet (ESB?)…
  • 20. Additional Hardware/Network/Management cost • Another tradeoff : What’s more important? • Depends on how you implement it and what you want to do • Cost could be issue – If you consider adopting commercial products – If you consider doing a lot of manipulation in API Gateway
  • 21. Risk of management bottleneck • If API Gateway is managed by single team, there are risks of management bottleneck – API Gateway team has primary responsibility for changes/failure/backward compatibility, … – API Gateway team could be a bottleneck (going worse if you do a lot of manipulations in it) • Recommendation : separate managements – API Gateway itself (API Gateway team) – Services on the API Gateway (each service teams)
  • 22. API Gateway: To be or not to be • Consider your scenario • But generally, API Gateway is a good choice… and it begins API Managements of your organization • To adopt it, start with simple one – again, nginx/HA proxy might be enough for you – Consider complex product/solution later
  • 23. Send a feedback var you = {}; if (you.like||you.dislike||you.suggest||you.request) { var url = "https://www.linkedin.com/in/lancersahn"; linkedin.contact(url); }