System Design for Software Engineers

Navigating the Mesh: API Gateways and Service Discovery

In a microservices architecture, you might have hundreds of services, each running on multiple containers or virtual machines. These instances are dynamic—they start, stop, and change IP addresses constantly. This creates two major problems:

How does a client (like a mobile app) talk to all these services?
How do services find and talk to each other?

The API Gateway: The Front Door

An API Gateway is a single entry point for all external clients. Instead of a mobile app calling 20 different microservices, it makes one call to the Gateway.

Routing: Maps external requests to internal service endpoints.
Authentication/Authorization: Validates tokens (like JWT) before the request even reaches the internal services.
Rate Limiting: Prevents any single user from overwhelming the system.
Protocol Translation: Translates external REST/JSON into internal gRPC or Protobuf.
SSL Termination: Handles decryption, saving CPU on internal services.

Service Discovery: The Address Book

Service Discovery is the mechanism that allows services to find the current network location (IP/Port) of other services.

Service Registry: A central database containing the locations of all active service instances (e.g., Consul, Etcd, Netflix Eureka).
Registration: When a service starts, it "checks in" with the registry, providing its IP and health status.
Lookup: When Service A needs to talk to Service B, it asks the registry: "Where is Service B?".

A Service-to-Service Request Flow

1
Step 1
The 'Shipping Service' starts up in a Kubernetes cluster. It is assigned a random IP: 10.0.0.45.
2
Step 2
The Shipping Service sends a 'Heartbeat' to the Service Registry (e.g., Consul): 'I am Shipping Service #3, and I am at 10.0.0.45:8080'.
3
Step 3
The 'Order Service' needs to calculate shipping costs. It doesn't have an IP for Shipping. It asks the Registry: 'Give me an IP for Shipping Service'.
4
Step 4
The Registry sees three healthy instances of Shipping. It returns one of them (or a list) to the Order Service.
5
Step 5
The Order Service makes a direct gRPC call to 10.0.0.45:8080 to finish the task.

Client-Side vs. Server-Side Discovery

Server-Side Discovery: The client talks to a Load Balancer. The LB asks the registry and forwards the request. (Simplest for the client).
Client-Side Discovery: The client (Service A) asks the registry directly and picks an instance. (Faster, no extra hop, but client code is more complex).

The "Service Mesh" Pattern

As systems grow, manual service discovery becomes hard. A Service Mesh (like Istio or Linkerd) uses a "Sidecar" proxy for every service. The sidecars handle all discovery, load balancing, retries, and security automatically, so the developer doesn't have to write any discovery code.

Common Mistakes

Hardcoding IPs: The #1 sin of microservices. Never hardcode an IP address; always use a service name and a discovery mechanism.
Ignoring Health Checks: A service crashes but stays in the registry. Other services keep trying to talk to it and fail. Ensure the registry automatically removes unhealthy instances.
Gateway as a Bottleneck: Putting too much complex business logic in the API Gateway. Keep the gateway "thin" and focused on routing and cross-cutting concerns.

Recap

API Gateways are the single entry point for external clients.
Service Discovery allows dynamic internal services to find each other.
The Service Registry is the central "source of truth" for service locations.
Health checks are mandatory to keep the registry accurate.

Knowledge Check

Question 1 of 3

Q1Single choice

What is the primary purpose of an API Gateway?

To store all application data

To provide a single entry point and handle cross-cutting concerns like auth and rate limiting

To compile the application code

To replace the database

Monolith to Microservices: Architectural Evolution

Distributed Transactions: Maintaining Consistency