Weitere ähnliche Inhalte Ähnlich wie Webcast: Deep-Dive Apigee Edge Microgateway (20) Mehr von Apigee | Google Cloud (20) Kürzlich hochgeladen (20) Webcast: Deep-Dive Apigee Edge Microgateway3. ©2015 Apigee Corp. All Rights Reserved.
Apigee social channels
3
YouTube
http://youtube.com/apigee
Slideshare
http://slideshare.com/apigee
4. ©2015 Apigee Corp. All Rights Reserved.
Apigee Community
Get your API questions answered quickly
https://community.apigee.com
5. ©2015 Apigee Corp. All Rights Reserved.
Agenda
• API Management
• Edge cloud vs. Edge private cloud (on-prem) vs. Edge Microgateway
• Use cases for hybrid cloud API management
• Demo
• Edge Microgateway features
• Edge Microgateway internals
7. ©2015 Apigee Corp. All Rights Reserved.
Comprehensive API management capabilities
7
Zero downtime
Upgrades
Traffic Isolation/
Scaling
Multi-region/ Distributed
Traffic Management
Scale
Threat
Protection
RBAC, AD/LDAP
support
OAuth2, OpenID,
SAML, TLS
Secure
SmartDocs
Developer
Portal
Partner
Self-service
App Registration
Core
Key
Management
API Gateway
(Mediation/ Traffic mgmt)
Versions
Management
Node JS support/
Policy Extensibility
API Studio/
Swagger 2.0 support
Build
Visual Proxy Editor /
OOTB Config Policies
Performance/ Monitoring
Logging &
Auditing
Developer/
Business Metrics
Usage
Analytics
API Testing/
Diagnostics
Platform APIs
Microgateway/
Hybrid
Bot
Detection
API Products
Monetization
Caching &
Quota Policies
Transformation/
Aggregation
API BaaS
PCI / HIPAA
Compliance
IoT
Intelligent Platform
Analyze
9. ©2015 Apigee Corp. All Rights Reserved.
Edge Microgateway
9
Deploy lean API runtime infrastructure in your application
environment, while deriving all the benefits of Apigee API
management in the Cloud
➢ Reduce latency of API traffic for close proximity services
➢ Keep API traffic within the enterprise approved boundaries
for security or compliance purposes where required
➢ Can be used for internal and external API traffic
Objective
Use Cases
Enterprise Private Cloud
Apigee Edge
Analytics
Developer Services
Management UI
API Build Services
Edge MG
Core Services
Built for Growth
10. ©2015 Apigee Corp. All Rights Reserved.
Edge Microgateway deployment
10
Enterprise Private Cloud
Apigee Edge
Analytics
Developer Services
Management UI
API Build Services
Edge MG
1
Define your proxies, OAuth and quota
policies on the Edge Cloud
2
Configure your Edge MG to
communicate with Edge Cloud
3
Edge MG downloads list of proxies and
configurations
4
All runtime traffic hits the Edge MG;
authentication, traffic management and
policy enforcement is implemented
5
Analytics data is pushed to the Apigee
Cloud in batch
Built for Growth
11. ©2015 Apigee Corp. All Rights Reserved.
Microgateway: alternative or extension
• Microgateway is an extension to Edge {Public | Private} Cloud
• Microgateway requires Edge {Public | Private} Cloud
11
12. ©2015 Apigee Corp. All Rights Reserved.
Microgateway: Where can it run?
Anywhere Node.js runs!
12
13. ©2015 Apigee Corp. All Rights Reserved.
Microgateway: Features
• Analytics
• Spike Arrest
• Quota
• Security
– OAuth 2
– API Key
– JWT
– Custom
• Custom Plugins
– Write your own plugin to hook into both request and response flow in Node.js
– Good examples out of box
– Very powerful : With great power comes great responsibility
13
15. ©2015 Apigee Corp. All Rights Reserved.
Microgateway: bootstrap process
• Verifies
– Can download public key for JWT
– Can download list of edgemicro_ enabled proxies
– Can download list of API Products and their attributes
15
16. ©2015 Apigee Corp. All Rights Reserved.
Microgateway analytics
• AX data gets sent to Edge asynchronously in batch
• If for whatever reason AX data is not sent and batch size is already
reached, data is dropped to favor smooth running of runtime traffic.
• AX data gets sent regardless of target API availability.
16
17. ©2015 Apigee Corp. All Rights Reserved.
Microgateway spike arrest
• Not configured on Edge
• Enforced 100% and in memory
• Has no dependency on Edge
17
18. ©2015 Apigee Corp. All Rights Reserved.
Microgateway quota
• Asynchronous update with Edge to update Quota
• It’s an approximate quota
18
19. ©2015 Apigee Corp. All Rights Reserved.
Microgateway: OAuth
• Special Auth app deployed to your org transforms an OAuth 2.0 token
to JWT.
• JWT is signed and self validating
• When API call is made using a JWT, Edge Microgateway has enough
information to authenticate the API call without communicating to Edge.
19
20. ©2015 Apigee Corp. All Rights Reserved.
Microgateway API key
• When API call is made using an API Key, Edge Microgateway gets the
key validity and attributes from Edge, caches it for configurable amount
of time.
20
22. ©2015 Apigee Corp. All Rights Reserved.
Microgateway: the life of an API call
• Get a JWT token or API Key to make API call to Edge Micro.
• If using JWT, it is self validating so check its validity. If using API Key, it’s not already in
cache, get attributes from Edge, validate it and cache it.
• Given basePath, find which edgemicro proxy, P, it relates to
• Verify that token has P approved with one of products
• If quota is enabled, check for quota
• If authorized and under quota, get target API details and forward request to target
• If not authorized, return 403
• In background, send AX and update quota data to Edge
22
23. ©2015 Apigee Corp. All Rights Reserved.
So what’s next?
Get sofware and docs from:
http://apigee.com/docs/microgateway/content/edge-microgateway-home
24. ©2015 Apigee Corp. All Rights Reserved.
Questions?
Apigee
@apigee
• https://community.apigee.com/spaces/71/index.html
Prabhat Jha
@prabhatjha
#apigee