Friday, August 23, 2024

WSO2 for Integration

 WSO2 is a middleware vendor that sells open source API management software, has the ability to access all types of data, real-time streams and events, allows users to efficiently design, deploy and maintain APIs. 





Main WSO2 products

1) WSO2 Enterprise Integrator (WSO2 EI): It contains message brokering, visual tools, integration runtimes, business process modeling and analytics tools. has graphical interface and drag-and-drop interface. 

2) WSO2 Enterprise Service Bus (WSO2 ESB): ESB addresses integration standards and provides support for all integration patterns, enables interoperability between various business applications and heterogenous systems.

3) WSO2 Identity Server (WSO2 IS): access management; manage the identity, security and privacy of a digital business.

4) WSO2 API Manager: it is like google apigee and IBM app-connect, it is a full lifecycle API management solution, incorporating a Kubernetes operator that makes it easy to convert raw microservices into managed APIs. can run anywhere (on-premise, private cloud, hybrid cloud)

5) WSO2 IoT Server: provides a complete solution that allows the connection and control of various devices, creation of apps, securing of devices and data, visualization of sensor data and event management.

6) WSO2 Data Analytics Server (WSO2 DAS): allows users to benefit from business operations information in real time. Geolocation capabilities, provide analysis of past and present processes.


WSO2 API management software

APIGEE
Rafie Tarabay
Technical Consultant
eng_rafie@mans.edu.com
What is APIGee?
Platform to manage APIs
Create a proxy layer between backend services and Consumer
Consumer has to call proxy service to get backend response
Client can’t access backend directly for security reasons
Provide monitor, analysis for APIs usage
2
APIGee versions
Apigee has different flavors:
1) Apigee Edge: Old name before Google acquisitions. it has two versions
1.1) Apigee Edge for Public Cloud: Cloud Version
1.2) Apigee Edge for Private Cloud: on-premises Version
2) Google Apigee X: Current google version, it has two versions
2.1) Apigee: run as a SAAS on google cloud
2.2) Apigee Hybrid: run on-premises or in another cloud provider, has a management plane
that runs in Apigee's cloud.
3
Apigee lifecycle:
APIGEE
1. Design: define all swagger endpoints using OPEN-API Specification (OAS)
2. Develop: API Proxy
3. Secure: Apply on API proxy to make:
Traffic management (Quota, Spike Arrest)
Security using (API Key, JWT, Oauth 2.0,…)
4. Publish: deploy API proxy to allow accept requests
5. Scale
6. Monitor: view/download usage data includes (API health,operation, response time, country)
7. Analysis
4
5
How to configure google
Create Google Project
Create Apigee Organization with the following components:
Environment
Environment Group
API Product
API Proxy
Developer
APP
6PRESENTATION TITLE
Apigee.google.com/setup
Google Cloud
Google Cloud can contain many projects.
each GCP project can map to 1 Apigee X Organization only.
PRESENTATION TITLE 7
APIGee Limitations
8
Max 50 API Proxy per Environment.
Max 85 Environments per APIGee Organization.
Only 1Google Cloud Project can map to 1Apigee X Organization.
Max 4250 API proxy deployment units per APIGee Organization
Max 100 API products per app
Max 5000 API products per organization
https://cloud.google.com/apigee/docs/api-platform/reference/limits
APIGee components
API Proxies move to running state once it is deployed to Environment
Environment are grouped together in Environment Groups
Environment Groups can contain One or More Hostnames
API Product is a collection of API proxies with Quota Settings
Developer should create App to subscribe to One or More API Product
Developer can register to Developer Portal to create App
9
Relation Between APIGee Components
Developer can create One or more Apps
APIGee Organization can have One or More Developer
APIGee Organization can have One or More Environment Groups
APIGee Organization can have One or More API Products
API Product can have One or More API Proxy
Environment can be part of One or More Environment Groups
10
API PROXY
For Apigee
12
PRESENTATION TITLE 13
Reverse Proxy by default pass all parameters from call to backend.
PRESENTATION TITLE 14
PRESENTATION TITLE 15
PRESENTATION TITLE 16
PRESENTATION TITLE 17
PRESENTATION TITLE 18
PRESENTATION TITLE 19
PRESENTATION TITLE 20
PRESENTATION TITLE 21
APIGee Traffic Management
Spike Arrest: Control number of calls from All customers to API per Sec/or Min.
Per second maximum: 1000
Per minute maximum: 60000
Use effective Count: true, [Smooth the traffic]
means: (if we allow 10 requests per min, this option will allow only 1 request every 6 seconds)
Quota: Control number of allowed calls from customer per week/or month.
Max Quota Interval 1 year
Min Quota Interval 1 minute
The best location for traffic management control is ProxyEndpoint Request PreFlow
22
FLOWS
Controlling how a proxy executes
In a proxy endpoint, a PreFlow is a great place for security and quota policies.
PostFlow: A good place to log data, send a notification, sets headers of the response.
PostClientFlow (proxy flow only): A flow for logging messages after a response is returned to the client.
Conditional flow: You cannot have separate conditions for request and response. Only one conditional flow is
executed--the first flow whose condition evaluates to true. ex: if request from Mobile convert XML to JSON.
24
<PreFlow> it have <Request> and <Response> as a child elements
<Request> holds the policies to execute during request
<Response> holds the policies to execute during response
<Flows> contains zero or more <Flow> element, but only one Flow will
execute, you can define default flow if none of flows evaluates to true. Default
flow will not have conditions.
25
Proxy Configuration
You can download your proxy configurations so that you can
edit them on a local machine. When you're done, you then
upload the results to Edge.
26
POLICIES
Enhance flow behaviour by build in functionlities
Policies
Enhance flow behaviour by using build in functionality like
security, rate limit, message transformation.
We can configure these policies using
API Product
28
To Force Policies
API Product will force the Quota
Apps will force the API Key and Expire date (Security)
API Product is a collection of API proxies with
Quota Settings
Apps contains a collection of API Products with
API Key and Expire date
29
PRESENTATION TITLE 30
PRESENTATION TITLE 31
RafieApiProduct
PORTAL
Developer portal solutions
Apigee supports several developer portal solutions to inform
developers about available APIs and how to use them.
35
Choose your developer portal solution
36
Build a Drupal-based portal
Using the Drupal portal development tools to build a fully
customizable developer portal with all CMS capabilities of
Drupal with additional Apigee-developed Drupal modules.
Apigee and hybrid support Drupal 10, which provides a reliable
open-source, enterprise-level content management system
(CMS).
37
https://cloud.google.com/apigee/docs/api-platform/publish/drupal/open-source-drupal
HOW TO BUILD API
MARKETPLACE?
APIGee Limitations
Google Project
APIGee Org
Environment
API Product
API Proxy
Quota/month
Apps
API Key Expire Date
Apps
API Key Expire Date
Apps
API Key Expire Date
API Provider API Consumers
External API Spike Arrest
39
Max 50 API Proxy per Environment.
Max 85 Environments per APIGee
Organization.
Only 1Google Project to 1Apigee
Organization.
Max 4250 API proxy per APIGee
Organization
Max 100 API products per app
Max 5000 API products per organization
Steps of Creating New API-Provider
1. Create new Google Project with each API-Provider.
2. Create new APIGee Organization for each API-Provider.
3. Create new API Reverse Proxy for each external API.
4. Create new API product with monthly quota for each monthly
price plan.
5. Protect External API by limit the total traffic that can hit it per
Second/Minute using Spike Arrest.
40
How many APIs Proxy needed if these APIs have the same price rate?
One API Proxy can be enough and just make reverse proxy to
https://dummy.restapiexample.com/api/v1/
41
Create New API Consumer
Define new APPs with API-Key and 1 month expire Date target
the API product with the correct monthly quota.
42
THANK YOU
APIGEE
43