Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Become a Pro at API Management: A declarative approach

paraskakis
October 10, 2019
Programming
0
270

Become a Pro at API Management: A declarative approach

Presented at API World 2019 and API Specs Conference 2019.
OpenAPI has become the standard way to describe APIs and Services but when it comes to runtime configuration, it’s a Tower of Babel: each vendor takes a different approach, or worse, DevOps are forced back into a UI, with no good way to script and automate deployments. We’ll examine the current state of declaring configuration in API Definitions and examine proposals to improve infrastructure as code via OpenAPI.

paraskakis

October 10, 2019
Tweet

More Decks by paraskakis

See All by paraskakis
API Best Practices
paraskakis
0
150
Outside-in Development for APIs and Microservices
paraskakis
0
24
API Design Hands-On Lab
paraskakis
0
42
Bring Design Thinking to your API Lifecycle
paraskakis
0
72
Decomposing Service Descriptions: The Future of API Design
paraskakis
0
790
APIDays_Design_API_Security.pdf
paraskakis
0
80
Have Your Layer Cake and Eat it Too
paraskakis
1
150
Keeping your APIs Honest - Gluecon 2017
paraskakis
0
100
Easy Data Modeling with MSON (Defrag 2016)
paraskakis
0
98

Other Decks in Programming

See All in Programming
VS Code をプロダクトにどう取り込むか
onomax
1
360
ONE WEDGE_company_guide
1wedge_one
0
480
try!Swift Tokyo 2024 参加報告 LT
akidon0000
1
220
大規模Reactアプリのリアーキテクチャ~8万行のTanStack Query移行の軌跡~
kj455
4
960
GraphQLサーバの構成要素を整理する #ハッカー鮨 #tsukijigraphql / graphql server technology selection
izumin5210
4
840
Amazon SQSコンシューマー疎結合への旅 - 出張! #DevelopersIO IT技術ブログの中の人が語る勉強会 #3
quiver
0
270
初心者のためのRubyKaigi入門/RubyKaigi Introduction
a_matsuda
0
190
1BRC--Nerd Sniping the Java Community
gunnarmorling
0
340
try! Swift Tokyo 2024 参加報告 / try! Swift Tokyo 2024 Report
hironytic
0
200
#phpcon_odawara オープン・クローズドなテストフィクスチャを求めて / open closed test fixtures
77web
3
230
『Railsオワコン』と言われる時代に、なぜブルーモ証券はRailsを選ぶのか
free_world21
0
220
Node.js v22 で変わること
yosuke_furukawa
PRO
9
3.4k

Featured

See All Featured
How to Ace a Technical Interview
jacobian
272
22k
Designing on Purpose - Digital PM Summit 2013
jponch
110
6.5k
Product Roadmaps are Hard
iamctodd
44
9.7k
Pencils Down: Stop Designing & Start Developing
hursman
117
11k
Put a Button on it: Removing Barriers to Going Fast.
kastner
58
3.1k
The Mythical Team-Month
searls
216
42k
The Cost Of JavaScript in 2023
addyosmani
16
3.9k
Bash Introduction
62gerente
604
210k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
274
13k
Thoughts on Productivity
jonyablonski
58
3.8k
Learning to Love Humans: Emotional Interface Design
aarron
267
39k
Building a Scalable Design System with Sketch
lauravandoore
456
32k

Transcript

  1. Become a Pro at API Management: A declarative approach Emmanuel

    Paraskakis |@manp VP Product, SmartBear

  2. Proprietary & Confidential 2 Configuring API Management today – UI

    or CLI/API

  3. Proprietary & Confidential 3 UI - Great for getting started,

    but… • No repeatability – maybe dump/restore a config file? • Can’t easily see differences between configs • Not easy to version • Not easy to share/collaborate on • Start from scratch every time • No templating/reuse/examples • Configuration proliferation and drift

  4. Proprietary & Confidential 4 Better: Declarative Config • Like code…

    so you can diff it, check it in • Can view/share entire config in a doc but… | Usually proprietary format | duplication of API Description… | what if I already have an OpenAPI doc?

  5. Proprietary & Confidential 5 Best: Reuse API Description • Add

    “vendor extensions” to your OpenAPI doc (inline) • Reuse of paths, methods and other elements • Use a single document as Source of Truth • Minimize inconsistencies but… | Vendor extensions are not part of the standard | They are different for each vendor, not only in syntax, but in scope/purpose

  6. Proprietary & Confidential 6 Can we do better? • What

    if runtime configuration were part of OpenAPI? And vendor extensions were unified and part of the standard? What we have already: | Use “servers” for environment configuration | Use “security” “securitySchemes” for authN What we’re missing: | A “backends” object | Request and Response Policy spec | Analytics config/aggregation Servers Backends Security Request Policies Response Policies

  7. Proprietary & Confidential 7 Servers Servers Backends Security Request Policies

    Response Policies

  8. Proprietary & Confidential 8 Security Servers Backends Security Request Policies

    Response Policies

  9. Proprietary & Confidential 9 Request Policies Servers Backends Security Request

    Policies Response Policies

  10. Proprietary & Confidential 10 Backends Servers Backends Security Request Policies

    Response Policies

  11. Proprietary & Confidential 11 Response Policies Servers Backends Security Request

    Policies Response Policies

  12. Proprietary & Confidential 12 What’s next? • OpenAPI Proposal to

    support Runtime Configuration: • Request/Response Policies • Backends • Analytics Aggregation • OpenAPI Proposal for Overlays #1843 • OpenAPI Proposal to extend support for Substitution Variables Credits for Inspiration: Mark Foster Vincenzo Chianese