Welcome!

Microservices Expo Authors: Lori MacVittie, Elizabeth White, Liz McMillan, Christopher Keene, Greg O'Connor

Blog Feed Post

API Management; doing APIs now or doing them right?

Submarine surfacng

Old school surfacing

Intel has recently been gaining some chops in API Management. Expressway API Manager has been out a while now and we acquired Mashery and Aepona this year. Mashery you will (or should) know but Aepona, you may not have heard of. They’re likely behind many of the telco or utility services you use. They build and support the API platform need to run and charge for the business.

I’m between conferences at the moment. I gave several talks at Nordic APIs on API management and protection a few weeks ago and will be doing similar at Apps World next week. One concern that keeps being raised, particularly from developers with enterprises is that they have a wealth of internal services, data sources and ideas to make money from exposing data but no convenient way to expose them as a RESTful service that’s likely to be used by either partners or public developers. As marketing or IT or whichever dept kicks off this idea to externalise data they hit the barrier of what legacy infrastructure they have compared to what they need.

API Management Iceberg, REST on the surface but who cares what lurks underneath.

Icebergs, REST on the surface but who cares what lurks underneath.

As I go around companies typically I will see that they have data accessible via SOA, messaging middleware or SQL, all with differing authentication and identity handling but which needs to be brought together to form a coherent API. This is where the concept of surfacing comes in.

sur·fac·ing [sur-fuh-sing] noun

1.the action or process of giving a finished surface to something.
2.the material with which something is surfaced.
3.the act or an instance of rising to the surface of a body of water.

Until recently surfacing may have meant two dodgy looking blokes on your doorstep saying they have a truck load of tarmac round they corner they could get on your driveway for a few quid. From the definition above, I’m referring to the first of course; “The process of giving a finished RESTful surface to your existing infrastrucure”. This process happens in an API gateway, usually in your DMZ, which supports data transform, protocol mediation and identity mediation. This is so that any number of systems under the surface present a uniform set of interactions above the surface. In other words, API Management.

Err, ignore your API initiative boat sailing onto the spiky bit of the iceberg.

Err, ignore your API initiative boat sailing onto the spiky bit of the iceberg.

Surfacing with a gateway then becomes a method by which you scale out both the number of APIs and the messaging throughput. Your gateway should talk to the portal which advertises and defines your API, allowing you to grow, monitor and charge for more usage. It also becomes the focus for new backend integrations required for new APIs. What you should be looking to do is eliminate having a spaghetti of code and custom adaptors built out of Apache Camel or your ESB of choice.

You can liken it to an iceberg, there’s a lot lurking underneath that’s brought together at request time but all the developer sees or the app user sees are the nice white peaks of RESTful APIs and functional, fast apps which are quick on the market. Don’t carry the metaphor too far, icebergs have some down sides so don’t watch this video…

You’ll remember my title, “Doing APIs now or doing them right”. Is there some magic architecture to marry up the services you have with the way they should be? Probably not. I was kidding though. Doing APIs now is right. There is an opportunity cost involved in delaying what you want to do because your competitors are already pressing ahead. You may encounter people in the organisation who have sunk cost into a half complete SOA architecture or whatever you have. Rolling up your collective sleeves and getting involved in changing the whole IT architecture is like the tail wagging the dog for just standing up some APIs for your first few projects. An API gateway gives you the freedom and versatility to bypass architectural difficulties and get to market quickly for once.

To learn more about API management you can visit Intel’s resources and we can also provide some free advice to kick start your API project through talking to Kin Lane {“logo”:”API Evangelist”}.

The post API Management; doing APIs now or doing them right? appeared first on Application Security.

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

@MicroservicesExpo Stories
Sharding has become a popular means of achieving scalability in application architectures in which read/write data separation is not only possible, but desirable to achieve new heights of concurrency. The premise is that by splitting up read and write duties, it is possible to get better overall performance at the cost of a slight delay in consistency. That is, it takes a bit of time to replicate changes initiated by a "write" to the read-only master database. It's eventually consistent, and it'...
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
With so much going on in this space you could be forgiven for thinking you were always working with yesterday’s technologies. So much change, so quickly. What do you do if you have to build a solution from the ground up that is expected to live in the field for at least 5-10 years? This is the challenge we faced when we looked to refresh our existing 10-year-old custom hardware stack to measure the fullness of trash cans and compactors.
The emerging Internet of Everything creates tremendous new opportunities for customer engagement and business model innovation. However, enterprises must overcome a number of critical challenges to bring these new solutions to market. In his session at @ThingsExpo, Michael Martin, CTO/CIO at nfrastructure, outlined these key challenges and recommended approaches for overcoming them to achieve speed and agility in the design, development and implementation of Internet of Everything solutions wi...
Thomas Bitman of Gartner wrote a blog post last year about why OpenStack projects fail. In that article, he outlined three particular metrics which together cause 60% of OpenStack projects to fall short of expectations: Wrong people (31% of failures): a successful cloud needs commitment both from the operations team as well as from "anchor" tenants. Wrong processes (19% of failures): a successful cloud automates across silos in the software development lifecycle, not just within silos.
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
It's been a busy time for tech's ongoing infatuation with containers. Amazon just announced EC2 Container Registry to simply container management. The new Azure container service taps into Microsoft's partnership with Docker and Mesosphere. You know when there's a standard for containers on the table there's money on the table, too. Everyone is talking containers because they reduce a ton of development-related challenges and make it much easier to move across production and testing environm...
There's a lot of things we do to improve the performance of web and mobile applications. We use caching. We use compression. We offload security (SSL and TLS) to a proxy with greater compute capacity. We apply image optimization and minification to content. We do all that because performance is king. Failure to perform can be, for many businesses, equivalent to an outage with increased abandonment rates and angry customers taking to the Internet to express their extreme displeasure.
Monitoring of Docker environments is challenging. Why? Because each container typically runs a single process, has its own environment, utilizes virtual networks, or has various methods of managing storage. Traditional monitoring solutions take metrics from each server and applications they run. These servers and applications running on them are typically very static, with very long uptimes. Docker deployments are different: a set of containers may run many applications, all sharing the resource...
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
To leverage Continuous Delivery, enterprises must consider impacts that span functional silos, as well as applications that touch older, slower moving components. Managing the many dependencies can cause slowdowns. See how to achieve continuous delivery in the enterprise.
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...

Modern organizations face great challenges as they embrace innovation and integrate new tools and services. They begin to mature and move away from the complacency of maintaining traditional technologies and systems that only solve individual, siloed problems and work “well enough.” In order to build...

The post Gearing up for Digital Transformation appeared first on Aug. 27, 2016 02:45 PM EDT  Reads: 1,536

Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
Cloud Expo 2016 New York at the Javits Center New York was characterized by increased attendance and a new focus on operations. These were both encouraging signs for all involved in Cloud Computing and all that it touches. As Conference Chair, I work with the Cloud Expo team to structure three keynotes, numerous general sessions, and more than 150 breakout sessions along 10 tracks. Our job is to balance the state of enterprise IT today with the trends that will be commonplace tomorrow. Mobile...
SYS-CON Events announced today that eCube Systems, a leading provider of middleware modernization, integration, and management solutions, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. eCube Systems offers a family of middleware evolution products and services that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
The following fictional case study is a composite of actual horror stories I’ve heard over the years. Unfortunately, this scenario often occurs when in-house integration teams take on the complexities of DevOps and ALM integration with an enterprise service bus (ESB) or custom integration. It is written from the perspective of an enterprise architect tasked with leading an organization’s effort to adopt Agile to become more competitive. The company has turned to Scaled Agile Framework (SAFe) as ...
If you are within a stones throw of the DevOps marketplace you have undoubtably noticed the growing trend in Microservices. Whether you have been staying up to date with the latest articles and blogs or you just read the definition for the first time, these 5 Microservices Resources You Need In Your Life will guide you through the ins and outs of Microservices in today’s world.