How To Build an API Gateway for Microservices with YARP
Вставка
- Опубліковано 9 лип 2024
- ☄️ Master the Modular Monolith Architecture: bit.ly/3SXlzSt
📌 Accelerate your Clean Architecture skills: bit.ly/3PupkOJ
🚀 Support me on Patreon to access the source code: / milanjovanovic
What is an API Gateway? It's a component that distributes incoming requests between microservices. API Gateways are helpful when scaling your application horizontally and having multiple running instances. The API Gateway can also act as a load balancer in that case. However, the primary use case is routing requests between the microservices. The client calling the API Gateway doesn't know which microservice it's calling.
Check out my courses: bit.ly/3PupkOJ
The .NET Weekly newsletter:
www.milanjovanovic.tech
Read my Blog here:
www.milanjovanovic.tech/blog
Implementing an API Gateway For Microservices With YARP
www.milanjovanovic.tech/blog/...
Chapters
0:00 Microservices system overview
2:10 What is an API Gateway?
2:53 Creating the API Gateway project
4:16 Configuring YARP to work like an API Gateway
9:59 Live configuration updates with YARP - Наука та технологія
P.S. If you liked this, consider joining The .NET Weekly - my newsletter with 37,000+ engineers.
Subscribe here → bit.ly/3NUXha2
We can use Ocelot package for the same, Is it Yarp has more features than Ocelot? Which one is better?
i have done that already i also follow you on LInkdin
Hello, explain validation and authentication in microservices using JWT.
How nice it is to watch when a person has good diction and understanding of the issue. He speaks competently. Thank you very much for your work.
Thanks a lot, I appreciate that! :)
Hi Milan,
Would you be able to include a video featuring Ocelot and Yarp? Both are useful tools, with Yarp being more lightweight and Ocelot offering more features. I would recommend using them for a small project that involves handling authentication and authorization in a Gateway and passing headers to the downstream API.
Planning on it!
@@MilanJovanovicTech Waiting for it for a long time........!!!!!!!!!
Great video Milan! I've wanted to play with yarp a while now but was intimidated by the time it would take to learn it. You make it seem easy here.
Nope, YARP is too easy to use. Don't waste time and just start building something 😁
great content as always Milan 👏👏👏
Thanks a lot! :)
Thank you, It works!
You're welcome!
I did this at my previous company as well. What I love is that if you add auth middleware before you add the proxy it then authenticates the request before it passes it downstream. You can alos add minimal API endpoints and again map them before the proxy then that allows you to override specific endpoints if you need to (for example to map the model to a new contract) and then any other endpoints on that path you did not override gets proxied.
Might make another video for Auth, could be useful
How do you secure downstream APIs in that case, private networks?
What if underlaying services also need details about the user's claims?
@PelFox
We used service accounts so the gateway (YARP minimal API) would do a token exchange for delegated access and then use that JWT. That might not be the best for each use case but it suited us well. Otherwise, you can just proxy the JWT to the downstream then the downstream will also validate the token.
Thank you again.. 10/10
You're very welcome!
I've successfully used Yarp in some of my smaller projects. On a bigger projects or projects with high traffic I've used Traefik and Envoy. They seem to work faster and can process pretty highload
Did you not try YARP on those bigger projects?
@@MilanJovanovicTech no. Traefik and Envoy are much more feature rich that we used. And we compared benchmarks of other people comparing these reverse proxies
Would be awesome to see how this can integrate with kubernetes and also certificates including cert manager in kubernetes.
Found this for the time being: github.com/microsoft/reverse-proxy/blob/main/docs/docfx/articles/kubernetes-ingress.md
Great❤, looking for more Microservices related videos Milan 👌
More to come!
@@MilanJovanovicTech could you cover more Microservices topic from Scratch? Like building a distributive application using Microservices? Would be looking for the same. 🙂
@@arghakhanra204 Planning to. This year is for distributed systems :)
@@MilanJovanovicTech Great, looking for it soon 👌🙂
Thanks!
Thank you very much for the support! 😊
Hi Milan thanks for the video,
Can you talk about authentication and authorization options and implementations with reverse proxy? What are the best practices?
Add middleware to handle authentication and pass the necessary headers to the Service (Actual API).
Sure, that can be one of the next videos! 😁
This was an easy to follow tutorial which is pretty rare on UA-cam. Thank you very much.
Would you also please mention what the use is?
The use of YARP? Load balancing, gateways, reverse proxying. Here are the docs: microsoft.github.io/reverse-proxy/
I also wrote an article: www.milanjovanovic.tech/blog/implementing-an-api-gateway-for-microservices-with-yarp
Interesting library. But I would like to see benchmarks YARP vs Nginx, because I don't want to reinvent the wheel
Microsoft replaced Nginx on Azure App Service for a +80% throughput, I'll see what I can do for the benchmarks
Have u make a video about docker-compse, how i will add this? - I have try to follow u video but i cant found out how i add docker compose?
Yes: ua-cam.com/video/WQFx2m5Ub9M/v-deo.html
@@MilanJovanovicTech Thanks for link.
Great video on reverse proxy. When u scale an application to multiple instances, how does Yarp manages db call? There will be still one db for all instances of application.
YARP doesn't call the DB at all, it just proxies the requests to the other services - which talk to the DB
is yarp suitable for large request per second for example 3000 reques per second?or we use from ocelot without it
Microsoft is doing 1.9M RPS with YARP. I think it can handle that load :)
I know we can have Active health checks for the downstream endpoints... How can we get the output/status of those checks by querying YARP itself???
Need to check, I'd start with YARP docs in the meantime
nice video man! I wonder is it possible to configure Swagger on this api gateway (Yarp)
That'd be tricky. Let me look into if there's a good solution these days. I didn't find one a few years ago.
The api gateway can redirect to the generated Swagger UI
If you want to "merge" those files, by knowing the address of the API and the path of swagger.json (or yaml) file, you can show them in the api gateway as documents of the swagger UI if you configure a swagger endpoint :)
Milan, can you make a video covering how to use azure cosmos db sql api, with multiple cosmos db accounts/cosmosclient instances? Been something I've been trying to learn.
I doubt it, since I don't work on Cosmos DB
There are 3 terms reverse proxy, api gateway and load balancer. I am confused. Can you explain the differences each of that three
- Proxy - server that hides internal servers from outside world
- Gateway - basically the same as proxy, and you will usually see additional features added
- LB - a proxy/gateway routing traffic between multiple API instances
@@MilanJovanovicTech thank you so much
Milan, what's your PC configuration and what's your monitors' sizes?
24" monitors x2
AMD Ryzen 7 7700X
NVidia GeForce RTX 3060
32GB RAM (DDR5)
Thank you for great tutorial. Looking forward for an enhanced tutorial with Yarp as reverse proxy with authentication.
Great suggestion 👌
Hey Milan, are you posting some sample projects to your github ? As it contains a bit obsolete samples now.
Planning to post a Clean Architecture and Modular monolith template soon. Will be .NET 8, all the best practices, etc.
@@MilanJovanovicTechwow can't wait
so when we use api gateway we loose swagger document , is that ok ?
You still have Swagger on the APIs
Nice tutorial,.Can We have a video about How to build an API Gateway for Microservices with Ocelot?
Great suggestion!
When would you want this over something like Azure Apim?
Out of cloud, for example
I have a question regarding the authentication and authorization in the yarp, should it be at the gateway level or the microservices? I mean can we secure only the yarp requests without taking care of secuing the microservices since they are not exposed publically? if it is enough to do it on the Yarp level any idea on how we can do this on specific request and not the entire route?
Typically Gateway will also handle authentication. The services could be left out, if you keep them in a private (closed) network. But in most cases, you need to know who the current user is even in the microservices. So you'll still have some form of authentication, if only verifying the access token.
@@MilanJovanovicTech yeah in our case we dont need to trace the user in the microservice. we only need to authenticate some CUD operations, do you have an idea on how can i secure some endpoints and not the entire route using Yarp? I cant find it in the Yarp documentation.
Hello, explain validation and authentication in microservices using JWT.
Will do
Does this work with signalr/blazor server in case of a high availability/replicated backend ?
microsoft.github.io/reverse-proxy/articles/websockets.html
@@MilanJovanovicTech Thank you Milan
Is YARP just a reverse proxy? Can it be used as a Gateway too?
I need to create a Backend For Front-end (BFF) and I need to combine data from different microservices.
Did I not use it as a Gateway in this video?
I also covered load balancing: ua-cam.com/video/0RaH9hhOF4g/v-deo.html
@@MilanJovanovicTech Yes, you did. But how would you map (transform) two differentl endpoints into one?
@@Cesar-qi2jb Create an orchestrator service, then expose the service with grpc, then you can build response from the different APIs
@@roberteru25 Thanks for the advise. We prefer sticking with REST (Swagger) for our microservices as these are also publicly exposed to partners.
We just have the need to build more BFFs. We already have one for the main website but we are willing to build more for other use cases. I don't really know what would be the best approach for building a Back End For Front-end in .NET.
That is great. But let's consider I want to deploy my services on AWS ECS, or Azure Container Apps, then how this YARP will function ? How Load balancing and high availability will work with ECS or Azure Container Apps with YARP?
- YARP supports load balancing www.milanjovanovic.tech/blog/implementing-an-api-gateway-for-microservices-with-yarp
- As for running in a HA setup, you can do a primary-secondary setup
@@MilanJovanovicTech Link returns 404
@@PelFox YT picked up the ) in the end 😅
What about websocket?
microsoft.github.io/reverse-proxy/articles/websockets.html
Please can i get the github repo for dis to study more
github.com/m-jovanovic/yarp-api-gateway-sample
Hello, Just wondering if you could publish some good advices about working with Excel || Word objects in c#. Would be great! Regards! JK
I doubt it (at least in the short term)
@@MilanJovanovicTech For sure there are more hot topics ;) Just thought about it and yourself while working on current project. Best regards!
What about authentication?
Works with built-in Auth in ASP.NET Core
How to forbid users to call your api's directly instead of using proxy?
Generally you would only give the proxy an external IP and DNS record.
Network rules, you can close your APIs to the outside world, and only let them talk to the Proxy
Hi at ua-cam.com/video/UidT7YYu97s/v-deo.htmlsi=cyo8An6JY--Z_h3H&t=659 you show the create (POST) however you don't show the CreatedAtUrl that is meant to be returned. Since the api doesn't know about the proxy it sets the api url not the proxy's public url. can you comment on that?
You'd need to use the Forwarded URI to make it all work. Might cover that in a future video.
Kids, please don't use this. API Management products exist for a reason (Azure APIM, AWS API Gateway, MuleSoft, Kong, Gravitee, Apigee...)
If anything, it's good to understand the concepts behind these cloud services
Nice but you speak at speed of light.
🤷♂️
Turn the x2 speed off, lol
I’m brazilian, not fluent in English, and i can understand his speak very well
I've posted it before
Where?