Ctrip Tech Gateway: Architecture and Decoupling Strategy for Mobile Services

Ctrip's mobile development initially used a centralized wireless department that eventually became a monolithic gateway handling all business lines, leading to excessive complexity, tangled logic, and difficulty in troubleshooting or adding new features.

Because the single application grew unmanageable, a gradual decoupling strategy was required that would not change client requests, prompting the creation of a transparent Gateway layer to replace the monolith step by step.

The Gateway acts as an intermediate layer that receives mobile requests unchanged, forwards them to central services, extracts individual services into independent instances, and iteratively routes requests to the new services until full decoupling is achieved.

Decoupling began with HTTP‑based HTML5 services, completed between April and July 2014 without major issues; subsequently, the higher‑traffic native app traffic using a custom TCP protocol with multiple versions, compression, and encryption was decoupled from August to September 2014 and finished by early 2015.

The project builds on Netflix open‑source components—Zuul, Archaius, Hystrix, and Eureka—integrating them with Ctrip's specific scenarios to create H5Gateway and TcpGateway.

Gateway provides core functionalities: routing, isolation, rate limiting, circuit breaking, anti‑scraping, and monitoring/alerting.

Routing is implemented via a routing service that periodically supplies routing tables, enabling real‑time updates and decoupling.

Isolation ensures that problematic request types cannot exhaust resources, protecting other services from impact.

Rate limiting sets concurrency caps per request class; excess requests are rejected to safeguard downstream services.

Circuit breaking stops forwarding to a failing service once error rates exceed a threshold, with periodic health checks to resume traffic when the service recovers.

Anti‑scraping mechanisms validate IP, clientId, and custom algorithms to block illegal requests.

Monitoring integrates with Cat, Clog, and operational alert tools, providing timely alarms to detect and mitigate issues promptly.