Learn the Google-recommended architecture for providing subscription tiers to users of a streaming API hosted on GKE by leveraging Apigee proxies, API keys, and quota policies. Configure your GKE service as an Apigee backend and set usage limits per API key.
Table of Contents
Question
You are developing an external-facing application on GKE that provides a streaming API to users. You want to offer two subscription tiers, “basic” and “premium”, to users based on the number of API requests that each client application is allowed to make each day. You want to design the application architecture to provide subscription tiers to users while following Google-recommended practices. What should you do?
A. 1. Configure the service on GKE as a backend to an Apigee proxy.
2. Provide API keys to users to identify client applications.
3. Configure a Quota policy in Apigee for API keys based on the subscription tier.
B. 1. Configure the service on GKE as a backend to an Apigee proxy.
2. Provide API keys to users to identify client applications.
3. Configure a SpikeArrest policy in Apigee for API keys based on the subscription tier.
C. 1. Configure the service on GKE as a backend to two new projects, each with a separate Application Load Balancer.
2. Configure the quota “Queries per second (QPS) per region per network” for each project individually.
3. Provide users with API endpoints based on the subscription tier.
D. 1. Deploy the application to two GKE clusters, one for each subscription tier. Configure each cluster to have a separate Ingress.
2. Configure each cluster as a backend to an Apigee proxy.
3. Provide API keys to users to identify client applications.
4. Configure separate rate limits for client applications based on the subscription tier.
Answer
A. 1. Configure the service on GKE as a backend to an Apigee proxy.
2. Provide API keys to users to identify client applications.
3. Configure a Quota policy in Apigee for API keys based on the subscription tier.
Explanation
Apigee is Google’s recommended API management platform. By configuring your GKE service as a backend to an Apigee proxy, you can take advantage of Apigee’s built-in features for API key management and usage policies. This allows you to control access to your API and enforce different limits for each subscription tier.
Providing API keys to users is a best practice for identifying and authenticating client applications. Each API key uniquely identifies a client, allowing you to apply policies and track usage on a per-client basis.
Finally, by configuring Quota policies in Apigee for each API key based on the subscription tier, you can define the number of allowed API calls per day for “basic” and “premium” users. Apigee will automatically enforce these limits, rejecting requests that exceed the quota. This ensures each client stays within their allocated usage tier.
The other options have drawbacks:
- Option B suggests using a SpikeArrest policy, but that is for protecting against traffic spikes, not enforcing usage tiers.
- Option C recommends deploying separate load balancers and configuring QPS quotas, but this doesn’t give you the fine-grained, per-client control that API keys and Apigee policies provide.
- Option D proposes separate GKE clusters and rate limiting, which is overly complex compared to managing this at the API layer with Apigee.
Therefore, the Apigee-based approach in Option A aligns best with Google’s recommendations and provides the simplest, most effective way to offer subscription tiers for your streaming API on GKE.
Google Professional Cloud Developer certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the Google Professional Cloud Developer exam and earn Google Professional Cloud Developer certification.