Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Become a Pro at API Management: A declarative a...

paraskakis
October 10, 2019
Programming
0
300

Become a Pro at API Management: A declarative approach

Presented at API World 2019 and API Specs Conference 2019.
OpenAPI has become the standard way to describe APIs and Services but when it comes to runtime configuration, it’s a Tower of Babel: each vendor takes a different approach, or worse, DevOps are forced back into a UI, with no good way to script and automate deployments. We’ll examine the current state of declaring configuration in API Definitions and examine proposals to improve infrastructure as code via OpenAPI.

paraskakis

October 10, 2019
Tweet

More Decks by paraskakis

See All by paraskakis
API Best Practices
paraskakis
0
190
Outside-in Development for APIs and Microservices
paraskakis
0
28
API Design Hands-On Lab
paraskakis
0
46
Bring Design Thinking to your API Lifecycle
paraskakis
0
120
Decomposing Service Descriptions: The Future of API Design
paraskakis
0
820
APIDays_Design_API_Security.pdf
paraskakis
0
81
Have Your Layer Cake and Eat it Too
paraskakis
1
160
Keeping your APIs Honest - Gluecon 2017
paraskakis
0
110
Easy Data Modeling with MSON (Defrag 2016)
paraskakis
0
99

Other Decks in Programming

See All in Programming
카카오페이는 어떻게 수천만 결제를 처리할까? 우아한 결제 분산락 노하우
kakao
PRO
0
110
Arm移行タイムアタック
qnighy
0
350
Modular Monolith Monorepo ~シンプルさを保ちながらmonorepoのメリットを最大化する~
yuisakamoto
9
810
聞き手から登壇者へ: RubyKaigi2024 LTでの初挑戦が 教えてくれた、可能性の星
mikik0
1
140
Quine, Polyglot, 良いコード
qnighy
4
650
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
1
100
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
0
110
Micro Frontends Unmasked Opportunities, Challenges, Alternatives
manfredsteyer
PRO
0
120
Vapor Revolution
kazupon
2
310
どうして僕の作ったクラスが手続き型と言われなきゃいけないんですか
akikogoto
1
120
CSC509 Lecture 13
javiergs
PRO
0
110
RubyLSPのマルチバイト文字対応
notfounds
0
120

Featured

See All Featured
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
It's Worth the Effort
3n
183
27k
Practical Orchestrator
shlominoach
186
10k
The Language of Interfaces
destraynor
154
24k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Site-Speed That Sticks
csswizardry
0
37
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
44
2.2k
Into the Great Unknown - MozCon
thekraken
32
1.5k
A Modern Web Designer's Workflow
chriscoyier
693
190k
Designing the Hi-DPI Web
ddemaree
280
34k

Transcript

  1. Become a Pro at API Management: A declarative approach Emmanuel

    Paraskakis |@manp VP Product, SmartBear

  2. Proprietary & Confidential 2 Configuring API Management today – UI

    or CLI/API

  3. Proprietary & Confidential 3 UI - Great for getting started,

    but… • No repeatability – maybe dump/restore a config file? • Can’t easily see differences between configs • Not easy to version • Not easy to share/collaborate on • Start from scratch every time • No templating/reuse/examples • Configuration proliferation and drift

  4. Proprietary & Confidential 4 Better: Declarative Config • Like code…

    so you can diff it, check it in • Can view/share entire config in a doc but… | Usually proprietary format | duplication of API Description… | what if I already have an OpenAPI doc?

  5. Proprietary & Confidential 5 Best: Reuse API Description • Add

    “vendor extensions” to your OpenAPI doc (inline) • Reuse of paths, methods and other elements • Use a single document as Source of Truth • Minimize inconsistencies but… | Vendor extensions are not part of the standard | They are different for each vendor, not only in syntax, but in scope/purpose

  6. Proprietary & Confidential 6 Can we do better? • What

    if runtime configuration were part of OpenAPI? And vendor extensions were unified and part of the standard? What we have already: | Use “servers” for environment configuration | Use “security” “securitySchemes” for authN What we’re missing: | A “backends” object | Request and Response Policy spec | Analytics config/aggregation Servers Backends Security Request Policies Response Policies

  7. Proprietary & Confidential 7 Servers Servers Backends Security Request Policies

    Response Policies

  8. Proprietary & Confidential 8 Security Servers Backends Security Request Policies

    Response Policies

  9. Proprietary & Confidential 9 Request Policies Servers Backends Security Request

    Policies Response Policies

  10. Proprietary & Confidential 10 Backends Servers Backends Security Request Policies

    Response Policies

  11. Proprietary & Confidential 11 Response Policies Servers Backends Security Request

    Policies Response Policies

  12. Proprietary & Confidential 12 What’s next? • OpenAPI Proposal to

    support Runtime Configuration: • Request/Response Policies • Backends • Analytics Aggregation • OpenAPI Proposal for Overlays #1843 • OpenAPI Proposal to extend support for Substitution Variables Credits for Inspiration: Mark Foster Vincenzo Chianese