Slide 1

Slide 1 text

Introducing API Management as a co-existing solution Nuwan Bandara - Associate Director / Solutions Architect Nadeesha Gamage - Associate Technical Lead

Slide 2

Slide 2 text

Agenda ❏ Complexities in modern IT landscape. ❏ Do organizations need API Management? ❏ What does it mean by “API Management as a co-existing solution”? ❏ API Design approaches. ❏ Benefits of using API Management ❏ Analytics ❏ Traceability ❏ QoS ❏ Challenges

Slide 3

Slide 3 text

Complexities in modern IT landscape ❏ Systems communicate through multiple standards, protocols and message formats. ❏ Legacy Applications, SaaS Applications and Microservices. ❏ Organizations look to reduce time to market. ❏ Improve service reusability. ❏ Increase service exposure outside organizational boundaries. http://technologyandarchitecture.blogspot.com/

Slide 4

Slide 4 text

Do organizations need API Management? ❏ Do you want to expose your services as APIs? ❏ Do you want to centrally manage these APIs? ❏ How do you secure/limit API usage? ❏ How will APIs be discovered? ❏ How do you know the usage of your APIs? ❏ How do you make changes to the APIs without impacting its current users?

Slide 5

Slide 5 text

API Management would provide ❏ A single point to access services. ❏ Secure, authenticate and authorize API access. ❏ Enforce SLA on exposed APIs. ❏ Advertise APIs and improve reusability. ❏ Manage lifecycle and versioning of APIs. ❏ Monitor and Monetize APIs.

Slide 6

Slide 6 text

API Management as a co-existing solution! ❏ API Management itself is not a new paradigm. ❏ It is not an afterthought any more. ❏ API Management to complement existing services. ❏ API Management completes the enterprise IT landscape. ❏ API Design a key factor in defining the scope of APIs.

Slide 7

Slide 7 text

How important is API Design? ❏ API Design would determine how a service is exposed to its consumers. ❏ API Design determines the adaptability of a service. ❏ Two main approaches ❏ API 1st design. ❏ Making existing services API ready.

Slide 8

Slide 8 text

Approach 1: API 1st Design ❏ API Centric design approach, design backend services based on the requirements of API consumers. ❏ Strong linkage between services, APIs and service consumer expectations. ❏ Better adaptability and reusability of API. ❏ Can be done when designing new services or re-architecting existing services.

Slide 9

Slide 9 text

API Management as a 1st class citizen ❏ In-line with the API 1st design paradigm. ❏ Create planned APIs rather than ad-hoc APIs. ❏ Design API security up-front inline with the general organization practices. ❏ API Management considered as a core-component rather than an auxiliary capability.

Slide 10

Slide 10 text

Approach 2: Making existing services API ready ❏ APIs are designed based on service requirements. ❏ Greater role played by a service integration layer to orchestrate and aggregate services. ❏ More applicable for rigid organizations that cannot re-design their existing services.

Slide 11

Slide 11 text

Which approach is better? ❏ Depends on which approach is most applicable. ❏ Use API 1st design whenever possible. ❏ If services are rigid, build the API Management around existing services. ❏ Objective is to achieve an API centric organization.

Slide 12

Slide 12 text

Comprehensive / end to end analytics ❏ APIs are the front face of the business transaction ❏ The intelligence that can be gathered at the API layer is vast compared to any downstream system monitoring ❏ Analytics and monitoring at the API layer provide best of both worlds - business intel and technical intel

Slide 13

Slide 13 text

Traceability & troubleshoot ❏ Operational analytics - ❏ What is your TPS ? ❏ Are you correctly provisioned ? ❏ Tracing and correlating a business transaction ❏ Correlating through a service compositions ❏ APIs as operational tools ❏ Platform APIs

Slide 14

Slide 14 text

Quality of services - Throttling ❏ API Management as a traffic controller to the backend ❏ Safeguarding the backend business systems at high throughput ❏ Safely recovering the transactions ❏ Warning clients ❏ Warning platform teams ❏ Traffic shaping and priority based routing http://sanjeewamalalgoda.blogspot.com/2016/05/new-api-manager-t hrottling.html

Slide 15

Slide 15 text

Quality of services - Security ❏ As the front controller for security ❏ Creating a trusted sub-system with the backend systems ❏ Security protocol transformation and bridging ❏ Entitlements and granular rules

Slide 16

Slide 16 text

Quality of services - Reliability ❏ No lost transaction policies ❏ Queuing instead of throttling out ❏ Auto scaling / auto provisioning

Slide 17

Slide 17 text

Quality of services - Transactions ❏ Compensation for RESTful distributed systems ❏ Try / Confirm / Cancel like implementations https://www.infoq.com/presentations/Transactions-HTTP-REST

Slide 18

Slide 18 text

Self service / Intuitiveness ❏ API Consumer Portal as a catalogue of enterprise services ❏ Easier to search and reuse ❏ Standard way to subscribe and consumer ❏ Minimum supervision and self service ❏ Less rules enabling a shared ecosystem

Slide 19

Slide 19 text

Challenges ❏ Complexity ? ❏ Performance ? ❏ Moving pieces

Slide 20

Slide 20 text

Thank You ! Questions ?

Slide 21

Slide 21 text

Contact us !