Summary

A load balancer distributes traffic across instances. An API gateway manages API-level concerns like auth, routing, rate limits, transformation, and policy.

Interview Points

  • Load balancers operate mainly at L4 or L7 for traffic distribution and health checks.
  • API gateways are application/API-aware.
  • Gateways can centralize authentication, authorization, quotas, request shaping, and observability.
  • Too much business logic in the gateway creates coupling.
  • Many systems use both.

2-3 Minute Interview Script

“A load balancer and an API gateway both sit in the request path, but they solve different problems. A load balancer distributes traffic across healthy instances and improves availability. It may work at TCP level or HTTP level.

An API gateway is more API-aware. It can validate auth, apply rate limits, route by path or version, transform requests, collect metrics, and enforce policies.

In a real architecture, I would often use both: a load balancer for traffic distribution and a gateway for cross-cutting API concerns. The caution is not to put too much business logic in the gateway, because then every domain team becomes coupled to it.

Interview answer: load balancers manage capacity and availability; API gateways manage API policy and entry-point architecture.”

Follow-Ups

  • What should not go in an API gateway?
  • Can a gateway become a bottleneck?