APIGEE
Rafie Tarabay
Technical Consultant
eng_rafie@mans.edu.com
What is APIGee?
•Platform to manage APIs
•Create a proxy layer between backend services and Consumer
•Consumer has to call proxy service to get backend response
• Client can’t access backend directly for security reasons
•Provide monitor, analysis for APIs usage
2
APIGee versions
Apigee has different flavors:
1) Apigee Edge: Old name before Google acquisitions. it has two versions
1.1) Apigee Edge for Public Cloud: Cloud Version
1.2) Apigee Edge for Private Cloud: on-premises Version
2) Google Apigee X: Current google version, it has two versions
2.1) Apigee: run as a SAAS on google cloud
2.2) Apigee Hybrid: run on-premises or in another cloud provider, has a management plane
that runs in Apigee's cloud.
3
Apigee lifecycle:
APIGEE
1. Design: define all swagger endpoints using OPEN-API Specification (OAS)
2. Develop: API Proxy
3. Secure: Apply on API proxy to make:
•Traffic management (Quota, Spike Arrest)
•Security using (API Key, JWT, Oauth 2.0,…)
4. Publish: deploy API proxy to allow accept requests
5. Scale
6. Monitor: view/download usage data includes (API health,operation, response time, country)
7. Analysis
4
5
How to configure google
•Create Google Project
•Create Apigee Organization with the following components:
•Environment
•Environment Group
•API Product
•API Proxy
•Developer
•APP
6PRESENTATION TITLE
Apigee.google.com/setup
Google Cloud
Google Cloud can contain many projects.
each GCP project can map to 1 Apigee X Organization only.
PRESENTATION TITLE 7
APIGee Limitations
8
•Max 50 API Proxy per Environment.
•Max 85 Environments per APIGee Organization.
•Only 1Google Cloud Project can map to 1Apigee X Organization.
•Max 4250 API proxy deployment units per APIGee Organization
•Max 100 API products per app
•Max 5000 API products per organization
https://cloud.google.com/apigee/docs/api-platform/reference/limits
APIGee components
•API Proxies move to running state once it is deployed to Environment
•Environment are grouped together in Environment Groups
•Environment Groups can contain One or More Hostnames
•API Product is a collection of API proxies with Quota Settings
•Developer should create App to subscribe to One or More API Product
•Developer can register to Developer Portal to create App
9
Relation Between APIGee Components
•Developer can create One or more Apps
•APIGee Organization can have One or More Developer
•APIGee Organization can have One or More Environment Groups
•APIGee Organization can have One or More API Products
•API Product can have One or More API Proxy
•Environment can be part of One or More Environment Groups
10
API PROXY
For Apigee
12
PRESENTATION TITLE 13
Reverse Proxy by default pass all parameters from call to backend.
PRESENTATION TITLE 14
PRESENTATION TITLE 15
PRESENTATION TITLE 16
PRESENTATION TITLE 17
PRESENTATION TITLE 18
PRESENTATION TITLE 19
PRESENTATION TITLE 20
PRESENTATION TITLE 21
APIGee Traffic Management
•Spike Arrest: Control number of calls from All customers to API per Sec/or Min.
•Per second maximum: 1000
•Per minute maximum: 60000
•Use effective Count: true, [Smooth the traffic]
means: (if we allow 10 requests per min, this option will allow only 1 request every 6 seconds)
•Quota: Control number of allowed calls from customer per week/or month.
•Max Quota Interval 1 year
•Min Quota Interval 1 minute
The best location for traffic management control is ProxyEndpoint Request PreFlow
22
FLOWS
Controlling how a proxy executes
•In a proxy endpoint, a PreFlow is a great place for security and quota policies.
•PostFlow: A good place to log data, send a notification, sets headers of the response.
•PostClientFlow (proxy flow only): A flow for logging messages after a response is returned to the client.
•Conditional flow: You cannot have separate conditions for request and response. Only one conditional flow is
executed--the first flow whose condition evaluates to true. ex: if request from Mobile convert XML to JSON.
24
•<PreFlow> it have <Request> and <Response> as a child elements
•<Request> holds the policies to execute during request
•<Response> holds the policies to execute during response
•<Flows> contains zero or more <Flow> element, but only one Flow will
execute, you can define default flow if none of flows evaluates to true. Default
flow will not have conditions.
25
Proxy Configuration
•You can download your proxy configurations so that you can
edit them on a local machine. When you're done, you then
upload the results to Edge.
26
POLICIES
Enhance flow behaviour by build in functionlities
Policies
•Enhance flow behaviour by using build in functionality like
security, rate limit, message transformation.
•We can configure these policies using
API Product
28
To Force Policies
•API Product will force the Quota
•Apps will force the API Key and Expire date (Security)
•API Product is a collection of API proxies with
Quota Settings
•Apps contains a collection of API Products with
API Key and Expire date
29
PRESENTATION TITLE 30
PRESENTATION TITLE 31
RafieApiProduct
PORTAL
Developer portal solutions
Apigee supports several developer portal solutions to inform
developers about available APIs and how to use them.
35
Choose your developer portal solution
36
Build a Drupal-based portal
•Using the Drupal portal development tools to build a fully
customizable developer portal with all CMS capabilities of
Drupal with additional Apigee-developed Drupal modules.
•Apigee and hybrid support Drupal 10, which provides a reliable
open-source, enterprise-level content management system
(CMS).
37
https://cloud.google.com/apigee/docs/api-platform/publish/drupal/open-source-drupal
HOW TO BUILD API
MARKETPLACE?
APIGee Limitations
Google Project
APIGee Org
Environment
API Product
API Proxy
Quota/month
Apps
API Key Expire Date
Apps
API Key Expire Date
Apps
API Key Expire Date
API Provider API Consumers
External API Spike Arrest
39
•Max 50 API Proxy per Environment.
•Max 85 Environments per APIGee
Organization.
•Only 1Google Project to 1Apigee
Organization.
•Max 4250 API proxy per APIGee
Organization
•Max 100 API products per app
•Max 5000 API products per organization
Steps of Creating New API-Provider
1. Create new Google Project with each API-Provider.
2. Create new APIGee Organization for each API-Provider.
3. Create new API Reverse Proxy for each external API.
4. Create new API product with monthly quota for each monthly
price plan.
5. Protect External API by limit the total traffic that can hit it per
Second/Minute using Spike Arrest.
40
Create New API Consumer
•Define new APPs with API-Key and 1 month expire Date target
the API product with the correct monthly quota.
42
THANK YOU
APIGEE
43
No comments:
Post a Comment