Welcome!

Microservices Expo Authors: Todd Matters, Elizabeth White, Amy Eager, Kevin Jackson, Liz McMillan

Blog Feed Post

API Management; doing APIs now or doing them right?

Submarine surfacng

Old school surfacing

Intel has recently been gaining some chops in API Management. Expressway API Manager has been out a while now and we acquired Mashery and Aepona this year. Mashery you will (or should) know but Aepona, you may not have heard of. They’re likely behind many of the telco or utility services you use. They build and support the API platform need to run and charge for the business.

I’m between conferences at the moment. I gave several talks at Nordic APIs on API management and protection a few weeks ago and will be doing similar at Apps World next week. One concern that keeps being raised, particularly from developers with enterprises is that they have a wealth of internal services, data sources and ideas to make money from exposing data but no convenient way to expose them as a RESTful service that’s likely to be used by either partners or public developers. As marketing or IT or whichever dept kicks off this idea to externalise data they hit the barrier of what legacy infrastructure they have compared to what they need.

API Management Iceberg, REST on the surface but who cares what lurks underneath.

Icebergs, REST on the surface but who cares what lurks underneath.

As I go around companies typically I will see that they have data accessible via SOA, messaging middleware or SQL, all with differing authentication and identity handling but which needs to be brought together to form a coherent API. This is where the concept of surfacing comes in.

sur·fac·ing [sur-fuh-sing] noun

1.the action or process of giving a finished surface to something.
2.the material with which something is surfaced.
3.the act or an instance of rising to the surface of a body of water.

Until recently surfacing may have meant two dodgy looking blokes on your doorstep saying they have a truck load of tarmac round they corner they could get on your driveway for a few quid. From the definition above, I’m referring to the first of course; “The process of giving a finished RESTful surface to your existing infrastrucure”. This process happens in an API gateway, usually in your DMZ, which supports data transform, protocol mediation and identity mediation. This is so that any number of systems under the surface present a uniform set of interactions above the surface. In other words, API Management.

Err, ignore your API initiative boat sailing onto the spiky bit of the iceberg.

Err, ignore your API initiative boat sailing onto the spiky bit of the iceberg.

Surfacing with a gateway then becomes a method by which you scale out both the number of APIs and the messaging throughput. Your gateway should talk to the portal which advertises and defines your API, allowing you to grow, monitor and charge for more usage. It also becomes the focus for new backend integrations required for new APIs. What you should be looking to do is eliminate having a spaghetti of code and custom adaptors built out of Apache Camel or your ESB of choice.

You can liken it to an iceberg, there’s a lot lurking underneath that’s brought together at request time but all the developer sees or the app user sees are the nice white peaks of RESTful APIs and functional, fast apps which are quick on the market. Don’t carry the metaphor too far, icebergs have some down sides so don’t watch this video…

You’ll remember my title, “Doing APIs now or doing them right”. Is there some magic architecture to marry up the services you have with the way they should be? Probably not. I was kidding though. Doing APIs now is right. There is an opportunity cost involved in delaying what you want to do because your competitors are already pressing ahead. You may encounter people in the organisation who have sunk cost into a half complete SOA architecture or whatever you have. Rolling up your collective sleeves and getting involved in changing the whole IT architecture is like the tail wagging the dog for just standing up some APIs for your first few projects. An API gateway gives you the freedom and versatility to bypass architectural difficulties and get to market quickly for once.

To learn more about API management you can visit Intel’s resources and we can also provide some free advice to kick start your API project through talking to Kin Lane {“logo”:”API Evangelist”}.

The post API Management; doing APIs now or doing them right? appeared first on Application Security.

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

@MicroservicesExpo Stories
For most organizations, the move to hybrid cloud is now a question of when, not if. Fully 82% of enterprises plan to have a hybrid cloud strategy this year, according to Infoholic Research. The worldwide hybrid cloud computing market is expected to grow about 34% annually over the next five years, reaching $241.13 billion by 2022. Companies are embracing hybrid cloud because of the many advantages it offers compared to relying on a single provider for all of their cloud needs. Hybrid offers bala...
Companies have always been concerned that traditional enterprise software is slow and complex to install, often disrupting critical and time-sensitive operations during roll-out. With the growing need to integrate new digital technologies into the enterprise to transform business processes, this concern has become even more pressing. A 2016 Panorama Consulting Solutions study revealed that enterprise resource planning (ERP) projects took an average of 21 months to install, with 57 percent of th...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...
"We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
There's a lot to gain from cloud computing, but success requires a thoughtful and enterprise focused approach. Cloud computing decouples data and information from the infrastructure on which it lies. A process that is a LOT more involved than dragging some folders from your desktop to a shared drive. Cloud computing as a mission transformation activity, not a technological one. As an organization moves from local information hosting to the cloud, one of the most important challenges is addressi...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
Microservices are increasingly used in the development world as developers work to create larger, more complex applications that are better developed and managed as a combination of smaller services that work cohesively together for larger, application-wide functionality. Tools such as Service Fabric are rising to meet the need to think about and build apps using a piece-by-piece methodology that is, frankly, less mind-boggling than considering the whole of the application at once. Today, we'll ...
Containers, microservices and DevOps are all the rage lately. You can read about how great they are and how they’ll change your life and the industry everywhere. So naturally when we started a new company and were deciding how to architect our app, we went with microservices, containers and DevOps. About now you’re expecting a story of how everything went so smoothly, we’re now pushing out code ten times a day, but the reality is quite different.
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business - from apparel to energy - is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability," said Aruna Ravichandran, vice president, DevOps product and solutions marketing...
In his session at Cloud Expo, Alan Winters, an entertainment executive/TV producer turned serial entrepreneur, presented a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to ma...
"When we talk about cloud without compromise what we're talking about is that when people think about 'I need the flexibility of the cloud' - it's the ability to create applications and run them in a cloud environment that's far more flexible,” explained Matthew Finnie, CTO of Interoute, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
A common misconception about the cloud is that one size fits all. Companies expecting to run all of their operations using one cloud solution or service must realize that doing so is akin to forcing the totality of their business functionality into a straightjacket. Unlocking the full potential of the cloud means embracing the multi-cloud future where businesses use their own cloud, and/or clouds from different vendors, to support separate functions or product groups. There is no single cloud so...
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
Hybrid IT is today’s reality, and while its implementation may seem daunting at times, more and more organizations are migrating to the cloud. In fact, according to SolarWinds 2017 IT Trends Index: Portrait of a Hybrid IT Organization 95 percent of organizations have migrated crucial applications to the cloud in the past year. As such, it’s in every IT professional’s best interest to know what to expect.
The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities. In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, posited that disruption is inevitable for comp...