Understanding Service Gateways: Architecture, Benefits, and Technical Choices

What is a Service Gateway

A service gateway combines routing and filtering, acting as the entry point for all external requests and forwarding them to backend micro‑services.

服务网关 = 路由转发 + 过滤器

Why a Service Gateway is Needed

Placing cross‑cutting concerns such as permission validation, rate limiting, and monitoring in the gateway avoids duplicating code in each service, reduces JAR size, and simplifies upgrades because changes are made only in the gateway filters.

Placement of Permission Validation

Each service implements it individually (inefficient).

A shared library is used by all services (increases JAR size and complicates upgrades).

The gateway’s pre‑filter handles it centrally (recommended).

Technical Selection

Typical stack: Java + Groovy (dynamic filter addition), Spring Boot as the micro‑service framework, Netflix Zuul as the gateway component, Consul for service registration, JWT for authentication, Prometheus + Grafana for monitoring, Logback + ELK for unified logging, and JMeter for load testing.

Gateway Architecture Overview

When the system starts, the gateway, open‑service, and individual services register themselves with the service registry. Users send requests to the gateway, which performs intelligent routing, permission checks, monitoring, and rate limiting before forwarding to open‑service, which aggregates responses from internal services and returns them to the gateway and finally to the user.

Key Functions of the Gateway

Intelligent routing: forwards external requests to appropriate services.

Permission validation: checks user access only for external calls.

API monitoring: tracks gateway traffic and performance metrics.

Rate limiting: works together with monitoring to control traffic.

Unified API logging: records entry and exit logs similar to an AOP aspect.

Additional Considerations

The gateway introduces an extra hop, slightly affecting performance, but a well‑provisioned gateway machine (or fronting Nginx) mitigates this. Avoid making the gateway a single point of failure by scaling horizontally or placing a high‑performance Nginx in front of it.