Decentralizing APIs for Agile Businesses
•
1 gefällt mir•163 views
This deck covers moving into decentralizing APIs, WSO2 API Microgateway, moving into microservices architecture, and the solution to becoming agile.
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (19)
Ähnlich wie Decentralizing APIs for Agile Businesses
Ähnlich wie Decentralizing APIs for Agile Businesses (20)
Mehr von WSO2
Mehr von WSO2 (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Decentralizing APIs for Agile Businesses
- 1. INTEGRATION SUMMIT 2019 Decentralizing APIs for Agile Businesses Pubudu Gunatilaka Associate Technical Lead - WSO2 Inc. INTEGRATION
- 2. INTEGRATION SUMMIT 2019 User Story Online Shopping Store Product API Order API Inventory API Payment API
- 3. INTEGRATION SUMMIT 2019 - High traffic - Self contained access tokens to secure the API - Dynamic routing for product discovery - Custom response caching requirements - API Shaping to minimize mobile bandwidth usage - Additional API gateway for internal users Product API GATEWAY
- 4. INTEGRATION SUMMIT 2019 - Medium traffic - Mutual TLS and OAuth 2.0 to secure the APIs - Custom response caching requirements - Different API mediations Order API Payment API GATEWAY
- 5. INTEGRATION SUMMIT 2019 - Low traffic - Basic Auth to secure the API - Private API - Different API mediations Inventory API GATEWAY
- 6. INTEGRATION SUMMIT 2019 Typical API Management Story
- 7. INTEGRATION SUMMIT 2019 TRAFFIC MANAGER API PUBLISHER DEVELOPER PORTAL KEY MANAGER GATEWAY API PROVIDERS API CONSUMERS API CONSUMERS Publish API Push to Store Publish throttling policies Update gateway Access token generation request Key Validation API Invocation SERVICE IMPL Subscribe to API
- 8. INTEGRATION SUMMIT 2019 Usage of APIs in API Gateway GATEWAY
- 9. INTEGRATION SUMMIT 2019 Some key concerns... - Different resource usages - Different Security enforcements - Dynamic routing - API mediation and transformation - API Shaping - Response Caching - Private vs Public APIs - API Gateway per department/unit
- 10. INTEGRATION SUMMIT 2019 Moving into Decentralizing APIs
- 11. INTEGRATION SUMMIT 2019 Addressing the concerns... GATEWAY GATEWAY GATEWAY
- 12. INTEGRATION SUMMIT 2019 Some Key Requirements for Decentralizing APIs - API Security - Rate limiting - API Discovery - Analytics & Traffic Monitoring - API Monetization - API Mediation
- 13. INTEGRATION SUMMIT 2019 WSO2 API Microgateway
- 14. INTEGRATION SUMMIT 2019 API Security ● Authentication ○ Security latency should be minimum ○ Security in locked down environments ○ Use of Self contained access tokens ● Authorization ○ Scope validation ○ API subscription validation ○ Other fine grained access controls
- 15. INTEGRATION SUMMIT 2019 Rate Limiting ● Throttling happens at ○ API level ○ Application level ○ Resource level ● Use of Traffic Manager
- 16. INTEGRATION SUMMIT 2019 WSO2 API Microgateway Developer first approach
- 17. INTEGRATION SUMMIT 2019 Developer first approach ● Skip API Publisher ● Skip Developer Portal ● Use of JWT to secure the API API MICROGATEWAY Swagger
- 18. INTEGRATION SUMMIT 2019 API Discovery ● API visibility in Developer Portal ○ Public ○ Restrict by role ● Publish API to developer portal from API Microgateway
- 19. INTEGRATION SUMMIT 2019 Analytics and Traffic Monitoring ● File based analytics data recording ● Upload data zip files to Analytics servers ● Summarize analytics data in Analytics servers
- 20. INTEGRATION SUMMIT 2019 API Monetization ● Usage based billing ○ Summarized analytics data can be used
- 21. INTEGRATION SUMMIT 2019 API Mediation ● Mediation at ○ API level ○ Resource level ● Mediation as function
- 22. INTEGRATION SUMMIT 2019 Deployment Patterns for Decentralized APIs
- 23. INTEGRATION SUMMIT 2019 Hybrid API Gateway Source: https://wso2.com/api-management/api-microgateway/
- 24. INTEGRATION SUMMIT 2019 Lockdown API Gateway Source: https://wso2.com/api-management/api-microgateway/
- 25. INTEGRATION SUMMIT 2019 Static API Gateway Source: https://wso2.com/api-management/api-microgateway/
- 26. INTEGRATION SUMMIT 2019 Moving to Microservice Architecture
- 27. INTEGRATION SUMMIT 2019 Source: https://www.bmc.com/blogs/microservices-architecture/
- 29. INTEGRATION SUMMIT 2019 Challenges with Microservices - Secure communication between services - Analytics, tracing and monitoring - Disaggregation of architecture increases the number of endpoints - Communication among these endpoints will be a key challenge - Service discovery - Network resiliency - End to end authentication
- 30. INTEGRATION SUMMIT 2019 The Solution
- 31. INTEGRATION SUMMIT 2019 Service Mesh A service mesh is a dedicated infrastructure layer that controls service-to-service communication over a network. It provides a method in which separate parts of an application can communicate with each other. source:techtarget.com
- 32. INTEGRATION SUMMIT 2019 Service Mesh Source: https://www.nginx.com/blog/what-is-a-service-mesh/
- 33. INTEGRATION SUMMIT 2019 Istio Source: https://istio.io/docs/concepts/what-is-istio/#architecture
- 34. INTEGRATION SUMMIT 2019 When is API Management required in a Service Mesh - When users need to expose microservices to outside in a secured and a controlled manner - When fine grained security should be enforced on APIs exposed - When stats need to be collected on API usage for monetization and billing - When it is required to offer a marketplace for APIs for easy discovery and adoption
- 35. INTEGRATION SUMMIT 2019 WSO2 API Management for Istio, Service Mesh Source: https://wso2.com/api-management/microservices/istio/
- 36. INTEGRATION SUMMIT 2019 THANK YOU wso2.com