Should I use an API Gateway or Service Mesh?

4/6/2019

Say you are using Microservices with Docker Containers and Kubernetes.

If you use an API Gateway (e.g. Azure API Gateway) in front of your microservices to handle composite UI and authentication, do you still need a Service Mesh to handle Service Discovery and Circuit Breaker? Is there any functionality in Azure API Gateway to handle these kind of challenges? How?

-- user217648
api-gateway
istio
kubernetes
microservices

4 Answers

4/7/2019

Nicely explained by fatcook above.. See Azure-Frontdoor

as this is attempting to do the same as Kong on Azure. API gateway + handling control plane level features

-- Samant
Source: StackOverflow

4/6/2019

API gateways are applied on Layer 7 of OSI model or you can say to manage traffic coming from outside network ( sometimes also called north/south traffic ) , whereas Service Mesh is applied to Layer 4 of OSI model or to manager inter-services communications ( sometimes also called as east/west traffic). Some examples of API Gateway features are Reverse Proxy,Load Balancing , Authentication and Authorization , IP Listing , Rate-Limiting etc. 

Service Mesh, on the other hand, works like a proxy or a side-car pattern which de-couples the communication responsibility of the service and handles other concerns such as Circuit breaker , timeouts , retries , service-discovery etc.

If you happen to use Kubernetes and Microservices then you might want to explore other solutions such as Ambassador + Istio Or Kong which works as Gateway as well as Service Mesh.

-- fatcook
Source: StackOverflow

4/6/2019

An API Gateway only handles the entry point into your Kubernetes clusters, e.g. it sends a request to your frontend microservice. However, it can do nothing after the request enters your cluster. There might still be multiple calls between microservices. You still want to verify authentication for those requests, you still want to make sure that there are circuit breakers in between the services, etc. Theoretically, you could make sure all your microservices call each other via the API gateway, however I do not think that is what you want.

In short: No, because an API Gateway is only an entry point, any service to service communication is better handled with a Service Mesh.

-- Blokje5
Source: StackOverflow

4/6/2019

you can use an API gateway to handle service discovery and circuit breaker - but that would make it a central point in your deployment i.e. all calls external and internal will have to be routed via the gateway.

A service mesh deploy an additional edge component ("sidecar") alongside each service making the overall behavior distributed (but also more complex)

Depending on your particular requirements you may use one, the other, both or none

-- Arnon Rotem-Gal-Oz
Source: StackOverflow