Embed Size (px)
Citation preview
APIManagement@Haufe
MarcoSeifried(@marcoseifried)
MartinDanielsson(@donmartin76)
dev.haufe-lexware.com
github.com/Haufe-Lexware
@HaufeDev
-Lexware
1 Intro– APIManagementWhywouldyouneedandwantAPIManagement?
APIs@Haufe
Onboarding:Firstimpressioncounts!• Simplicity• Self-service• Lowbarrier to use
Ways to achieve this:• Accessto something valuable• Focusonthe service - business value
HaufeStrategy - Architecture Principles
Businessvalue over technicalstrategy
Strategicgoals over project-specificbenefits
Composability over silos
Sharedservices over specific-purposeimplementations
Evolutionaryrefinement over pursuitofinitialperfection
Designforobsoleteness over buildingforeternity
Goodenough over bestofbreed
Declarativeprocesses over implicitknowledge
Designof APIs
APIas aProduct…
Hyper-media
Elements
APIManage-ment
Outside-In
Approach…
APIStyleguidehttps://github.com/Haufe-Lexware/api-style-guide
APIManagement– What’sthat?
APImanagementistheprocessofpublishing,promotingandoverseeingapplicationprogramminginterfaces
(APIs)inasecure,scalableenvironment.
techtarget.com
StripoffthebusinessfeaturesofyourAPI– APIManagementistherest.StuffyouwoulddoforallAPIs
independentofwhattheydo– logging,monitoring,access,documentation,…MarcoSeifriedJ
APIManagementKeyComponents
API
PortalAPIOwners,Developers,Admin
DeveloperSelf-Service
EndUser
ServiceEndpoints
http://www.apiacademy.co/resources/api-management-101-api-management-basics/
Whatdoesitdo?
Provide discoverabilityandself-service AccesstoAPIs fordeveloperseasilyand
automatically
Monitor trafficto provide UsageInsights forindividualappsandAPIs.Who isusingwhathowmuch?
ProtecttheAPIfrommisusebyproviding Security e.g. bywrapping itinsecurity
proceduresand policies.
Protecttheruntimewith Traffic Control e.g.,bythrottling formobileapps
UseAPIManagementto Decouple theinsidefromtheoutside,keeping interfaces(APIs) stable
UseCasesandScenarios
Mobile
Internal
Public
Don’tsearchforthe
“Onetorulethemall”
Instead,gofor
“Goodenough”
Andnottoforget
“Evolutionaryrefinement”Partner
Our(API)Approach@Haufe
Don’tcentralize
GroupAPIsbyfunctionality
Letteamsworkindependently, aslongas
theyfollowourAPIStyleguide
ChooseAPIManagementbyusecase,notbydogma
Automate(Build,Test,Deploy,…)
2 APIManagementComponentsIfearit’snotonlyGatewayandPortal…
APImSolution
DeveloperPortal
APIG
atew
ay
Admin
Logs
BackendService
Analytics
Audit
Consumer
Config
PortalIdP
APIIdP
3 SolutionsWhoprovidesAPIm solutions?
MarketContenders
AzureAPIManagement
DeveloperPortal
APIG
atew
ay
Admin
Logs
BackendService
Analytics
Audit
Consumer
Config
PortalIdP
APIIdP
Anythingpluggable;e.g.EventHubs
Nosupport OOTB,butAzureADhasfunctionality
100%SaaSsolution
IntegratedintoMicrosoftAzure
Full-featuredDeveloperPortal
RichPolicy-drivenAPIGateway
99.x%SLA
Pricepoint:Atleast550€/mo.
Scalesondemand(withprice)
RESTAPI
Notavailableon-prem
ClosedSource– notfreelycustomizable
Quitehighpricepoint
Insomecases:“Lastmile”missing
MashapeKong
DeveloperPortal
APIG
atew
ay
Admin
Logs(Plugin)
BackendService
Analytics
Audit
Consumer
Config
PortalIdP
APIIdP(Plugin)
3rd PartyOfferings,e.g.kong-dashboard
3rd PartyOfferings,Mashape’sgelato.io
Mashape’sGalileo
DependsonAdminUI
OpenSourcesolution
Builtaroundnginx/Lua
Deployablewhereveryouwant
Fullydockerizable
Scalable,feature-richGateway
Powerfulplugin/extensionmodel
Suitableforinternalusemostly
CompleteRESTAPI
Nodeveloperportaloutofthebox
Actually,thereis:gelato.io (closedsource/commercial)
Only3rdpartyAdminUIs(ofvaryingquality)
Requiresnetworkingknow-howtosetup
Cassandracurrentlyonlyconfigbackendchoice(butPostgreSQLupcoming)
• MostlysuitableforbackendservicesonAzure• Noon-premdeployment(onlySaaS)• GoodDeveloperExperience(DX)• Easytostartwith• Notfreelycustomizable
• Focusonsecuringbackend• FlexibleDeployment(butnoSaaS)• ForusecaseswheretheDXisnotimportant*• DevOps easier,steeperlearningcurve• Doesbasics,everythingelseisaddon
• Quitelargesoftwarepackagesinbothcases
• Takesplanningandsomeefforttosetup
• Withgreatfunctionalitycomeslargeish footprints
4 AzureAPIm Demo
AzureAPImDeveloperPortal
AzureAPImPublisherPortal
Multumesc
