API gateway vs. reverse proxy
In order to deal with the microservice architecture, it's often used alongside a Reverse Proxy (such as nginx or apache httpd) and for cross cutting concerns implementation API gateway pattern is used. Sometimes Reverse proxy does the work of API gateway.
It will be good to see clear differences between these two approaches.
It looks like the potential benefit of API gateway usage is invoking multiple microservices and aggregating the results. All other responsibilities of API gateway can be implemented using Reverse Proxy.Such as:
- Authentication (It can be done using nginx LUA scripts);
- Transport security. It itself Reverse Proxy task;
- Load balancing
- ....
So based on this there are several questions:
- Does it make sense to use API gateway and Reverse proxy simultaniously (as example request->Api gateway-> reverse proxy(nginx)-> concrete mictoservice)? In what cases ?
- What the other differences that can be implemented using API gateway and can't be implemented by Reverse proxy and vice versa ?
Answer
It is easier to think about them if you realize they aren't mutually exclusive. Think of an API gateway as a specific type reverse proxy implementation.
In regards to your questions, it is not uncommon to see the both used in conjunction where the API gateway is treated as an application tier that sits behind a reverse proxy for load balancing and health checking. An example would be something like a WAF sandwich architecture in that your Web Application Firewall/API Gateway is sandwiched by reverse proxy tiers, one for the WAF itself and the other for the individual microservices it talks to.
Regarding the differences, they are very similar. It's just nomenclature. As you take a basic reverse proxy setup and start bolting on more pieces like authentication, rate limiting, dynamic config updates, and service discovery, people are more likely to call that an API gateway.