3. Open Source Softwares - Today
● Linux open source operating systems run on 65%
of all servers in the world.
● Nearly 80% of companies run part or all of their
operations in open source.
● 92% of applications contain open source libraries.
● 65% of companies leverage open source software
to speed application development.
● 67% of companies encourage their developers to
actively contribute to open source software.
Sources - 2018 TIDELIFT PROFESSIONAL OPEN SOURCE SURVEY, Black duck survey,
4. Open Source Softwares - Contributions from
Software giants.
(Github 2018)
Rank Company Employees Contributing
1 Microsoft 4,550
2 Google 2,267
3 Red Hat 2,027
4 IBM 1,813
5. Open Source Softwares - Contributions
Microsoft's GitHub open source code contributions since 2014. (Source: Microsoft
Open Source Virtual Conference keynote talk of Sept. 13, 2018)
6. Why we consider Open Source ?
● Freedom from vendor lock-in
● Freedom to examine the source code (and make changes if
necessary?)
● Test or Experience products without a subscription/for free
● Velocity for innovation: Easily extend the product based on
your requirement (Flexibility)
● Full feature availability: Try out as is
● Licensing costs are often less than closed source vendors
(+ lower initial costs and ongoing support costs)
7. Why do you need
API Management?
Image source: blog.dailysteak.co
8. APIs are essential to address the
problem of app explosion
● Demand for consumption is on the rise.
(easier/convenient ways to consume information and
services).
● Demand for consumption is driving digital
transformation.
● Digital transformation creates opportunity for $$.
● APIs are the key to enabling digital transformation.
9. What do you need from an API
Management System?
1. Creating and publishing APIs.
2. API security and rate limiting.
3. Platform for discovering, searching and consuming
APIs.
4. API governance and lifecycle management.
5. API analytics, specialization and evolution.
11. Open Source API Management - Vendors
● API Umbrella
● WSO2
● Gravitee
● Tyk
● Kong Community Version
● Swagger and Open API
● Fusio
● APIMan
12. Open Source API Management - Offerings
● Open source gateway while other components
remain proprietary.
● Complete API lifecycle management including all
components.
● Some solutions offer community version which is
open source while they have different commercially
support version.
14. #1
6th
Open Source Integration Vendor
Largest Apache Committer
Largest Open Source Vendor
6th
WSO2: Helping Digitally Driven Organizations
Implement API Strategy
15. Integrated, Open Source Products
Common architecture, common code base
IDENTITY & ACCESS
MANAGEMENT
Secure and federated identity
for integration
Federates and manages identities
across both cloud service and
enterprise environments
● Identity management
● Identity federation
● Authentication
● Authorization
75M identities managed
API
MANAGEMENT
API design, creation, reuse,
governance, and analytics
200K APIs connecting
20K orgs
Addresses full API lifecycle
management operations. Open,
extensible, customizable.
● API analytics
● API designer
● API gateway
● API microgateway
● API publisher
● API storefront/marketplace
● API repository/registry
ANALYTICS &
STREAMING
Streaming data for
real-time analysis
100K+ TPS
Interprets data-in-motion enabling
streaming events to be
integrations and trigger events
● Siddhi
● Dashboard portal
● Business rules
● Stream processor runtime
● Development environment
ENTERPRISE
INTEGRATION
Quick, iterative integration of
any app, data, or system
6 trillion transactions / yr
Hybrid integration platform for
quick, iterative integration of any
application, data, or system.
● Data integration
● ESB
● Integration designer
● Message broker
● Workflows
16. WSO2 API Manager
Design, create, publish and manage APIs to
unlock the true value of your digital assets
17. WSO2 API Manager
● Available as a single
downloadable package
● Available as a cloud / SaaS
solution
● Flexible deployment choices
● High performance gateway
● API governance, marketplace
solution
18. Cloud First or Start On-Prem
● Multi-tenanted, shared
everything
● WSO2 Hosted and managed
● Pay as you go
● Multi-region availability
● Hybrid API Management
● VPN tunnel to private DC
● Guaranteed uptime
● Limited options in
customizing
● Privately hosted
● WSO2 managed
● Upgrades, patches
installation
● Guaranteed uptime
● Full flexibility in
customization
● Better control
● Self hosted
● Self managed
● Full flexibility
● Dev-ops learning
curve
● Self managed
upgrades
http://wso2.com/api-management/cloud/
https://docs.wso2.com/display/ManagedCl
oud/WSO2+Managed+Cloud+Documenta
tion
21. ● Start with an existing endpoint/contract or design and prototype a new API
● Exposing SOAP services (convert to REST or as a passthrough)
● Exposing streaming APIs (Websocket endpoints)
Creating APIs
22. ● API Design - Over the wizard & with swagger
Creating APIs
23. ● Message manipulation,
transformation and
enrichment
● WSO2 developer studio
based tooling
● Wizard based mediation
policy application
Message mediation
27. ● Tier based simple model
○ Application developer selects the tier at app registration
○ Each tier is tied to a policy that describe the quota
○ Tiers can be applied at the application, API or at the API
resource level
● Advance rule based models
○ Policies containing IP conditions, message attribute based
conditions, transport header based conditions
○ Complex real time pattern based conditions
Traffic Management
29. ● Manage stages of an API
● Manage associated states
● Create a new version from
an existing
● Audit changes to lifecycle
states
● Support for custom
lifecycles
API Lifecycle Management
33. ● Analytics dashboard on API stats
○ API Usage / Response times /
Backend latency /
Geo-location etc
● Stats on Applications for
application owners (subscribers)
● Stats on subscriptions
API Analytics: Batch
34. ● Leverages real-time analytics streaming engine
● Used for various alerting use-cases
○ Fraudulent access token usage
○ Keeping API developers alerted on backend performance
issues
○ Alerting on SLA violations
○ Alerting on tier crossing for subscriptions
● Detect trends
● Detect API call sequences that needs to be blocked
● Detect non-usage scenarios
API Analytics: Realtime