Cloud Native API Management : Microservices to APIs in Kubernetes
•
0 likes•202 views
This document provides an overview of applying API management to microservices deployed in Kubernetes using the WSO2 API Operator. It discusses microservices architecture and service meshes. It then covers how the API Operator can be used to deploy an API gateway and apply API management functionality like security, throttling and monitoring to microservices. It provides examples of exposing microservices as APIs using both the "swagger first" and "publisher first" approaches. Finally, it outlines a demo of deploying sample microservices in an Istio service mesh and applying API management using the API Operator. Learning materials are also referenced to help understand configuring the required tools and components.
Report
Share
Cloud Native API Management : Microservices to APIs in Kubernetes
- 1. Cloud Native API Management : Microservices to APIs in Kubernetes September 16, 2020
- 2. Hello! Dinusha Dissanayake Senior Software Engineer, WSO2 dinushad@wso2.com
- 3. ● Microservices architecture and service mesh ● API management in Service Mesh Paradigm ● API Operator ● API Operator With Istio Service Mesh ● API Management Ecosystem ● Exposing microservices as APIs ● Applying API Management to Microservices in a Service Mesh(Demo) What’s covered... 3
- 4. Microservices Architecture & Service Mesh
- 5. 5 Microservices Architecture & Service Mesh ● Microservices Architecture enables to deploy applications ⦿ Independently ⦿ Frequently ⦿ Loosely coupled ⦿ Scale ● Service Mesh is to handle service to service(inter service) communication ⦿ Load Balancing ⦿ Service discovery ⦿ Authentication ⦿ Traffic Management ⦿ Circuit Breaking
- 6. Micoservice Architeture & Service Mesh Istio Ingress Gateway Products Service Inventory Service Review Service Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Namespace: Istio-system Namespace: micro Consumer
- 7. API Management in Service Mesh
- 8. API Management in Service Mesh Paradigm 8 ● Gateway handles north-south traffic ● Service Mesh handles east-west traffic ● Fully fledged API management system for microservices is a combination of both
- 9. API Operator for Kubernetes
- 10. 10 API Operator for Kubernetes ● Makes API a first class citizen in Kubernetes eco system ● Easier to deploy ● Imposese ⦿ Security ⦿ Throttling ⦿ Mediation ⦿ Monitoring For your microservices ● Build in deployment patterns ● Fully automated experience for cloud native API management ● Single source of truth
- 11. 11 API Operator Overview API CRD API Controller API Operator K8s API Server Docker Registry apictl add api -n products-api --from-file=products_swagger.yaml
- 12. API Operator with Service Mesh
- 13. 13 API Operator with Istio in Permissive Mode ● Services running in a namespace where Istio injection enabled ● API gateway running in a different namespace ● Works with both HTTP and MTLS traffic
- 14. 14 API Operator with Istio in MTLS Mode ● When Istio is deployed in MTLS mode ● The communication between API gateway and the services are happened via Istio Ingress Gateway. ● Virtual Service in Istio to route the traffic from Istio ingress gateway to backend services
- 15. 15 API Operator with Istio in Sidecar Mode ● API gateway resides in the Istio enabled namespace ● Istio ingress gateway works as the edge gateway and talk to API gateway ● API gateway routes the traffic ● Works with both permissive and MTLS scenario
- 17. Overview of Control Plane, Management Plane and Data Plane Inventory Service API Microgateway 17 Products Service Review Service API Publisher Developer Portal Key Manager Data plane - K8S Traffic ManagerAPI Analytics Management Plane Control Plane
- 18. 18 API Publisher
- 20. 20 Business Insights for Microservices
- 21. Exposing microservices as APIs
- 22. 22 Expose microservices as an API Product 1 Swagger first approach AKA Developer first approach 2 Start from API Publisher AKA Design first approach
- 23. 23 Swagger First Approach Start from the Swagger definition Deploy the API Gateway in Kubernetes Import the API to the API Publisher Productize the API and publish the API Productize the API by adding necessary information and publish the API for public access Access the API from the DevPortal By giving the Swagger definition to Kubernetes Using apictl (command line tool) import the API to the API PublisherCreate/ Generate a Swagger definition for the microservices Using an access token, invoke the API from the devportal
- 24. 24 Start from API Publisher Create an API in the API Publisher Productize the API and publish the API in Kubernetes Deploy the API Gateway in Kubernetes Access the API from the DevPortal Using an access token, invoke the API from the devportal By selecting a Kubernetes environment, publish the API in Kubernetes As of the API Manager and Kubernetes integration, an API Gateway gets deployed in Kubernetes Using the API publisher, create an API
- 25. Applying API Management to Microservice in Service Mesh (Demo)
- 26. 26 Demo outline ● Deploying microservices in Istio service mesh ● Applying API Management to the microservices using API Operator in sidecar mode ⦿ Swagger first approach ⦾ Deploy an API Microgateway using K8s API Operator ⦾ Import the API to the API Publisher ⦾ Productize and publish the API ⦿ Publisher first approach ⦾ Create an API in the API Publisher ⦾ Publish the API in Private Jet Mode ● Discover the APIs in the Marketplace ● Invoking the secured API
- 27. Prerequisites ● Kubectl ● Kubernetes Cluster with Kubernetes version v1.15 or above ⦿ Minimum CPU 8vCPU ⦿ Minimum Memory 8GB ● Istio v1.6.5 or above ● An account in a docker registry (Docker Hub/ECR/GCR etc) ● K8S API Operator and API controller (CLI tool) installed in Istio mode ● API manager with private jet mode enabled deployed(Could be either k8s cluster in a separate VM) Documentation for the above steps are mentioned in a later slides as learning materials. 27
- 28. Deploying Microservices Istio Ingress Gateway Products Service Inventory Service Review Service Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Namespace: Istio-system Namespace: micro 28
- 29. Deploying API Microgateway for microservices Istio Ingress Gateway Products Service Inventory Service Review Service Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) API Microgateway Namespace: Istio-system Namespace: micro 29
- 30. Expose API Microgateway to outside traffic Istio Ingress Gateway Products Service Inventory Service Review Service Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) API Microgateway Namespace: Istio-system Namespace: micro 30
- 31. Access the API Istio Ingress Gateway Products Service Inventory Service Review Service Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) Sidecar Proxy (Envoy) API Microgateway API Consumer Namespace: Istio-system Namespace: micro 31
- 32. Learning Materials ● Configuring Kubectl : ⦿ https://kubernetes.io/docs/tasks/tools/install-kubectl/ ● Configuring APICTL : ⦿ https://apim.docs.wso2.com/en/latest/learn/api-controller/getting-started-with-wso2-api-controll er/ ● Install API Operator & deploy API Manager on Kubernetes: ⦿ https://github.com/wso2/k8s-api-operator/blob/v1.2.0/README.md ● API Operator with Istio ⦿ https://github.com/wso2/k8s-api-operator/tree/v1.2.0/scenarios/scenario-13 ● API Manager private jet mode: ⦿ https://apim.docs.wso2.com/en/latest/learn/kubernetes-operators/k8s-api-operator/enabling-pri vatejet-mode-to-deploy-apis/ 32
- 34. wso2.com Thanks!