Implementing Enterprise API Management in Oracle Cloud
-
Upload
capgemini -
Category
Technology
-
view
2.347 -
download
9
Transcript of Implementing Enterprise API Management in Oracle Cloud
Implementing Enterprise API ManagementIn the Oracle CloudOracle OpenWorldSan Francisco | September 18-22, 2016
Luis [email protected]
uk.linkedin.com/in/lweir @luisw19
soa4u.co.uk/
2Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Table of Contents
Introduction
Context
A step back… redefining types of integrations
The missing pieces:
• An Enterprise API Taxonomy
• API Management Capability Model
• Mapping Oracle Cloud PaaS to APIM Capabilities
Use cases
Wrap-up
Introduction
4Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Resume
I am very passionate about technology. I have be the lead authored of two books (Oracle SOA Governance 11g Implementation and Oracle API Management 12c Implementation), I am a regular blogger and speaker in major conferences and events. A well-known industry expert especially when it comes to Oracle middleware technologies I am also an OTN certified SOA black belt.
Luis Weir Oracle Ace Director – Cloud Principal at Capgemini UKI am an Oracle Ace Director, Cloud Principal and a Thought Leader specialised in Oracle Fusion Middleware & Oracle PaaS. With more than 15 years of experience implementing IT solutions across the globe, I have been exposed to a wide wide variety of business problems many of which I’ve helped solved by adopting SOA architectural styles such as traditional SOA, API management and now Microservices. My current focus is in assisting organisations define and implement solutions and strategies that can help them realise the benefits that such technologies have to offer.
2nd Place1st OTN Cloud
HackathonJune, 2016
CloudContribution Award
SOA CommunityMarch, 2016
Latest Media: Oracle Magazine May/June 2016 (http://
bit.ly/1RTCAU3) Systematic Approach for Migrating to Oracle
Cloud SaaS (http://bit.ly/1Xr6acs) Oracle Magazine Jan/Feb 2016 (http://ora.cl/Vhh) API Management Implementation (http://
ora.cl/Gcw) A Word About Microservices and SOA (http://
bit.ly/25Dk5go)
ContextA summary of key business challenges driving the need for API management
6Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
The “Digital” dilemma…
7Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Systems of Differentiator
Systems of Record
Systems of Innovation
Bi-modal IT, is it really?
Traditional Mode(Reliable, delivered in waterfall, IT centric,
V-model, slow)
Non-linear Mode(Agile, DevOps,
automation, fast)
Promised in 8 weeks
Promised in 4 Months
What about access to core data and business
functionality?
+8 Weeks
Ready in 8 Months
Environment created, system changed, functionality added,
access granted,
Standard interface delivered
Waiting for changes
Waiting for access
Bi-modal?
8Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
A bi-modal analogy
The fast IT organisation can only be as fast as it is possible to deliver access to systems of records…
Thus bi-modal IT it’s contraint to the speed it takes to deliver such access.
9Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Cloud
Rush to the Cloud
Firewall
Social Media
{json}
{json}
{json} {json}
{json}
{json}
<xml><xml>
<xml>
Oracle Cloud SaaS
FIN HUBs LEGACYSCM
Other SaaS
Mobility & IoT Solutions
= accidental cloud architecture (cloud spaghetti!)
10Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Breaking the chains
11Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
API-led connectivity
Firewall
ERP HCM LEGACYCRM
Mobility & IoT SolutionsOracle Cloud SaaS Social MediaOther SaaS
Cloud
On-Premise APIs
Cloud APIs HybridAPI
Platform
12Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
API growth is exponential
API growth in the enterprise exponential API accelerated growth will continue:
• Partner integration APIs• B2C APIs• Enterprise mobility APIs• IoT APIs
Growth In Web APIs Since 2005 Programmable Web
Jun-05
Mar-06
Oct-06
May-07
Dec-07
Jul-08
Feb-09
Sep-09
Apr-10
Nov-10
Jun-11
Jan-12
Aug-12
Mar-13
Oct-13
0
1500
3000
4500
6000
7500
9000
10500
12000
1 186 299 438 593 8651263 1546
20262418
3422
5018
7182
9011
10302
Month
API
Cou
nt Fastest Growing Web APICategories (6 months)
Programmable Web
Financial; 70
Enterprise; 66
Backend; 52
Messaging; 43
Advertising; 43
Government; 38
Mapping; 35
Science; 31Social; 28
13Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
What is an [Web] API?
Application Programming Interfaces (APIs) are not new. But they have taken on a new shape. REST (or Web) APIs are doors that giveaccess to information and functionality in real time.And just like doors: They have locks. Only key holders can open them There are different types for different needs (size, color, locks,
purpose, etc.) They can be outside facing (anyone can see them i.e. internet) or
internal facing (i.e. only accessible within an area/zone) They are available only in specific locations – API endpoints They can be as secured and closely monitored as required (typically
depending on their purpose and information being accessed) The have an impact on people (customers and employees)
experience. Based on their performance experience can be good or bad. If bad people will remember!
14Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
API Management
Planning
Design
Implementation
Publication
Operation
Consumption
Maintenance
Retirement
API
15Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Drivers for API Management
Enable a digital strategy by unlocking access to electronic
business assets
Richer user experience by delivering
tailored-fit APIs
Quicker, standard and secure access to information and
functionality
Discovery and reuseof APIs
3rd generation API platform with global
deployment capabilities (cloud or on-prem)
Robust operations, analytics and
insights
API as a new source of revenue. Information
is a valuable asset
A step back… redifining types of integrationAn overview of vertical and horizontal integrations
17Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
SYSTEMS OF ENGAGEMENT
Mobile Apps Response web Applications Devices Customer
ServiceBusiness Partners
Vertical vs. Horizontal Integration
Horizontal Integration
Asynchronous in nature. Near-real time or batch. Typical integration styles: as pub/sub, data replications, file transfers
SYSTEMS OF RECORDS
Financials EPM HCM Order Management CRM Data Hubs Legacy
Sync
hron
ous/
Rea
l tim
e
Vert
ical
Inte
grat
ion
Main scope for API Management
Created with Niklas Olsson /
18Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Vertical vs. Horizontal Integration – Characteristics
Vertical
Human behind the trigger Information requested on-demand (real-time) Synchronous in nature. A request expects a response Objective is to deliver functionality and/or information in
support of a user journey Directly impacts the user experience (regardless of the channel) Best realised with API management
Horizontal
System behind the trigger Initiated by a system scheduled or a system event Asynchronous in nature. No immediate response expected Objective is to deliver data or messages from a source
system to a target(s) system No immediate impact to the user (unless a malfunction occurs) Can be realized in a number of ways
Validate,Enrich,
Transform
.... .. .
.. .. . .
....... .
.... .. .
.. .. . .
....... .
.... .. .
.. .. . .
....... .
.... .. .
.. .. . .
....... .
Route,Operate,
Load
Extract,Capture
Exp
erie
nce
Del
iver
y
Systems of EngagementCoworkers Customers
Rapid access, Transform
Enforce, Aggregate, Route
Tailor, Deliver
UX
19Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
SOA
What about SOA?
Inspiration from Martin Fowler’s Microservices presentation at GOTO conference, Berlin November 2014 (minute 14)
Typically adopted to deliver horizontal
integrations
TraditionalSOA
(i.e. AIA)
Best for vertical integrations
Not for integration.
Best for building modern systems
APIManagement
MicroservicesArchitecture
The missing piece:Enterprise API Taxonomy, API Management Capability Model and Oracle PaaS Cloud Services mapped to the APIM capabilities
21Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Enterprise API Taxonomy
SaaS
API Applications
Finance SCM Legacy, etc CX HCM
[Managed] Business APIs
Single Purpose APIs Utility APIs
Identity
Logging
ErrorHanding
Notifications
Management & Collaboration
Design & Development
Portals
Policy Definition
Lifecycle Management
RuntimeAnalytics
User Management
SYSTEMS OF ENGAGEMENT
Special Purpose APIs Presentation APIs Partner [B2B] APIsPublic [Consumer] APIs
Microservices
SYSTEMS OF RECORDS SYSTEMS OF INNOVATION
SYSTEMS O
F DIFFER
ENTIATIO
N
$
API
System APIs System APIs System APIs System APIs System APIs
22Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
API Management Capability Model
API Registry
Single Purpose APIs
Business APIs
API Applications
Utility APIsAPI Design & Development
Portal
API-First Design Console
ADL Programmatic Validation
API Approval Workflow
API Dynamic Documentation
API Applications & Keys Generation
Developer On-boarding
Community Collaboration
Resource Registration
Resource Discovery
K/V Storage
K/V Replication
Resource Health Status
Registry API
Identity Federation
Identity Mappings
Error Handling
Logging
Alerts & Nots
Management APIs
AuthN/AuthZ/API Key Validation
Policy Enforcement
HTTP Routing
Calls Aggregation
Light Transformation
Light Scripting
In-memory Cache
Rate Limiting/Throttling Streaming REST/SOAP
Conversions
System AuthN/AuthZ Connectivity Adapters Connection &
Session ManagementTransport
ConversionsProtocol
Conversions
Data Transformation
Complex Orchestrations
Custom Logic(Complex Scripting)
PolyglotProgramming
Decentralise Deployment
Federated AuthN/AuthZ
API Key Validation
Call Aggregation
Tailored Contracts
Thread Protection
Thread Protection
Client Backend Logic Scripting
Platform/Backend APIs
Push Nots/Websockets
Polyglot Consumer SDKs
API Management
Console
API Lifecycle Management
Policy Definition
Runtime Monitoring
Runtime Analytics
API Gateway Management
Policy Definition
User & Role Management
Keys Management
Delivery
Version Control Deployment Continuous
TestingRelease
ManagementContinuous Integration
Team Management
Team Collaboration
Issue Tracking
Spring Boards
RuntimeDev-Ops
API Discovery & Subscriptions
23Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Oracle PaaS for API Management
RuntimeDev-OpsSuggestionsAPIPCS OOTB InteroperabilityOracle PaaS Cloud Services
API Registry
Single Purpose APIs
Business APIs
API Applications
Utility APIsAPIPortal
API Management
Console
Delivery
Developer Cloud
Eureka
Management
Cloud
Identity Cloud
Java CloudSOA Cloud App Container CloudIntegration Cloud
API Platform Cloud
API Platform Cloud
API Platform Cloud
Java CloudMobile Cloud App Container CloudAPI Platform Cloud
Public SaaSAPI Catalog
Patterns & Use CasesSample enterprise API management use cases delivered in the Oracle Cloud PaaS
25Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
APIM Designer Portal
API {First} Design
8) Feedback
13) Evaluates14) No changes
7) Evaluates
5) Creates API definition
12) Submits final definition(Github pull request)
9) Updates definition
4) Opens API editor
1) Enters APIM Dev Portal
2) Searches API catalogue
3) No match
11) Thumbs up!10) Evaluates
Assertions checks
Assertions checks
15) Set-up continuous test
6) Creates mockup & shares URL
> Dreed, Circle CI
16) Implements API
17) Requests deploy 18) Gets request19) Approves
API Gateway
API GatewayDMZ
API Gateway
ManagementConsole
API Platform Cloud
API Designer
API Developer
API ConsumerDeveloper
Architects
API Developers
API Gateway Admin
DeveloperPortal
API Platform Cloud
26Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Mobile Application accessing System of Records in Oracle SaaS and SFDC
Cloud PaaS
API Gateway
API Platform
Mobile BackendMobile API
Connections
Mobile Cloud
JSON Object TailoringAuth
Business API
Oracle MAF
Validate API-Key
Limits & throttle
User Authn Route Respond
Cloud SaaS
ERP Cloud
Integration Flows
Integration Cloud
Enterprise WSDL
OrchestrateConnect
TransformConnectR
ES
T
Auth Service
2
36
5
7
8
9
4
1) Update personal info submitted from app. Call to mobile backend API takes place. Authentication would’ve already happened in this example. Mobile API Key is validated
2) Backend API code (node.js) transforms object (into enterprise format), injects and calls business API via the REST connector (in theory connector should inject API key and authentication credentials)
3) Business API receives the calls and enforces policies as specified, ie. key validation, user authN/authZ, rate limits, possibly custom script and finally routes the request to the backend (system) API (implemented in ICS)
4) An integration flow receives the request (in enterprise format). An orchestration is initiated to: 1) update personal info in SFDC, 2) update personal info in ERP cloud. It happens as following:
5) The received object is transformed into target system format and included into a request call to SFDC (via enterprise WSDL). ICS takes care of REST/SOAP conversion and also handles authentication and sessions with SFDC
6) The received object is transformed into target system format and included into a request call to ERP Cloud (via enterprise WSDL). ICS takes care of REST/SOAP conversion and also handles authentication and sessions with ERP Cloud
7) ICS transforms back the object into the enterprise object format and sends back JSON response to the API gateway
8) API gateway sends back the response to the mobile backend
9) The mobile backend API code transforms object to format expected by the mobile app
{json}
{json}
{json} {json} <soap>
<soap>
<soap>
<soap>
1
{json}
{json}{json}
27Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Service Cloud searches on-premises customer master through existing SOAP web service
API Gateway
Oracle SOA Suite
ACS
Mediator DB Adapter
Cloud SaaS
Service Cloud
AP
I Pla
tform
Presentation API
Validate API-Key
Limits & throttle
User AuthN
SOAP-REST Respond
Management Console
API Platform
Cloud PaaS
Sends stats Pulls
deployments
Customer Data Hub
PLSQL
EBS
{json} {json}
<soap><soap>
0) Customer Service Agent conducts a search in Service Cloud to service for a specific customer (ie. Based on first and last name)
1
2
4
71) Service Cloud triggers a call to an API exposed in a DMZ(i.e. https://myorg.com/customers?name=luis&lastname=weir)
2) The API gateway receives the request, validates the API key and user credentials (ie. OAuth 2.0), enforces limit/throttling policies and then converts the payload into SOAP to invoke the business service exposed by SOA Suite internally
Mediator BPEL WS Adapter
6
3
5
sqlnet
DMZ
3) Typically an enterprise business service (EBS) in SOA Suite will just route the request to the relevant application connector service service also in SOA Suite
4) The ACS will transform the request from a canonical model into the application format and via the adapter (ie. Database) will connect to the system of record and conduct the search in any given protocol (ie. SQLNET)
5) The request is converted back into a canonical model and send back to the invoker service
6) A SOAP response in canonical model is send back to the API Gateway
7) A policy converts back the SOAP payload into JSON (most likely removing fields that are not required by the consumer system) and sends back the JSON payload
https
Wrap-up
29Copyright © Capgemini and Sogeti 2016. All Rights Reserved
Oracle OpenWorld | San Francisco | September 18-22, 2016
Oracle Cloud PaaS – Capability Comparison
Capability API Platform Mobile Cloud SOA Cloud** Integration Cloud Java Cloud** App. Cont. Cloud**
E2E API lifecycle (design, mock, build, test, publish, manage, monitor)
Hybrid deployment (cloud/on-prem) –native (installed via cloud)
Rich API focused ops and analytics
REST/JSON end to end
API policies definition & enforcement
Authentication & Authorization
Identity federation support (ie. OAuth 2.0)
API keys management and enforcement
Backend (platform) APIs (ie. Push nots, storage, data sync, etc)
WebSockets
HTTP Routing (declarative)
Data transformation (declarative)
Protocol conversion (declarative)
Call aggregation (declarative)
Orchestrations (declarative)
Custom scripting
Connectivity to several sources (excluding pure REST/SOAP)
Polyglot programming
Light footprint
Full Mostly Some or Custom (libs &| imperative) No supportPartly
** Only when combined with Developer Cloud
The information contained in this presentation is proprietary.Copyright © 2016 Capgemini and Sogeti. All rights reserved.
Rightshore® is a trademark belonging to Capgemini.
www.capgemini.comwww.sogeti.com
About Capgemini and Sogeti
With more than 180,000 people in over 40 countries, Capgemini is a global leader in consulting, technology and outsourcing services. The Group reported 2015 global revenues of EUR 11.9 billion. Together with its clients, Capgemini creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business Experience™, and draws on Rightshore®, its worldwide delivery model.
Learn more about us at www.capgemini.com.
Sogeti is a leading provider of technology and software testing, specializing in Application, Infrastructure and Engineering Services. Sogeti offers cutting-edge solutions around Testing, Business Intelligence & Analytics, Mobile, Cloud and Cyber Security. Sogeti brings together more than 23,000 professionals in 15 countries and has a strong local presence in over 100 locations in Europe, USA and India. Sogeti is a wholly-owned subsidiary of Cap Gemini S.A., listed on the Paris Stock Exchange.