An API gateway is a facade that sits between the consumers and producers of an API. This is a powerful pattern, especially in a microservices architecture where you may have multiple consumers and producers of the API.
Today, we’re announcing Ambassador, an open source API gateway for microservices. Why another API gateway? In short, it’s because existing API gateways were built back when monoliths were the dominant architectural pattern for cloud applications. Today, with microservices, we’re in a Layer 7 world. We need systems that support newer protocols such as HTTP/2 or gRPC, think about L7 security as a first-class concern, provide deep observability of L7, and implement L7 resilience semantics such as rate limiting and circuit breaking.
Building an API gateway that supports all of these things, in a robust and reliable way, is a mammoth undertaking. Fortunately, though, Lyft’s Envoy L7 proxy is designed for exactly this L7 world. We’re huge fans of Envoy, and the remarkable progress in the past 7 months is a testament to the Lyft team. So we’re standing on the shoulders of giants, and releasing Ambassador, built on Envoy.
Ambassador extends Envoy to give you an API gateway. Why Ambassador?
- Microservices first. You can use the same API gateway for service-to-service calls as well as external API calls, and extend your L7 service mesh to the edge.
- Developer self-service. Use a REST API to dynamically add/remove/configure services, instead of editing the Envoy configuration by hand.
- Ready to go monitoring. Properly configured, Envoy gives you the terrific observability. We’ve simplified the setup so that you can get monitoring going in a minute.
- Authentication. Authenticate all requests to the API gateway before it gets proxied using one of Ambassador’s plugins.
We’ve designed Ambassador for easy Kubernetes deployment so you can get started in just a few minutes.