Placeholder Image

Subtitles section Play video

  • API is an acronym for Application Programming  Interface, which is a software intermediary that  

  • allows two applications to talk to each otherSo every time you use an app like Instagram,  

  • you send us a message, or check travel prices  for your next vacation, you're using an API.  

  • APIs can make or break applications and have  to require additional infrastructure to secure,  

  • scale, and accelerate. And this is the case now  more than ever as organizations are modernizing  

  • their large legacy monolithic applications  into smaller individual microservices.  

  • These microservices are loosely coupled  in order to make your apps more scalable,  

  • highly available, and resource efficient just  to name a few. However, the outcome of using a  

  • microservice oriented architecture comes with many  more API calls going between your clients and your  

  • microservices. So, how do you securely manage this  influx of API traffic for a distributed system?  

  • Well, with an API Gateway! Hell, I even purchased  this nifty medium t-shirt with an API Gateway.  

  • And the first lucky viewer who answers my API  Gateway question towards the end of this video  

  • in the comment section will win their own version  of this t-shirt. So now let's take a deeper look  

  • into how an API Gateway can both improve the user  and developer experience for an online store. So,  

  • let's start off with an example here let's  say we have a fictitious eCommerce storefront,  

  • Indie's Custom Threads, and in this store you can  order customized t-shirts, kind of like my nifty  

  • API Gateway t-shirt here. So let's walk through  the scenario, right. We'd have our users here and  

  • then they would make the purchase and look at the  t-shirts on the website through these different  

  • clients, right. So you have your web application  here, which would be a standard web browser.  

  • We'd have our mobile client as well, it could be  iOS, it could be Android. And then we also have  

  • a third party API Integration Service, rightSo this could be if you want to integrate your  

  • website with like say something like facebook, or  in our case we have a Review API that's integrated  

  • through a third party. So, say you see someone  makes a comment about the t-shirt and they're like  

  • "man the t-shirt fit comfortable, but the 50  percent polyester really gave me a bad skin  

  • rash that would all be possible through this  third-party integrated service. So now that  

  • we've established our users and our clients, now  let's take a look at the actual product detail UI,  

  • right. So there's a lot of different  functionality, a lot of different tasks  

  • that we've broken down into these microservices  here. And this originally would be a monolithic  

  • application like we previously talked aboutbut we've broken it apart and segmented it  

  • into different services. So, as you can see the  first one here is the Product Info Service, this  

  • would be stuff like you know, look at the t-shirtwhat kind of color is a t-shirt, is it black, red,  

  • the size of the t-shirt, large, medium, and  so on. And then we have our Pricing Service,  

  • we have our Order Service if you want to look at  purchase history. You got the Inventory Service  

  • and the Review Service and so on. And this is  just a handful of different microservices here  

  • we could have many more. So that's just a very  quick, rudimentary overview of Direct Client to  

  • Microservice Communication architectureSo, let's take a look at what an API...

  • ...Gateway architecture might  look like. Let's get rid of these.

  • Okay, so API Gateway, the topic of the hourSo, your API Gateway would reside right here  

  • in the middle between your clients and your  microservices. And there are numerous benefits  

  • with implementing an API Gateway solutionbut I'm just going to go over just a couple  

  • main ones right now. So the first main benefit  is client performance. I'm just going to put  

  • perf for short. So, in our last example we had  our clients making a bunch of API requests to  

  • each individual microservice. So, in this  instance with our API Gateway, which would  

  • essentially be like a reverse proxy, or you could  even consider it like an API traffic controller,  

  • you would take those requests and then route them  to the appropriate microservice. So, this has  

  • numerous benefits, right, because now instead of  having all those individual requests go into each  

  • microservice now you can filter it through  your api gateway and this reduces latency.  

  • So now your product detail UI page will  run much more efficient, much faster,  

  • and it's a better client experience because  you don't have as many round trips, right.  

  • Because in our last example say you had a request  come in, it went to the Product Info Service,  

  • but you're Pricing microservices needs to speak  with the Product one. So you would have to go  

  • back to the Client, back to Pricing and so on. So  this reduces those round trips here. And on top of  

  • just being a better, you know client performanceit also helps the development team as well because  

  • they don't have to manage and maintain all  those individual API requests. Now they can  

  • do this all through the api gatewaySo the next main benefit is security.

  • So, by having this API Gateway right herewe essentially have a security barrier  

  • in front of our front-end clients, right. Our  front-end API endpoints. Because otherwise  

  • we had everything wide open, right. And you're not  as susceptible to like a DoS, Denial of Service  

  • attack, or any other malicious attack with this  API Gateway. And you could add other services  

  • within this API Gateway, like authenticationauthorization to add another layer of security.

  • And this leads me to my next benefit  which is protocol translation.

  • So if you recall, we had to have the same internet  friendly protocol going from our clients to the  

  • microservice in order for it to function and  operate. Here we could say we have https.  

  • The "s" again is secure credential, but we can  change the protocol here we can just go http  

  • for each API request that's routed. And by  removing the "s" and that secure credential  

  • you don't have to authenticate this is SSL  termination. Where the SSL stands for secure  

  • socket layer. And this is a process where  you decrypt and offload the encrypted SSL  

  • data within the API Gateway instead of going  to our backend microservices. So by doing this,  

  • this greatly helps performance of our e-Commerce  storefront as you can see. Although I don't know  

  • why we don't have any more schmediums. You don't  even have to have, you know, internet friendly,  

  • you can even have server-side protocols like AMQPSo you have a larger reach, right. You have more  

  • usability with your e-commerce storefront  because you could have other protocols.

  • And the last quick benefit  I want to mention is common

  • functionality, funct., offload.

  • So we're offloading these common functionalities  for every microservice that we had to have in  

  • order for it to operate, right. So, now  we can take some of that business logic  

  • and put it in this API Gateway. You can just  have your microservices running a little bit  

  • more efficiently and smoother because we're just  focusing on their tasks that they really need to  

  • focus on they don't need all that other business  logic. So you could have stuff like rate limiting,  

  • you could have 10 requests for every 60 seconds  if you want to put a cap on that to help with  

  • demand. You could also have stuff like API  monitoring and logging if you want to keep  

  • it on the API health and how everything's working  operational wise. And there's just so much more  

  • and that's just a few there's a lot more standard  features typically with an API Gateway solution.  

  • So, this is great and all, but  what if we get an instance where  

  • say you get a huge spike in traffic and Indie's  Custom Threads is preparing for Black Friday.  

  • Oh my god, we're going to get so much traffic  what are we going to do? You got users here,  

  • you got users here. Well we could install  and implement a BFF architecture. And no,  

  • I'm not saying best friend forever, althoughwill be your best friend if you like this video.  

  • I'm talking about back-end to front-end. And  essentially what this is, is you're adding  

  • additional API Gateways. So for this one  for instance this would be our dedicated  

  • Web API Gateway. So here we could have one for our  mobile devices, right, you could have another API  

  • Gateway. And this would just be dedicated to youryou know, native iOS and Android devices. And it  

  • would take all that API traffic coming for those  devices and route them to the right microservices.  

  • And this is, you know, you could have  this for the third party integration  

  • service, as well. And there's other clients as  well you can have here, you could have like IoT  

  • devices with sensors right. So, this is a great  benefit if you're going to have a huge demand and  

  • spike with traffic, or say you're just addinglot more functionality and features to your your  

  • e-Commerce storefront. So this would be a great  architecture to consider to expand and scale up.  

  • So this is just a very quick overview of API  Gateway. I hope you found it helpful. Oh,  

  • and before I forget, I didn't forget the t-shirtIf you want to get it my question to you is, what  

  • is SSL termination? Drop an answer in the comment  section and then we'll make sure to ship you  

  • the t-shirt and we'll get your details through  there so thank you so much for watching again.  

  • I hope this high level overview  has been helpful. Thank you.  

  • If you have questions please drop us a line  below. If you want to see more videos like this  

  • in the future, please like and subscribeAnd don't forget you can grow your skills  

  • and earn a badge with IBM Cloud labs, which are  free browser-based interactive Kubernetes labs.

API is an acronym for Application Programming  Interface, which is a software intermediary that  

Subtitles and vocabulary

Click the word to look it up Click the word to find further inforamtion about it