Can't I just build my "Gateway" using open-source Node.js modules and save lots of $$$

kkleva
Participant V

Seems like everyone talking about transformation Gateways. Gateways that transform, publish and otherwise manage REST APIs. Front-End Gateways to transform my old HTML to new more mobile friendly HTML. Gateways to enforce security and protect from bots... you name it.

With all these Gateways floating around the Enterprise, seems risky to rely on vendor software alone. Also, with the rise of Node.js there appears to be lots of ways to build a simple reverse proxy using something as simple as node-http-proxy which is free and does all the things I need it to without the bloat of an paid solution.

Isn't Node.js alone enough?

2 2 399
2 REPLIES 2

Not applicable

Kris, love this question.

I'll let Ed or Anant speak to the technical puts and takes but from a business perspective I field this a lot.

Sure, a company can absolutely go about building their gateways on open source technologies. However, a complete API platform gateways alone do not make. As you know, there is so much more to running a successful API program than just authenticating and orchestrating run time calls.

How will a company manage users, versions, and upgrades in a zero downtime environment? Without granular analytics, how will a company know which APIs are succeeding and which are failing? How will they know where they need to make future investments? How will a company manage their developers, provide them documentation, and ensure they have the tools those devs need to quickly pick up enterprise APIs?

Companies who build their own GWs, end up having to build the rest of the stack through a combination of custom built sw and piecemeal open source components. As their program scales, this becomes unmanageable and rather than focusing on innovation through their APIs, their resources get sucked into maintaining their custom platform. Sure, these companies save money in the short run, but it's at the expense of their long term innovation capabilities and time to market.

Not applicable

If you’re just looking for a proxy gateway, there are lots of options. Presumably, you’re looking for your gateway do something API-specific, such as security or analytics, and you value having proven functionality that allows you to configure and deploy these with a minimal amount of work. In an enterprise setting, having centralized control of these gateways, either centralized to your team or perhaps organization-wide, is of value. Being enable to ensure consistent security models across every API used in an enterprise is generally a good thing, for example. Most of this won’t happen if you simply pull together some open source code, unless you’re also willing to do a substantial amount of work.