Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

[WSO2 Integration Summit Stuttgart 2019] Decentralizing APIs for Agile Businesses

52 Aufrufe

Veröffentlicht am

This deck covers moving into decentralizing APIs, WSO2 API Microgateway, moving into microservices architecture, and the solution to becoming agile.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

[WSO2 Integration Summit Stuttgart 2019] Decentralizing APIs for Agile Businesses

  1. 1. INTEGRATION SUMMIT 2019 Decentralizing APIs for Agile Businesses Pubudu Gunatilaka Associate Technical Lead - WSO2 Inc. INTEGRATION
  2. 2. INTEGRATION SUMMIT 2019 User Story Online Shopping Store Product API Order API Inventory API Payment API
  3. 3. INTEGRATION SUMMIT 2019 - High traffic - Self contained access tokens to secure the API - Dynamic routing for product discovery - Custom response caching requirements - API Shaping to minimize mobile bandwidth usage - Additional API gateway for internal users Product API GATEWAY
  4. 4. INTEGRATION SUMMIT 2019 - Medium traffic - Mutual TLS and OAuth 2.0 to secure the APIs - Custom response caching requirements - Different API mediations Order API Payment API GATEWAY
  5. 5. INTEGRATION SUMMIT 2019 - Low traffic - Basic Auth to secure the API - Private API - Different API mediations Inventory API GATEWAY
  6. 6. INTEGRATION SUMMIT 2019 Typical API Management Story
  7. 7. INTEGRATION SUMMIT 2019 TRAFFIC MANAGER API PUBLISHER DEVELOPER PORTAL KEY MANAGER GATEWAY API PROVIDERS API CONSUMERS API CONSUMERS Publish API Push to Store Publish throttling policies Update gateway Access token generation request Key Validation API Invocation SERVICE IMPL Subscribe to API
  8. 8. INTEGRATION SUMMIT 2019 Usage of APIs in API Gateway GATEWAY
  9. 9. INTEGRATION SUMMIT 2019 Some key concerns... - Different resource usages - Different Security enforcements - Dynamic routing - API mediation and transformation - API Shaping - Response Caching - Private vs Public APIs - API Gateway per department/unit
  10. 10. INTEGRATION SUMMIT 2019 Moving into Decentralizing APIs
  11. 11. INTEGRATION SUMMIT 2019 Addressing the concerns... GATEWAY GATEWAY GATEWAY
  12. 12. INTEGRATION SUMMIT 2019 Some Key Requirements for Decentralizing APIs - API Security - Rate limiting - API Discovery - Analytics & Traffic Monitoring - API Monetization - API Mediation
  13. 13. INTEGRATION SUMMIT 2019 WSO2 API Microgateway
  14. 14. INTEGRATION SUMMIT 2019 API Security ● Authentication ○ Security latency should be minimum ○ Security in locked down environments ○ Use of Self contained access tokens ● Authorization ○ Scope validation ○ API subscription validation ○ Other fine grained access controls
  15. 15. INTEGRATION SUMMIT 2019 Rate Limiting ● Throttling happens at ○ API level ○ Application level ○ Resource level ● Use of Traffic Manager
  16. 16. INTEGRATION SUMMIT 2019 WSO2 API Microgateway Developer first approach
  17. 17. INTEGRATION SUMMIT 2019 Developer first approach ● Skip API Publisher ● Skip Developer Portal ● Use of JWT to secure the API API MICROGATEWAY Swagger
  18. 18. INTEGRATION SUMMIT 2019 API Discovery ● API visibility in Developer Portal ○ Public ○ Restrict by role ● Publish API to developer portal from API Microgateway
  19. 19. INTEGRATION SUMMIT 2019 Analytics and Traffic Monitoring ● File based analytics data recording ● Upload data zip files to Analytics servers ● Summarize analytics data in Analytics servers
  20. 20. INTEGRATION SUMMIT 2019 API Monetization ● Usage based billing ○ Summarized analytics data can be used
  21. 21. INTEGRATION SUMMIT 2019 API Mediation ● Mediation at ○ API level ○ Resource level ● Mediation as function
  22. 22. INTEGRATION SUMMIT 2019 Deployment Patterns for Decentralized APIs
  23. 23. INTEGRATION SUMMIT 2019 Hybrid API Gateway Source: https://wso2.com/api-management/api-microgateway/
  24. 24. INTEGRATION SUMMIT 2019 Lockdown API Gateway Source: https://wso2.com/api-management/api-microgateway/
  25. 25. INTEGRATION SUMMIT 2019 Static API Gateway Source: https://wso2.com/api-management/api-microgateway/
  26. 26. INTEGRATION SUMMIT 2019 Moving to Microservice Architecture
  27. 27. INTEGRATION SUMMIT 2019 Source: https://www.bmc.com/blogs/microservices-architecture/
  28. 28. INTEGRATION SUMMIT 2019
  29. 29. INTEGRATION SUMMIT 2019 Challenges with Microservices - Secure communication between services - Analytics, tracing and monitoring - Disaggregation of architecture increases the number of endpoints - Communication among these endpoints will be a key challenge - Service discovery - Network resiliency - End to end authentication
  30. 30. INTEGRATION SUMMIT 2019 The Solution
  31. 31. INTEGRATION SUMMIT 2019 Service Mesh A service mesh is a dedicated infrastructure layer that controls service-to-service communication over a network. It provides a method in which separate parts of an application can communicate with each other. source:techtarget.com
  32. 32. INTEGRATION SUMMIT 2019 Service Mesh Source: https://www.nginx.com/blog/what-is-a-service-mesh/
  33. 33. INTEGRATION SUMMIT 2019 Istio Source: https://istio.io/docs/concepts/what-is-istio/#architecture
  34. 34. INTEGRATION SUMMIT 2019 When is API Management required in a Service Mesh - When users need to expose microservices to outside in a secured and a controlled manner - When fine grained security should be enforced on APIs exposed - When stats need to be collected on API usage for monetization and billing - When it is required to offer a marketplace for APIs for easy discovery and adoption
  35. 35. INTEGRATION SUMMIT 2019 WSO2 API Management for Istio, Service Mesh Source: https://wso2.com/api-management/microservices/istio/
  36. 36. INTEGRATION SUMMIT 2019 THANK YOU wso2.com

×