API Gateway for Microservices
I. Introduction
With the rapid development of the Internet, we are now entering the era of mobile Internet and the Internet of Things. There are also multiple ways for users to access the system, from a single PC client to a PC client, various browsers, mobile phones and smart terminals. At the same time, most of the systems do not run independently, and often involve the need to connect with other systems and share data. Therefore, the system needs to upgrade the framework to meet the ever-changing needs, support business development, and upgrade the framework to a microservice architecture. The "API Gateway" core component is architected to meet these requirements.
Many Internet platforms have built API gateways for their own platforms based on the gateway design idea, including JD.com, Ctrip, Vipshop, etc. in China, and Netflix, Amazon, etc. in foreign countries.
2. Industry related gateway framework
In order to meet these requirements, the industry already has related gateway frameworks.
1. The gateways based on the nginx platform are: KONG, API Umbrella
2. Self-developed gateways are: apigee, Zuul
3. API Gateway Design
API Gateway is a pattern for standardized services in Microservices Architecture. API gateway is positioned as the gateway of application system service interface, which is different from the gateway of network technology, but the principle is the same. API gateway unified service entrance, which can facilitate the management and control of many service interfaces of the platform, identity authentication of access services, anti-message replay and anti-data tampering, business authentication of function calls, desensitization of response data, traffic and concurrency Control, even metering or billing based on API calls, etc. The component design is as follows:
Figure 1 - Schematic diagram of API gateway functional structure
A variety of client programs, such as: mobile APP, PC and intelligent terminal equipment. The client program accesses the API gateway through the Internet or a private network. After the API gateway uniformly receives the request, it locates the specific processing microservice machine through a series of modules, and forwards it to the target service for processing. The communication between the gateway and the microservice is internal local area network. The API gateway uniformly regulates the external services of the platform and acts as the PaaS layer of the platform. As shown in the figure above, the API gateway functional structure is based on the pipeline model and supports pluggable design and development, and provides a unified WebAPI access interface based on the http protocol. Each internal module implements its own functions, including: black and white lists, logs, and protocol adaptation. , identity authentication, current counting and current limiting and routing. And rely on "Access Authentication Center, Service Publishing Management Center" to control API gateway access rights and locate target microservices respectively. The function description of each module is as follows:
1. Black and white list: Realize the function of prohibiting access to the gateway through IP address control. This function is implemented by application-level control, and further access can be controlled through network transmission.
2. Log: realize the record of access log, which can be used to analyze access, process performance indicators, and support the application of other module functions with the analysis results.
3. Protocol adaptation: realize the functions of communication protocol verification and adaptation conversion.
4. Identity authentication: Responsible for gateway access authentication and verification, this module communicates with the "Access Authentication Center", and the actual authentication business logic is handed over to the "Access Authentication Center" for processing.
5. Current metering and current limiting: Realize microservice access traffic calculation, limit current based on traffic calculation and analysis, and define a variety of current limiting rules.
6. Routing: Routing is a very core module function of API Gateway. This module realizes that according to the request, the target microservice is locked and the request is forwarded. This module needs to communicate with the Service Publishing Manager. "Service Release Management Center" realizes the function of microservice release registration management, and communicates with it to obtain target microservice information.
4. API Gateway Deployment
API Gateway is a common basic component that is stateless and can support multiple sets of distributed deployments. As shown in the following figure:
Figure 2- Schematic diagram of API gateway deployment
5. API Gateway Implementation Technology
1. Technology: The framework is built on the .NET platform as a whole, so the API gateway is tentatively implemented based on the .NET4.6 platform and the ASP.NET WebAPI2.0 framework. The specific software architecture is described in the previous article.
2. Performance: deployed in IIS7.0, 1000 concurrent query requests, average response 90ms.
Maybe on the IIS7.0 and .Net4.6 platforms, the processing of large concurrent performance will be even worse. In the future, we will consider upgrading and developing based on .net core and deploy it on the Linux platform.
The main principle of API gateway is the same. Different platforms combine the overall framework design of their own platforms, and different technologies can be used for implementation. At present, some of them are developed based on Spring MVC, node.js, and Erlang technologies.
6. Conclusion
The above is the design of the API gateway overview, and there are other aspects that are not discussed in this article, such as the design of features such as security, high concurrency, and scalability. At the same time, as one of the components of the platform, it also involves collaboration with other components. run. The content of this block will be shared later.