Next-gen API Management with Hybrid Cloud
- Chamin Dias
- Associate Lead - Marketing - WSO2
Today, the exponential growth of APIs shows no sign of slowing down. Digitally driven enterprises understand that they must deliver enhanced digital experiences to achieve sustained growth, faster innovation, and meet modern consumer needs.
In a recent survey of 500 IT decision-makers, the vast majority agreed that four factors are key to driving better digital experiences, as well as gaining and maintaining a competitive advantage: improved security, cloud adoption, total data control, and API integration. APIs have become the basic building blocks for new digital channels to customers, employees, and partners, and the right API management solution is key to innovate faster and address modern consumer demands.
In the past, companies deployed solutions that leveraged in-house teams and on-premises infrastructure. However, these deployments struggled to provide cloud native support, accelerate innovation, and scale dynamically to meet demand.
This is where cloud computing and cloud infrastructure deployment becomes key.
From on-premises to hybrid cloud API management
Traditional API management deployments solely relied on pure on-premises infrastructure. However, there’s been a notable dependence on API management platforms to ease the burden of managing APIs.
Figure 1: High-level representation of on-premises API management
API management technologies are also evolving rapidly and they’re moving towards hybrid approaches, where some parts of the platform are cloud based and the other part is based on on-premises data centers.
Taking this a step further, the industry has moved the resources in the on-premises deployment to a private cloud, which is owned and maintained by the organization itself and is not exposed to outside consumers.
Simply put, there are:
- Public clouds — the deployment infrastructure is hosted by an external cloud vendor at the vendor’s premises.
- Private clouds — the deployment infrastructure is dedicated to the organization and not shared with other consumers.
In addition, there are on-premises deployments to maintain some parts of the infrastructure.
How can you get the advantage of public clouds and private clouds along with on-premises for better API management?
In traditional API management infrastructure, an enterprise had to deploy the solution on the organization’s data center by itself. With this approach, there was more control over the platform and also a lot of flexibility. In addition, the network and backend services were closely located, which resulted in low latency and helped to integrate backend services. Also, there was no need to expose backend services to external networks (which was a good thing from a security angle).
However, all these benefits came at a cost. The organization had to utilize both human and hardware resources to maintain a pure on-premises deployment. This leads to a high cost of ownership as well. At the same time, it’s difficult to onboard external parties and service providers into the system. Today, there is almost no system that runs without any collaboration with an external service provider. In an on-premises environment, security restrictions imposed on the enterprise network and also the security compliance in the onboarding process make it even more difficult. There can be a security risk associated with this type of onboarding process too.
Having a cloud and on-premises API infrastructure mitigates maintenance difficulty and the high cost of on-premises deployments. Fully functional API management software is offered at a lower cost by using the software as a service (SaaS) methodology. Here, all the maintenance and availability concerns are also handled by the provider (cloud service provider), so that the organization can focus on the business logic to improve agility and rapid development.
Even though there are many advantages to cloud-based implementations, there might be cases where the organization cannot fully implement the ecosystem in the cloud. For example, if the majority of APIs are used within the organization itself, and API backends are internal, the additional hops introduced will cause unnecessary latency in the system.
If a VPN is used, additional cost and regulatory concerns must be addressed (e.g., banking systems and healthcare providers). The other option is to expose the backend services to the internet, but that can lead to many security vulnerabilities.
There are benefits and challenges in both on-premises and cloud-based solutions. What if there is a way to inherit the advantages of both methods and come up with a solution that can address modern API management use cases in a cost-effective manner?
This is where hybrid cloud API management comes into play. Hybrid cloud combines and unifies public cloud, private cloud, and on-premises infrastructure to create a single, flexible, cost-optimal IT infrastructure.
With the right hybrid cloud API management strategy, an organization can enjoy benefits such as rapid deployment models, a low total cost of ownership, better performance, enhanced security, and improved compliance in the same API ecosystem. You can get the benefits of a SaaS environment together with the greater control provided via private cloud API management.
When it comes to hybrid cloud API management, most of the API management infrastructure—including management user interfaces, the developer portal, and analytics—are in the public cloud. As such, these components are easily accessible to API publishers and subscribers. The organization or the business owner does not need to deal with availability, uptime, and maintenance for these components as they’re handled by the public cloud service vendor.
Figure 2: High-level representation of hybrid cloud API management
Some parts of the deployment (such as the API gateway) can run in the private cloud or in the on-premises setup. If the private cloud is located closer to the backends, network latencies can be reduced, and full control over the security aspects. In addition, no VPNs are required and this will help reduce costs too. If the organization chooses to run the gateway in the cloud or constrained environments (such as Docker containers and Kubernetes), high availability, auto-scaling, and efficient infrastructure usage can be mentioned as advantages.
How hybrid API management helps your business to be agile
Many digital service-based companies are adopting microservices to run their business setups. It’s essential to have a centralized API management platform, where APIs can be shared via an API marketplace and API analytics enables decision-makers to arrive at meaningful business insights. The platform must also facilitate a decentralized approach for API ownership to leverage agile development methods.
A hybrid cloud infrastructure combines an on-premises data center (sometimes called a private cloud) with a public cloud, allowing data and applications to be shared between them. In some places, the hybrid cloud is defined to include “multi cloud” configurations, where an organization uses more than one public cloud in addition to their on-premises data center. In such an instance, the centralized API management platform can either be in the cloud or provided by a SaaS API management platform, where each team gets its own isolated, logically separated tenant space. At the same time, the API gateways can be run and maintained in a private cloud (maybe within the enterprise infrastructure) by the in-house teams, while having full control over their APIs.
This leads to improved agility, enhanced API security, faster response times, and a lower cost of ownership.
When it comes to cloud-based API management, there are two major areas. The first is where the public cloud is a computing infrastructure hosted by the cloud vendor at the vendor’s premises, which is accessed by the consumer. The second is where the private cloud is a computing infrastructure dedicated to the business organization itself and not shared with the public. Sometimes, this private cloud is replaced by an on-premises infrastructure.
A hybrid cloud deployment is a combination of private and public cloud services. Here, an orchestration mechanism is maintained between these two.
In other words, a hybrid cloud system is a combination of two different cloud deployments or cloud + on-premises deployment. The on-premises infrastructure (or private cloud) is employed for all sensitive operations, while the public cloud is used to deal with the components that can be exposed to the general public or consumers. A hybrid cloud API management system helps to simplify application deployment, enhance agility, improve workflow processes, and lower the cost of ownership.