zAPI Event Nov2016- API Connect - V1.0 - IBM ... empowers developers and supports single departmental/small

Embed Size (px)

Text of zAPI Event Nov2016- API Connect - V1.0 - IBM ... empowers developers and supports single...

  • Le Mainframe à l’heure de l’API Economy 17 novembre 2016|IBM Client Center, Bois Colombes

    Z

    Gouverner, Agréger, Sécuriser vos APIs

    Aymeric Affouard Digital Transformation Specialist

    aymeric.affouard@fr.ibm.com

  • API Economy Value Chain

    Existing Enterprise IT

    Investments

    Exposed

    as APIs

    Self Service Consumed by

    Developers

    To Develop Innovative Apps

    Delivering

    Differentiated B2C, B2B, B2E

    Experiences

    Consumer Provider

    { }

  • API Economy Actors

    API Developer

    • How do I create APIs? • How do I manage security? • How do I test my APIs?

    App Developer

    • Where do I access APIs? • How do I understand the APIs? • How do I measure success?

    API Product Manager

    • How can I rapidly release & update my APIs? • How do I publicize my API? • How do I measure success?

  • API Economy Value Chain

    Existing Enterprise IT

    Investments

    Exposed

    as APIs

    Self Service Consumed by

    Developers

    To Develop Innovative Apps

    Delivering

    Differentiated B2C, B2B, B2E

    Experiences

    Consumer Provider

    { }

    App Developer

    API Product Mgr

    API Developer

  • What is API Connect? An integrated creation, runtime, management, and security

    foundation for enterprise grade API’s and Microservices to

    power modern digital applications

    What does API Connect provide? • Automated, visual and coding options for creating APIs

    • Node.js and Java support for creating Microservices

    • Integrated enterprise grade clustering, management and security

    for Node.js and Java

    • Lifecycle and governance for APIs, Products and Plans

    • Access control over API’s, API Plans and API Products

    • Advanced API usage analytics

    • Customizable, self service developer portal for publishing APIs

    • Policy enforcement, security and control

    Create Run

    ManageSecure

    Simplified & Comprehensive API foundation

  • Consumer (Systems of Engagement)

    Secure API Policy Enforcement

    Enterprise Security Traffic control & mediation

    Workload optimization Monitoring/Analytics Collection

    Manage API Discovery

    API, Plan, Product, Policy Creation API, Plan, Product Version & Lifecycle

    Management Self-service App Developer Portal

    API Monitoring & Analytics

    Subscription & Community Management

    Create & Run (Node / Java)

    Develop & Compose Microservices

    Connect Microservices to data

    sources Build, deploy, scale

    Microservices Monitor & debug Microservices Unified Node & Java Runtime

    Mgmt

    z System / Legacy Apps

    Cloud Service

    Application Server

    ESB / Middleware

    Data Store

    Provider (Systems of Record)

    API Gateway

    A P

    IC m

    a n

    a g

    e d

    M ic

    ro s e rv

    ic e s T

    ra ff

    ic

    API Traffic

    Deployment Options:

    Bluemix Public, Bluemix Dedicated

    On Premise or Customer Cloud

    Where does API Connect fit?

    App Developer

  • • Authenticate App or User

    • Verify access rights

    • Enforce API security flow

    • Modify API interface

    API ManagerDeveloper Portal

    API Connect components

    API Gateway

    API Gateway

    • Create a user account

    • Browse the catalog of APIs

    • Test APIs

    • Subscribe to API plans

    • Rate/Comment on APIs

    • Define organizations

    • Create Assemble flow for existing APIs

    • Configure API Gateway

    • Manage Subscriptions

    • Monitor usage

    Security or

    Compute Policies

    zCEE APIs

    CICS

    App Developer

  • API Gateway Description Recommendation

    Micro Gateway Node.js in Liberty

    Collective

    Internal consumption of API

    Collocation with runtimes

    Inherit of platform cryptography

    accelerations

    IBM DataPower Gateway –

    Virtual Appliance

    Virtual image running

    on a hypervisor

    Enterprise API gateway

    IBM DataPower Gateway –

    Physical Appliance

    Physical box API for consumption by external (e.g.

    mobile, web, IoT, 3rd party) or

    business partner apps in the DMZ

    API Gateway choices

  • MicroGateway

    API Gateway Policies

    DataPower

  • API Connect Essentials (Free) Professional Enterprise

    Built For Developer Department;

    Single project

    Departments &

    Cross-enterprise

    Gateways included

    MicroGateway MicroGateway

    DataPower Virtual

    MicroGateway

    Upgrades available DataPower Virtual

    DataPower Physical

    DataPower Virtual

    DataPower Physical DataPower Physical

    • All editions of API Connect provide integration with DataPower as the API Gateway

    • API Connect Enterprise includes DataPower Gateway Virtual Edition to provide

    comprehensive API Gateway security, traffic management, mediation & optimization

    functionality for enterprise deployments

    • Is the upgrade path for existing IBM API Management v4 clients

    • API Connect Essentials and Professional are powered by a programmable MicroGateway that

    empowers developers and supports single departmental/small projects starting their API

    journey

    • Option to utilize DataPower Gateway to meet advanced, enterprise-grade API Gateway

    needs

    API Connect offerings

  • Services on IMS

    Systems of RecordSystems of Engagement

    Management +

    Runtime gateway enforcement

    • Discover z/OS Connect REST APIs • Secure access to z/OS Connect REST APIs • Provide self-service & social experience to API consumers on a built-in developer portal • Enforce runtime rate limits, and throttle impact to z/OS systems • Manage API subscribers with API lifecycle & Analyze API usage

    Developer portal API analytics

    API Connect with z/OS Connect

    Services on DB2

    Services on CICS

  • 12 © 2016 IBM Corporation12 © 2016 IBM Corporation

    Demonstration 1 API Connect

    Manage and Secure z/OS Connect API

  • z/OS Connect

    CICSCICS

    z/OS

    SG Client

    SG Client

    AAAAAA API GW API GW

    DataPower : 1. Secure Gateway Client

    2. AAA

    3. API Gateway

    Demo architecture

    Web App

    z Systems

    LDAP1. Control access to the API (define rate limits)

    2. Secure the API (authorize client applications)

    3. Transform JSON messages

  • API ManagerDeveloper Portal

    API Connect components

    API Gateway

    API Gateway

    Create Assemble Flow

    and Publish

    1

    2

    Retrieve API

    Swagger definition

    3

    [Publish]

    Configure API Gateway

    4

    [Publish]

    Make API available

    zCEE APIs

    From the API Manager an existing API can be

    discovered, secured and managed.

    CICS

    App Developer

  • Secure and manage API

    The API is designed with parameters at the API level and at the Product level.

    API Design view

    Product Design view

  • z/OS Connect response API Connect response

    Change JSON object names in request message

    Change JSON structure of response message

    Modify API interface (Part 1 of 2) The Assemble Flow allows us to modify the API interface. For example the JSON structure

    and names of JSON objects can be changed in JSON request and response messages.

    API Connect request z/OS Connect request

  • API Gateway: modify API (Part 2 of 2)

    1

    If “Order” operation

    then Map JSON;

    otherwise proceed

    to next step.

    2

    Send modified

    request to z/OS

    Connect EE API

    3

    Change JSON

    structure of

    response message

  • 18 © 2016 IBM Corporation18 © 2016 IBM Corporation

    Summary

  • API Connect components API Gateway: DataPower Gateway

    API Management NodeDeveloper Portal

    CICS

    API Gateway DataPower

    App Developer

  • API Management NodeDeveloper Portal

    CICS

    Collective Controller

    Collective Member Node.js

    Web Router

    Micro Gateway

    Liberty Collective

    Linux on z

    API Connect components API Gateway: Micro Gateway

    App Developer

  • Node.js: under the cover

  • 22

    WebSphere Application Server Family

    Light weight production runtime

    for rapid web and cloud-based

    application development and

    deployment

    • Fast and easy download (

  • • Dynamic Routing provides a service that keeps the plug-in routing information up-to-date with the routing topology

    • Auto Scaling provides automated control over all participating clusters and th