Introducing API Management as a co-existing solution

Transcript

1. Introducing API Management as a co-existing solution Nuwan Bandara -

   Associate Director / Solutions Architect Nadeesha Gamage - Associate Technical Lead

2. Agenda ❏ Complexities in modern IT landscape. ❏ Do organizations

   need API Management? ❏ What does it mean by “API Management as a co-existing solution”? ❏ API Design approaches. ❏ Benefits of using API Management ❏ Analytics ❏ Traceability ❏ QoS ❏ Challenges

3. Complexities in modern IT landscape ❏ Systems communicate through multiple

   standards, protocols and message formats. ❏ Legacy Applications, SaaS Applications and Microservices. ❏ Organizations look to reduce time to market. ❏ Improve service reusability. ❏ Increase service exposure outside organizational boundaries. http://technologyandarchitecture.blogspot.com/

4. Do organizations need API Management? ❏ Do you want to

   expose your services as APIs? ❏ Do you want to centrally manage these APIs? ❏ How do you secure/limit API usage? ❏ How will APIs be discovered? ❏ How do you know the usage of your APIs? ❏ How do you make changes to the APIs without impacting its current users?

5. API Management would provide ❏ A single point to access

   services. ❏ Secure, authenticate and authorize API access. ❏ Enforce SLA on exposed APIs. ❏ Advertise APIs and improve reusability. ❏ Manage lifecycle and versioning of APIs. ❏ Monitor and Monetize APIs.

6. API Management as a co-existing solution! ❏ API Management itself

   is not a new paradigm. ❏ It is not an afterthought any more. ❏ API Management to complement existing services. ❏ API Management completes the enterprise IT landscape. ❏ API Design a key factor in defining the scope of APIs.

7. How important is API Design? ❏ API Design would determine

   how a service is exposed to its consumers. ❏ API Design determines the adaptability of a service. ❏ Two main approaches ❏ API 1st design. ❏ Making existing services API ready.

8. Approach 1: API 1st Design ❏ API Centric design approach,

   design backend services based on the requirements of API consumers. ❏ Strong linkage between services, APIs and service consumer expectations. ❏ Better adaptability and reusability of API. ❏ Can be done when designing new services or re-architecting existing services.

9. API Management as a 1st class citizen ❏ In-line with

   the API 1st design paradigm. ❏ Create planned APIs rather than ad-hoc APIs. ❏ Design API security up-front inline with the general organization practices. ❏ API Management considered as a core-component rather than an auxiliary capability.

10. Approach 2: Making existing services API ready ❏ APIs are

    designed based on service requirements. ❏ Greater role played by a service integration layer to orchestrate and aggregate services. ❏ More applicable for rigid organizations that cannot re-design their existing services.

11. Which approach is better? ❏ Depends on which approach is

    most applicable. ❏ Use API 1st design whenever possible. ❏ If services are rigid, build the API Management around existing services. ❏ Objective is to achieve an API centric organization.

12. Comprehensive / end to end analytics ❏ APIs are the

    front face of the business transaction ❏ The intelligence that can be gathered at the API layer is vast compared to any downstream system monitoring ❏ Analytics and monitoring at the API layer provide best of both worlds - business intel and technical intel

13. Traceability & troubleshoot ❏ Operational analytics - ❏ What is

    your TPS ? ❏ Are you correctly provisioned ? ❏ Tracing and correlating a business transaction ❏ Correlating through a service compositions ❏ APIs as operational tools ❏ Platform APIs

14. Quality of services - Throttling ❏ API Management as a

    traffic controller to the backend ❏ Safeguarding the backend business systems at high throughput ❏ Safely recovering the transactions ❏ Warning clients ❏ Warning platform teams ❏ Traffic shaping and priority based routing http://sanjeewamalalgoda.blogspot.com/2016/05/new-api-manager-t hrottling.html

15. Quality of services - Security ❏ As the front controller

    for security ❏ Creating a trusted sub-system with the backend systems ❏ Security protocol transformation and bridging ❏ Entitlements and granular rules

16. Quality of services - Reliability ❏ No lost transaction policies

    ❏ Queuing instead of throttling out ❏ Auto scaling / auto provisioning

17. Quality of services - Transactions ❏ Compensation for RESTful distributed

    systems ❏ Try / Confirm / Cancel like implementations https://www.infoq.com/presentations/Transactions-HTTP-REST

18. Self service / Intuitiveness ❏ API Consumer Portal as a

    catalogue of enterprise services ❏ Easier to search and reuse ❏ Standard way to subscribe and consumer ❏ Minimum supervision and self service ❏ Less rules enabling a shared ecosystem

19. Challenges ❏ Complexity ? ❏ Performance ? ❏ Moving pieces

20. Thank You ! Questions ?

21. Contact us !