API Academy
🌐 English
  • 🌐 English
  • 🌐 繁體中文
HomePetstore APIExplore more APIs
HomePetstore APIExplore more APIs
🌐 English
  • 🌐 English
  • 🌐 繁體中文
🌐 English
  • 🌐 English
  • 🌐 繁體中文
  1. API Gateway
  • Introduction
  • Table of Contents
  • API Academy
    • Get Started
      • What is an API?
      • How Does an API Work?
      • How to Call an API?
      • How to Read an API Documentation?
      • Chapter Summary
      • Get realtime weather
    • API Fundamentals
      • API Funtamentals: Overview
      • Method & Path
      • Parameters
      • Request Body
      • Responses
      • API Specification & OAS
      • Chapter Summary
    • Working with APIs
      • Working with APIs: Overview
      • Making Requests from Spec
      • Environments and Variables
      • Chaining Multiple Endpoints
      • Handling Authentication
      • Handling API Signatures
      • Introduction to Scripts
      • Chapter Summary
    • Mocking APIs
      • Mocking APIs: Overview
      • Smart Mock
      • Mock Expectations
      • Cloud Mock
      • Mock Scripts
      • Chapter Summary
    • Designing APIs
      • Designing APIs: Overview
      • Introduction to API Design
      • Creating Your First API Project
      • Analyzing Requirements and Planning Your API
      • Designing Data Models
      • Designing Endpoints
      • Using Components and Reusability
      • Setting Up Authentication
      • API Design Guidelines
      • Chapter Summary
    • Developing APIs
      • Developing APIs: Overview
      • Setup: Install Your AI Coding Assistant
      • Quick Start: From Spec to Running API in 30 Minutes
      • Understanding the Generated Code
      • Testing Your API with Apidog
      • Deployment: Put Your API Online
      • Chapter Summary
    • Testing APIs
      • Testing APIs: Overview
      • Getting Started: Your First Test Scenario
      • Integration Testing and Data Passing
      • Dynamic Values
      • Assertions and Validations
      • Flow Control: If, For, ForEach
      • Data-Driven Testing
      • Performance Testing
      • Test Reports and Analysis
      • CI/CD Integration
      • Scheduled Tasks and Automation
      • Advanced Testing Strategies
      • Chapter Summary
    • API Documentations
      • API Documentations: Overview
      • Publishing Your First API Doc
      • Customizing Documentation Appearance
      • Interactive Features for Consumers
      • Advanced Publishing Settings
      • Managing API Versions
      • Chapter Summary
    • Advanced API Technologies
      • API Technologies: Overview
      • GraphQL
      • gRPC
      • WebSocket
      • Socket.IO
      • Server-Sent Events (SSE)
      • SOAP
      • Chapter Summary
    • API Lifecycle
      • API Lifecycle: Overview
      • Stages of the API Lifecycle
      • API Governance
      • API Security Best Practices
      • Monitoring and Analytics
      • API Versioning Strategies
      • The Future of APIs
      • Chapter Summary
    • API Security
      • API Security: Overview
      • API Security Fundamentals
      • Authentication vs Authorization
      • Understanding OAuth 2.0 and OpenID Connect
      • JSON Web Tokens (JWT)
      • OWASP API Security Top 10
      • Encryption and HTTPS
      • Chapter Summary
    • API Tools
      • API Tools: Overview
      • The Evolution of API Tools
      • API Clients
      • Command Line Tools (cURL, HTTPie)
      • API Design and Documentation Tools
      • API Mocking Tools
      • API Testing Tools
      • All-in-One API Platforms
      • Chapter Summary
    • API Gateway
      • API Gateway: Overview
      • What is an API Gateway?
      • Key Features of API Gateways
      • API Gateway vs Load Balancer vs Service Mesh
      • Popular API Gateway Solutions
      • The BFF (Backend for Frontend) Pattern
      • Chapter Summary
  • Modern Pet Store
    • Pet
      • Get Pet
      • Update Pet
      • Delete Pet
      • Create Pet
      • List Pets
      • Upload Pet Image
    • User
      • Update User
      • Get User
      • Delete User
      • Login
      • Logout
      • Create User
    • Store
      • List Inventory
      • Create Order
      • Get Order
      • Delete Order
      • Callback Example
      • Pay for an Order
    • Payments
      • Pay Order
    • Chat
      • Create Chat Completion
    • Webhooks
      • Pet Adopted Event
      • New Pet Available Event
  • Schemas
    • Pet
    • Category
    • User
    • ApiResponse
    • OrderPayment
    • Tag
    • Order
    • Links-Order
    • PetCollection
    • Bank Card
    • Bank Account
    • Links
    • Error
HomePetstore APIExplore more APIs
HomePetstore APIExplore more APIs
🌐 English
  • 🌐 English
  • 🌐 繁體中文
🌐 English
  • 🌐 English
  • 🌐 繁體中文
  1. API Gateway

API Gateway vs Load Balancer vs Service Mesh

In the world of microservices networking, these three terms often confuse developers. They all manage traffic, but they serve different purposes and operate at different layers.

1. Load Balancer (The Traffic Cop)#

A Load Balancer (like HAProxy or AWS ALB) is primarily focused on availability and scalability.
Layer: Often Layer 4 (Transport) but can be Layer 7.
Job: "I have 10 servers. I will distribute the incoming 1000 requests evenly across them so no single server cries."
Intelligence: Low. It usually doesn't care about the content of the request (like User ID), only destination IP/Port logic.

2. API Gateway (The Receptionist)#

An API Gateway is a Load Balancer plus a lot of application logic.
Layer: Layer 7 (Application).
Job: "North-South" traffic (Client to Server). It manages the entry into your system.
Intelligence: High. It reads the JWT token, checks rate limits, transforms XML to JSON, and routes based on URL paths.
Differentiator: It focuses on Business Requirements (Auth, Billing, Monitoring).

3. Service Mesh (The Internal Mail System)#

A Service Mesh (like Istio or Linkerd) manages East-West traffic (Service to Service).
Scenario: Once the Gateway lets a request in, Service A might need to call Service B, which calls Service C.
Job: Ensuring these internal calls are reliable (retries, circuit breaking), secure (mTLS between services), and observable.
Architecture: Usually implemented as "Sidecar proxies" (a tiny server running next to every single microservice instance).

Comparison Summary#

ComponentDirectionPrimary GoalExamples
Load BalancerNorth-South (mostly)Distribution & UptimeAWS ALB, Nginx (Basic)
API GatewayNorth-SouthExposing APIs to the outside world safelyKong, APISIX, AWS API Gateway
Service MeshEast-WestConnecting internal microservices reliablyIstio, Linkerd, Consul

Can they work together?#

Yes. A common architecture is:
1.
Traffic hits the Load Balancer.
2.
LB forwards to the API Gateway cluster.
3.
Gateway authenticates and routes to Service A.
4.
Service A uses the Service Mesh to securely call Service B.

Key Takeaways#

Load Balancers are for simple traffic distribution (Layer 4).
API Gateways are for exposing services to the outside world (North-South, Layer 7).
Service Meshes are for managing communication between internal services (East-West).
Next Step: Ready to choose one? Let's review the Popular API Gateway Solutions.
Modified atΒ 2025-12-29 04:29:59
Previous
Key Features of API Gateways
Next
Popular API Gateway Solutions
Built with