Afosto is one of the main software (SaaS) solutions empowering omnichannel commerce for retailers in The Netherlands. Our software empowers over 150 store owners with selling online and offline. Two years ago we started the transition towards an API-first development paradigm, currently powered by over 90 cloud-native microservices. KrakenD has enabled us to make this shift naturally.
Challenges KrakenD helps solve
Commerce is always challenging. We have to deal with sudden spikes in traffic, payments, ever-changing regulations, and large amounts of data for analytics.
- JWT’s (JSON Web Token) are great but come with some downsides. For example, invalidation of tokens (after logout) or blocking users goes against the stateless nature of these types of tokens. This is where KrakenD shines. It has great support for token invalidation via its lightning-fast bloom filter implementation.
- Configuration management for many services might seem complex at first. With the “configuration as code” setup built-in into KrakenD we could reduce this complexity. All configuration now lives in one place.
- KrakenD is open-source software. Because of the way it is built, we don’t have to worry about limitations in extensibility. We can extend KrakenD with ease without sacrificing performance. This makes it one of the fastest and most flexible gateway solutions on the market.
Putting it all together
Our stack runs for 99% on Google Cloud. It’s hosted on their managed Kubernetes solution (GKE). We’re routing Ingress through KrakenD. KrakenD, in turn, redirects requests to the appropriate backends. All our backend services (microservices) have their own Git repository and each repository contains an OpenAPI definition for the service. These OpenApi files are committed to a central repository during the CI (Continuous Integration) process. This commit triggers a new gateway build. This build joins all the OpenAPI definitions and converts them into a single KrakenD config file. Within the OpenAPI definition, we can define OAuth scopes, rate limits, accessibility (from the internet), and allowed headers. These parameters are placed in the config file so KrakenD can verify inline and outputs.
How KrakenD helped Afosto
KrakenD was a clear winner for us and after a year of production usage, we have never regretted the choice. It reduced operational overhead and gave us a great tool to proceed in our venture to be a major player in the commerce field.
Organisational benefits
- Reduce complexity and management overhead while empowering individual developers to write and deploy their services
- No vendor lock-in or hefty license fees
- Extensibility of the framework
- Approachability of the KrakenD development team
Technical benefits
- A stateless gateway that scales horizontally without any further requirements
- Great throughput and performance. The gateway has zero to little overhead while giving us critical features
- Configuration as code
- Feature-packed and mature
- Provides a great layer of security
