apiGrove
-
Upload
gmthomps -
Category
Technology
-
view
1.138 -
download
0
description
Transcript of apiGrove
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
apiGroveAn Open Source API Management EnginePresented by Greg Thompson (@gmthomps), Head of Architecture, Applications Enablement Solutions
Alcatel-Lucent
October 2012
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
2
WHY OPEN SOURCE?
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
3
• Open source software powers the core of cloud and web services
• Drives standardization and allows the industry to contribute in the development process
• Allows apiGrove roadmap to go in directions ALU alone may not have taken it
• Developers are free to participate in helping set the future direction of the software and optimize it to meet their specific business needs and timelines.
• Alcatel-Lucent will continue to be a lead contributor to the apiGrove open source initiative as API management remains a key tenet of the company’s Open API Platform. Alcatel-Lucent will continue to make new capabilities available as part of its commercial API offer and at the same time, actively leverage the efforts of open source software developers worldwide.
apiGroveWhy Open Source?
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
4
apiGrove INTRODUCTION
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
5
apiGroveHigh-Level Features & Architecture
SCALE Multiple deployment models
Load balancing
High availability
Caching
METER API caller authorization
API usage quotas & rate limits
Transaction data records
PROTECTHTTPS termination (1-way / 2-way)Authentication
Threat protection
MANAGE API onboarding / routes definitionRESTful APIs for every feature
apiGroveTDRsRESTfu
l API
REST, SOAP, HTTP(S)
Clients
(browser, mobile app, backend
server)
Your provisioning frontend
(Sample Drupal modules
available)
Targets
(e.g. your internal
API / app server)
REST, SOAP, HTTP
Your analytics system
(or Alcatel-Lucent’s
commercial Reporting &
Analytics solution)
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
6
• Code on github
• 100% Java
• Relies on open source middleware
• Fuse ESB (Apache ServiceMix, Apache Camel, Apache CXF, Apache Karaf)
• Jetty
• Hazelcast
• Tested on Red Hat Enterprise Linux 5.8, but also known to work on other Linux distributions (e.g. CentOS)
apiGroveShow Me the Code
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
7
apiGroveFreemium Business Model
• apiGrove = Open Source version• Licensed under Apache v2 terms
• Project to be publicly announced in September
• Premium API Management Engine = Commercial version• Same code base as apiGrove
• Additional features: Security (XML/WSDL validation), Rate limit accuracy in cluster (Speaker Manager), SNMP
• Support and professional services by Alcatel-Lucent (bug fixes, custom integration)
• Optionally integrated within Alcatel-Lucent’s Open API Platform :
• Service Composition Framework (orchestration framework and value-added services: SMS, Location, Device Capabilities, and more)
• Reporting and Analytics (data mining on API usage)
• Business Management Suite (monetization model for APIs and associated workflow)
• Provisioning and management system (web frontend, management interface, directory)
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
8
apiGrove Release v1Free v. Premium Features Comparison
apiGrove Premium API Management Engine
SCALEAPIs to 1000s TPS
• Clustering with load balancing• Caching of policy data• Dual-site operation
• Heartbeat mechanism with southbound services
• Integration with Alcatel-Lucent’s Service Composition Framework
METERAPI usage for monetization
• Flexible model for quotas/rate limits (per API, per App, per Group)
• API usage TDRs • Thresholds & warning TDRs• Custom TDR fields
• Quotas/rate limits sync in cluster (speaker manager)
• Integration with Alcatel-Lucent’s reporting & analytics
PROTECTAPIs from threats
• HTTPS (1-way / 2-way TLS)• AuthN: IP whitelist, AuthKey, HTTP Basic,
WSSE username profile• REST methods filtering
• XML / SOAP Validation• WSDL or XSD Validation• Integration with Alcatel-Lucent’s Authorization
Server for oAuth 2.0
MANAGESystem and APIs
• Provisioning and admin through RESTful API
• Sample web UI for standalone deployment• Basic header transformations
(add/remove)• Software install verified on RHEL5.8
• SNMP KPI reporting • Provisioning through Alcatel-Lucent’s OAP
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
9
apiGroveTimeline for contributions
Q3’12
Q4’12
Q1’13
Q2’13
Sept’12apiGrove
initial release
Community contributions(enter into Apache incubation)
Dec’12Premium AME(commercial)
v5.0
Apr’13Premium AME(commercial)
v6.0
Goal is to integrate external
contributions in monthly sprint
drops
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
10
apiGroveFeatures Backlog
SCALEAPIs to 1000s TPS
• More characterization tests• Performance optimizations
METERAPI usage for control and monetization
• ASN.1 format for TDRs• Calendar-based quotas and rate limits
PROTECTAPIs from threats
• HTTP Digest authentication• WSSE X509 authentication• OpenStack ID authentication• HTTPS support southbound• Support 3rd-party oAuth Authorization
Server• JSON payload validation• WADL validation• Header injection protection
MANAGESystem and APIs
• Installers for other OSes (e.g. CentOS)• Forward Proxy mode support• SOAP/JSON Exceptions• More logs• Encrypted logs• Plugin modules for transforms• Web UI themes (drupal)• Web UI improvements (e.g.
internationalization)• Cluster management UI• Elastic scaling recipes
We welcome contributions for these and more
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
11
DEMO
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
12
• apiGrove Home Site http://apigrove.net
• Forums, information
• apiGrove GitHub http://github.com/apigrove/apigrove
• Source code and binary downloads
• Follow @apiGrove on Twitter
• This slide deck http://www.slideshare.net/gmthomps/apiGrove
apiGroveKey Links
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
13
THANK YOU ! … Q&As
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
14