The API for managing APIs and Subscriptions is currently baked into the gateway itself as Lua. Breaking it out as a separate process (written in Node.js or something) will allow more flexibility in its operation.
For example, building it with Node, Go, etc will provide better validation abilities for ensuring that an API document is correctly formatted.
It will also take load and responsibility out of the gateway itself, which is more secure. If it runs as a separate process, it can even be turned off completely in situations that warrant it.
In a production deployment scenario, it may even be desirable to run the management API in a separate location (or separate container/pod) from the gateway itself, which breaking it out would allow.
8secz-johndpope
commented
4 years ago
The API for managing APIs and Subscriptions is currently baked into the gateway itself as Lua. Breaking it out as a separate process (written in Node.js or something) will allow more flexibility in its operation.
For example, building it with Node, Go, etc will provide better validation abilities for ensuring that an API document is correctly formatted.
It will also take load and responsibility out of the gateway itself, which is more secure. If it runs as a separate process, it can even be turned off completely in situations that warrant it.
In a production deployment scenario, it may even be desirable to run the management API in a separate location (or separate container/pod) from the gateway itself, which breaking it out would allow.