MaurĂcio Linhares / @mauriciojr / Software Engineer at Stripe (previously DigitalOcean)
One side wants less change the other wants more
Clients get one single API that hides the complexities about knowing every single microservice that exists
Logic that can be shared across services (like authentication and authorization) lives at the gateway instead of services.
Be it legacy, monoliths or microservices, the gateway can translate protocols and formats so that clients don't have to know about it.
Killed the monolith or got a new microservice replacing an old one? The gateway hides the details and clients continue to behave as if nothing changed.
Backends for frontends (BFFs) are just one API gateway for every frontend you're serving.
You can build an API gateway as a GraphQL server and have all your clients talk to it, hiding how the whole infrastructure works as well.
One shared rubygem with base code
Edge Gateway project starts
Starts serving production traffic
First all new microservice integrated
Still going!
Microservices are building new functionality and also slowly moving features out of the monolith.
Authentication and rate limiting happen at the gateway, services receive the requests with metadata already filled in and then perform the operation.
Apps register themselves at the route management service and the gateway talks to this service to figure out where to send requests.
Authentication and metadata is sent over HTTP headers
Applications in any language can read the headers and make use of then. They don't depend directly or call the gateway to do their work.