API GATEWAY is a gateway where all the application traffic is routed before the traffic hits the web server or cache layer, all the application traffic will be routed via API GATEWAY.
API GATEWAYS are connected to APP servers, CDNS, DNS servers, API Servers, Data centers, Private cloud, On-prem, and many more components in the public and private domain. All the major websites (Major apps) that you are consuming on a day-to-day basis are leveraging API GATEWAY.
All the user-generated traffic is first routed to the API GATEWAY where the user data is usually sent via HTTPS PROTOCOL which is an encrypted data sharing mechanism.
User traffic all across the globe is First Routed through the API GATEWAY, once the traffic passes the API GATEWAY it will undergo SSL OFFLOADING through which HTTPS TRAFFIC will be converted into HTTP TRAFFIC, the process is called SSL offloading / TLF OFFLOADING / SSL Termination.
SSL termination: It is the process of reduction of heavier HTTPS traffic into lighter HTTP traffic, the process of SSL TERMINATION will reduce the network latency and congestion drastically and will reduce the computational load of web servers.
Once the web/app traffic is in the INFRA PROTECTED BY API GATEWAY and WAF, then the traffic will be offloaded and then it will be routed to the load-balancer which will ration the traffic to the healthy server pools (load balancers will be implementing one of the 8-9 popular load balancing algorithms like round robin, ip hash, least response time, etc).
The SSL termination will reduce the data overhead as the denser HTTP traffic will be converted into lighter HTTP traffic which can be easily handled by the web server resulting in lower computational and storage overhead.
Once the SSL offloaded HTTP TRAFFIC hits the load balancer, the HTTP DATA transfer between the servers is initiated and the I/O-based input and outputs will be initiated to ensure the duplex connection between clients and servers.
Both the load balancers and the API gateways need to be well-optimized and have to be updated frequently, both the load-balancer and API gateways ensure safe, reliable traffic flow in distributed systems.
API GATEWAYS usually carry out multiple tasks and then once the users are routed to the right servers, the users can start consuming the application.
KEY STEPS CARRIED OUT BY API GATEWAY:
- Routing
- SSL Traffic
- SSL Termination
- Load Balancing (Manual + Automated)
- Data Integration
- metrics and analytics
- WAF
The Traffic across all channels will be well structured, filtered, and transferred via harnessing the power of API gateways, API gateways will be able to filter the traffic at Layer 1 and Layer 4 this will only allow relevant app traffic to enter and exit the application public and private infrastructure.
The API gateways are integrated with all types of systems be it monolith, micro-services, event-driven, server-less, on-prem, hybrid cloud, private cloud, public cloud, cdns, hardware LB, software LB, and many more distributed system components in both software and hardware domain.
Diagrams
The article above is rendered by integrating outputs of 1 HUMAN AGENT & 3 AI AGENTS, an amalgamation of HGI and AI to serve technology education globally.