API Proxy vs Gateway

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

I mean goes with product management for SOA software we'll talk to you a little bit about API proxy this is gateway which is good because that's what certain at the top of the whiteboard here so we're going to start with the basic premise your business and you want to be able to communicate with your consumers your customers all new customers you haven't developed yet customers are using range of devices from my house through a car through a TV tablet a phone beautifully drawn photo my dad or computer so what do you want to be able to do to be able to integrate with those guys is to expose an API I will reach out and magically everything's perfect well maybe not because you've got some concerns you have to be a little bit worried about security you have to be a little bit concerned about availability and monitoring and you need to be considering their threat so you want to make sure that the stuff that's happening outside the enterprise isn't breaking stuff that's going on inside the enterprise so what do you do well logically need to define approximately approximately we use my handy dandy little racecar razor and we'll drop a proxy for this thing proxy does a few things for you those things going to do is add Transport Security then you're going to use it to make sure the things your API is available in reliable to add some monitoring the things like SMAS and performance you probably also need to provision access to your api from the outside world and Transport Security will help you with that but you'll be doing that in order to control quotas you want to be able to offer different users different parts of your API different access levels to all the silver bronze services all that kind of stuff a lot of the reason you my quota system make sure that you are protecting yourself against threats and against low so that's a proxy nice and simple what you've basically done is taken your API exposed it to your consumers but what you have to realize is that the proxy only works if you already have an API you have to be exposing an API from your business in order to use a proxy proxy doesn't create anything new it just really exposes the same thing adding a few non-functional requirements so that's not really the reality for most businesses isn't in reality most businesses look a bit different than that you have existing services inside the enterprise exposed by one or more applications in this case we'll keep things nice and simple and show two business applications so we've got some applications inside your business also in a modern world in most businesses most large enterprises you're not really just one business you will not some lots of businesses distributed geographically spread around all over the world doing your own thing in your own data center quite probably using different applications you're growing through acquisition little source of stuff going on so these services that already exist label them services that already exist inside the enterprise you need to find a way of exposing those in creating them as an API and that's where the Gateway comes in so once again let's do a little bit of amazing create a few holes here and then stop this process over and what we're going to be the first thing we're going to do in gateway is do some orchestration one orchestration will allow me to do is to take these services and stitch them together to create a single something for now we'll call that something an API in fact the program will do a little bit more to it before we can really think so what else do we need to do well we gonna need some mediation mediation is the way that I'm going to take my existing services from whatever format and mechanism they're delivered and expose them as something a bit so these things are quite lighting things like so maybe there's some JMS plane always so now maybe if you're really lucky with some modern applications that are doing rest Jason who knows what this is this might be made for an application could be anything so what we what we do with the mediation layer is we take soap when we turn it into restoration or we take rest Jason we turn into so the reality is it really shouldn't matter what's back here we shouldn't matter what format you want your API in you should be able to go from one to another declaratively what you shouldn't have to do is write code you should never be writing code or engaging in professional services teams to do these things for you you need a gateway that makes that seamless and doesn't automatically as a part of the platform extending on top of this gateway style functionality limiting things like message security message security is really important as opposed to transport over security because the message security allows you to ensure end-to-end security you're guaranteeing the identity of the user of this application all the way through to the backing system you're dealing with things like authorization that we're layering here very tough workaround authorization we're starting to get into some sophisticated capabilities around didn't I have a service prevention deny service prevention is things like whether traditional fiber capabilities so XML width depth breadth sequin ejection protection various scripting antivirus all those kind of capabilities wrap up into dinner service and these capabilities are all delivered through a gateway and their reality the gateways also been ramped you are promising so the Gateway will exist here in the Gateway includes the proxy functionality until there was all of this orchestration mediation message security etc on top of the turns for level security and monitoring encourages that the proxies giving and it's allowing you to create single NPI's from multiple back-end systems and all that sort of stuff so there are a couple of questions that our eyes the first is all well hey that Gateway looks an awful lot like in your speed so where is an ESB and what do I do with it and why wouldn't I using ESP for this well the ESB really exists in here it's sort of between your applications and your services that ESB is really an extension of your eai platform it's delivering an adapter framework to allow you to expose services from your applications does the ESP contain orchestration yeah probably some of them do does it contain mediation yeah probably message security likely but it's starting to get a bit more difficult authorization das prevention probably not and the reality anyway is that the ESP is generally fairly heavyweight pieces of technology quite costly to operate you're developing you're doing a lot of work in their sphere that you may not necessarily want to do to expose services as an API but more to the point you're definitely not going to want to deploy that ESB and the TMC and that's the design pattern of a gateway they designed to exist inside your DMZ with one leg in the outside world and one providing that bridge and dealing with all these sophisticated goods so that's question one yes be part of your application tier and the Gateway existing externals the other question is well what we've written up here API proxy versus gateway if the Gateway does all this why would I ever want just the proxy well in our world you wouldn't the Gateway delivers the proxy capability what some vendors might tell you is that the proxy is more efficient it's lighter weight why would you want all this heavyweight stuff when all you really need is this well that may be true that all you really need is the proxy for some capabilities and and what you'll be told is that proxies are faster the Gateway slow things down add cost and weight to your process that's really not true a well architect and well-designed gateway is going to act as a proxy when it needs to act as a proxy I'll only add these extra capabilities when required it's driven by configuration it should be author claret if based on the need for example if your back-end service is a well-structured well-constructed rest JSON API and you're passing it through the Gateway with no need for message security or authorization you don't need orchestration you don't need mediation you may choose you don't need them out of service prevention so the gateways simply interact as a proxy it will stream content through adding transport security monitoring enforcing quotes without any additional oh man of course as soon as you start getting into more sophisticated cases your back-end services soak your API has to be arrest Jason then the Gateway just automatically takes over it delivers that functionality declaratively I'm not writing code you're making things work so to summarize should I use an API proxy or sure and use a gateway both just to make sure they're all in the same product thank you

Info

Channel: Akana

Views: 31,266

Rating: 4.8873239 out of 5

Keywords: Application Programming Interface (Literature Subject), Proxy Server (Software Genre)

Id: U16Ra5tmiqs

Channel Id: undefined

Length: 9min 27sec (567 seconds)

Published: Mon Mar 30 2015