11436 SSO

Simplifying Microservices Management

How Apigee and Istio can bring APIs and microservices together
Gregory Brail
May 24, 2017

If you base your IT technology strategy on what you read in the blogs, then you are already building your entire technology stack as a collection of microservices, built by “two-pizza teams,” running in containers, and deployed to the cloud using a container orchestration product like Kubernetes. There are a lot of good reasons to adopt such an architecture, from agility to resilience.

But if you’ve actually tried to follow through on all this, you probably discovered that it’s harder than it sounds. (For instance, what if you have team members who can’t or won’t eat pizza?)

But between pizza breaks, your teams are probably asking how a service in one container can locate another service, since the containers will be coming up and down all the time. Of course, there are facilities in Kubernetes for this, but they’re not enough.

What if one of the microservices is unresponsive from time to time? How do all the API calls between microservices remain encrypted in transit using the proper protocols and cipher suites? How do you control which microservices are authorized to talk to others, while preventing insiders from directly accessing sensitive data from their command line?

Building and deploying microservices is hard

After contemplating these problems and others, we realized that building and deploying microservices the right way is a lot of work.

That’s why, when Apigee joined Google last November, we were happy to learn that Google not only had solved many of these problems for its own services, but that Google has been working on an open source project aimed at solving these same problems for the rest of the microservices world.

So, we’re excited that today Google, along with IBM and Lyft, is announcing Istio, an open source project designed to ease the pain around connecting and securing a network of microservices.

Within Google, the Apigee team already runs a diverse set of services on a variety of platforms, and we’re expecting to deploy more. Istio will help us solve the very problem it’s being advertised to solve—making a mesh of microservices secure and reliable. But we think there’s a lot more to this project.

Most Apigee customers are talking about microservices, and many of our customers are adopting them. We expect that the presence of Istio in the marketplace will give them a great framework for building those networks of services. So we won’t be surprised when our customers ask us, “Will Apigee work with Istio?”

The answer is “yes,” and we’re working with the Istio community on exactly that today.

Microservices require API management

We feel that Apigee and Istio are a great fit. Istio is built with containers and microservices management in mind. The Apigee Edge API platform provides common visibility and management across both APIs and microservices for organizations of any size.

For instance, within a single Kubernetes cluster—and even with Istio helping mediate—an unreliable or slow microservice can drag the SLA of an entire application down along with it.

The kinds of sophisticated analytics that the Apigee platform provides can help administrators and product managers see these kinds of issues and react to them before it’s too late.

Once services are used beyond a single team and outside a single cluster, a different set of API management capabilities are necessary. For instance, by enforcing API quotas, an API product team can help control how much load a particular team can place on the whole collection of microservice.

Apigee is used by many organizations to enforce these types of quotas, allowing API teams to dynamically adjust how much API load is consumed by each organization who uses an API.

And, when services are exposed outside the corporation, capabilities like security based on OAuth, intelligent threat detection, and “bot” detection become important. Often, services exposed outside the organization won’t be adopted unless the API team uses a platform like Apigee Edge to enable developers to learn about and access APIs quickly via self service.

In short, we feel that the microservices movement is creating an explosion in the number of APIs in the world—and in the end, that makes API management tools even more important.

For that reason, we’re excited to be working on integrating our suite of API management tools with Istio—including our open source, software-as-a-service, and on-premises products.

 

Microservices Done Right

Next Steps

 
 

Resources Gallery

News