InfoQ Live (June 22nd) – Overcome Cloud and Serverless Security Challenges . Book your spot! Uber Reveals Its API Gateway's Architecture Like Print Bookmarks
Uber recently detailed the architecture of its internally built API gateway. It described how independent layered components handle each request in the gateway, with each layer being responsible for a different facet of the request lifecycle. A combination of YAML and Apache Thrift defines the gateway configuration, and a code-generated artifact in Go makes up the gateway implementation.
Protocol managers, middlewares, endpoint handlers, and clients are the components that make up a gateway. A protocol manager is the first layer of the stack. It contains a serializer and deserializer for each of the protocols supported by the gateway (e.g., JSON, Thrift, or Protobuf). Next, middlewares implement cross-cutting concerns, such as authentication, authorization, rate limiting, etc.
The endpoint handler is the layer responsible for request validation, payload transformation, and converting the endpoint request object to the client request object. Finally, protocol-aware clients perform a request to a back-end service. They encapsulate behaviors such as schema validation, circuit breaking, retry policies, and error handling.
The configurations for each component are captured in Thrift and/or YAML files. YAML files provide the information for components and act as a sort of glue between them. The Thrift files define the payload and the protocol semantics.
The gateway thrift file heavily uses the feature of annotations in thrift IDLs in order to provide a single source of truth for various features and protocols. In the sections below we will dive into the configurations for each component.
For example, to configure an HTTP protocol manager to expose a "hello world" service, the following YAML and Thrift configuration files are used. The Thrift file describes the data types of the JSON request and response payloads, HTTP path, and the HTTP verb. The HTTP protocol is defined within the Thrift schema using the annotations feature of Thrift. Users use an internal custom UI to manage these configuration files, and a Git repository backs them.
JSON Configuration File
Thrift Configuration File
Finally, given the required configuration, Uber uses Zanzibar to generate Go code which implements a high-throughput gateway. The image below depicts how user configuration in YAML & Thrift is used as input to a build system, which outputs the gateway executable for a specific configuration.
The authors state that "an advantage of centralized systems is to build features that can benefit all onboarded users." Some examples include an auditing pipeline that emits an access log with rich metadata and reusable implementations for authentication and authorization that users can select for their endpoint. Another example is data center affinity, where business units can define their workload sharding across multiple data centers, and the gateway implements it.
API gateways are an integral part of microservices architecture in recent years. They act as an API frontend, receive API requests, and enforce throttling and security policies. Eventually, an API gateway passes requests to the back-end service and then responds to the requester.
How might we improve InfoQ for you
Thank you for being an InfoQ reader.
Each year, we seek feedback from our readers to help us improve InfoQ. Would you mind spending 2 minutes to share your feedback in our short survey? Your feedback will directly help us continually evolve how we support you.
This content is in the Protocol Buffers topic
- Architecture & Design
- Code Generation
- Markup Languages
- Go Language
- API Gateway
- Protocol Buffers
Related Sponsored Content
The InfoQ Newsletter
A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example
Close Close Close OKOriginal Article