Effective combinations of
API Management and
API Gateway patterns can reduce overhead and offer simplicity in a growing Microservices ecosystem. By using:
- API Management Layer to centralise cross cutting
General Perimeter Functions. Such as: authentication, cross origin, throttling, caching.
- API Gateway layer to coordinate and aggregate downstream service calls into meaningful responses for upstream clients.
Sam Newman’s article on BFF (Backend For Frontend, not Best Friend Forever) covers both of the above concepts very thoroughly. In terms of implementation I’ve used Mashape’s Kong API Management quite extensively. I found it so useful that I ended up creating the following helpers:
- Docker Kong as a Service a fork of the official Kong docker image, that uses Rancher metadata service for IP discovery with more flexible Environment Variables.
- Kong Rancher Catalog a Rancher Catalogue that simplifies the global deployment of the above container across all Rancher nodes.
The above setup using Kong + Postgres RDS has been tested quite thoroughly in Production by a previous startup I consulted for. I would recommend Kong if you:
- Prefer an opensource alternative and control, over vendor solutions such as AWS API Gateway (recently became available in Sydney)
- Plan to integrate with other Mashape awesomeness such as Gelato Developer Portal or Galileo Analytics
- Have a security design that is comfortable to push authentication and other common functions to the perimeter
- Are under time/resources restrictions and wish to focus on your Services, rather than perimeter plumbing
Try it out and welcome any feedback. I’m planning to give a talk on this topic at the Rancher Sydney meetup. Stay tuned.