InfoQ Homepage News Uber Reveals Its API Gateway's Architecture

InfoQ Live (June 22nd) – Overcome Cloud and Serverless Security Challenges . Book your spot! Uber Reveals Its API Gateway's Architecture Like Print Bookmarks

Uber recently detailed the architecture of its internally built API gateway. It described how independent layered components handle each request in the gateway, with each layer being responsible for a different facet of the request lifecycle. A combination of YAML and Apache Thrift defines the gateway configuration, and a code-generated artifact in Go makes up the gateway implementation.

Protocol managers, middlewares, endpoint handlers, and clients are the components that make up a gateway. A protocol manager is the first layer of the stack. It contains a serializer and deserializer for each of the protocols supported by the gateway (e.g., JSON, Thrift, or Protobuf). Next, middlewares implement cross-cutting concerns, such as authentication, authorization, rate limiting, etc.

The endpoint handler is the layer responsible for request validation, payload transformation, and converting the endpoint request object to the client request object. Finally, protocol-aware clients perform a request to a back-end service. They encapsulate behaviors such as schema validation, circuit breaking, retry policies, and error handling.


Source: https://eng.uber.com/architecture-api-gateway/

The authors, Madan Thangavelu, Abhishek Parwal, and Rohit Patali, describe how they configure the layered components:

The configurations for each component are captured in Thrift and/or YAML files. YAML files provide the information for components and act as a sort of glue between them. The Thrift files define the payload and the protocol semantics.

The gateway thrift file heavily uses the feature of annotations in thrift IDLs in order to provide a single source of truth for various features and protocols. In the sections below we will dive into the configurations for each component.

For example, to configure an HTTP protocol manager to expose a "hello world" service, the following YAML and Thrift configuration files are used. The Thrift file describes the data types of the JSON request and response payloads, HTTP path, and the HTTP verb. The HTTP protocol is defined within the Thrift schema using the annotations feature of Thrift. Users use an internal custom UI to manage these configuration files, and a Git repository backs them.


JSON Configuration File
Source: https://eng.uber.com/architecture-api-gateway/


Thrift Configuration File
Source:
https://eng.uber.com/architecture-api-gateway/

Finally, given the required configuration, Uber uses Zanzibar to generate Go code which implements a high-throughput gateway. The image below depicts how user configuration in YAML & Thrift is used as input to a build system, which outputs the gateway executable for a specific configuration.


Source: https://eng.uber.com/architecture-api-gateway/

The authors state that "an advantage of centralized systems is to build features that can benefit all onboarded users." Some examples include an auditing pipeline that emits an access log with rich metadata and reusable implementations for authentication and authorization that users can select for their endpoint. Another example is data center affinity, where business units can define their workload sharding across multiple data centers, and the gateway implements it.

API gateways are an integral part of microservices architecture in recent years. They act as an API frontend, receive API requests, and enforce throttling and security policies. Eventually, an API gateway passes requests to the back-end service and then responds to the requester.

We need your feedback

How might we improve InfoQ for you

Thank you for being an InfoQ reader.

Each year, we seek feedback from our readers to help us improve InfoQ. Would you mind spending 2 minutes to share your feedback in our short survey? Your feedback will directly help us continually evolve how we support you.

Take the Survey

This content is in the Protocol Buffers topic

Related Topics:

Related Content

The InfoQ Newsletter

A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

We protect your privacy.

Close Close Close OKOriginal Article