System DesignAPI Gateway là single entry point cho tất cả client requests đến microservices – hoạt động như reverse proxy với nhiều tính năng bổ sung. Vai trò: routing (forward request đến đúng service), authentication/authorization (centralized auth thay vì mỗi service tự verify), rate limiting, SSL termination, request/response transformation, API versioning, caching.
Lợi ích: client chỉ cần biết một endpoint thay vì nhiều service URLs; giảm round trips với request aggregation (BFF pattern – Backend for Frontend); dễ thêm cross-cutting concerns mà không sửa services. Hạn chế: single point of failure nếu không có HA setup; có thể trở thành bottleneck; thêm latency; có thể tạo coupling nếu overloaded với logic. Phân biệt API Gateway vs Service Mesh: API Gateway xử lý North-South traffic (external → internal), Service Mesh xử lý East-West traffic (service → service). Giải pháp phổ biến: AWS API Gateway, Kong, Nginx, Traefik, Envoy.
An API Gateway is the single entry point for all client requests to microservices — acting as a reverse proxy with additional features. Its role includes: routing (forwarding requests to the correct service), centralized authentication and authorization (eliminating per-service auth), rate limiting, SSL termination, request/response transformation, API versioning, and caching.
Benefits: clients only need to know one endpoint instead of many service URLs; round trips are reduced through request aggregation (BFF pattern — Backend for Frontend); cross-cutting concerns can be added without modifying individual services. Drawbacks: single point of failure without HA setup; can become a bottleneck; adds latency; can create tight coupling if overloaded with business logic. Key distinction — API Gateway vs Service Mesh: the API Gateway handles North-South traffic (external → internal), while Service Mesh handles East-West traffic (service → service). Popular solutions: AWS API Gateway, Kong, Nginx, Traefik, and Envoy.