$30 off During Our Annual Pro Sale. View Details »

Constructing a Consistent and Stable User Experience with REST and GraphQL APIs

Chris Wahl
July 10, 2019
Technology
0
270

Constructing a Consistent and Stable User Experience with REST and GraphQL APIs

APIs are a fantastic way to extend the functionality of a solution across the data center and public clouds. However, as a solution expands the features and available use cases, the complexity of an API surface area scales in parallel. In terms of cloud data management, it can be difficult to create a consistent and deterministic experience when dealing with a huge quantity of integration points (virtual machines, cloud native workloads, file servers, physical servers, hypervisors, etc). At the same time, the user experience is directly impacted by the quality of documentation and frequency of communication, which are often overlooked by project teams. In this session, you’ll hear about the construction of REST and GraphQL APIs that are used by infrastructure engineers and cloud architects around the globe for data management and the various challenges tackled to deliver an exceptional user experience.

Chris Wahl

July 10, 2019
Tweet

More Decks by Chris Wahl

See All by Chris Wahl
Constructing Open Source SDKs for Ops Teams with REST and GraphQL
chriswahl
0
120
Developing Exceptional Architecture Design with Open Source and DevOps
chriswahl
0
200

Other Decks in Technology

See All in Technology
re:Invent2023で登場した運用開発用の可視化ツールたちを実際に見てみよう
yoshimi0227
0
150
Azure OpenAI Serviceの採用と挑戦 - Azure AI Hub meetup #1
cimadai
1
280
隙間家具OSS開発で『自分の庭』をつくる / kayac-andpad-event
fujiwara3
0
290
ニフティの過去・現在・未来 - NIFTY Tech Day 2023
niftycorp
0
150
SIEMを用いて、セキュリティログ分析の可視化と分析を実現し、PDCAサイクルを回してみた
coconala_engineer
1
150
AWS re:Invent 2023 わざわざ現地まで行く意味あるの?→ありました
minorun365
PRO
5
840
Go Getでのchecksum不一致に遭遇した話とその対応
replu
0
180
2023-12-01 吉祥寺.pm ベストプラクティスと組織とIaC
masasuzu
1
360
Kaggle Tokyo Meetup2023 CommonLit Solutionの紹介と考え方 - Fulltrain戦略と(Seed/Model)Ensembleの可視化 -
chumajin
2
1.1k
ChatGPT for Developer - 超入門
dahatake
41
23k
朝起こしてくれるメイドさんが欲しい (LT) - NIFTY Tech Day 2023
niftycorp
1
110
Kamuee: A Pure-Software-Approach Router
nttcom
0
130

Featured

See All Featured
The Invisible Customer
myddelton
113
12k
Imperfection Machines: The Place of Print at Facebook
scottboms
257
12k
Bash Introduction
62gerente
603
210k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
13
5.9k
How GitHub (no longer) Works
holman
299
140k
It's Worth the Effort
3n
180
27k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
6
7.3k
How New CSS Is Changing Everything About Graphic Design on the Web
jensimmons
215
12k
The Web Native Designer (August 2011)
paulrobertlloyd
78
2.7k
Building Flexible Design Systems
yeseniaperezcruz
317
36k
Building Applications with DynamoDB
mza
87
5.3k
Code Review Best Practice
trishagee
53
14k

Transcript

  1. Constructing a Consistent and Stable
    User Experience with REST and
    GraphQL APIs
    Chris Wahl, Chief Technologist at Rubrik
    Twitter: @ChrisWahl
    GitHub: chriswahl

    View Slide

  2. https://twitter.com/AxolotlCure/status/1136284938830045184

    View Slide

  3. ▪ The Concept of Cloud Data Management
    ▪ Designing with REST and GraphQL
    ▪ Real-World Workflows and Automation

    View Slide

  4. The Concept of
    Cloud Data Management

    View Slide

  5. View Slide

  6. View Slide

  7. View Slide

  8. View Slide

  9. ▪ Originally “Converged Data
    Management” in Aug, 2015
    – Coined to represent the distillation of
    hardware and software needs into a
    single platform.
    – https://www.rubrik.com/blog/tag/cdm-
    series/
    ▪ Updated to “Cloud Data
    Management” in Aug, 2016

    View Slide

  10. 1. Software Converged
    2. Infinite Scalability
    3. API-Driven Architecture
    4. Instant Data Access
    5. Cloud Native

    View Slide

  11. 2015: The data center is now an API.
    David Vallente, co-founder and co-CEO SiliconANGLE Media

    View Slide

  12. 2018: API-driven data center modernization.
    Paul Delory at Gartner

    View Slide

  13. ▪ There are still many “food groups” in
    the data center that lack an API.
    ▪ Talent that can take advantage of an
    API / SDK is increasing.
    ▪ Enterprises are requiring products to
    have full API support in their buying
    cycle.

    View Slide

  14. ▪ API as a premium
    – Our API is only available in the Super Deluxe Platinum Enterprise Premium edition
    ▪ API as a side project to address specific large customers
    – Customer X requires automation of feature Y, so add a shim
    ▪ API for a specific acquisition
    – The portfolio contains a few products that came with an API
    ▪ API as a bolt-on
    – The “YOLO” approach with a bolt-on proxy

    View Slide

  15. View Slide

  16. View Slide

  17. Things you may hear from IT Ops:
    ▪ There’s no need to learn an API; they are for developers only.
    ▪ SDKs and Tools are abstraction layers; just focus on that.
    ▪ The product should do everything and never require API usage.

    View Slide

  18. Things you may hear from Developers:
    ▪ The API is just for the product to consume; no one else uses them.
    ▪ GraphQL is self-documenting and strongly-typed, so no docs are needed.
    ▪ Let’s just make another endpoint for Resource X.

    View Slide

  19. View Slide

  20. Design Principles with
    REST and GraphQL

    View Slide

  21. API-driven Architecture.
    Chris Wahl

    View Slide

  22. ✓ Use predictable, resource, and action-oriented URLs.
    ✓ Use HTTP status codes for handling errors and responses.
    ✓ Allow sophisticated authentication mechanisms (such as API Keys).
    ✓ Support versioning.
    ✓ Aim to be understood by standard HTTP clients.
    ✓ Create a maintainable spec that supports all our use cases.

    View Slide

  23. View Slide

  24. Create a consistent and deterministic
    experience when dealing with a huge
    surface area of integration points: Hypervisors
    Cloud
    Native
    Services
    Legacy
    Services
    File
    Servers
    Virtual
    Appliances

    View Slide

  25. Place major integration points
    (parents) at root level of the API. Add child items to each parent
    Leverage HTTP methods to
    simplify workflows.
    Ugly: POST to “/add_node” and
    “/remove_node/{id}”
    Pretty: POST to “/node” and DELETE to
    “/node/{id}”
    Use Boolean field naming
    conventions.
    Start with ‘has’, ‘is’ or ‘should’ to make it clear that it is a
    Boolean field
    Examples: ‘hasRootAccess’, ‘isAdmin’ and
    ‘shouldDoSomething’

    View Slide

  26. Introduced a version into the path*.
    Establish a specific version control process
    and model.
    Use “/internal” to develop new endpoints, but
    make available to end-users.
    Use “/v1”, “/v2”, “/vn” to publish stable
    endpoints.
    *not applicable in GraphQL

    View Slide

  27. The rules of versioning
    and deprecation.
    Future deprecation of
    endpoints / resources.
    New or updated
    endpoints / resources.

    View Slide

  28. ▪ Started with REST since GraphQL was
    still private at Facebook (and very
    new).
    ▪ Adopted GraphQL for our Polaris SaaS
    product.
    – Much easier to iterate / develop against.
    – Dramatically less requests needed (often
    single query).
    – Strongly typed model for the win!

    View Slide

  29. Insights into
    API Usage

    View Slide

  30. https://twitter.com/bipulsinha/status/1135342790710243330

    View Slide

  31. Data protection does not exist or is very painful.
    Data lifecycle includes data protection from cradle to grave.
    Ecosystem integrations / tools leverage data management.
    Automated pipelines are delivering services from protected
    data points in innovative ways.
    My data has become self aware. Skynet?
    1
    Happy
    2
    Data Evolution
    3
    Multi-Cloud Data Control Plane
    4
    Data Lifecycle Management
    5
    Data Protection at Scale

    View Slide

  32. ▪ Lifecycle Management
    ▪ Data Migration to Multi-Cloud
    ▪ Ransomware / Malicious Actors
    ▪ Development Risk Mitigation
    ▪ Re-Platform Efforts

    View Slide

  33. Request /
    Change
    On-Demand
    Snapshot
    Workflow
    Change
    Executed
    Roll
    Back!
    API Request
    Confirmation

    View Slide

  34. ▪ Change request / change approval
    – Atlassian Jira issue filed by engineer to make change to object(s)
    – REST call sent to CDM to inventory object(s)
    – REST call sent to CDM to generate on-demand snapshot of object(s)
    – Snapshot held using maintenance SLA (7-14 days retention with auto purge)
    – Optional approval in Jira once snapshot is stored / replicated
    ▪ Change executed
    – If successful, SLA will purge ephemeral snapshot data of object(s)
    – If failure, REST call sent to CDM to instant restore object(s) as desired
    ▪ Repeat as needed

    View Slide

  35. Object
    Location A
    Policy-based
    Snapshots
    Workflow
    Object (Copy)
    Location B
    Integration
    API Request
    Conversion to
    Native Format
    Archive to
    Location B
    Sprint
    Duration

    View Slide

  36. ▪ Protect object in Location A
    – Assign SLA to object(s) for policy-based snapshot generation
    – Archive data to Location B to move data close to compute
    – REST call sent to CDM to request conversion of object(s) at desired frequency
    ▪ Ephemeral conversion of object(s) in Location B
    – Ephemeral compute instance converts object(s) in place while respecting archive
    – REST call sent to CDM to request power on activity for object(s)
    ▪ Re-platform tasks
    – Object(s) in Location B access native services for integration
    – Begin re-platform tasks for object(s) using native services
    ▪ Repeat process daily, nightly, weekly, etc. based on sprint duration / needs

    View Slide

  37. build.rubrik.com

    View Slide

  38. Don’t Backup. Go .

    View Slide