Welcome!

Microservices Expo Authors: Elizabeth White, Pat Romanski, Liz McMillan, Carmen Gonzalez, Cloud Best Practices Network

Blog Feed Post

API Management; doing APIs now or doing them right?

Submarine surfacng

Old school surfacing

Intel has recently been gaining some chops in API Management. Expressway API Manager has been out a while now and we acquired Mashery and Aepona this year. Mashery you will (or should) know but Aepona, you may not have heard of. They’re likely behind many of the telco or utility services you use. They build and support the API platform need to run and charge for the business.

I’m between conferences at the moment. I gave several talks at Nordic APIs on API management and protection a few weeks ago and will be doing similar at Apps World next week. One concern that keeps being raised, particularly from developers with enterprises is that they have a wealth of internal services, data sources and ideas to make money from exposing data but no convenient way to expose them as a RESTful service that’s likely to be used by either partners or public developers. As marketing or IT or whichever dept kicks off this idea to externalise data they hit the barrier of what legacy infrastructure they have compared to what they need.

API Management Iceberg, REST on the surface but who cares what lurks underneath.

Icebergs, REST on the surface but who cares what lurks underneath.

As I go around companies typically I will see that they have data accessible via SOA, messaging middleware or SQL, all with differing authentication and identity handling but which needs to be brought together to form a coherent API. This is where the concept of surfacing comes in.

sur·fac·ing [sur-fuh-sing] noun

1.the action or process of giving a finished surface to something.
2.the material with which something is surfaced.
3.the act or an instance of rising to the surface of a body of water.

Until recently surfacing may have meant two dodgy looking blokes on your doorstep saying they have a truck load of tarmac round they corner they could get on your driveway for a few quid. From the definition above, I’m referring to the first of course; “The process of giving a finished RESTful surface to your existing infrastrucure”. This process happens in an API gateway, usually in your DMZ, which supports data transform, protocol mediation and identity mediation. This is so that any number of systems under the surface present a uniform set of interactions above the surface. In other words, API Management.

Err, ignore your API initiative boat sailing onto the spiky bit of the iceberg.

Err, ignore your API initiative boat sailing onto the spiky bit of the iceberg.

Surfacing with a gateway then becomes a method by which you scale out both the number of APIs and the messaging throughput. Your gateway should talk to the portal which advertises and defines your API, allowing you to grow, monitor and charge for more usage. It also becomes the focus for new backend integrations required for new APIs. What you should be looking to do is eliminate having a spaghetti of code and custom adaptors built out of Apache Camel or your ESB of choice.

You can liken it to an iceberg, there’s a lot lurking underneath that’s brought together at request time but all the developer sees or the app user sees are the nice white peaks of RESTful APIs and functional, fast apps which are quick on the market. Don’t carry the metaphor too far, icebergs have some down sides so don’t watch this video…

You’ll remember my title, “Doing APIs now or doing them right”. Is there some magic architecture to marry up the services you have with the way they should be? Probably not. I was kidding though. Doing APIs now is right. There is an opportunity cost involved in delaying what you want to do because your competitors are already pressing ahead. You may encounter people in the organisation who have sunk cost into a half complete SOA architecture or whatever you have. Rolling up your collective sleeves and getting involved in changing the whole IT architecture is like the tail wagging the dog for just standing up some APIs for your first few projects. An API gateway gives you the freedom and versatility to bypass architectural difficulties and get to market quickly for once.

To learn more about API management you can visit Intel’s resources and we can also provide some free advice to kick start your API project through talking to Kin Lane {“logo”:”API Evangelist”}.

The post API Management; doing APIs now or doing them right? appeared first on Application Security.

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

@MicroservicesExpo Stories
"We're bringing out a new application monitoring system to the DevOps space. It manages large enterprise applications that are distributed throughout a node in many enterprises and we manage them as one collective," explained Kevin Barnes, President of eCube Systems, in this SYS-CON.tv interview at DevOps at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
@DevOpsSummit at Cloud taking place June 6-8, 2017, at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long developm...
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at Logz.io, will explore the value of Kibana 4 for log analysis and will give a real live, hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He will examine three use cases: IT operations, business intelligence, and security and compliance. This is a hands-on session that will require participants to bring their own laptops, and we will provide the rest.
An overall theme of Cloud computing and the specific practices within it is fundamentally one of automation. The core value of technology is to continually automate low level procedures to free up people to work on more value add activities, ultimately leading to the utopian goal of full Autonomic Computing. For example a great way to define your plan for DevOps tool chain adoption is through this lens. In this TechTarget article they outline a simple maturity model for planning this.
As the race for the presidency heats up, IT leaders would do well to recall the famous catchphrase from Bill Clinton’s successful 1992 campaign against George H. W. Bush: “It’s the economy, stupid.” That catchphrase is important, because IT economics are important. Especially when it comes to cloud. Application performance management (APM) for the cloud may turn out to be as much about those economics as it is about customer experience.
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
SYS-CON Events announced today that Dataloop.IO, an innovator in cloud IT-monitoring whose products help organizations save time and money, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Dataloop.IO is an emerging software company on the cutting edge of major IT-infrastructure trends including cloud computing and microservices. The company, founded in the UK but now based in San Fran...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 7-9, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and E...
Thanks to Docker, it becomes very easy to leverage containers to build, ship, and run any Linux application on any kind of infrastructure. Docker is particularly helpful for microservice architectures because their successful implementation relies on a fast, efficient deployment mechanism – which is precisely one of the features of Docker. Microservice architectures are therefore becoming more popular, and are increasingly seen as an interesting option even for smaller projects, instead of being...
Hardware virtualization and cloud computing allowed us to increase resource utilization and increase our flexibility to respond to business demand. Docker Containers are the next quantum leap - Are they?! Databases always represented an additional set of challenges unique to running workloads requiring a maximum of I/O, network, CPU resources combined with data locality.
Internet of @ThingsExpo, taking place June 6-8, 2017 at the Javits Center in New York City, New York, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo New York Call for Papers is now open.
2016 has been an amazing year for Docker and the container industry. We had 3 major releases of Docker engine this year , and tremendous increase in usage. The community has been following along and contributing amazing Docker resources to help you learn and get hands-on experience. Here’s some of the top read and viewed content for the year. Of course releases are always really popular, particularly when they fit requests we had from the community.
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed ...
Here’s a novel, but controversial statement, “it’s time for the CEO, COO, CIO to start to take joint responsibility for application platform decisions.” For too many years now technical meritocracy has led the decision-making for the business with regard to platform selection. This includes, but is not limited to, servers, operating systems, virtualization, cloud and application platforms. In many of these cases the decision has not worked in favor of the business with regard to agility and cost...
Buzzword alert: Microservices and IoT at a DevOps conference? What could possibly go wrong? In this Power Panel at DevOps Summit, moderated by Jason Bloomberg, the leading expert on architecting agility for the enterprise and president of Intellyx, panelists peeled away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud enviro...
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and containers together help companies achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of Dev...