Five tips that will put API gateways into perspective and guide you towards success in delivering highly available, secure and observable APIs.
Whenever a new technology gains traction — whether it’s a framework, language, tool, or practice — software developers must distill its true value from the buzz. Many have honed this skill to a fine edge, ready to cut away the meaningless from the meaningful. And with no shortage of new tech, this type of mental weed whacking has become an essential part of the job.
The term API gateway is catching on now. However, for even the most experienced judge of trends, it’s not easy to tell exactly why and how it should be used — especially given the horde of competing products that have flooded the market. Here, I present five tips that will put API gateways into perspective, help you to understand this technology better and ultimately guide you towards success in delivering highly available, secure and observable APIs.
Of course, an API gateway is a product _in the sense that vendors have products with the term API Gateway stuffed into their names. However, it’s best to ignore the marketing buzz around the term and instead think of it as a _design pattern, or a common solution to a well-known problem. As a design pattern it can be expressed succinctly:
An API gateway consolidates many APIs behind a single endpoint, while providing additional capabilities like SSL termination, load balancing, token-based authorization, retry logic, rate limiting, and monitoring.
An API gateway tries to solve the inherent complexity of calling many backend APIs, as many modern websites are prone to do, by presenting a unified interface that condenses multiple APIs into one. Rather than connecting to each API directly, the frontend code only needs to know the location of the API gateway. That makes frontend code more resilient to change, allowing you to scale API servers (or containers) up or down without affecting clients, change the layout of your internal network, and roll out updates more safely.
Because an API gateway fronts all of your services, it’s often augmented with features that cut across services — like SSL termination, load balancing, retry logic, rate limiting, and monitoring. The interesting thing is that you will find nearly all of these characteristics within a modern, software load balancer. In fact, there’s nothing wrong with using a load balancer as an API gateway. For instance, you could easily deploy the open source HAProxy load balancer between your clients and services, which has all of these capabilities and can relay API requests to the correct service based on the path in the URL.
What is API product management and what can you be doing to be a better API product manager — get aligned with SaaS and enterprise software requirements. This guide lays out what is API product management and some of the things you should be doing to be a good product manager.
Learn what are the most important API security threats engineering leaders should be aware of and steps you can take to prevent them
To understand this better, let's take a simple Camel Rest Service example and try integrating that with Red Hat 3Scale.
In this article, we reveal Linkerd’s secret sauce: a lightning fast Rust proxy called simply Linkerd2-proxy. Unlike general purpose proxies such as Envoy, NGINX, and haproxy, the open source Linkerd2-proxy is designed to do only one thing and do it better than anyone else: be a service mesh sidecar proxy.
Interview results from surveying Product Managers at API-first San Francisco companies who have revenue in excess of $100M. let's dive into API-First Product Managers’ Popular API Tools and API Metrics