In typical microservice applications, it is quite possible that more than a hundred microservices are interacting with each other. There are certain common features that are required to be implemented for all these microservices: 

• Security: We may need to check that authentication and authorization, or any other security policies required to make calls to microservices
• Restrict call rate: This allows only a certain number of calls for a specific microservice in a given time
• Fault toleration: If any service fails to respond, this sends an appropriate error signal
• Monitor: This is used to monitor for specific events or values passed across the microservices
• Service aggregation: This provides an aggregate response from multiple microservices in a single response, specifically in a bandwidth-restricted environment
• Routing: Based on certain criteria (if call forwarding is required, for example), route all the calls from a specific user to a particular region to a specific service
• Load balancing: This maintains the flow of calls to balance the load on the service instance

Apart from this, we may want to restrict some of the services to end users and keep them private. To achieve these goals, we need some sort of API gateway, which will intercept all the calls from end users and all inter-service communication. So, instead of microservices talking with each other directly through REST calls, they will now interact with each other through an API gateway, which will provide all the features previously listed. Since all the calls are routed from the API gateway, it can also be used for debugging and analytic purposes.

Spring Cloud provides API gateway support through another Netflix implementation called Zuul. Next up, let's see how to set up Zuul.