API Gateway
Neil Haddley • February 10, 2021
How to publish a collection of microservices using an API Gateway.
Client applications can be configured to connect to services directly.
Client applications can be configured to connect to services via a gateway.
A client might be a web page running in a browser or a mobile phone app.
The diagram above demonstrates how an API gateway sits between a client and a collection of services.
An API Gateway introduces latency but provides a number of benefits:
- Improved security - User authentication and other security tasks can be managed in one place
- Better metrics - Since all traffic flows through the gateway it is easier to add instrumentation
- Simpler code - With the gateway managing security and metrics centrally each service is easier to write
nginx
Here we use nginx as the basis of our reverse proxy. In the Docker file we specify that the /etc/nginx/conf.d/default.conf file in the nginx image will be replaced by a custom my-server.config
DOCKERFILE
1FROM nginx 2COPY ./my-server.conf /etc/nginx/conf.d/default.conf 3EXPOSE 80
Reverse proxy
The proxied server URLs are set using the proxy_pass directive.
NGINX
1server { 2 listen 80; 3 4 default_type text/plain; 5 6 location / { 7 proxy_pass http://books-react-service:3000; 8 } 9 10 location /books { 11 proxy_pass http://books-service:5000; 12 } 13 14}
Kubernetes
Kubernetes is a platform for managing containerized workloads.
The yaml file below ensures that there are two copies of the books image, two copies of the books-react image and one copy of the books-reverse-proxy image running at all times.
The books-reverse-proxy image is the API Gateway.
The yaml file below ensures that clients are only able to connect to the API Gateway.
The books container image provides a REST API Service.
The books-react container image provides a React App.
YAML
1apiVersion: apps/v1 2kind: Deployment 3metadata: 4 name: books-deployment 5 labels: 6 app: books 7spec: 8 replicas: 2 9 selector: 10 matchLabels: 11 app: books 12 template: 13 metadata: 14 labels: 15 app: books 16 spec: 17 containers: 18 - name: books 19 image: haddley/books 20 ports: 21 - containerPort: 5000 22--- 23apiVersion: v1 24kind: Service 25metadata: 26 name: books-service 27spec: 28 selector: 29 app: books 30 ports: 31 - protocol: TCP 32 port: 5000 33 targetPort: 5000 34 type: ClusterIP 35--- 36apiVersion: apps/v1 37kind: Deployment 38metadata: 39 name: books-react-deployment 40 labels: 41 app: books 42spec: 43 replicas: 2 44 selector: 45 matchLabels: 46 app: books-react 47 template: 48 metadata: 49 labels: 50 app: books-react 51 spec: 52 containers: 53 - name: books-react 54 image: haddley/books-react 55 ports: 56 - containerPort: 3000 57--- 58apiVersion: v1 59kind: Service 60metadata: 61 name: books-react-service 62spec: 63 selector: 64 app: books-react 65 ports: 66 - protocol: TCP 67 port: 3000 68 targetPort: 3000 69 type: ClusterIP 70--- 71apiVersion: apps/v1 72kind: Deployment 73metadata: 74 name: books-reverse-proxy-deployment 75 labels: 76 app: books-reverse-proxy 77spec: 78 replicas: 1 79 selector: 80 matchLabels: 81 app: books-reverse-proxy 82 template: 83 metadata: 84 labels: 85 app: books-reverse-proxy 86 spec: 87 containers: 88 - name: books-reverse-proxy 89 image: haddley/books-reverse-proxy 90 ports: 91 - containerPort: 80 92--- 93apiVersion: v1 94kind: Service 95metadata: 96 name: books-reverse-proxy-service 97spec: 98 selector: 99 app: books-reverse-proxy 100 ports: 101 - protocol: TCP 102 port: 80 103 targetPort: 80 104 type: LoadBalancer
Kubernetes Hosting
Kubernetes hosting is offered by Microsoft (Azure), Amazon (AWS) and Google (Google Cloud).
Kubernetes can be run on a developer's laptop using Docker Desktop or Minikube.
Kubernetes can be run on a collection of Raspberry Pi computers using K3s.
Shown below is a copy of Docker Desktop hosting the Kubernetes cluster described above.
Docker Desktop