Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and...
-
Upload
ca-technologies -
Category
Technology
-
view
297 -
download
3
Transcript of Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and...
![Page 1: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/1.jpg)
World®’16
GatewayDeploymentScenariosandBestPracticesJamieWilliamsSeniorSoftwareEngineerCATechnologies
DO3X48E
DEVOPS
![Page 2: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/2.jpg)
2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.
Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.
ForInformationalPurposesOnlyTermsofthisPresentation
![Page 3: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/3.jpg)
3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Abstract
Inthissession,wewilllookatenterprisescenariosofdeployingyourCAAPIGateway.Wewillcoveron-premises,publiccloud,andPaaS/privateclouddeployment,andthedifferentformfactorsavailableforeach.
Thecomparisonofthevariousmodelsanddiscussionofrealworldexampleswillhelptheattendeeunderstandtheprosandconsofeach.Wewillalsolearnsomebestpracticesinimplementingsuchmodels.
JamieWilliamsCATechnologiesSeniorSoftwareEngineer
![Page 4: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/4.jpg)
4 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Agenda
INTRODUCTIONTOTHECAAPIGATEWAY
GATEWAYDEPLOYMENTSCENARIOS
CHOOSINGAMODEL
1
2
3
REALWORLDEXAMPLES4
BESTPRACTICES5
![Page 5: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/5.jpg)
5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
CAAPIGateway
§ EnablesenterprisestosecurelyexposeservicestoexternalclientapplicationsasAPIs.
§ Providesruntimecontroloverservice-levelauthentication,authorization,keymanagement,credentialing,integrity,confidentiality,schemavalidation,contentinspection,datatransformation,threatprotection,routing,protocolswitching,SLAenforcement,logging,andotherfunctions.
§ ActsasanintegrationpointforextendingexistingsecurityandmessageinfrastructuretoAPIs.
![Page 6: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/6.jpg)
6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
CAAPIGateway
CAAPIGateway
EnterpriseDirectory
APIServer
SecurityBoundary
![Page 7: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/7.jpg)
7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
GatewayDeploymentScenarios
§ On-Premises
§ PublicCloud
§ PaaS/PrivateCloud
§ Hybrid
![Page 8: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/8.jpg)
8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
On-PremisesDeployment
§ HardwareAppliance
§ VirtualAppliance
§ DockerContainer
§ Software
![Page 9: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/9.jpg)
9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
On-PremisesDeployment
VirtualorHardwareAppliance
![Page 10: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/10.jpg)
10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
FormFactorOptionsforOn-PremisesDeployment
FORM FACTOR PROS CONS
Hardware • Best performance• Bestphysicalsecurity• Purposebuiltappliance• ThalesnCipher HSM
• Requiresrackspace• No hardwaremigration• Disasterrecovery
VirtualAppliance • Mobility• Scalability• Easeofdeployment• Disasterrecovery• Monitoringandmanagementtooling
• Reducedperformanceduetooverhead• Potentialresourcecontention• ESXhostmaintenance
Docker • Mobility• Scalability• Ease ofdeployment• Disasterrecovery• Simpleupgradestory
• Migration, monitoringandmanagementtooling/UI notasdevelopedasVMware
• Emergenttechnology
![Page 11: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/11.jpg)
11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
PublicCloudDeployment
§ AMI
§ Azure
§ Otherhosting
![Page 12: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/12.jpg)
12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
PublicCloudDeployment
APIs
AMI,Azure,Docker,etc.
![Page 13: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/13.jpg)
13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
PublicCloudDeployment
![Page 14: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/14.jpg)
14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
FormFactorOptionsforPublicCloudDeployment
FORM FACTOR PROS CONS
AMI • ManyGateway-friendlyservices• Goodmonitoring• Auto-scaling• RDS
• Matureplatform
• Expensive
Azure • Cheaper thanAMI• Goodmonitoring• Auto-scaling
• Relativelyfewservices• Windows-centric
![Page 15: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/15.jpg)
15 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
PaaS/PrivateCloudDeployment
§ CloudFoundry
§ OpenShift
§ OtherPaaS
![Page 16: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/16.jpg)
16 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
PaaS/PrivateCloudDeployment
DockerContainer
![Page 17: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/17.jpg)
17 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
ProsandConsofPaaS/PrivateCloud
PROS CONS
• Mobility• Scalability• Easeofdeployment• Disasterrecovery• Auto-scaling• Simpleautomatedupgradestory• Somehavegooddeployment,managementtooling
• Canbeveryopinionated/presecriptive• Often minimal ornoservices• Canhaveexpensivelicensesandsupportcontracts• Somehavelimitedorunfriendlytooling
![Page 18: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/18.jpg)
18 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
HybridDeployment
§ Combinationofotherscenarios
![Page 19: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/19.jpg)
19 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
HybridDeploymentExampleOn-premiseshardwarewithAmazonWebServices
AMI
HardwareAppliance
![Page 20: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/20.jpg)
20 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
ChoosingaModel
§ Performance
§ Latency
§ Uptime
§ Governance
§ TimetoMarket
Whatareyournon-functionalrequirements?
![Page 21: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/21.jpg)
21 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
ChoosingaModel
§ Sizeofdatacentre
§ Budget,capitalvsoperational
§ Departmentalsilos
§ Willyourcorporatelimitationsbechangingsoon?
§ Mightyouchangeyourmindaboutwhereaserviceisdeployed?
Whatareyourcorporatelimitations?
![Page 22: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/22.jpg)
22 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
RealWorldExamples
§ On-premiseshardwareforTLS,AWSfornon-TLS(HTTP)traffic
§ On-premisesVMware,auto-scalinginAWSforpeaktraffic
§ FederatedGatewayclustersinseparateITinfrastructures
§ AzureforMicrosoftecosystemsupport
CAcustomers’Gatewaydeploymentscenarios
![Page 23: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/23.jpg)
23 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
BestPractices
§ LoadBalancing
§ VMwarebestpractice
§ Performancetesting
![Page 24: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/24.jpg)
24 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
LoadBalancing
§ Failover
§ Highavailability
§ Balanceload
§ Reduceoverloadingofindividualnodes
Whyimplementloadbalancing?
![Page 25: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/25.jpg)
25 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
LoadBalancing
§ ChooseAffinityandBalancingalgorithmsappropriatetotheusercase
§ ConfiguretimeoutsforbothLoadBalancerandGatewayroutingappropriatetosystembehaviouratbusinesslevel
§ ConsiderSSLTermination
Realworldguidance
![Page 26: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/26.jpg)
26 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
VMwareBestPractices
§ EnsureGatewayVMshavereservedmemoryandprocessors
§ DisableDRSorconfigureNodeAffinityforGatewayVMsonhypervisorclusters
§ DonotrunGatewayVMsonanovercommittedhost
§ Donotconfusehyperthreaded coresforphysicalcoreswhenallocatingprocessors
§ SizeGatewayVMssuitablyfortheusercase
Consistentperformancerequiresconsistentresources
![Page 27: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/27.jpg)
27 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
PerformanceTesting
§ Networksubsystemsandback-endlatency
§ ConnectiontimeoutvsResponsetimeout
§ Concurrency&Keepalive
§ Synchronizationoftesting
§ LonglivedvsShortlivedrequests
§ Loadbalancing,errorcases,andlongerlastingeffects
Confoundingfactorstobemindfulof
![Page 28: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/28.jpg)
28 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
RecommendedSessions
SESSION# TITLE DATE/TIME
DO3X47EVCAAPIGateway:DevelopingCustomPoliciestoSecureYourEnterpriseAPIs
11/14/2016at10:00am
DO3X49ECAAPIGateway:ManagingandmigratingGatewaypolicieswiththeGatewayMigrationUtility
11/14/2016at11:00am
DO3X52ECAMobileAppServices:BuildthePowerfulMobileAppEveryEnterpriseNeedsinUnderanHour
11/14/2016at1:00pm
![Page 29: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/29.jpg)
29 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Questions?
![Page 30: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/30.jpg)
30 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Thankyou.
Stayconnectedatcommunities.ca.com
![Page 31: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures](https://reader035.fdocuments.in/reader035/viewer/2022062401/5874140d1a28abcb5b8b4e93/html5/thumbnails/31.jpg)
@CAWORLD#CAWORLD ©2016CA.AllRIGHTSRESERVED.31 @CAWORLD#CAWORLD
DevOps– APIManagementandApplicationDevelopment
FormoreinformationonDevOps– APIManagementandApplicationDevelopment,pleasevisit:http://cainc.to/DL8ozQ