how to architect your application infrastructure for ... · communication amongst microservices....
TRANSCRIPT
![Page 1: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/1.jpg)
How to Architect Your Application
Infrastructure for Effective API Delivery
Kevin Jones Global Solutions
Architect, NGINX BU @
F5 Networks
![Page 2: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/2.jpg)
Why APIs and Why Manage Them?
Common API Gateway Deployment Patterns.
A Look at API Gateways in East-West Traffic Patterns.
Recap of Patterns.
Agenda
How can NGINX Help?
Confidential – Do Not Distribute
![Page 3: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/3.jpg)
Why APIs and Why Manage
Them?
![Page 4: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/4.jpg)
• Break down siloes and unlock data (within and among organizations)
• Increase collaboration amongst developers
Unlock data
• Primary interface for communication amongst microservices.
Create a foundation
• Generate revenue and build partnerships with third-party developers and ecosystem of suppliers, distributors, resellers, and even customers
• Expose APIs via Dev Portal
• “Digital marketplace” for an enterprise
Find new digital revenue stream
Why Develop APIs?
4 External APIs Internal APIs
![Page 5: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/5.jpg)
Source: https://www.programmableweb.com/news/research-shows-interest-providing-apis-still-high/research/2018/02/23
![Page 6: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/6.jpg)
API as a source of revenue
6
Source: 2014 Search Security article:
https://searchsecurity.techtarget.com/news/2240222882/API-gateways-emerge-to-address-growing-security-demands
50% of Salesforce’s
revenues come from APIs
90% of Expedia's
revenues come from APIs
![Page 7: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/7.jpg)
40% of all NGINX Plus instances are deployed as an API
gateway
Source: NGINX User survey
![Page 8: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/8.jpg)
API Management
• Define Policy
• Pushing Configurations
• APM and Consumption Visualization
• Developer Portal
API Gateway
• Lightweight
• Easily Distributed
• Easily Scaled
• Heavy Lifting…
• Request Processing
![Page 9: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/9.jpg)
9
API Definition & Publication
Monitoring and Analytics
Onboarding and Documentation
(Developer Portal)
Customizable Dashboards
Alerting Extract Insights
(REST API + Logging) Multi- Cloud Support
Protect Authentication &
Authorization
Characteristics to look out for…
API Management API Gateway
![Page 10: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/10.jpg)
Common API Gateway
Deployment Patterns
![Page 11: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/11.jpg)
API
A
API
B
API
C
API
A
API
B
API
C
Edge Gateway
API
A
API
B
API
C
• TLS termination
• Client authentication
• Authorization
• Request routing
• Rate limiting
• Load balancing
• Request/response manipulation
![Page 12: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/12.jpg)
Edge Gateway
API
A
API
B
API
C
D
E
F
G
H
• TLS termination
• Client authentication
• Authorization
• Request routing
• Rate limiting
• Load balancing
• Request/response manipulation
• Façade routing
![Page 13: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/13.jpg)
Two-Tier Gateway
API
A
API
B API
C
D
E
F G
H Security Gateway
• TLS termination
• Client authentication
• Centralized logging
• Tracing injection
Routing Gateway
• Authorization
• Service discovery
• Load balancing
![Page 14: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/14.jpg)
Microgateway
E
E
F
G
F
H
D
D
D
E
F
DevOps
Team-
owned
• Load balancing
• Service Discovery
• Authentication per API
• TLS Termination
• Routing
• Rate limiting
![Page 15: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/15.jpg)
But what about East-West
traffic?
![Page 16: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/16.jpg)
F
E
Microgateway
E
E
F
F
D
D
D
• Service discovery integration
• Obtain authentication credentials
• Everything else!
![Page 17: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/17.jpg)
F
E
Sidecar Gateway
E
E
F
F
D
D
D
• Outbound load balancing
• Service discovery integration
• Authentication
• Authorization?
Edge / Security Gateway
• TLS termination
• Client authentication
• Centralized logging
• Tracing injection
![Page 18: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/18.jpg)
Kubernetes Cluster
F
E
Service Mesh
E
E
F
F
D
D
D
Service Mesh Control Plane
Ingress / Edge
Gateway
All DevOps
teams
![Page 19: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/19.jpg)
F
E
Two-Tier Gateway
E
E
F F
D
D D
F
E
E
E
F F
D
D D
Bottleneck?
![Page 20: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/20.jpg)
F
E
Bottleneck?
E
E
F F
D
D D
F
E
E
E
F
F
D
D
D
![Page 21: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/21.jpg)
Recap of Patterns
![Page 22: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/22.jpg)
In Recap…
Edge Gateway
+ Monoliths with centralized governance
- Frequent changes, DevOps team-owned microservices
Two-Tier Gateway
+ Flexibility, independent scaling of functions
- Distributed control
Microgateway + DevOps teams, high-frequency updates
- Hard to achieve consistency, no central security control
Sidecar Gateway
+ Policy-based E/W, strict authentication requirements
- Control plane complexity
![Page 23: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/23.jpg)
How can NGINX Help?
![Page 24: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/24.jpg)
NGINX at the Core (API Gateway)
24
• Both Open Source and Enterprise
• Compact and High-Performing
• Provides L7 Data Plane
• Connection Handling
• Scalability (API or DNS)
• Authentication / Authorization (JSON Web Tokens + Auth_request)
• DDoS Protection / Request Rate Limiting (limit_conn / limit_req)
• Provides Insight (API + Logging)
• Linux Based
![Page 25: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/25.jpg)
Many API Gateways Solutions are Built on NGINX
Google Cloud
Endpoints Axway
IBM DataPower
Kong Red Hat 3scale
Torry Harris
![Page 26: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/26.jpg)
Reduce Complexity with NGINX
26
Data plane (NGINX API GW) does not require runtime
connectivity to control plane (NGINX Controller)
• High Performance
• Same high performance regardless of where API GW is deployed
(whether to handle N/S traffic or E/W traffic)
• No need for additional software components
• Small API GW footprint
• Easy to deploy anywhere (Docker)
![Page 27: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/27.jpg)
API Management
Definition & Publication
Security Policy
Traffic Mgmt. (API GW)
Ongoing Monitoring & Maintenance
Analytics to Assess API
Value
Dev Portal
• Create and publish APIs
• Define policy for those APIs
• Quickly and easily publish
configurations (best practices)
• Provides visibility into API health
with performance monitoring
• Real-Time alerting
NGINX Controller for API Management
![Page 28: How to Architect Your Application Infrastructure for ... · communication amongst microservices. Create a foundation •Generate revenue and build partnerships with third-party](https://reader033.vdocuments.site/reader033/viewer/2022051916/6008684c270a6233ba6a035d/html5/thumbnails/28.jpg)
API Management
Definition & Publication
Security Policy
Traffic Mgmt. (API GW)
Ongoing Monitoring & Maintenance
Analytics to Assess API
Value
Dev Portal
Coming soon…
• Dev Portal for onboarding and
documenting APIs
• Increased Analytics to assess API
value and consumption
NGINX Controller for API Management