Professionals and Cons of Utilizing API Gateways

Within the days of yore, internet hosting stacks consisted of functions and the servers they ran on.

At present, nonetheless, the internet hosting stack has grown extra complicated. As an increasing number of functions migrate to distributed, microservices-based architectures and internet hosting environments, a brand new kind of device — the API gateway — is turning into a necessary layer of many stacks.

Here is the 101 on what API gateways do and when it’s possible you’ll — or could not — wish to use one.

What Is an API Gateway?

An API gateway is a device or service that accepts API requests from shoppers, forwards them to functions, and sends the outcomes again to shoppers.

Associated: Why APIs Are the Basis of Fashionable Software program Growth

In different phrases, an API gateway is a layer that sits between shoppers and functions with a purpose to handle incoming API calls.

Key Advantages of API Gateways

You do not strictly want an API gateway to just accept API requests for an software. You possibly can merely ship requests on to functions and allow them to reply.

Nevertheless, including an API gateway to your internet hosting stack offers a number of essential advantages:

    • API request administration: By intercepting API requests, API gateways can mix, reformat, or in any other case manipulate each requests and the ensuing response. That is helpful if shoppers “say” one factor when calling an API however your microservices must “hear” one thing totally different with a purpose to reply. On this case, the API gateway serves primarily as a translation layer for API calls.


    • Price limiting: API gateways can “throttle” or rate-limit incoming requests, which implies limiting the variety of requests that shoppers could make in a given timeframe. Price-limiting helps mitigate safety abuse. It additionally protects towards the danger that buggy or poorly managed shoppers will overwhelm functions by making massive numbers of repeated, pointless requests.


    • Load balancing: Though API gateways do extra than simply load balancing, the power to steadiness load by distributing visitors throughout a number of software situations or microservices is one among their options.


    • Monitoring and observability: API gateways can monitor and log API requests, offering the info essential to drive observability.


    • Safety: API gateways may implement safety guidelines. For instance, they may block malicious requests to forestall DDoS assaults.


Many of those capabilities could possibly be achieved, at the very least partially, utilizing different varieties of instruments. For instance, you would attempt to monitor and log API requests immediately inside your software. However by outsourcing these duties to an API gateway, you get a centralized method to deal with all the key elements of API administration, with out having to implement these capabilities immediately inside software logic.

API Gateways vs. Load Balancers, Orchestrators, and Service Meshes

API gateways will not be the one novel layer that you simply’re prone to discover in trendy internet hosting stacks. They typically function alongside different varieties of options, together with load balancers, orchestrators, and repair meshes, which companies have additionally begun deploying to assist handle distributed, microservices-based apps.

Associated: How IT Operations Groups Can Enhance API Administration

API gateway performance enhances, and in some instances overlaps with, the performance of those different varieties of providers. However API gateways are totally different in a number of important methods:

    • API gateways versus load balancers: Load balancers’ solely job is to distribute software load. API gateways can try this, however they will do many different issues, too, as defined above.


    • API gateways versus orchestrators: Orchestrators handle the deployment of microservices. In addition they usually present some observability and security measures, which can overlap with the options of an API gateway. Past this, nonetheless, API gateways and orchestrators are basically various kinds of instruments.


    • API gateways versus service meshes: Service meshes handle inside API calls that microservices make to one another. In distinction, API gateways handle exterior API calls that originate from exterior the appliance.


The place to Discover API Gateways

There isn’t a scarcity of API gateway choices available on the market.

All the main public clouds, equivalent to Amazon, present API gateway providers that clients can use along side workloads hosted on their clouds. As well as, IT groups can make the most of a wide range of stand-alone API gateways — equivalent to Kong and Tyk — which work in public clouds, in addition to non-public cloud, hybrid cloud, or on-prem environments.

Associated: Kong Enterprise 2.7 Advances Cloud-Native API Administration

The options of the varied API gateway options on the market range a bit, particularly in the case of which monitoring, observability, and safety performance they provide. However all of them carry out the identical core operate of managing API requests.

The Professionals and Cons of API Gateways

API gateways are highly effective instruments, however they don’t seem to be essential for each software deployment.

The primary use case for an API gateway is while you deploy an software that accepts exterior API requests that contain any diploma of complexity, and/or over which you must implement visitors or safety controls over them.

That stated, the disadvantages of API gateways embody:

    • Probably slower efficiency: API gateways create one other layer that visitors must move by, which might probably sluggish software efficiency — particularly when the gateway is poorly configured.


    • Reliability challenges: In case you solely implement one API gateway occasion, the gateway turns into a single level of failure in your app, creating reliability dangers.


    • Redundancy: As famous above, a lot of the performance of API gateways can alternatively be applied utilizing different instruments. In case you’re already dealing with visitors administration, monitoring, observability, and safety in different methods, an API gateway is redundant and provides pointless complexity to your internet hosting stack.



To sum up, API gateways have develop into an essential a part of many internet hosting stacks. In case you want a centralized method to handle all elements of exterior API calls, an API gateway is essentially the most simple method to do it.

That stated, API gateways aren’t essential — or helpful — for each use case. Earlier than including an API gateway to your stack, assume critically in regards to the potential downsides of utilizing an API gateway, in addition to various strategies of reaching the performance you search.

Concerning the creator

Christopher Tozzi headshotChristopher Tozzi is a expertise analyst with subject material experience in cloud computing, software improvement, open supply software program, virtualization, containers and extra. He additionally lectures at a serious college within the Albany, New York, space. His ebook, “For Enjoyable and Revenue: A Historical past of the Free and Open Supply Software program Revolution,” was printed by MIT Press.

Leave a Reply