Post

API Gateway vs Service Mesh — When to Use What

Posted
By R G
1 min read

API Gateway vs Service Mesh — When to Use What

API gateways and service meshes solve different problems, but both sit in the request path. The gateway is for north-south traffic, while the mesh manages east-west traffic between services.

API Gateway Responsibilities

API gateways focus on client-facing concerns:

  • Authentication and authorization.
  • Rate limiting and quota enforcement.
  • Request shaping and aggregation.
  • API version routing and deprecation.

Service Mesh Responsibilities

Service meshes focus on service-to-service communication:

  • Mutual TLS and workload identity.
  • Traffic splitting for canaries.
  • Retries, timeouts, and circuit breaking.
  • Distributed tracing and telemetry.

When an API Gateway Is Enough

If you have a small number of services and only need centralized ingress control, an API gateway alone can be sufficient. It provides a single point to enforce security and routing policies.

When You Need a Service Mesh

A service mesh becomes valuable when:

  • You have many services with complex communication patterns.
  • You want uniform mTLS without modifying application code.
  • You need advanced traffic management for deployment strategies.

Using Both Together

Mature platforms use both:

  • Gateway handles client traffic and edge concerns.
  • Mesh handles intra-service policy, telemetry, and routing.

Spring Boot Example with Gateway and Mesh Metadata

1
2
3
4
5
6
7
8

@RestController
@RequestMapping("/inventory")
public class InventoryController {
    @GetMapping("/{sku}")
    public InventoryView getInventory(@PathVariable String sku) {
        return new InventoryView(sku, 42);
    }
}

1
2
3
4
5
6
7
8
9
10
11
12
13

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: inventory-policy
spec:
  host: inventory
  trafficPolicy:
    loadBalancer:
      simple: LEAST_REQUEST
    outlierDetection:
      consecutive5xxErrors: 5
      interval: 5s
      baseEjectionTime: 30s

Summary

Use an API gateway for external access control and a service mesh for internal service-to-service reliability. In large microservice platforms, both layers are complementary rather than competing.

Best-Practices
architecture api-gateway service-mesh microservices springboot
This post is licensed under CC BY 4.0 by the author.