Summary
A load balancer distributes traffic across instances. An API gateway manages API-level concerns like auth, routing, rate limits, transformation, and policy.
Interview Points
- Load balancers operate mainly at L4 or L7 for traffic distribution and health checks.
- API gateways are application/API-aware.
- Gateways can centralize authentication, authorization, quotas, request shaping, and observability.
- Too much business logic in the gateway creates coupling.
- Many systems use both.
2-3 Minute Interview Script
“A load balancer and an API gateway both sit in the request path, but they solve different problems. A load balancer distributes traffic across healthy instances and improves availability. It may work at TCP level or HTTP level.
An API gateway is more API-aware. It can validate auth, apply rate limits, route by path or version, transform requests, collect metrics, and enforce policies.
In a real architecture, I would often use both: a load balancer for traffic distribution and a gateway for cross-cutting API concerns. The caution is not to put too much business logic in the gateway, because then every domain team becomes coupled to it.
Interview answer: load balancers manage capacity and availability; API gateways manage API policy and entry-point architecture.”
Follow-Ups
- What should not go in an API gateway?
- Can a gateway become a bottleneck?