API s in a hybrid world Date 28 September 2017
So, What is this API Economy thing? A mutually beneficial ecosystem of suppliers & consumers of APIs. Suppliers use APIs to securely provide specific types of access to sensitive data (e.g. an API to Track my package from ACME) Consumers call these API s from their apps to make them more useful (e.g. E-Retailer building a package tracking panel into their Order Status screen) API Management & Gateway (rate limiting, security, monitoring, permissions, version management, etc) API API ACME Shipping ACME s Enterprise E-Retailer Mobile app Shipping status Order status Order# 13593 Shipped on: 1/26/16 Currently view status in: Atlanta, at ACME.com GA Estimated delivery: 1/31/16 Web Page API API ACME Firewall Microservice: trackpkgbyid Runtime (Node.js, WAS, etc) Integration Bus Truck data Package data
Disruption across Industries Fueled by APIs Industries Travel FinTech HealthCare A leader global travel generates over10 Billion API Calls a month running it s business on an API First Strategy Citi started innovating by offering hackathons and currently delivers over 300 business services internally and externally across most core lines of business. HealthCare provider offers personalized healthcare by exposing APIs via secure platform called InterChange Automobile Car company offers connected car, improves driving experience, sells vehicle data to partners Retail Retailer provides digital distribution channel for affiliate revenue from customer referrals via open API portal
Digital Apps Present New Challenges Traditional web apps If digital apps used same approach 2 Single response sent back to client browser Digital apps live in the internet (phones, IoT, dynamic web pages) TH GS IN Digital App Open internet Enterprise 1 Many calls are made, often w/ large payloads (> 1 MB). All within local network, so this worked Web App ESB Low latency, high bandwidth High latency, low bandwidth connections (3G, 4G, or even high speed at long distance) make traditional approach untenable. Can t simply reuse existing services for new digital apps need a new approach ESB High latency, low bandwidth
Digital Applications Require a new Interaction Tier Digital Team / Line-of-Business Measured on time to market. Motivated to be fast (e.g. get it out, fix it in market ). Ø Can t simply call existing System API s from digital apps for performance reasons (see previous slide) Ø Can t afford to wait weeks/months for a new System API that exactly meets their needs Ø Needs a NEW tier which sits close to the systems of record, but is controlled by the Digital Team/LoB Edge of Datacenter www Interaction API App TH GS IN Central IT Team Measured on resiliency & uptime. Motivated to be cautious. Generally takes weeks/months to turn around change requests (e.g. to support digital apps), due to change control & quality control processes. System API Web Service System API ESB
API Centric Digital transformation demands a new architecture Client-Tier IoT,Mobile,Web,B2B Apps What s needed is the Interaction Services Layer Interaction Services Layer Designed for a microservices architecture Non-blocking, event-driven I/O to remain lightweight Efficient in the face of data-intensive real-time applications Supports massive concurrency Designed for hybrid cloud deployment Seamless communication between front-end and back-end systems Simplified & comprehensive API lifecycle to Create, Run, Manage and Secure APIs Middle-Tier Traditional SOA infrastructure designed for internal integration does not cut it for real-time external interactions Enterprise Applications & Data Back-end Need for simplified discovery and secure reuse of Systems of Record via APIs
APIs Enable Differentiated Experiences Exposed as APIs To Develop Innovative Apps www TH GS IN Existing Enterprise IT Investments Self Service Consumed by Developers Delivering Differentiated B2C, B2B, B2E Experiences
IBM API Connect: Simplified & Comprehensive API foundation What is API Connect? An integrated creation, runtime, management, and security foundation for enterprise grade API s and Microservices to power modern digital applications What does API Connect provide? Automated, visual and coding options for creating APIs Automated discovery of system of records APIs Node.js and Java support for creating Microservices Lifecycle and governance for APIs, Products and Plans Access control over API s, API Plans and API Products Advanced API usage analytics Customizable, self service developer portal for publishing APIs Policy enforcement, security and control Monetization of APIs Multi-Cloud support with APIC on Bluemix & GW anywhere Create Secure Run Manage
API Connect: Components & Personas Developer Portal How App Developers find, subscribe, analyze APIs 2 API Developer API Product Manager API Operations App Developer subscribe use API Toolkit How API Developers create & test APIs 4 develop 3 API Manager How API owners manage APIs Analytics API Developer develop Application User use Application API Gateway Enforces API Security, Traffic Management, Mediation policies at runtime 1 Target Endpoint The brains of the API or Microservice, performs the business logic
API Connect Offerings In a Nutshell APIC Editions BLUEMIX ON-PREM Essentials Free (up to 50K API calls per month) Free (up to 50k API calls per month) Professional 100K API calls/month 5M API calls/month Subscription License (API calls per month) Pay-as-you-go (API calls per month) Perpetual License (PVUs) Subscription License (API calls per month) Pay-as-you-go (API calls per month) Perpetual License (PVUs) Enterprise 100K API calls/month 25M API calls/month 1B API calls/month Subscription License (API calls per month) Pay-as-you-go (API calls per month) Perpetual License (PVUs) Subscription License (API calls per month) Pay-as-you-go (API calls per month) Perpetual License (PVUs) BLUEMIX ON-PREM Data Center Single/multi Tenant Managed By Public: SoftLayer datacenter (Dallas, London, Frankfurt, Australia) Dedicated: IBM/SoftLayer datacenter (any SoftLayer data center) Local: Customer datacenter Public: Multi-tenant Dedicated or Reserved Instance: Single-tenant Local: Single-tenant Public: IBM-managed Dedicated or Reserved Instance: IBM-managed Local: Customer-managed Customer datacenter IaaS (e.g. SoftLayer) Single-tenant Customer-managed
Importance of API Gateways Full API Management Microservice Management Capabilities Needed Advertise availability of API s Provision API keys for developers Share API documentation w/ developers Manage API, Products, Plans Manage API Access Control API Monitoring & Analytics Monetize APIs Security policies to threat protect, authenticate users & application, ensure only the right parties access data Rate limiting to prevent overload of SoRs Mediation policies to transform data (e.g. from JSON to XML) Traffic management policies to intelligently route incoming traffic to the correct services How Capability is Delivered Developer Portal (in API Connect) API Manager (in API Connect) API Gateway (DataPower, which is available standalone or as an option with API Connect)
Your Gateway Needs to Run Everywhere On-Prem Gateway Multi-cloud Gateway SoR App Gatew ay Long distance SoR VS Onprem Onprem App Long distance Gatew ay Gatew ay SoR SoR The on-prem Gateway scenario is quite slow due to many long distance, high-latency calls The multi-cloud gateway scenario is much faster, as it minimizes long distance, high-latency calls The IBM DataPower Gateway can run: Natively in IBM BlueMix, Amazon Web Services, and Microsoft Azure. In RHEL or Ubuntu Linux, either Natively or in Docker
Simple & Secure Architecture How is DataPower Gateway different? Purpose-built, secure gateway platform Ø Complete gateway platform delivered as hardened image Guiding philosophy is to centralize common security, traffic management, mediation, acceleration functions and optimize them in a security-hardened gateway stack delivered in Docker container, Linux application, Virtual machine and Physical appliance form factors DataPower Gateways (Secure & Easy to Manage) Commodity Gateways (In-Secure & Hard to Manage) DataPower Gateway Platform Digitally Signed and Encrypted Image Proprietary Software libxml JVM glibc HTTP Server JSP Engine App Server Full Linux OS (including shells and user accounts) database Linux Daemons IBM Optimized Embedded Operating Environment Crypto Acceleration Flash Memory Hardware Display Ports Bootable CDROM Drive Bootable USB Ports Hardware
Thanks