An API Gateway serves as the centralized entry point between client applications and backend microservices, handling routing, security, transformation, and management at scale. In modern cloud-native architectures, gateways decouple clients from distributed services β enabling independent evolution of microservices while maintaining consistent external contracts. The gateway pattern consolidates cross-cutting concerns like authentication, rate limiting, caching, and observability into a single layer rather than duplicating this logic across every service. In 2026, gateways are also expanding into AI/LLM traffic management, where token economics, semantic caching, and content guardrails demand purpose-built patterns beyond traditional request-response handling β making gateway architecture decisions more consequential than ever.
What This Cheat Sheet Covers
This topic spans 19 focused tables and 149 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.
Table 1: Core Routing Patterns
Routing is the gateway's primary function: matching incoming requests to the right backend by inspecting paths, headers, methods, or weights. Getting routing right β especially choosing between path-based, header-based, and Kubernetes-native HTTPRoute approaches β determines how cleanly your microservices can evolve independently while sharing a single external entry point.
| Pattern | Example | Description |
|---|---|---|
/api/v1/users β User Service/api/v1/orders β Order Service | β’ Routes requests to different backends based on URL path prefixes β’ the simplest and most common routing strategy, enabling service isolation under a single domain | |
api.example.com β Public APIinternal.example.com β Internal API | β’ Routes based on HTTP Host headerβ’ allows different APIs or versions to share infrastructure while appearing as distinct services | |
90% β v1 backend10% β v2 backend | β’ Distributes traffic proportionally between backend versions β’ enables gradual rollouts and canary testing with minimal blast radius | |
X-API-Version: 2 β v2 backendUser-Agent: mobile β Mobile Service | β’ Routes traffic based on HTTP header values β’ enables A/B testing, version targeting, and client-type-specific backends |