I've always prided myself a bit of a futurist, and it's certainly no coincidence that I work in tech. I love how the more advanced we get, the more connected everything seems to become. And while I am always looking forward to seeing what is new, what's exciting, and what's better - I am always reminded that it is only that last point - what's better - that interested me.
Take the below diagram, for example. It accurately shows how Fastify, Kong, and Kuma, three relatively new and exciting names on the development scene and how they work together. It depicts how the backend applications developed in Fastify are connected through the Kong API gateway. It displays how the API gateway is monitoring and logging traffic to enhance security as it goes in and out of the application. And finally, it shows how Kuma acts as a service mesh to manage and route traffic between the application, database, and external services. And while the diagram does show the connectivity of Fastify, Kong, and Kuma, it doesn't answer the question - is it better?
While I am a futurist, I am also a realist, and by that, I recognize that we are, and should be rooted in our traditions - and this applies to technology if my comparison wasn't clear. And one lesson I keep learning in technology is that despite how much we want it to be true, new isn't always better. That is why today, we are going to look at Fastify, Kong, and Kuma, but we are going to compare them to their traditional or legacy predecessors to let you decide if what's new is this case, better.
What is Fastify?
As most of us know, an efficient server-side application responds better under a higher load, has lower infrastructure costs, and eventually satisfies end-users. The question that arises here is how to effectively manage resources without sacrificing security to implement an efficient server-side application to serve the highest number of possible running frontend application instances?
Fastify is an ideal solution, specializing in delivering highly advanced developer experiences at low cost and with robust plugin architecture. A framework for Node.js, it was built on the concepts of existing frameworks but optimized to make it much faster than others (just look at its name). However, it isn’t the only solution.
Express.js: Fast, unopinionated, minimalist web framework
Express.js is a web server framework of Node.js, released as open-source under MIT and was designed to develop server-side applications. Express.js is a small architectural level layer which provides built-in basic web application features, without overriding the features of Node.js. Many frameworks such as KeystoneJS, NestJS are based on Express.js.
Hapi.js: Simple, secure, and framework developers can trust
Hapi.js helps the development community create scalable, robust applications, with minimal execution cost. Hapi.js is focused more on application-level security and has built-in methods for end-to-end Code Hygiene, Secure Defaults, Integrated Authorization, and Authentication Architecture, adding to its distinction as a reliable resource.
How Fastify Compares?
Fastify, in comparison with express.js, is one step ahead in terms of efficiency, but still, hapi.js is rated higher in security features. Fastify, as its name suggests, was built to be a swift Node.js web server framework. It also has friendly and ideal controller syntax despite being built for speed. It offers async functions for use as a control code and automatically adds incoming JSON requests to the queue, resulting in fewer development efforts to code the queue management layer. An experiment conducted by Fastify.io of its latest version (3.0.0) showed it to be two times faster than express.js and can handle 150% more requests than hapi.js. The following image provides a snapshot of how Fastify performed against some other well known Node.js web frameworks:
Benefits & Features of Fastify
So what makes Fastify so great? Below are a few features of that help it stand out in comparison to other Node.js frameworks:
- It’s one of the fastest web frameworks. Depending on the application’s complexity, a Fastify based service-side application can serve up to 77,000 requests per second, as seen above.
- Hooks, plugins and decorators available in Fastify make it fully extensible.
- They use Pino, the best logger framework around, nearly removing the cost of finding critical issues.
- It’s developer-friendly, without compromising on security and performance, helping developers achieve more with less code.
What is Kong?
Kong is an open-source API Layer, Gateway or Middleware which has better scalability. It is a platform for developers and enterprise architects to connect, secure, and extend their services. Still, its best use is to facilitate the flow of information between all services within the software system. Kong manages the full API lifecycle, and every request to the backend API will hit Kong first before sending it to the final API when it’s active. The diagram below shows how Kong plays a middleware role between the client application and distributed backend services.
Kong vs Legacy API Management Systems
In an earlier era of software development, Legacy API Management solutions helped address an essential problem: How can developers provide access to externally consumable third-party APIs? Initially, software applications were fundamentally monolithic in design, and intra-function calls were handling the internal communication between different, rather than external APIs. Kong has resolved these communication challenges, being built on a lightweight proxy to deliver unparalleled latency, performance, and scalability for all microservice applications regardless of where they run. It also allows you to control API traffic with Kong’s plugin architecture.
Benefits & Features of Kong
- Scalable: By adding more parallel machines, Kong servers can quickly scale horizontally. It’s also possible to upgrade the overall system to handle any load while keeping latency low.
- Modular: By adding new plugins, Kong can be modularized and easily configured with the RESTful Admin API.
- Runs Everywhere: It can run on the cloud or virtual machine, independent of what environment is available to execute over.
What is Kuma?
Kuma is a platform-agnostic, open-source control plane for service mesh and microservices. It can be executed natively environments like Kubernetes and VM, making it very easy to handle and useful. Kuma can use L4/L7 connectivity to secure, monitor, route and improve communication between a backend service and database. It can be used traditionally in Kubernetes with CRDs or with RESTful API in other environments such as VMs and Bare Metal.
What Kuma Does?
Applications make many requests to communicate with other services in the system like databases, caches, and microservices. However, by default, the network is insecure and unreliable and can introduce notable challenges to any modern environment like routing, tracing, and security. To build L4/L7 connectivity among services and applications, Kuma is the best way. It reduces the code that application teams have to write while improving the reliability, enabling faster delivery of software modules, and upgrading the overall architecture security with minimal effort.
Let’s take the practical example here: every API in the software system needs to be protected to make it secure. On top, APIs need to be logged, tracked, and monitored to communicate exceptions to the relevant stakeholders. Specially the logs help developers to resolve issues and improve overall system performance. One way is to build a Smart client with extra development work to communicate with the outer world to achieve all of the above. On the other side, service mesh like Kuma comes into the picture to avoid reinventing the wheel and save the development cost. Service mesh setup is an outbox proxy along with backend services. This proxy intercepts every outgoing request that the system makes. The more decoupled the code, the more intra-system requests it will make. And that same proxy will receive the response that outer services are sending back to the system. The service mesh takes care of making outbound and inbound requests. As a result, it maintain logs, tracks and monitors for all API exceptions.
Benefits & Features of Kuma
Although Kuma is a recent phenomenon trending in the community, it is for a good but simple reason. Essentially, all it does is make sure connectivity issues are fixed and the connections are secure. Below are a few critical features of Kuma that have helped see it grow in popularity:
- Identify requests loads directed towards specific APIs.
- Implement traffic permissions and security to enhance the overall system efficiency.
- Logging network traffic coming to the server, supporting decision making on systems scalability.
- Kong gateway integration and with the help of Kuma, you can track the request’s complete lifecycle.
Today, we learned that Fastify has emerged as the fastest framework of Node.js to date (no pun intended). Many renowned IT companies worldwide have endorsed and started using it for their backend application development. In fact, most would agree it has already made a name for itself in this technologically advanced world on its progression to become a leading framework. We also discussed how Kong and Kuma and their list of features inspire the development community, both having addressed significant connectivity challenges as of late, making sure and working towards better managed and secure system connectivity. But is the new better than what preceded them in these cases?
While I stand by my lesson that new is not always better, I have also learned that preference and project can play a big part in selecting tools and technology, which is why there may not always be “better,” rather, just better-suited options and better-informed decisions. And after this article, it is my hope you will be able to do just that - make a better-informed decision.
The above was written in collaboration with Uzi Murad, Account Executive, and Kashif Rizwan, Software Development Manager, both of mobileLIVE.