Cloud native application architectures focus on building applications as microservices and running them on containers that run on dynamic orchestration platforms and utilize cloud computing functionalities. Agile DevOps and continuous delivery pipelines ensure agility and speed of application development and faster time to market. These systems follow a number of design principles to ensure they are built as loosely coupled services designed for cloud scale and performance.
A core design principle is the use of APIs for application integration. Underlying cloud orchestration layers provide certain functionalities for integration via APIs - be it RESTful or internal formats such as Protbuf, Thrift, gRPC, NATS, etc. APIs thus play an important role for both internal services communications as well as integration between composite apps. A cloud-native API gateway that also provides features of a full lifecycle API Management is key.
In this deep dive workshop, we look at the concepts of cloud-native app integration via APIs which utilize cloud-native API management. We focus on the architecture, design concepts followed by the implementation of API led microservices and then look at the runtime component which includes DevOps, CICD and hybrid clouds.
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽❤️🧑🏻 89...
Cloud Native Application Integration With APIs
1. Cloud Native Application Integration
with APIs
Nirmal Fernando - Senior Lead Solutions Engineer
Glennon Dyess - Director Solution Architecture
New Jersey June, 2019
2. Evolution of Applications
Disaggregated architectures drive 50 billion endpoints to grow >1 trillion
CONSUMER DEMAND
SUPPLIERS DISAGGREGATE ARCHITECTURE TO MEET DEMAND
1
10
102
103
105
109
MONOLITHIC
BUSINESS APP
ENTERPRISE
APPS
DEPARTME
NTAL APPS
SAAS APPS
PUBLIC /
PRIVATE APIS
1970s
|
MAINFRAME
1980s
|
IT
AWAKENING
1990s
|
INTERNET
2000s
|
MOBILE
2010s
|
IoT/AI
2020+
|
DIGITAL NATIVE
SERVERLESS &
MICROSERVICES
3. 3
● Improve customer experience
● Speed up release cycle time
● Increase automation of SDLC tasks
● Increase innovation
● Availability and scalability of systems
Need
6. 6
● Packaged as lightweight containers
● Developed with best-of-breed languages and frameworks
● Designed as loosely coupled microservices
● Centered around APIs for interaction and collaboration
● Deployed on self-service, elastic cloud infrastructure
● Managed through agile devops processes
● Defined, policy-driven resource allocation
Cloud Native Applications
https://thenewstack.io/10-key-attributes-of-cloud-native-applications/
7. 7
● DevOps - challenges to the current status quo
● Transitioning from legacy tech
● Operational concerns - observability, monitoring
Challenges
8. 8
● Embrace DevOps within your Org
● Identify a good candidate application or service
● Select a conducive development toolchain
● Build containers and automate deployment
● Ship, iterate and learn
● Share knowledge, best practices with other
teams.
Getting Started Recommendations
12. Ballerina is a compiled, type safe,
concurrent programming language.
13. // Spring Integration - NOT INTEGRATION SIMPLE
@Component
public class PersonEndpoint {
@Autowired private PersonService service;
public Message<?> get(Message<String> msg) {
return MessageBuilder.fromMessage(msg)
.copyHeadersIfAbsent(msg.getHeaders())
.setHeader(STATUSCODE_HEADER,
HttpStatus.NOT_FOUND)
.build();
}
// + 20 more lines of Java
// + XML config for routing and mediation logic
<beans:beans>
<channel id="inputChannel"/>
<channel id="outputChannel">
<queue capacity="10"/>
</channel>
<service-activator input-channel="inputChannel"
output-channel="outputChannel"
ref="helloService"
method="sayHello"/>
<beans:bean id="helloService" class="samples.PersonEndpoint"/>
</beans:beans>
// + 6 other Java source files
// + XML maven or gradle configuration
// + SpringBoot + CloudFoundry for Kubernetes
// + Netflix for API Gateway
// + Hystrix for Circuit Breaker
Microservices frameworks, such as Spring,
abstract, but do not simplify integration
programming. Spring uses ESBs for integration
logic imposing non-agile developer workflow.
XML Code AdaptersESB
Not
Agile
+ + + =
14. Sequence Diagrams Syntax and effective coding model forces developers into best
practices for interaction semantics with programs displayed as a
sequence diagram of its flow.
Network Type System Structural types with primitive, record, object, tuple and union types with
heterogeneous data handling and explicit nulls.
Worker Concurrency Parallel-first concurrency model with lightweight workers that
communicate with message passing and non-blocking policies.
Shared Package &
Cloud-Aware Build
Native module versioning, dependency management, and centralized
registry with target-aware build for cloud-native environments.
Ballerina design principles for integration
32. WSO2 API Manager
Design, create, publish and manage APIs to
unlock the true value of your digital assets
33. 33
● Currently at version 2.6.0 with over 6 years of engineering improvements
across 15 stable releases
● Geo distributed and clustered deployments
○ In production at StubHub / Verizon / Motorola / BYU / BNY
● Same code base at WSO2 API Cloud running with four 9s uptime
● One major and 3 minor releases per year
● Automated deployment with puppet
● Containerized with Docker
Battle hardened
34. 34
Cloud First or Start On-Prem
● Multi-tenanted, shared
everything
● WSO2 Hosted and managed
● Pay as you go
● Multi-region availability
● Hybrid API Management
● VPN tunnel to private DC
● Guaranteed uptime
● Limited options in customizing
● Privately hosted
● WSO2 managed
● Upgrades, patches installation
● Guaranteed uptime
● Full flexibility in customization
● Better control
● Self hosted
● Self managed
● Full flexibility
● Dev-ops learning curve
● Self managed upgrades
http://wso2.com/api-management/cloud/
https://docs.wso2.com/display/ManagedCl
oud/WSO2+Managed+Cloud+Documenta
tion
37. 37
● Start with an existing endpoint/contract or design and prototype a new API
● Exposing SOAP services (convert to REST or as a passthrough)
● Exposing streaming APIs (Websocket endpoints)
Creating APIs
38. 38
● API Design - Over the wizard & with swagger
Creating APIs
42. 42
● Tier based simple model
○ Application developer selects the tier at app registration
○ Each tier is tied to a policy that describe the quota
○ Tiers can be applied at the application, API or at the API resource level
● Advance rule based models
○ Policies containing IP conditions, message attribute based conditions,
transport header based conditions
○ Complex real time pattern based conditions
Traffic Management
43. 43
● Manage stages of an API
● Manage associated states
● Create a new version from an
existing
● Audit changes to lifecycle states
● Support for custom lifecycles
API Lifecycle Management
45. 45
● Searchable (with context) - by name, tag,
description, author etc.
● Social features: tagging, commenting, rating
● Minimalistic forum
● Themeable: change color, logo, view
● Configure alerts for application developers
● Application based API analytics
● OAuth2 application management
● API Monetization
The Developer Portal
46. 46
API Marketplace
● An API Marketplace goes above
and beyond the API Developer
Portal and connects API
Producers and API Consumers via
Activities and Technology
● Activities and Evangelism such as
Hackathons (Hackathon-in-a-box)
promote creation and reuse of
APIs
48. 48
● Analytics dashboard on API stats
○ API Usage / Response times
/ Backend latency /
Geo-location etc
● Stats on Applications for
application owners (subscribers)
● Stats on subscriptions
API Analytics: Batch
49. 49
● Leverages real-time analytics streaming engine
● Used for various alerting use-cases
○ Fraudulent access token usage
○ Keeping API developers alerted on backend performance issues
○ Alerting on SLA violations
○ Alerting on tier crossing for subscriptions
● Detect trends
● Detect API call sequences that needs to be blocked
● Detect non-usage scenarios
API Analytics: Realtime
50. The API Manager Runtime
Processing Flow and Extensibility
50
57. Characteristics of a Microservices Architecture
● Componentization
● Organization around business capability
● Single Responsibility
● Smart Endpoints Dumb Pipes
● Mandatory CI/CD
59. Microgateways
● Optimizing per client type
Products
Orders
MobileWebPublic
The same API
(REST Interface)
defined on the
API Manager is
exposed via 3
types of
Gateways. Each
optimized for the
client type it
serves.
60. Introducing the WSO2 API Microgateway
● Designed to scale
○ Self validating tokens
○ Localized rate limiting
○ Offline analytics
○ Immutable
● Native support for Docker/K8S
● Private Jet Gateway for microservices
● First class support for lifecycle management across
environments
61. Why Use the WSO2 Microgateway?
● A specialized API gateway for microservice architectures
● Small distribution size (40 mb)
● Low resource consumption (< 256 mb)
● Fast boot up (< 1 sec)
● Cloud native - easy to deploy and manage on container orchestration
systems
● Immutable - Making it more robust and unaffected by environment
changes
● Automatable deployments for better CI/CD
● Distributed gateway architectures for centralized API management
●
63. Microgateway - Localized Rate Limiting
Rate limiting policies are burnt into the microgateway
runtime
Microgateway
Products Orders
Apply 1000
req/min on
Products
microservice
Apply 500
req/min on
Orders
microservice
64. Microgateway - Offline Analytics
Microgateway
Microgateway
Accumulate data in files
and upload offline
65. Microgateway - Native Support for Docker/K8S
Microgateway Toolkit
Request
API
Definitions
Download
API
Definitions
(JSON)
Microgateway VM
Microgateway
Docker
Microgateway K8S
Provide relevant arguments in
build phase for desired output
66. Microgateway - Cross Environment Lifecycle Mgt
Microgateway VM
Microgateway
Microgateway
Staging
Dev
Products
Products
gateway -e
ProductsAPI.v1.prod.endpoint.0="http://dev.apis.wso2.com/products"
69. ● Get advantages of both on-premise and cloud deployment
models
● Deploy selected components in a regional or on-premise data
center
● Most of the time these regional, on-premise deployment will
have only the gateway runtime
Hybrid API Management
76. ● Regional, on-premise deployment contains just a gateway
runtime
● To deploy gateways in regional or on-prem deployments
○ Small startup time
○ Less resource consumption
○ Easy to configure and manage
○ DevOps friendly
○ Ability to run in a lockdown environment
● Microgateway addresses most of these requirements
Role of Microgateway in Hybrid API Management
77. ● Scale API gateway runtime within highly decentralized
environments, including microservices architectures
● Easily deployable and configurable by developers at design time
and integrates with DevOps toolchains for scripted production
deployments
● Locked down environments need to have microservice as it
cannot communicate with API Manager
Role of Microgateway in Hybrid API Management
79. The WSO2 Subscription & Support
Get the most from your WSO2 product with enterprise-grade services:
Open
source
technology
WSO2
Subscription
Options:
- WSO2 managed cloud
- Consulting services
- Managed services
WSO2 Subscription Highlights
Product
maintenance
WSO2 Update: Continuous access to product update binaries, bug fixes, security
updates, and performance enhancements, for up to 10 years post version release
Enhanced
security
Private security bulletins and early access to security updates
(Aggressively uncovered by constant monitoring of hundreds of projects,
collecting third-party security reports, and automated code-scanning tools)
Incident
response
WSO2 Support offers 24x7 expert support with aggressive response and
resolution times, with option for a dedicated WSO2 Technical Account Manager
Developer
productivity
Query support to keep development moving forward
Operational
simplicity
Outsource operations to WSO2 with public or private WSO2 Managed Cloud
hosting
Skills WSO2 Consulting services to nurture skills or fill skills gaps
84. Service Mesh
A service mesh is a dedicated infrastructure layer that
controls service-to-service communication over a network.
It provides a method in which separate parts of an
application can communicate with each other.
source:techtarget.com
85. Istio is an open source service mesh implementation which
provides behavioral insights and operational control over
the service mesh as a whole, offering a complete solution
to satisfy the diverse requirements of microservice
applications.
Istio
86. Istio Component Overview
• Pilot is responsible for configuring the data plane, defining basic
proxy behaviour, providing service discovery for the Envoy
sidecars, traffic management capabilities for intelligent routing, and
resiliency.
• Mixer can respond to various queries from the data plane such as
authorization, access control or quota checks, and collects
telemetry data from the Envoy proxy and other services.
• Citadel enables strong service-to-service and end-user
authentication with built-in identity and credential management.
Allows you to build zero-trust environments.
88. • When users need to expose microservices services to
outside in a secured and a controlled manner.
• When fine grained security should be enforced on APIs
exposed.
• When stats need to be collected on API usage for
monetization and billing.
• When it is required to offer a marketplace for APIs for
easy discovery and adoption.
When is API Management required in a Service Mesh
89. Istio + WSO2 API Manager
Istio Architecture (source — https://istio.io/docs/concepts/what-is-istio/)
WSO2 Mixer Adaptor
Separately Hosted WSO2 API Manager