As the use of the Internet and the World Wide Web (“Web”) has become widespread, it is increasingly common for software applications to access and use services provided by remote computing systems, such as via defined APIs (“application program interfaces”). Such remote services may provide a variety of types of functionality, and in some situations may be provided by third parties, such as for a fee. One example of such remote services are Web services, which allow heterogeneous applications and computers to interact, and which may be defined and implemented using a variety of underlying protocols and techniques. For example, some Web service implementations return data in XML (“extensible Markup Language”) format using HTTP (“HyperText Transport Protocol”) in response to a Web service invocation request specified as a URI (“Uniform Resource Identifier”), such as a URL (“Uniform Resource Locator”) that includes a specified operation and one or more query parameters. Such URI-based invocation requests may, for example, be based on the use of XML over HTTP (e.g., as part of the REpresentational State Transfer, or “REST”, distributed interaction model that focuses on resources). In other implementations, additional underlying protocols are used for various purposes, such as SOAP (“Simple Object Access Protocol”) for standard message exchange, WSDL (“Web Services Description Language”) for description of service invocations, and UDDI (“Universal Description, Discovery, and Integration service”) for discovery of available services.
In addition, software applications may be executed and interact with remote services in various ways. For example, data centers housing significant numbers of interconnected computing systems have become commonplace, such as private data centers that are operated by and on behalf of a single organization, as well as public data centers that are operated by entities as businesses. Some public data center operators provide network access, power, and secure installation facilities for hardware owned by various customers, while other public data center operators provide “full service” facilities that also include hardware resources made available for use by their customers. However, as the scale and scope of typical data centers has increased, the task of provisioning, administering, and managing the physical computing resources has become increasingly complicated.
The advent of virtualization technologies for commodity hardware has provided a partial solution to the problem of managing large-scale computing resources for many customers with diverse needs, allowing various computing resources to be efficiently and securely shared between multiple customers. For example, virtualization technologies such as those provided by VMWare, XEN, or User-Mode Linux may allow a single physical computing machine to be shared among multiple users by providing each user with one or more virtual machines hosted by the single physical computing machine, with each such virtual machine being a software simulation acting as a distinct logical computing system that provides users with the illusion that they are the sole operators and administrators of a given hardware computing resource, while also providing application isolation and security among the various virtual machines. When a software application executing on a virtual machine hosted by a computing system in a data center sends a communication to a remote service external to the data center, the communication typically passes through management software on the computing system and then multiple other devices before leaving the data center and traveling to the computing system providing the remote service.
Although Web services and other remote services allow various applications and computers to interact, the current implementations and uses of Web services have various problems. For example, due to the insecure nature communications over the Web, if such a remote service provides confidential or otherwise restricted data and other functionality, the remote service will typically use multiple front-end computing devices to handle communications from remote clients in order to shield various back-end devices that store the restricted data or otherwise provide the restricted functionality. Thus, a request sent from a client to a remote service to, for example, obtain stored data will typically pass through multiple other devices of the remote service before reaching a storage device that holds the data, and then the data sent in response will typically take the same or a similar path in traveling through multiple devices of the remote service before between sent back to the client over one or more networks. Unfortunately, such request handling by the remote service consumes significant resources (e.g., may necessitate expensive hardware setups to accommodate the communications, such as by having one or more hardware load balancers that receive communications and then direct each communication to an appropriate one of multiple Web server devices to handle authentication and other pre-processing activities for the communication), and may significantly delay the receipt of requested data or other functionality by the client. Such problems with delay and use of resources may further be exacerbated if the client is a computing system within a data center as previously described, in which communications to and from the computing system typically pass through multiple other devices of the data center before reaching an external network.