Skip to content
Documentation
ADRs
PLATFORM
API Gateway

API Gateway

Andi Lamprecht Andi Lamprecht ·· 2 min read· Accepted
ADR-0073 · Author: Sybil Melton · Date: 2025-02-07 · Products: platform
Originally ADR-0007-API-GATEWAY (v6) · Source on Confluence ↗

Title

Replacing RESTful api calls going through Kong as Api Gateway

Context

The Delivery Api currently uses a deployed Kong instance as its api gateway. This implementation has several issues:

we must manage scaling kong pods along with scaling the service that actually handles the requests.

When updated kong versions are released, we must upgrade the gateway pod

Kong implementation does not follow Edge authentication principles (traffic is not validated until it is already inside the kubernetes cluster)

The Delivery Api and other public RESTful apis needs a gateway without those issues that meets the following requirements:

Requirements

  1. Low latency
  2. Integrates easily with existing GCP ecosystem
  3. Scalable
  4. Supports Authentication with FrontEgg
  5. Supports automated onboarding of URI paths to api.droneup.com via openAPI specs
  6. Low management overhead
  7. Supports websockets
  8. Enables Api monetization

Decision

Use managed apigee as the api gateway for Delivery api with a path to onboard other RESTful apis

Reasons:

  1. Apigee is lower latency than an externally managed api gateway since it is in our gcp infrastructure (but managed by google)
  2. Apigee integrates easily with existing ecosystem since it can be provisioned via terraform
  3. Apigee standard supports 180 million transactions per year at $6250/month which means 7k orders per day, assuming a 10:1 order placement ratio and 7 api calls per delivery. Additional scale can be purchased for $833 per month for 4k additional deliveries per day
  4. Apigee integrates with FrontEgg
  5. Apigee has full cli/api support so anything that can be done in the ui can be automated in CircleCI
  6. Apigee is completely managed and scaled by google
  7. Apigee has websocket support
  8. Apigee has built in rate limiting and api monetization workflows

Consequences

  1. We will need to integrate Apigee into the “paved path” at droneup so that teams can easily onboard apis

  2. New networking setup -

    image

  3. Other public RESTFul APIs will follow this same pattern

  4. Onboard internal RESTful apis

Alternatives Considered

Tyk Cloud, Krackend enterprise - creates latency issues since they are hosted outside our gcp infrastructure. Additionally, because they are not managed by google, they are more work to integrate and maintain.

GCP Api Gateway - was explicitely recommended by google not to use this since its not getting new features and gateway work is being moved to apigee

Kong Konnect - missing api monetization features, requires manual scaling/management of underlying GCP compute instances

Last updated on
Frontegg Environments EntitlementsTIER 1