What is API Management Systems

Why are they needed and what functions they perform.

Hello everyone! My name is Anton and I am an engineer on the team responsible for the development of centralized IT services used by the product teams at X5 Retail Group.





In this article I will talk about systems of the API Management class and in particular about APIM Gravitee ( https://www.gravitee.io ), what this class of systems is, how they are used to meet the needs of development teams. The article does not dive into the technical aspects, but it can be useful for architects and managers who are thinking about trying to use this class of systems, but do not know if they are suitable for their tasks, as well as for developers who may discover new tools for convenient work with API.





What is API Management Systems

Definition

API Management - - (API), , , , . 





, API Management - , , , API .





"API Management" , API , , . , , , API.





?

, API . ? - . "". API, : , .. API, , , . API : , , , / IP. , JSON , DevOps rate limit, DoS , : Service Discovery, Load Balancing, Blue/Green Canary deploy. 





API Management (. . 1):





  1. Management Core: , , , , API Gateways API, CORS, Failover, Healthcheck, API .





  1. Web/Development Portal: UI, , API, healthcheck , , API.





  1. API Gateways: , , , healthcheck Backend API.





  1. Backend API: - .





  1. Databases: API Management, API, API Gateways, backend, healthcheck, API Management.





fig.  1 API Management service architecture
. 1 API Management

API Management

:





  • : .





  • :  , , Keycloak.





  • : API.





  • API: / .





  • : / API.





:





  • Latency: / .





  • TCO: , , nginx . 





API Gateways

API Gateways ( ), (. . 2). API Gateways /, . API Gateways , / . API Gateways , . API Gateways, , (L7) OSI.





fig.  2
. 2

 API Gateways

API Gateways:





  • Local API Gateways  .





  • DMZ API Gateways  .





, , . . - .









Name





Tags





APIGee





Enterprise





WSO2 API Manager





Enterprise/Open source





SAP API





Enterprise





3scale





Enterprise





IBM API Management





Enterprise





Kong





Enterprise/Open source





Mashery





Enterprise





Microsoft Azure API Management





Enterprise





Mule Soft





Enterprise





Gravitee

X5 Retail Group APIM Gravitee (https://www.gravitee.io). – API DMZ.





:





  • 23





  • 69 API Gateways





  • 400





  • 350 RPS





  • 30 000 000+





, APIM Gravitee.





  1. Identity provider: :





  1. MongoDB ( , );





  2. In-memory ( admin);





  3. LDAP / Active Directory;





  4. OpenID Connect IdP (Azure AD, Google);





  1. Fetchers: API :





  1. File (Swagger, OpenAPI);





  2. HTTP;





  3. GIT;





  1. Policies: , . . -, - . :





  1. API Key - API-;





  2. Rate-limiting - backend;





  3. Transform Headers/Transform Query Parameters - ;





  4. etc.





Gravitee Gateway 30 . . , "", . 





  1. Reporters: . :





  1. Reporter file;





  2. Elasticsearch;





  3. Accesslog;





, :





  1. / — , , , api-;





  2. — , , , - ..;





  3. — , , ;





  1. Repositories: - API, , , . :





  1. MongoDB ( );





  2. Redis;





  3. Elasticsearch;





  4. PostgreSQL ( JDBC );





  1. Resources: , :





  1. OAuth2 ( OAuth2 );





  2. Cache ( );





  3. LDAP ( LDAP );





  1. Services: , :





  1. Sync ( );





  2. local-registry ( API json . , API - rest API ( json API, .));





  3. health-check ( );





  4. monitor ( , os / process / jvm, );





  1. Notifiers: . , , Slack.





  1. Email;





  1. Alerts: , Notifier.





  1. Vertx;





https://github.com/gravitee-io, Java, .





API

API :





  1. API









  1. API





API

API , API





, :





  1. !





  1. swagger .





  1. Git/URL



    .





, "->"





API 5





API, , , API .





:





Simple mode backend api, : https://backend-server/backend-api/





Advanced mode   backend api, tenant sharding tags.





tenant - Elasticsearch .





sharding tags - , API Gateways





Plan





Plan - , , Gateway.





Name -  





Security type -  : Keyless(public), API Key, JWT, OAuth2





Description -





Rate limit - - /





Quota -  - ///





Path authorization -





API.





API

swagger.json





API.









" API ", " API"





CREATE API .





 

API . API , - "keyless". , .





:





  1. Tags (. . 3)





Figure:  3
. 3

2. (. . 4)





Figure:  four
. 4

3. Rate Quota (. . 5)





Figure:  five
. 5

4. , (. . 6)





Figure:  6
. 6

, , Management API, . , , . , , ,  APIM Gravitee  . , , .








All Articles