Review of GraphQL
GraphQL is an API query language developed by Facebook that provides a more flexible way to retrieve data compared to traditional REST APIs.
Features of GraphQL
- Single Endpoint: While REST APIs require multiple endpoints, GraphQL allows you to send different queries to a single endpoint (
/graphql
). - Fetch Only Needed Data: Clients can specify only the fields they need, preventing unnecessary data transfer.
- Type System: The API schema is defined with types, making the data structure clear.
For example, to retrieve information about Japan from the GraphQL API at https://countries.trevorblades.com/
, you can send the following query:
|
|
To execute this query using curl
:
|
|
Response:
|
|
A powerful aspect of GraphQL is the ability to flexibly adjust the data you retrieve by changing the query. For example, if you remove capital
from the above query:
|
|
The response will no longer include capital
:
|
|
This way, you can dynamically change the type of data you want to retrieve.
Disadvantages of GraphQL
- Complexity: Clients need to design queries, which increases the learning curve compared to simple REST APIs.
- Difficult to Cache: REST APIs are easy to cache based on URLs, but GraphQL mainly uses POST requests, making caching strategies more complex.
- Load Issues: If clients send complex queries, the server’s processing load can increase.
Overview of Kong
Kong is an open-source API gateway that handles API management, authentication, routing, load balancing, and more.
Roles of Kong
- API Management: Publish, authenticate, restrict, and monitor APIs
- Extensible with Plugins: Use plugins for authentication, caching, rate limiting, transformation, and more
- Load Balancing and Scalability: Appropriately distribute requests to multiple backend services
Kong can manage not only RESTful API requests but also GraphQL API requests. GraphQL is known for its flexibility and efficient data retrieval, and Kong is a useful tool for operating such APIs in practice.
GraphQL-Related Plugins Available in Kong
- DeGraphQL: A plugin that converts GraphQL APIs to be used like RESTful APIs
- GraphQL Caching: A plugin that caches GraphQL responses to reduce processing load for identical requests
- GraphQL Rate Limiting: A plugin that limits the number of requests to GraphQL APIs
Introduction to the DeGraphQL Plugin
The DeGraphQL plugin allows you to treat GraphQL as if it were a RESTful API in Kong.
Main Features
- Converts requests to GraphQL APIs into REST format
- Clients no longer need to write GraphQL queries
- Usable with existing REST API clients and tools
This makes it easy for developers unfamiliar with GraphQL to retrieve data.
Demo: Accessing GraphQL Like RESTful APIs with Kong
Creating a Service and Route
First, create a Service pointing to the GraphQL endpoint and define a corresponding Route.
|
|
Enabling the DeGraphQL Plugin
Next, enable the DeGraphQL plugin for the Service. Note that this plugin can only be created at the Service layer.
|
|
DeGraphQL Route Configuration
Finally, create DeGraphQL Routes to set the content of the GraphQL query.
|
|
Accessing via Kong as if RESTful
Once set up, you can try accessing through Kong as if it were a REST API.
|
|
This request will return a response like the following:
|
|
This demo introduced how to use the DeGraphQL plugin in Kong to utilize GraphQL APIs as REST APIs.
Benefits
- Developers unfamiliar with GraphQL can access it as a simple REST API
- Existing REST clients can be used as-is
- Flexible routing is possible by leveraging Kong as an API gateway
Introduction to GraphQL Proxy Caching Advanced
GraphQL Proxy Caching Advanced is a plugin that enhances caching for GraphQL APIs in Kong. It caches GraphQL responses to prevent recalculation for identical requests, improving performance.
Main Features
- Request Caching: Applies cache to identical queries, reducing backend load
- Cache Expiry Setting: Set TTL (Time-To-Live) to keep cache for an appropriate period
- Cache Bypass: Exclude specific requests from caching as needed
Demo of GraphQL Proxy Caching Advanced
Enabling the Plugin
First, enable GraphQL Proxy Caching Advanced for the target Service.
|
|
This sets the cache strategy to memory and the cache TTL to 300 seconds (5 minutes). You can also use Redis as the cache strategy.
Checking Cache Operation
First request (no cache):
|
|
The first request is sent to the backend GraphQL API and returns a response. Since there is no cache yet, X-Cache-Status: Miss
is shown, and the latency is 174ms as indicated by < X-Kong-Upstream-Latency: 174
.
If you send the same request again:
|
|
As shown by X-Cache-Status: Hit
, the cache is now effective and the response is returned directly from Kong. Also, < X-Kong-Upstream-Latency: 0
means there was no access to the upstream API, so latency is 0ms.
Cache Operations
You can use the API endpoints provided by this plugin to check and delete cache. For details, see https://docs.konghq.com/hub/kong-inc/graphql-proxy-cache-advanced/api/#managing-cache-entities
.
By using GraphQL Proxy Caching Advanced, you can improve the performance of your GraphQL APIs.
- Request caching enables faster responses and reduces backend load
- By setting appropriate cache strategies and TTL, you can balance data freshness and performance
- Bypassing and clearing cache allows flexible cache management
Introduction to GraphQL Rate Limiting Advanced
GraphQL Rate Limiting Advanced is a plugin that enhances request limiting for GraphQL APIs in Kong. This plugin helps prevent excessive requests and reduces load on API services.
Main Features
- Request Limiting: Restrict the number of requests in a specific time period to prevent service overload
- Per-User Limiting: Set limits for each user to accommodate individual usage
- Dynamic Limit Settings: Flexibly adjust request limits
Demo of GraphQL Rate Limiting Advanced
Enabling the Plugin
First, enable GraphQL Rate Limiting Advanced for the target Service.
|
|
This configuration allows up to 3 requests per minute and up to 100 requests per hour.
Conclusion
By using Kong, you can manage GraphQL APIs more efficiently and improve security and performance. With the DeGraphQL plugin, you can treat GraphQL as RESTful, and with rate limiting and caching, you can manage load and improve API availability while reducing operational overhead.