Upload
praveen-krishnan
View
213
Download
0
Embed Size (px)
DESCRIPTION
Apigee Document
Citation preview
Extending Your SOA in the API Economy
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
2
3
3
4
4
5
7
8
9
9
10
11
Contents
Abstract
Service Orientation Basics
The Benefits of SOA
Ubiquitous Mobile Computing Introduces New Requirements
Limitations of SOA
To Do Apps Well, You Need More
Introducing Apigee, the API Platform
Comparing Apigee and SOA/ESB
Connectivity and More
Apigee Complements SOA
Summary
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
3
Abstract
Today the combined forces of social, mobile, and cloud computing are driving
a change in how enterprises interact with employees, customers, and partners.
Enterprises need to figure out how to expose systems to be easily consumed by
third-party applications in a secure and trusted way; need to reach many different
devices; need to figure out how to drastically reduce the time and cost of working
with their systems, and improve the customer experience.
The shift underway in enterprises is one from a world of messaging platforms to one
of collaboration platforms - platforms for real-time connectivity and collaboration
across boundaries and firewalls that enable machine-to-machine, person-to-person,
B2B, and B2C interactions and transactions.
The growing App economy is at the heart of this transformation, placing new demands
on companies but also opening up unprecedented opportunity.
SOA has traditionally addressed the needs of corporate information system
integration, but apps and APIs interconnect corporate information systems with
remote systems and mobile devices everywhere, addressing the needs of the App
Economy in a way that a corporate SOA or ESB alone, cannot.
Service Orientation Basics
In Service Oriented Architecture, discrete information systems or components are
modeled as services, which are accessible over the network via well-defined and
standard protocols and data formats. The most commonly used protocols include
HTTP and TCP; the most common data formats include XML, SOAP (which is XML
that uses a specialized schema), and JSON. The aim of SOA is to promote re-use
of software systems or information functions within enterprises via intersystem
communication. Formally defining the network interfaces or “contracts” over which
disparate systems can connect within SOA allows independent development and
evolution of cooperating systems, without the need to employ a common technology
base. This allows companies flexibility in managing discrete business functions, which
translates to operational efficiency.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
4
The Benefits of SOA
Many companies have benefited greatly from employing SOA as the preferred archi-
tectural approach for IT integration – in other words the preferred way of connecting
disparate information systems across the enterprise. Before SOA, information assets
such as an inventory control system or an order validation system were effectively
isolated systems; they were accessible only via product-specific or vendor-specific
mechanisms, or via novel or incompatible programming interfaces. The result of this
was ineffective IT integration, or inefficient IT operations.
SOA breaks down the walls between systems by establishing ground-rules and
principles for interconnection between disparate systems. As SOAP and Web
services toolkits became popular in the early 2000’s, the influence of SOA among
IT practitioners grew. XML and SOAP libraries went mainstream. Packaged apps
bundled web services support into their products. Support tools arrived, including
ESB – Enterprise Service Bus products, which provide a management and control
point for SOAP communications. SOA succeeded in connecting enterprise building
blocks.
Many companies have greatly improved the efficiency and effectiveness of their
information systems by embracing SOA.
Ubiquitous Mobile Computing Introduces New Requirements
In June 2007, Apple’s iPhone became generally available, and immediately became
a disruptive influence in wireless telephony, consumer music, and later, information
systems. There are now over 1 billion smartphones on the planet; the iPhone and
other smart phones have democratized connected, mobile computing. Now, people
carry the Internet around in their pockets. Larger format devices such as tablet
computers have brought richer connected experiences into everyday life; greatly
adding to the momentum of ubiquitous connected computing.
At the same time, advances in web browser technologies including markup and styling
(HTML5 and CSS3), JavaScript engines (v8, SpiderMonkey, Chakra), programming
metaphors (AJAX), data formats (JSON), and app frameworks (jQuery, Mootools,
Sencha) have brought new interactivity, style, and power to web applications.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
5
Finally, the cumulative effect of Moore’s
Law has driven the cost of server compute
resources – CPU, storage, and network -
down sharply, while cloud technologies in
the area of Big Data and Virtual Networking
have matured to take advantage of farms
of networked server computers. Not long
ago, server compute time was a scarce,
expensive resource; it is now plentiful,
cheap, and easily scaled.
With these advances in greater connect-
edness and interactivity, and with the
improved economics, companies have
new opportunities to better connect to
their customers. Apps that run on these
mobile devices and in modern browsers
deliver the experiences that delight and
attract customers. As a result, companies
are compelled to adopt and expose APIs,
enabling those apps and the developers
who build them, to win new business.
Limitations of SOA
Is SOA well suited to supporting connec-
tions from mobile apps? Is it well suited
to enabling connected web experi-
ences? Let’s consider. SOA is focused on
enabling interconnection between existing
systems deployed in a corporate network.
Participants in SOA networks are long-lived, and purposefully slow to change; the
pace of application development is correspondingly deliberate. Data models are
formal and rigorous.
What is an API, anyway?
At one time, the term “API” referred to an Application Programming Interface ex-posed by a library. A standalone program running on a single computer needed to link to that library to use the API. An API was a contract that said to developers: if you include in your program a call to a specifically-named function, and pass a set of arguments of a given type, the li-brary exposing the API will perform a spe-cific function.
These days, the term API implies a net-work interface that is HTTP-based. When a company offers an API, they’re effec-tively saying to developers: if your app sends a particular message to a specific HTTP endpoint, it will receive a particular response.
For example: “If you send an HTTP GET message to example.com with this URL path: /weather/5day/Palo Alto, then I will send you an XML document containing a 5-day weather forecast for Palo Alto, Cal-ifornia.”
Obviously, APIs can be sophisticated, with many options for message request and response payloads, headers, and query parameters. But the basic idea is this: an app sends a message that conforms to a simple specification, and receives a par-ticular response.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
6
Apps are different. Mobile apps get conceived, designed, and built at an entirely
different pace. The evolution of apps to satisfy new customer desires is rapid and
continuous. Apps don’t speak SOAP; they speak JSON, and use “APIs” to connect. This
implies different data models and looser, more flexible and dynamic data formats.
There are very different security requirements.
At a coarse level, SOA and the App+API philosophies are similar: they both are focused
on interconnectivity. But there are differences as well.
Aspect SOA / ESB Apps and APIsCore goal Enable Internal devel-
opers and systems to
connect, while complying
with IT department
standards.
Enable developers, either
external or internal, to
build nifty, compelling
apps, and allow users to
run them.Network Low-latency, trusted. High-latency, untrusted.
(Mobile wireless network)Developer Audience Internal, well trained,
methodical.
External or internal,
internet savvy.Development Style Deliberate, structured,
governed by process.
Rapid, iterative,
experimental.Connected Platform High-powered server. Any connected device.Data Contract Formal, strict. Flexible, dynamic.Data Format XML, JMS, SOAP, EDI,
possibly many others.
JSON and XML.
Communications TCP, MQ, HTTP, others. HTTP.Authentication and
Authorization
Internal mechanisms,
LDAP.
Internet standards
including OAuth.Usage Analytics Limited use, secondary
importance.
Of primary importance.
While SOA addresses the needs of connecting existing enterprise systems, it was
never conceived to address the key requirements in the different world of APIs and
connected mobile apps.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
7
To Do Apps Well, You Need More
The above comparison focuses on the communications capability. In the world of
apps and APIs, there are very important considerations outside this realm.
The popularity of applications running on powerful mobile devices has lead to
what can be called “the App Economy”, where apps can be a key differentiator for
a business. Outsized benefits accrue to those who get it right. To do so means
addressing requirements beyond basic communications:
› Developers: Recruiting, enabling, and managing developers.
› Platform: Making it easy for developers to build rich applications.
› Agility: Analysis to understand trends in performance and usage and
iterating to respond.
Developers
In the App Economy, because apps are a key differentiator, the recruitment and
enablement of developers is critical. There are many platforms and opportunities
competing for their attention. Companies need to appeal to developers by making
it super easy to understand the APIs that are available, to try things out quickly,
to get started on their own. API providers also need to manage the developers
– their access rights, quotas, and the binding commercial terms. Companies also
need to encourage community, so that developers can collaborate and support each
other without active involvement by the API provider. This fosters innovation and the
development and evolution of new ideas - for example combining the company’s API
capabilities with external services can extend a company’s brand in powerful ways.
Platform
The API - the programmable interface into the company’s systems - is the center-
piece of the unique platform a company offers to developers. But there are many
aspects of a platform that developers view as not specific to a particular company.
Things like social integration, location-aware services, or a general-purpose cloud-
based key/value store, programmatically accessible from any app. In short, a simple
API is not enough.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
8
Agility
Engaging developers and providing a capable and compelling platform is not a
one-and-done task. Companies know they need to innovate quickly and iteratively on
their products; when APIs are your product the requirement is the same. To iterate,
they need to analyze the data around API usage patterns, to understand which APIs
get used, when, how, and by which apps. They need to be able to rollout changes
and new APIs as rapidly as possible, and adjust course as often as necessary.
Doing all of this requires more than SOA.
Introducing Apigee, the API Platform
Apigee provides the infrastructure to address these needs, complementing the
capabilities of SOA. Apigee manages API communications into existing systems,
acting as the gateway from the world of apps into a corporate SOA. And, Apigee
addresses the novel needs of the API lifecycle: encouraging developers to build
better apps, faster; and providing insight into app and API usage. All of this ultimately
enables companies to better connections with their customers.
Apps
Developers
APIs
API Team
Figure 1: Apigee API Platform
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
9
Comparing Apigee and SOA/ESB
As a communication interchange approach, Apigee Gateway Services is similar in
some ways to an ESB, or to the SOA architectural approach. Common between Apigee
and an ESB: message routing, message transformation, rate limiting, security checks
and access control, and analytics. SOA and Apigee Gateway Services are similar; both
are focused on interconnecting disparate systems, both model systems via network
interfaces, both typically use XML or other data formats. There are clear similarities.
Connectivity and More
Like SOA or an ESB, Apigee provides connectivity and communications management.
But the Apigee API Management platform provides much more.
› Gateway Services – management of communications between outside
apps and internal systems. The Gateway receives incoming HTTP API requests
and performs authentication, authorization checks, rate limiting, auditing and
logging, and routing.
› App Services –a backend-as-a-service resource, it provides a core set of
commonly used social media application objects, and can be extended to
store arbitrary data. It enables developers to get better apps up and running
more quickly.
› Developer Channel Services – an extensible portal and set of web-based
tools to engage developers, encourage adoption, and speed development of
apps that leverage managed APIs.
› Analytics Services – using the traffic analysis gathered by the Gateway,
Analytics Services provides insight into API and app usage across developers,
apps, and time, so that operators can see how app requests are driving the
business.
These four functional components comprise Apigee Enterprise, to address the
specific needs in the app economy. None of these are functional areas included in
the traditional realization of SOA.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
10
Apigee Complements SOA
With this set of features, Apigee is much more than “SOA with a longer wire”,
or “a Service Bus for HTTP APIs.” For companies with a corporate SOA or ESB,
Apigee provides a necessary control point for channeling Internet API calls into the
corporate network, integrated with additional features specifically targeted to the
App Economy.
GatewayServices
(Policy ControlPoint)
DeveloperChannel
AppServices
AnalyticsServices
API AnalystApp Developer
Internal Systems(accessed via SOAP
& Web Services)Web Internal
Firewall
ManagementGUI
Apps
http
http http TCP/IPSOAP, JMS,
HTTP
Figure 2: Apigee API Platform Deployed in the Cloud
Apigee can provide a “facade” to an ESB. The Apigee proxy acts as a point-of-entry
API layer to SOAP services, geared toward agile development, developer collabo-
ration, and rapid innovation. App Services can provide back-end services optimized
for mobile app usage. Developer Channel Services, and the Developer Portal provides
the on-ramp for developers who want to use your APIs. With the Apigee Enterprise
Platform, all of these pieces work together, and are managed from a single integrated
management interface.
The integrated set of capabilities in Apigee Enterprise addresses the needs of
companies that seek to fully exploit the potential of the app economy. Apigee
complements a SOA, and extends the reach of a company out to the edge of the
network – right into customers’ hands.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
11
Summary
SOA addresses the needs of corporate information system integration, but apps and
APIs place new demands on companies.
Apigee provides a platform to satisfy those demands. Optimized for JSON, XML, and
HTTP, Apigee handles internet-scale volumes of transactions, originating from a wide
variety of devices into the corporate SOA.
Apigee interconnects corporate information systems with remote systems and
mobile devices everywhere, in a way that a corporate SOA or ESB alone, cannot.
©2012 Apigee. All Rights Reserved.
Extending Your SOA in the API Economy
12
About Apigee
Apigee is the leading provider of API technology and services for enterprises and
developers. Hundreds of companies including AT&T, Bechtel, eBay, Korea Telecom,
Telefonica and Walgreens, as well as tens of thousands of developers use Apigee to
simplify the delivery, management and analysis of APIs and apps. Apigee’s global
headquarters are in Palo Alto, California, and it also has offices in Bangalore, India;
London; and Austin, Texas. To learn more, go to apigee.com.
Find Best Practices to Accelerate your API Strategy
Scale, Control and Secure your Enterprise
Build Cutting-Edge Apps and Intuitive APIs
Apigee Corporation
Tel: +1 (408) 343-7300