Distributed API Management | Serverless360
← Return To Home

Distributed API Management

Did you ever wish to be able to use a single API management solution for all your APIs deployed in multiple clouds and on-premises? Now you can! In this session, Vlad Vinogradsky, Product Leader for Azure API Management will explain how to do just that with Azure API Management.

This article explains how self-hosted gateway feature of Azure API Management enables hybrid and multi-cloud API management, presents its high-level architecture, and highlights its capabilities.

Hybrid and multi-cloud API management

The self-hosted gateway feature expands API Management support for hybrid and multi-cloud environments and enables organizations to efficiently and securely manage APIs hosted on-premises and across clouds from a single API Management service in Azure.

With the self-hosted gateway, customers have the flexibility to deploy a containerized version of the API Management gateway component to the same environments where they host their APIs.

All self-hosted gateways are managed from the API Management service they are federated with, thus providing customers with the visibility and unified management experience across all internal and external APIs.

Agenda

  • API management refresher
  • Distributed API management
  • Self-hosted gateway
  • Demo
  • What’s next

Azure API Management

 Azure API Management

Unitary API Management

 Unitary API Management

Distributed API Management

Distributed API Management

Distributed API management pros and cons

Assuming APIs hosted across Azure, on-premises, and other clouds.

 Pros and Cons

Self-hosted gateway – new feature of API Management

Generally available since April 28, 2020

Deployable to on premises or to a cloud

  • Functionally equivalent to the managed gateway
  • Packaged as a Linux-based Docker container image
  • Available from the Microsoft Container Registry

Managed and observed from Azure

  • Requires only outgoing connectivity to Azure
  • Connects to an API Management service
  • Pulls down configuration and pushes up telemetry

Simple to provision and operate

  • Just a single container
  • Easy to evaluate on a laptop using Docket Desktop or Minikube
  • Kubernetes provides availability, scaling, rolling upgrades, and more

Connectivity to Azure

  • Self-hosted gateway requires connectivity to Azure
  • Without a connection to Azure gateway can’t receive configuration updates or upload telemetry
  • It is designed to “fail static” – i.e. it continues to function when connectivity is lost
  • Configuration backup to a persistent volume improves resiliency

When Backup is off

  • Run using in-memory configuration
  • Fail to initialize if restarted

 

When Backup is on

  • Run using in-memory configuration
  • Use saved configuration to initialize if restarted

 

Observability

 Observability

Demo

  • Create gateway resource
  • Deploy gateway to Kubernetes (Minikube)
  • Configure caching
  • Configure gateway to use backend service deployed to the same cluster
  • Collect and view metrics locally

 

Create gateway resource

Create gateway resource

Deploy gateway to Kubernetes (Minikube)

 Deploy gateway to Kubernetes (Minikube)

Configure caching

Configure caching

Configure gateway to use backend service deployed to the same cluster

 Configure gateway

Collect and view metrics locally

Collect and view metrics locally

What’s next for self-hosted gateway

Self-hosted gateway logs in Log Analytics – Metrics are available now

Azure AD credentials – Alternative to SAS tokens

Custom CA root certificates – From linked API Management service

Upstream TLS and cypher configuration – From linked API Management service

Self-hosted gateway on Arc Kubernetes – Use Azure control plane and policies to deploy and keep self-hosted gateways up to date

Self-hosted gateway limitations

  • Built-in cache
  • Service Fabric integration
  • TLS session resumption
  • Client certificate renegotiation
  • Windows container
  • Fully disconnected mode

Resources