Why are they needed and what functions they perform.
Hello everyone! My name is Anton and I am an engineer on the team responsible for the development of centralized IT services used by the product teams at X5 Retail Group.
In this article I will talk about systems of the API Management class and in particular about APIM Gravitee ( https://www.gravitee.io ), what this class of systems is, how they are used to meet the needs of development teams. The article does not dive into the technical aspects, but it can be useful for architects and managers who are thinking about trying to use this class of systems, but do not know if they are suitable for their tasks, as well as for developers who may discover new tools for convenient work with API.
What is API Management Systems
Definition
API Management - - (API), , , , .
, API Management - , , , API .
"API Management" , API , , . , , , API.
?
, API . ? - . "". API, : , .. API, , , . API : , , , / IP. , JSON , DevOps rate limit, DoS , : Service Discovery, Load Balancing, Blue/Green Canary deploy.
API Management (. . 1):
Management Core: , , , , API Gateways API, CORS, Failover, Healthcheck, API .
Web/Development Portal: UI, , API, healthcheck , , API.
API Gateways: , , , healthcheck Backend API.
Backend API: - .
Databases: API Management, API, API Gateways, backend, healthcheck, API Management.
API Management
:
: .
: , , Keycloak.
: API.
API: / .
: / API.
:
Latency: / .
TCO: , , nginx .
API Gateways
API Gateways ( ), (. . 2). API Gateways /, . API Gateways , / . API Gateways , . API Gateways, , (L7) OSI.
API Gateways
API Gateways:
Local API Gateways .
DMZ API Gateways .
, , . . - .
Name |
Tags |
APIGee |
Enterprise |
WSO2 API Manager |
Enterprise/Open source |
SAP API |
Enterprise |
3scale |
Enterprise |
IBM API Management |
Enterprise |
Kong |
Enterprise/Open source |
Mashery |
Enterprise |
Microsoft Azure API Management |
Enterprise |
Mule Soft |
Enterprise |
Gravitee
X5 Retail Group APIM Gravitee (https://www.gravitee.io). – API DMZ.
:
23
69 API Gateways
400
350 RPS
30 000 000+
, APIM Gravitee.
Identity provider: :
MongoDB ( , );
In-memory ( admin);
LDAP / Active Directory;
OpenID Connect IdP (Azure AD, Google);
Fetchers: API :
File (Swagger, OpenAPI);
HTTP;
GIT;
Policies: , . . -, - . :
API Key - API-;
Rate-limiting - backend;
Transform Headers/Transform Query Parameters - ;
etc.
Gravitee Gateway 30 . . , "", .
Reporters: . :
Reporter file;
Elasticsearch;
Accesslog;
, :
/ — , , , api-;
— , , , - ..;
— , , ;
Repositories: - API, , , . :
MongoDB ( );
Redis;
Elasticsearch;
PostgreSQL ( JDBC );
Resources: , :
OAuth2 ( OAuth2 );
Cache ( );
LDAP ( LDAP );
Services: , :
Sync ( );
local-registry ( API json . , API - rest API ( json API, .));
health-check ( );
monitor ( , os / process / jvm, );
Notifiers: . , , Slack.
Email;
Alerts: , Notifier.
Vertx;
: https://github.com/gravitee-io, Java, .
API
API :
API
API
API
API , API
, :
!
swagger .
Git
/URL
.
, "->"
API 5
API, , , API .
:
Simple mode backend api, : https://backend-server/backend-api/
Advanced mode backend api, tenant sharding tags.
tenant - Elasticsearch .
sharding tags - , API Gateways
Plan
Plan - , , Gateway.
Name -
Security type - : Keyless(public), API Key, JWT, OAuth2
Description -
Rate limit - - /
Quota - - ///
Path authorization -
API.
API
swagger.json
API.
" API ", " API"
CREATE API .
API . API , - "keyless". , .
:
Tags (. . 3)
2. (. . 4)
3. Rate Quota (. . 5)
4. , (. . 6)
, , Management API, . , , . , , , APIM Gravitee . , , .