Microservices Flashcards
What is the primary role of an API gateway in application architecture?
An API gateway acts as a single point of entry for the clients of an application, sitting between the clients and a collection of backend services.
What are some common functions provided by an API gateway?
Common functions include authentication and security policy enforcement, load balancing and circuit breaking, protocol translation and service discovery, monitoring, logging, analytics, billing, and caching.
How does an API gateway handle a client request in terms of validation and routing?
The API gateway validates the HTTP request, checks the caller’s IP and HTTP headers against allow-lists and deny-lists, performs rate limit checks, and then routes the request to the appropriate backend service using a service discovery component.
What role does an API gateway play in authentication and authorization?
The API gateway passes requests to an identity provider for authentication and authorization, receiving back an authenticated session which dictates the scope of actions allowed for the request.
How does an API gateway contribute to the operational stability and efficiency of backend services?
An API gateway helps in load balancing, provides circuit-breaking functionality to prevent service overload, and ensures operational observability through logging, monitoring, and analytics.
Why is the deployment of an API gateway critical for the infrastructure of an application?
The deployment of an API gateway is crucial for enhancing application availability and performance, often being deployed across multiple regions or globally to improve service proximity to clients.
In the context of an API gateway, what is meant by ‘protocol translation’?
Protocol translation in an API gateway refers to converting requests and responses from one protocol to another, such as translating from HTTP to gRPC, enabling communication between different systems or services.
What is the purpose of rate limiting in an API gateway?
Rate limiting in an API gateway is used to control the number of requests a user or IP address can make in a certain time frame, helping to prevent overuse or abuse of the API and protect backend services.
How does an API gateway contribute to security and access control?
An API gateway enhances security by implementing authentication, authorization, and access control measures, such as validating user credentials, enforcing security policies, and managing access lists.
Why is caching an important feature of an API gateway?
Caching in an API gateway improves response times and reduces the load on backend services by temporarily storing frequently accessed data, allowing quicker retrieval for repeated requests.
How does an API gateway assist in handling backend service errors?
An API gateway helps in managing backend service errors through circuit-breaking functionality, which prevents the system from overloading by stopping the flow of requests to a failing service and rerouting them as needed.
Why is global deployment of an API gateway beneficial for cloud-based applications?
Global deployment of an API gateway enhances the application’s availability and response time by positioning the gateway closer to users worldwide, ensuring faster and more reliable access to the application’s services.
What is a forward proxy and what are its primary functions?
A forward proxy is a server that acts as an intermediary between client machines and the internet. Its functions include hiding the client’s IP address for anonymity, bypassing internet access restrictions, and blocking access to certain content.
How does a forward proxy differ from a transparent proxy?
A forward proxy requires client configuration to direct traffic through it, while a transparent proxy, used in institutional networks, automatically redirects traffic without client configuration, making it more difficult to bypass.
What is a reverse proxy and how does it operate?
A reverse proxy sits between the internet and web servers, intercepting requests from clients and forwarding them to the web servers. It acts on behalf of the web servers, not the clients.
Why is Nginx referred to as a reverse proxy?
Nginx is called a reverse proxy because it is commonly used to intercept requests from the internet and forward them to backend web servers, providing functionalities like load balancing, caching, and SSL termination.
What are the key benefits of using a reverse proxy for a website?
Key benefits include protection against DDoS attacks by hiding backend IP addresses, load balancing to distribute traffic among multiple servers, caching static content for faster delivery, and handling SSL encryption to offload compute-intensive tasks from origin servers.
How do reverse proxies contribute to the scalability and security of modern websites?
Reverse proxies enhance scalability by distributing traffic to prevent server overload and improve security by shielding backend servers from direct internet exposure. They also enable efficient content delivery and SSL processing.
What role does an edge service like Cloudflare play in the context of reverse proxies?
Edge services like Cloudflare function as an additional layer of reverse proxy, deployed globally to be closer to users, enhancing performance and capacity to handle incoming traffic, and forming part of a multi-layered proxy architecture in modern websites.
Why are forward proxies often used in institutional settings like schools and businesses?
Forward proxies are used in these settings to apply content filtering rules, control internet access, and enforce security policies. They act as a gateway through which all client requests pass, allowing the institution to monitor and regulate internet usage.
How does SSL handshake offloading in a reverse proxy benefit a website?
SSL handshake offloading in a reverse proxy relieves the origin servers from the computationally expensive task of SSL/TLS encryption and decryption. This improves the website’s performance and scalability by reducing the load on the web servers.
What is the role of caching in a reverse proxy, and how does it improve website performance?
Caching in a reverse proxy stores frequently requested content like images, CSS, and JavaScript files. This allows for faster delivery of content to users on subsequent requests, reducing load on the origin servers and speeding up the website.
How do reverse proxies help in mitigating Distributed Denial of Service (DDoS) attacks?
Reverse proxies can mitigate DDoS attacks by hiding the IP addresses of backend servers, distributing incoming traffic across multiple servers, and filtering out malicious traffic before it reaches the web servers.
Why is the combination of edge services and reverse proxies beneficial in a cloud network?
Combining edge services and reverse proxies in a cloud network allows for a distributed approach to handling requests. Edge services close to users ensure fast initial response, while internal reverse proxies efficiently distribute requests to appropriate web servers.
