If you write CRUD every day, it’s time to connect the system to the API gateway!

Today I will share with you some knowledge about API gateway. Many of you may usually engage in some CRUD business system development and have never come into contact with API gateway.

So today let’s talk about what API Gateway is and what role it can play for us. This knowledge point is likely to be asked during the interview.

Let’s first take a look at the business system technology stack

Normally when we write a system, we often develop business code based on the SpringBoot+Spring MVC+Spring+Mybatis technology stack, and then connect to a MySQL.

When you call other systems, they are often based on Dubbo, and the registration center may be Zookeeper or Nacos.

It's similar to the picture below, right?

Gateway routing request forwarding function

Okay, now let me tell you about the first pain point, which is that your company may have more than n business systems, and there may be dozens of systems.

At this time, can the front-end/APP still know which request is sent to which system? This is really too troublesome, right? Therefore, an API gateway is generally introduced at this time.

For each business system, you can configure in the API gateway what kind of request URL you want to process. Then after the API gateway receives the request, it will judge based on the request URL path and know which business system the request should be forwarded to. Perfect, right?

Take a look at the following picture:

Gateway unified authorization and authentication functions

The next question is, can your system allow anyone to call you at will? Don't you have to set up an authorization and authentication process? Don't you have to identify whether the person who sends the request is a good person or a bad person?

Don't you have to think about whether the request sent should be processed? So at this time, do you handle the authentication yourself? That would be too troublesome. If you authenticate and other systems also authenticate themselves, it would be really troublesome.

So at this time, we can just add the authentication function to the API gateway. When a request comes in, whether it is from a good person or a bad person, the API gateway will help you authenticate it. Only the authenticated request can be sent to the backend.

As shown below:

API Gateway Layer Flow Control Function

Here comes the next pain point. Suppose that our system has only a few machines deployed, with a total of several thousand requests per second. One day, the operation organized a particularly good event, with tens of thousands of traffic and requests per second, which overwhelmed you all at once. What do you say you can do? You can't handle it?

So at this time, we have to add the flow control function at the API gateway layer. Each business system can configure the QPS it can handle, and it can limit the requests forwarded to you per second based on this.

As shown below:

API gateway layer grayscale release function

Then, there is another pain point that we often encounter. That is, every time we deploy the system online, if we deploy the new version to all machines at once, we are afraid that the new version will lose two words when it goes online and crash directly. What can we do?

So generally speaking, you can introduce a grayscale release. This grayscale release means that, assuming your system has deployed 3 machines, you deploy 1 machine each time it goes online, and then allocate 5% of the online traffic to the newly deployed grayscale version machine. Observe how it goes first. If there is no problem, deploy the next two machines. This is a grayscale release.

Grayscale release can also be called canary release. What does canary release mean? It means that in ancient times, when pirates went to a tomb, they would throw a canary into it to see if it buzzed. If it didn't buzz, it meant there was poisonous gas in the tomb. Grayscale release now means the same thing. First deploy the new version to a machine and observe it. If it crashes, it means there is a problem with the code.

Therefore, you can now implement grayscale release based on the API gateway. Each time a grayscale version is deployed, let the API gateway allocate 5% of the traffic to this grayscale version. When everything is normal, you can deploy the full version.

As shown below:

Okay, so far, I have explained the role of the API gateway to you. Don’t always bury your head in writing CRUD code. You should also learn about things like API gateways. Don’t be ignorant.