Java IoT Authors: Stackify Blog, Yeshim Deniz, Pat Romanski, Matt Lonstine, Glenda Sims

Related Topics: @DevOpsSummit, Java IoT, @CloudExpo

@DevOpsSummit: Blog Feed Post

Your API Management Strategy By @PaulSBruce | @DevOpsSummit #API #DevOps

When you have a great idea for an API, just like a great blog series, you often need a way to publish, promote, & administer it

How Amazon API Gateway Shakes Up Your API Management Strategy
By Paul Bruce

As if a space jam-packed with the likes of 3scale, WSO2, Axway, Intel / Mashery, Apigee, Akana, CA, IBM, Oracle, Mulesoft, and HP isn't competitive enough, Amazon recently decided to get into the business of APIs-in-the-cloud. But Amazon brings something to API PaaS ( Platform As A Service) that no one else has in an API gateway solution: a cohesive DevOps pipeline.

API Management vs. API Gateway
When you have a great idea for an API, just like a great blog series, you often need a way to publish, promote, and administer it. This is the fundamental idea behind API management. API gateways on the other hand simply front an existing system with open API formats (like REST and JSON), possibly authorization and authentication semantics, but definitely to make it easier for software to be built on top of an existing system.

In contrast to simple gateways, API management portals often go far beyond these basic areas to include API ground-up design capabilities (like Apiary's API-Blueprint), gateway / brokering options, monetization, and consumer subscription throttling. But mostly, it's about how to scale, control, and version your APIs when you don't know exactly who is going to be accessing it before they sign up and start hurling requests at your most treasured and meticulously crafted APIs.

Companies like 3scale and Mashery have been on the leading edge for almost a decade, truly fleshing out what people need in an API management solution. Gartner has been predicting the growth of the API management space for a while now, even though their predictions have taken time to really prove correct. A whole new layer of competition has only recently been introduced in the past few years come in the form of big businesses getting into the API management game: IBM, HP, and Oracle. Many of these providers include the basic API gateway functionality, but wrap it with other really important aspects of the API-as-a-product lifecycle.

Why Amazon Isn't Quite in the API Management Game...Yet.
What Amazon API Gateway provides is exactly what it states: a gateway, a way to front another technology with an API. What technology are they fronting? At a high level, the answer is their existing cloud-based compute and request handling capabilities like Lambda, networking, and CloudWatch for metrics reporting. But API gateways are considerably different than API management. Gateways simply expose and handle requests to services; API management provides value-add around that core functionality, like caching, rate-limiting, billing, reporting, key/credential administration, and real-time diagnostics.

"As a PaaS solution, Amazon API Gateway will provide the greatest competitive pressure on companies that only offer cloud-based API management offerings" says Isabelle Mauny, VP of Product Management at WSO2. "By contrast, many of our global enterprise customers rely our cloud-enabled WSO2 API Manager software and cloud services to provide the flexibility for deploying on the cloud, on servers, and in hybrid environments."

The API management space has exploded in the past 5 years to become one of the most lucrative and strategic offerings to add to a company's API solutions portfolios. Estimates say that the space will quadruple to over $600 million by 2020, but people must expect that Amazon has so much more than API gateway functionality up their sleeves with this move.

As different as API gateways are from the larger API management offerings, Amazon comes awfully close to paving the way for a full API management contender. At AWS re:Invent 2014, Amazon rolled out a litany of DevOps tools, namely CodeCommit, CodeDeploy, and CodePipeline to onboard developers directly to the AWS, where many of their operations folks already are for virtualization and mass storage. It's only natural in a world where a growing segment of developers build APIs in order to have a solution that lets them get to their tasks solely in the Amazon cloud ecosystem. Perks like AWS Device Farm further sweeten the deal when mobile developers need a quick path to lots of cheap device time for testing or greenfield development purposes.

Frankly, it's a bit late to get into the API management game...unless you have a ten-fold advantage over any other cloud provider on the market, such is the case is with AWS. If it comes down to a market-share grabbing, strong armed competition, Amazon could quickly win a majority of the API DevOps market share. But how many APIs can be built and coded overnight that need immediate access to the Amazon Cloud? Not an earth shattering amount, and this is where Amazon, with all its might, doesn't present that big of a challenge to the current thought-leaders in the API management space.

Tsahi Levent-Levi

Tsahi Levent-Levi

How Does This Affect the API Landscape?
Steve Willmott, CEO of 3scale and one of the earliest thought-leaders in the API management space, sheds some light on the move by Amazon:

"Amazon's announcement is definitely an important development in the space and shows how important APIs and API Management are becoming. Amazon's focus in the announcement is on typical gateway functionality of key management and rate limiting, whereas we provide a much broader solution that also addresses the business workflows around adoption and measurement of the API. So actually think on AWS our offering will be able to connect up well with Amazon's."

These thoughts reflect an important aspect of the core API community: friendly competition. In discussion with other key API influencers, it's up for debate whether the Amazon API Gateway team connected with anyone in the community about what to build or how to position their solution in the larger ecosystem of API solutions. While other influencers are skeptical of its immediate value as an API gateway as it has been branded by Amazon, its volume pricing and low barrier to entry make it a viable contender for non-enterprise consumers, sort of the bargain basement of API management.

The whole thing gets more interesting with the inclusion of Swagger and other service description languages, in that many companies already invested in their APIs so much that they're also building descriptors could immediately benefit from Amazon API Gateway, provided a strict gateway is all that they're looking for. While there are many API gateway options out there already, existing investment in an API gateway solution by one enterprise group might not present as significant a hurdle to other groups adopting Amazon API gateway in an ad-hoc manner. The price and pipeline points are that compelling.

At APIdays San Francisco, I watched Daniel Jacobson, VP of Edge Engineering at Netflix present how his team delivers front door API functionality through a whole suite of home-grown tools, one that satisfies their gateway needs being Zuul. While Zuul and Amazon API Gateway aren't straight apples-to-apples comparisons, the most obvious difference between them is that the former is posted to Github as open source and the latter is not. It seems that Netflix general attitude towards code is that if you don't know how it works, that's probably going to cause you trouble down the line. Not knowing how Amazon API Gateway works beyond what is stated in the documentation could also represent this same risk.

I briefly chatted with Rob Zazueta, Director of Platform Strategy at Mashery (Intel), too. Since Mashery focuses on providing a complete API management platform and much less on the need for strict gateway functionality, his feeling was that the arrival of Amazon API Gateway doesn't displace Mashery's solutions at all, but rather is likely to compliment them for consumers of both. A positive outlook and confident attitude are generally always a good idea when competing in the API space.

How Does This Affect You?
It simply means that you have more options over basic gateway functionality, especially if you have legacy (full machine, non-componentized) systems in the cloud such as web front-ends and database systems that just beg for middle-tier mediation by APIs. It also means that you need to know your options in the API space better than ever before, since committing to one pipeline strategy can have both positive and negative consequences for your delivery line.

To simplify the process of deciding if diving into Amazon API Gateway is right for you, here's a quick table of pros and cons:

Fits if:

May not fit it:

Your operations or development teams already use AWS You have compliance requirements restricting you from delivering data via SaaS/cloud services
Your developers lack / need a cohesive software delivery pipeline You have anything more than very simple authentication requirements
You need to test from lots of different mobile devices You don't know how to program in HAL or for Lambda
You already have your API defined in Swagger Your existing APIs lack descriptors and you can't automatically generate them via framework
Your API solely uses cloud data storage You need to connect to off-site or on-premise data

This list is by no means exhaustive, and your encouraged to join the conversation below and contribute to what are specific reasons to consider or exclude Amazon API Gateway from your decision making process.

In the end, more API options are good for everyone, especially so when people are doing their own research on how they fit with their actual needs. It's important to build your own list of requirements over an API strategy, but be sure to also consider how your software delivery pipeline, operations scalability and downtime response procedures, and security compliance requirements factor in to your decision making process.

Please, let us know your challenges and thoughts on the matter. Conversation is always a friend.

Related articles:

Read the original blog entry...

More Stories By SmartBear Blog

As the leader in software quality tools for the connected world, SmartBear supports more than two million software professionals and over 25,000 organizations in 90 countries that use its products to build and deliver the world’s greatest applications. With today’s applications deploying on mobile, Web, desktop, Internet of Things (IoT) or even embedded computing platforms, the connected nature of these applications through public and private APIs presents a unique set of challenges for developers, testers and operations teams. SmartBear's software quality tools assist with code review, functional and load testing, API readiness as well as performance monitoring of these modern applications.

@ThingsExpo Stories
DX World EXPO, LLC, a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Conference Guru has been named “Media Sponsor” of the 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to gre...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develop...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
Large industrial manufacturing organizations are adopting the agile principles of cloud software companies. The industrial manufacturing development process has not scaled over time. Now that design CAD teams are geographically distributed, centralizing their work is key. With large multi-gigabyte projects, outdated tools have stifled industrial team agility, time-to-market milestones, and impacted P&L stakeholders.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
In his session at 21st Cloud Expo, Carl J. Levine, Senior Technical Evangelist for NS1, will objectively discuss how DNS is used to solve Digital Transformation challenges in large SaaS applications, CDNs, AdTech platforms, and other demanding use cases. Carl J. Levine is the Senior Technical Evangelist for NS1. A veteran of the Internet Infrastructure space, he has over a decade of experience with startups, networking protocols and Internet infrastructure, combined with the unique ability to it...
22nd International Cloud Expo, taking place June 5-7, 2018, at the Javits Center in New York City, NY, and co-located with the 1st DXWorld Expo will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud ...
"Cloud Academy is an enterprise training platform for the cloud, specifically public clouds. We offer guided learning experiences on AWS, Azure, Google Cloud and all the surrounding methodologies and technologies that you need to know and your teams need to know in order to leverage the full benefits of the cloud," explained Alex Brower, VP of Marketing at Cloud Academy, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clar...
Gemini is Yahoo’s native and search advertising platform. To ensure the quality of a complex distributed system that spans multiple products and components and across various desktop websites and mobile app and web experiences – both Yahoo owned and operated and third-party syndication (supply), with complex interaction with more than a billion users and numerous advertisers globally (demand) – it becomes imperative to automate a set of end-to-end tests 24x7 to detect bugs and regression. In th...
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, discussed how from store operations and ...
"There's plenty of bandwidth out there but it's never in the right place. So what Cedexis does is uses data to work out the best pathways to get data from the origin to the person who wants to get it," explained Simon Jones, Evangelist and Head of Marketing at Cedexis, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
SYS-CON Events announced today that Telecom Reseller has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.