Everyone has written an API of some sort whether they know it or not. Many people might snap in a quick end point or two into their website that returns JSON or XML to support some simple front end validation or dynamic interactions. This is a loose API for the most part and if it solves the problem – great. Other folks might stand up a whole solution that is dedicated to supporting some disconnected clients like ios apps, android apps, or full blown SPA style javascript apps. This second style of API is usually versioned separate from the consumers of it. And is most likely deploying at a different cadence from the client apps that are dependent on it. Also, when writing a rich API there are generally many concerns that one must take into account such as authentication and authorization, versioning of the contract between the client and the API, rate throttling, caching, etc. And if you are deploying API’s as different domains for a product suite, or as granular microservices, then you also need a way to uniformly present a consolidated API to the world. Analytics and reporting usually come into play as well. For each of these concerns you could easily write some code (likely an extensive amount of it) to solve the problem. However, I find that letting my API worry about the business problem that it is trying to solve, and nothing else, makes iterating on my applications much less painful. For that reason I have turned to using infrastructure and 3rd party apps to solve many of these problems – with little to no code! In this post we will take a look at proxys and gateways and some of the features that they expose to you. In future posts we will dig a little deeper into each of them and do more of an in depth comparison.

1. API Management
Making your API behave
like a big boy
Andrew Siemer | Clear Measure
andrew@clear-measure.com
@asiemer

2. Welcome to
Azure Austin
All things related to the Microsoft Cloud!
meetup.com/AzureAustin

3. Clear Measure
Workshops
Day long, Clear Measure led, fingers on
keyboards, learn by doing
CQRS, DDD, Event Sourcing, Distributed
Systems, Micro Services
meetup.com/clear-measure-workshop

4. Andrew Siemer
http://about.me/andrewsiemer
ASP Insider
MS v-TSP (Azure)
Azure Advisor Program
Father of 6. Jack of all trades, master of some.

6. • Stories from the programming trenches
• How to grow your programming career
• http://www.developerspringboard.com
• @devspringboard

7.  We are hiring!!!

8. Introduction
What is an API management tool and why
do I need it?

9. More details here!
• Andrew Siemer on LosTechies
• “making your api behave like the big boys”
• http://goo.gl/DTQIGu

10. Topics to cover
• Downside of directly exposing your API
• Introducing Proxy’s & Gateways
• Features you need to know about
• Available tools
• Azure API Management

11. Downside of direct access
• Flexibility in deployment story
• Versioning is harder, and in code
• Security, Authentication, Authorization in code
• Cohesive API forces single solution (mega code base)
• Not micro-service friendly
• Basically, you need it? You write it!

12. Proxy’s and Gateways
• Proxy
• Thin pass through
• Expects something on the other end to respond
• Gateway
• Thick pass through
• Exposes mega feature list

13. Features available in managed API
• Acceleration
• Routing
• URL Rewriting
• Versioning
• Cohesion
• Rate Limiting & Throttling
• Security
• Server Affinity
• Monitoring
• A/B Testing
• Blue/Green Deployments

14. Tools – Proxy’s
• Nginx
• HAProxy
• httpd

15. Tools – Proxy’s – Which one?

16. Tools – Proxy’s – Which one?
• nginx

17. Tools – Proxy’s – Which one?
• haproxy

18. Tools – Proxy’s – Which one?
• httpd

19. Tools – Proxy’s – Which one?
• Pick by features
• All are mature and well supported
• Nginx is clear popularity winner

20. Living in a Microsoft world?
• Application Request Routing
(ARR)
• Snaps in to IIS
• Familiar UI
• UI!!! Not command line!
• Configuration documents
• XML

21. ARR

22. ARR

23. Azure API
Management

24. Demo API – MS CalcAPI
• Great Azure Friday videos on API Management
• http://channel9.msdn.com/Shows/Azure-Friday/
• Using Postman or similar you can tinker
• http://calcapi.cloudapp.net/calcapi.json
• http://calcapi.cloudapp.net/api/add?a=2&b=3
• http://calcapi.cloudapp.net/api/sub?a=2&b=1

25. Plug the API into the manager

26. Take advantage of the magic: operations
• Adding operations enables built in tools

27. “Products”
• You have to add your API to your products

28. Now subscribe to the Product
• Users have to subscribe to products, to get access to API’s
• Administrators are auto subscribed

29. Developer Portal
• We can test our api from the developer portal
• Upper right of admin panel

30. Developer Portal

31. Code Generation

32. Console for testing

33. Questions?
Andrew Siemer - Clear Measure
andrew@clear-measure.com
(512) 387-1976
@asiemer