Design an API Gateway / Edge Layer

APIsNetworkingSecurityCachingReliability

Interview Question

Design a multi-tenant API gateway that handles routing, auth, rate limiting, request/response transformations, canarying, and observability across regions.

Key Points to Cover

Request lifecycle: TLS termination, authn/z, routing, transforms
Policy control plane vs data plane separation; hot reload of rules
Rate limiting/quotas per tenant and endpoint; burst handling
Resilience: circuit breaking, retries, timeouts, hedging
Multi-region routing (Geo/DNS/Anycast) and canary/blue-green
Observability: structured logs, distributed tracing, per-route SLOs

Evaluation Rubric

Clear request lifecycle & components25% weight

Sound control/data plane separation25% weight

Robust resilience & rollout strategy25% weight

Strong observability & SLO thinking25% weight

Hints

💡Consider Envoy/NGINX at the edge with a declarative control plane.

Potential Follow-up Questions

❓How do you do multi-tenant isolation?
❓How would you ship breaking header transforms safely?

Back to System Design View All Categories