Why Service Gateways Are Essential for Modern Microservices Architecture

What Is a Service Gateway

In a microservice architecture, a service gateway combines routing and filters. It receives all external requests and forwards them to backend services, while also handling cross‑cutting concerns such as authentication, rate limiting, and monitoring through filters.

服务网关 = 路由转发 + 过滤器

Why a Service Gateway Is Needed

Cross‑cutting functions like permission checks can be implemented in three ways:

Each service implements the logic independently.

A shared library is used by all services.

The logic is placed in a pre‑routing filter of the service gateway.

Approaches 1 and 2 increase jar size, duplicate code, and make upgrades difficult. By moving these concerns to the gateway, services remain lightweight, and changes to authentication or other policies require only updating the gateway filter.

Service Gateway Technical Selection

Typical stack for a Java‑based gateway:

Programming language: Java + Groovy (allows dynamic filter addition without restarting the gateway).

Microservice framework: Spring Boot.

Gateway component: Netflix Zuul.

Service registry: Consul.

Authentication: JWT.

API monitoring: Prometheus + Grafana.

Unified log collection: Logback + ELK.

Load testing: JMeter.

After introducing the gateway, the architecture consists of three parts: the gateway, an open‑service layer, and the actual services. All components register with the service registry. External requests first hit the gateway, which performs intelligent routing, authentication, monitoring, and rate limiting before forwarding to the open‑service, which aggregates responses from the underlying services.

Key considerations when adding a gateway include a slight performance overhead due to an extra hop, potential single‑point‑of‑failure concerns (mitigated by placing a high‑performance Nginx in front of the gateway or scaling the gateway horizontally), and keeping the gateway lightweight.

Basic Functions of a Service Gateway

Intelligent routing: forward external requests to appropriate backend services.

Permission validation: enforce authentication for external calls only.

API monitoring: track gateway traffic and its own performance metrics.

Rate limiting: control request rates in conjunction with monitoring.

Unified API logging: record entry and exit logs for requests.

Additional capabilities such as A/B testing, advanced traffic splitting, and other cross‑cutting features can also be implemented, though they may increase the load on the gateway.