SOA Software: API Proxy vs. Gateway

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

I mean goes with Prada management for us where software will talk to you a little bit about API proxy versus gateway which is good because that's what what's written at the top of the whiteboard here so we're going to start with the basic premise you're a business and you want to be able to communicate with your consumers your customers or new customers you haven't developed yet customers are using range of devices from my house through a car through a TV tablet a phone beautifully drawn photo on my dad or computer so what do you want to be able to do to be able to integrate with those guys is to expose an API and that API will reach out and magically everything is going to work and you've got an API you're communicating with your loyal customers perfect well maybe not because you've got some concerns you have to be a little bit worried about security you have to be a little bit concerned about availability and monitoring and you need to be concerned about threats you want to make sure that stuff that's happening outside the enterprise isn't breaking stuff that's going on inside the enterprise so what do you do well logically you define approximately approximately use my handy dandy little wrestler Ariza and we'll drop the proxy for this thing proxy does a few things for you first thing it's going to do is add Transport Security then you're going to use it to make sure the things your API is available and reliable to add some monitoring for things like SMAS and performance you probably also need to provision access to your API from the outside world and Transport Security will help you with that but you'll be doing that in order to control quotas you want to be able to offer different users different parts of your API different access levels to all the silver bronze services and that kind of stuff a lot of the reason you buy quotas is to make sure that you are protecting yourself against threats and against load so that's a proxy nice and simple all you've basically done is taken your API exposed it to your consumers but what you have to realize is that the proxy only works if you already have an API you have to be exposing an API from your business in order to use a proxy proxy doesn't create anything new it just really exposes the same thing adding a few non-functional requirements so that's not really the reality for most businesses isn't in reality most businesses look a bit different than that you have existing services inside the enterprise exposed by one or more applications this case will keep things nice and simple and show two business applications gonna stick to using what apps even though it's a little bit confusing that's one so we got some applications inside your business also in a modern world in most businesses most large enterprises you're not really just one business you will want some lots of businesses distributed geographically spread around all over the world doing their own thing in your data center quite probably using different applications you've grown through acquisition little sorts of stuff going on so these services that already exist when we label them services that already exist inside the enterprise you need to find a way of exposing those in creating them as an API and that's where the Gateway comes in some once again let's do a little bit of amazing create a few holes here and there start this process over and what we're going to do the first thing we're going to do in gateway is do some orchestration one orchestration will allow me to do is to take these services and stitch them together to create a single something for now we'll call that something an API in fact the program will do a little bit more to it before you can really think so what else do we need to do well we're going to need some mediation mediation is the way that I'm going to take my existing services from whatever format mechanism they're delivered and expose them as something a bit more modern usable so these things are quite lighting things like so maybe there's some JMS plano like so now maybe if you're really lucky with some modern applications that are doing rest Jason who knows what this is this might be made for an application could be anything so what we what we do with the mediation layer is we take soap and we turn it into restoration or we take rest Jason we turn it into so the reality is it really shouldn't matter what's back here and it really shouldn't matter what format you want your API in you should be able to go from one to another declaratively what you shouldn't have to do is write code you should never be writing code or engaging professional services teams to do these things for you you need a gateway that makes that seamless and does it automatically as part of the platform extending on top of this gateway style functionality we need things like message security message security is really important that supposed to transport over security because the message security allows you to ensure end-to-end security you're guaranteeing the identity of the user of this application all the way through to the back in system you're dealing with things like authorization that we're layering here very tough worked around local authorization we're starting to get into some sophisticated capabilities around denial of service prevention denial of service prevention is things like there are traditional eczema fiber capability so XML with that brat sequin ejection protection various scripting antivirus all those K kind of capabilities wrap up into denial of service and these capabilities are all delivered through a gateway and their reality the gateways also been ramp your proxy so the Gateway will exist here in the Gateway includes the proxy functionality delivers all of this orchestration mediation message security etc on top of the transport level security and monitoring encourages that the proxy is giving and it's allowing you to create single NPI's from multiple back-end systems and all that sort of stuff so there are a couple of questions that our eyes the first is well hey that gateway looks a lot like an ESB so where is an ESB and what do I do with it and why wouldn't I use any a spec for as well the ESB really exists in here it's sort of between your applications and your services the ESB is really an extension of your eai platform it's delivering an adapter framework to allow you to expose services from your applications does the ESP content orchestration now probably some of them do does it contain mediation yeah probably message security likely but starting to get a bit more difficult authorization do s prevention probably not and the reality anyway is that the ESB is generally fairly heavyweight pieces of technology they're quite costly to operate you're developing you're doing a lot of work in the SP that you may not necessarily want to do to expose services as an API and more to the point you're definitely not going to want to deploy that ESB in the DMZ and that's the design pattern designed to exist inside your DMZ with one leg in the outside world and one leg in the inside world providing that bridge in dealing with all these sophisticated capability so that's question one it has been part of your application tier and the Gateway existing externally the other question is well what we've written up here a PR processing versus gateway if the Gateway does all this why would I ever want just a proxy well in our world you wouldn't the Gateway delivers the proxy capability what some vendors may tell you is that the proxy is more efficient it's lighter weight why would you want all this heavyweight stuff when all you really need is this well that may be true that all you really need is the proxy for some capabilities and what you'll be told is that proxies are faster the Gateway slow things down add cost and weight to your process that's really not true a well architect and well-designed gateway is going to act as a proxy when it needs to act as a proxy I'll only add these extra capabilities when required it's driven by configuration it should be all declarative based on the need for example if your back-end service is a well-structured well-constructed rest JSON API and you're passing it through the Gateway with no need for message security or authorization you don't need to orchestration don't need mediation you may choose you don't need em out of service prevention so the gateways simply going to act as a proxy it will stream content through adding transport security monitoring forcing quotas without any additional no matter of course as soon as you start getting into more sophisticated cases you're back in services soap your API has to be rest JSON then the Gateway just automatically takes over it delivers that functionality declarative Leon are writing code you're making things work so to summarize should I use an API proxy or sure use a gateway both just make sure they're all in the same product thank you you

Info

Channel: Akana

Views: 63,379

Rating: 4.8554215 out of 5

Keywords: api, application, programming, interface, proxy, gateway

Id: G9ftUW_2mUo

Channel Id: undefined

Length: 9min 27sec (567 seconds)

Published: Fri Dec 20 2013