SlideShare a Scribd company logo

Five Ways to Scale your API Without Touching Your Code

3scale
3scale

Five ways to scale an API without changing code: 1. Optimize API design by removing unnecessary methods and structuring methods to match use cases. 2. Add aggregate methods to reduce calls to base methods. 3. Implement rate limiting to reduce load and encourage efficient code. 4. Offboard caching and processing to clients to reduce server load. 5. Provide SDKs to encode best practices and optimize client code patterns. Together these techniques can significantly improve scaling by managing load through changes to API structure and client behavior rather than requiring code changes.

Technology
1 of 22
Downloaded 75 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
Five Ways to Scale your API Without Touching Your Code Steven Willmott 3scale Inc. @njyx, @3scale
3scale is… API Infrastructure Provider ! Power 350+ APIs ! 110,000 Developers writing Apps ! API Tech Operations API Business Operations Developer Support (Selection) 3scale.net
+ As of today Also have a new service for Developers ! Track Transform Analyze API Traffic ! http://www.apitools.com
Onward to Scaling…
What does Scaling Mean?
A: Handling more Transactions per second?
A: Handling more Transactions per second?
A: Making more Customers Happy per Second (whilst using the same resources)
• Decoupling Layers • Caching • Compression • Database Changes • Streaming / Real-time • Smaller Payloads • SSL Optimization ! ! Getting the Question Right • Do all of the transaction scaling plus more • Change API Structure • Change Client Design Params • Think about Client needs to rethink transaction loads • Share scaling burden with developers ! Scaling Transaction Scaling Customers Very Important Often Forgotten
Suppose you have… • Fixed Hardware Resources • (Mostly) Static Application Code Base
Five Scaling Tips That Don’t Scale Transactions
1. API Design • Do methods / calls fit use cases? • Are you passing a lot of internal IDs around? • Are some methods more expensive to execute than others? • Does the API Design mean heavy load calls are being made even if that data is not needed? • Are clients making many calls when they should be making one? Method / Structure Design Add Specific Methods Remove Methods Unbundle & Rebundle
Expected Use of Your API Expected Unexpected DesiredUndesired Yay! Innovation Not so Good Oh-Oh.. Concept: Thor Mitchel / Google
2. API Call Aggregation • Creating Aggregate Methods which compose base functionalities • Cut Access to Individual Methods • Taylor to Clients or Use Cases • Adjust the set of compound methods over time • Works best when you own all the clients Post-Hoc API Design e.g Great talk by Daniel Jacobsen APIStrat New York: ! http://bit.ly/1gAN6mp
3. Rate Limiting • Rate Limits and Clear communication change Developer behavior • Rate limits generally mean more sensible code is being written and your servers are taxed less • Rate Limits stop fringe high volume users from negatively impacting everybody else • Make sure the limits are published - Developers hate undocumented limits Restrict Outlier Usage e.g Own build… Make sure key use cases are still feasible, and that rate limits are published.
4. Off Boarding Calls • Calls that are never made you don’t have to handle! • Client Side Caching • Allow it in your Terms of Service • Build it into your SDKs, suggest it in your code samples • Calculate your rate limits by assuming caching • Use Caching headers • Consider caching both reads and writes Make the Client Work! e.g Again you need to ensure the core API Use cases are still supported if you go this route
3scale XtremeCapacity 3scale XC Nodes offboard Lookup & Processing to Local Resources
5. SDK Provision • It can be tough for third developers to write good code • Writing SDKs can make it easier • Encodes best practice in terms of API Calls • Makes Call Patterns more predictable • You can encode counterpart behavior to your rate limits • Local check for errors in calls (so your backend never receives them). Optimize your Clients e.g SDKs can create maintenance issues - but critical for large developer bases
Five Techniques 1. API Design 2. API Call Aggregation 3. Rate Limiting 4. Off Boarding Calls 5. SDK Provision Almost Certainly you have some wins here….
Conclusions Make sure you are asking the right question! Your API structure and policies massively affect how it scales Out of the Box thinking can save a lot of dollars (and the planet)
3scale: http://www.3scale.net APItools: http://www.apitools.com APICodex: http://apicodex.3scale.net
Thank You! Contact: http://www.3scale.net @njyx - steve@3scale.net

More Related Content

What's hot (9)

PDF
Building Cloud-agnostic Serverless APIs
Postman
 
PDF
Amazon API Gateway
Mark Bate
 
PDF
Building a reliable, scalable service with Clojure and Core.async
Kapil Reddy
 
PDF
Serverless in production, an experience report (JeffConf)
Yan Cui
 
PPTX
Amazon API Gateway
Mark Bate
 
PPTX
Inside Wordnik's Architecture
Tony Tam
 
PPTX
Serverless by examples and case studies
CodeOps Technologies LLP
 
PDF
Is Serverless The New Swiss Cheese?
Chase Douglas
 
PDF
From AUI to Atlaskit - Streamlining Development for Server & Cloud Apps
Atlassian
 
Building Cloud-agnostic Serverless APIs
Postman
 
Amazon API Gateway
Mark Bate
 
Building a reliable, scalable service with Clojure and Core.async
Kapil Reddy
 
Serverless in production, an experience report (JeffConf)
Yan Cui
 
Amazon API Gateway
Mark Bate
 
Inside Wordnik's Architecture
Tony Tam
 
Serverless by examples and case studies
CodeOps Technologies LLP
 
Is Serverless The New Swiss Cheese?
Chase Douglas
 
From AUI to Atlaskit - Streamlining Development for Server & Cloud Apps
Atlassian
 

Similar to Five Ways to Scale your API Without Touching Your Code (20)

PDF
How to Design Scalable and Secure APIs: Essential Considerations for 2025
ScalaCode
 
PPTX
API Management Workshop (at Startupbootcamp Berlin)
3scale
 
PDF
Is your API Naked? API Technology and Ops Considerations: Webinar slides
Apigee | Google Cloud
 
PDF
The ultimate api checklist by Blendr.io
Blendr.io
 
PPTX
API Design- Best Practices
Prakash Bhandari
 
PDF
6 Best Practices that Make a Great API .pdf
Expert App Devs
 
PDF
JOSA TechTalks - RESTful API Concepts and Best Practices
Jordan Open Source Association
 
PDF
Code-Camp-Rest-Principles
Knoldus Inc.
 
PPTX
Building a REST API for Longevity
MuleSoft
 
PPT
Unlock your Digital Content & Expand beyond your Website
3scale
 
PDF
Optimizing your API to Perform at Scale
Akamai Developers & Admins
 
PPTX
Api Design
Jason Harmon
 
PDF
API-Consumption compressed (1)
Rahul Ghai
 
PDF
API workshop by AWS and 3scale
3scale
 
PDF
API First
Kirsten Hunter
 
PDF
APIs for your Business + Stages of the API Lifecycle
3scale
 
PDF
Chris Mathias Presents Advanced API Design Considerations at LA CTO Forum
Chris Mathias
 
PDF
Json api dos and dont's
Neven Rakonić
 
PDF
Creating a RESTful api without losing too much sleep
Mike Anderson
 
PDF
Lectura 2.4 is your api naked - 10 roadmap considerations
Matias Menendez
 
How to Design Scalable and Secure APIs: Essential Considerations for 2025
ScalaCode
 
API Management Workshop (at Startupbootcamp Berlin)
3scale
 
Is your API Naked? API Technology and Ops Considerations: Webinar slides
Apigee | Google Cloud
 
The ultimate api checklist by Blendr.io
Blendr.io
 
API Design- Best Practices
Prakash Bhandari
 
6 Best Practices that Make a Great API .pdf
Expert App Devs
 
JOSA TechTalks - RESTful API Concepts and Best Practices
Jordan Open Source Association
 
Code-Camp-Rest-Principles
Knoldus Inc.
 
Building a REST API for Longevity
MuleSoft
 
Unlock your Digital Content & Expand beyond your Website
3scale
 
Optimizing your API to Perform at Scale
Akamai Developers & Admins
 
Api Design
Jason Harmon
 
API-Consumption compressed (1)
Rahul Ghai
 
API workshop by AWS and 3scale
3scale
 
API First
Kirsten Hunter
 
APIs for your Business + Stages of the API Lifecycle
3scale
 
Chris Mathias Presents Advanced API Design Considerations at LA CTO Forum
Chris Mathias
 
Json api dos and dont's
Neven Rakonić
 
Creating a RESTful api without losing too much sleep
Mike Anderson
 
Lectura 2.4 is your api naked - 10 roadmap considerations
Matias Menendez
 
Ad

More from 3scale (20)

PDF
APISTRAT KEYNOTE: Surfing the Wave between Chaos and Innovation
3scale
 
PPTX
A Connector, A Container and an API Walk into a Bar… Microservices Edition
3scale
 
PPTX
A Connector, A Container and an API Walk Into a Bar: The Programmable World
3scale
 
PPTX
How to Survive the API Copyright Apocalypse
3scale
 
PDF
Inside mind of a successful platform architect / Gartner APPS 2016
3scale
 
PPTX
The Fundamentals of Platform Strategy: Creating Genuine Value with APIs
3scale
 
PDF
Build and Manage Serverless APIs (APIDays Nordic, May 19th 2016)
3scale
 
PDF
APIs and the Bot Revolution (APIDays Nordic, May 18)
3scale
 
PPTX
Take Control of your APIs in a Microservice Architecture
3scale
 
PPTX
The Swagger Format becomes the Open API Specification: Standardizing descript...
3scale
 
PPTX
Entering the Platform Age: How to create genuine value for internal and exter...
3scale
 
PPTX
APIs and the Creation of Wealth in the Digital Economy - APIDays Paris 2015 K...
3scale
 
PPTX
API Model Canvas for successful API strategies and programs
3scale
 
PPTX
Microservices in action: How to actually build them
3scale
 
PDF
The API-Application Semantic Gap
3scale
 
PPTX
Integrating, exposing and managing distributed data with RESTful APIs and op...
3scale
 
PPTX
Building Successful API Programs in Higher Education
3scale
 
PPTX
APIs.JSON: Bootstrapping The Web of APIs
3scale
 
PPTX
API Model Canvas (APIDays Mediterranea 2015)
3scale
 
PDF
APIsBerlin 3scale Data for a Web of APIs
3scale
 
APISTRAT KEYNOTE: Surfing the Wave between Chaos and Innovation
3scale
 
A Connector, A Container and an API Walk into a Bar… Microservices Edition
3scale
 
A Connector, A Container and an API Walk Into a Bar: The Programmable World
3scale
 
How to Survive the API Copyright Apocalypse
3scale
 
Inside mind of a successful platform architect / Gartner APPS 2016
3scale
 
The Fundamentals of Platform Strategy: Creating Genuine Value with APIs
3scale
 
Build and Manage Serverless APIs (APIDays Nordic, May 19th 2016)
3scale
 
APIs and the Bot Revolution (APIDays Nordic, May 18)
3scale
 
Take Control of your APIs in a Microservice Architecture
3scale
 
The Swagger Format becomes the Open API Specification: Standardizing descript...
3scale
 
Entering the Platform Age: How to create genuine value for internal and exter...
3scale
 
APIs and the Creation of Wealth in the Digital Economy - APIDays Paris 2015 K...
3scale
 
API Model Canvas for successful API strategies and programs
3scale
 
Microservices in action: How to actually build them
3scale
 
The API-Application Semantic Gap
3scale
 
Integrating, exposing and managing distributed data with RESTful APIs and op...
3scale
 
Building Successful API Programs in Higher Education
3scale
 
APIs.JSON: Bootstrapping The Web of APIs
3scale
 
API Model Canvas (APIDays Mediterranea 2015)
3scale
 
APIsBerlin 3scale Data for a Web of APIs
3scale
 
Ad

Recently uploaded (20)

PDF
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
PDF
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
PDF
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PDF
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
PDF
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
PDF
Newgen 2022-Forrester Newgen TEI_13 05 2022-The-Total-Economic-Impact-Newgen-...
darshakparmar
 
PDF
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
PDF
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
PPTX
The Project Compass - GDG on Campus MSIT
dscmsitkol
 
DOCX
Cryptography Quiz: test your knowledge of this important security concept.
Rajni Bhardwaj Grover
 
PPTX
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
PPTX
"Autonomy of LLM Agents: Current State and Future Prospects", Oles` Petriv
Fwdays
 
PDF
IoT-Powered Industrial Transformation – Smart Manufacturing to Connected Heal...
Rejig Digital
 
PDF
Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdf
Emily Achieng
 
PDF
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
PPTX
AI Penetration Testing Essentials: A Cybersecurity Guide for 2025
defencerabbit Team
 
PDF
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
PDF
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
PDF
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
Newgen 2022-Forrester Newgen TEI_13 05 2022-The-Total-Economic-Impact-Newgen-...
darshakparmar
 
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
The Project Compass - GDG on Campus MSIT
dscmsitkol
 
Cryptography Quiz: test your knowledge of this important security concept.
Rajni Bhardwaj Grover
 
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
"Autonomy of LLM Agents: Current State and Future Prospects", Oles` Petriv
Fwdays
 
IoT-Powered Industrial Transformation – Smart Manufacturing to Connected Heal...
Rejig Digital
 
Go Concurrency Real-World Patterns, Pitfalls, and Playground Battles.pdf
Emily Achieng
 
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
AI Penetration Testing Essentials: A Cybersecurity Guide for 2025
defencerabbit Team
 
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 

Five Ways to Scale your API Without Touching Your Code

  • 1. Five Ways to Scale your API Without Touching Your Code Steven Willmott 3scale Inc. @njyx, @3scale
  • 2. 3scale is… API Infrastructure Provider ! Power 350+ APIs ! 110,000 Developers writing Apps ! API Tech Operations API Business Operations Developer Support (Selection) 3scale.net
  • 3. + As of today Also have a new service for Developers ! Track Transform Analyze API Traffic ! http://www.apitools.com
  • 8. A: Making more Customers Happy per Second (whilst using the same resources)
  • 9. • Decoupling Layers • Caching • Compression • Database Changes • Streaming / Real-time • Smaller Payloads • SSL Optimization ! ! Getting the Question Right • Do all of the transaction scaling plus more • Change API Structure • Change Client Design Params • Think about Client needs to rethink transaction loads • Share scaling burden with developers ! Scaling Transaction Scaling Customers Very Important Often Forgotten
  • 10. Suppose you have… • Fixed Hardware Resources • (Mostly) Static Application Code Base
  • 11. Five Scaling Tips That Don’t Scale Transactions
  • 12. 1. API Design • Do methods / calls fit use cases? • Are you passing a lot of internal IDs around? • Are some methods more expensive to execute than others? • Does the API Design mean heavy load calls are being made even if that data is not needed? • Are clients making many calls when they should be making one? Method / Structure Design Add Specific Methods Remove Methods Unbundle & Rebundle
  • 13. Expected Use of Your API Expected Unexpected DesiredUndesired Yay! Innovation Not so Good Oh-Oh.. Concept: Thor Mitchel / Google
  • 14. 2. API Call Aggregation • Creating Aggregate Methods which compose base functionalities • Cut Access to Individual Methods • Taylor to Clients or Use Cases • Adjust the set of compound methods over time • Works best when you own all the clients Post-Hoc API Design e.g Great talk by Daniel Jacobsen APIStrat New York: ! http://bit.ly/1gAN6mp
  • 15. 3. Rate Limiting • Rate Limits and Clear communication change Developer behavior • Rate limits generally mean more sensible code is being written and your servers are taxed less • Rate Limits stop fringe high volume users from negatively impacting everybody else • Make sure the limits are published - Developers hate undocumented limits Restrict Outlier Usage e.g Own build… Make sure key use cases are still feasible, and that rate limits are published.
  • 16. 4. Off Boarding Calls • Calls that are never made you don’t have to handle! • Client Side Caching • Allow it in your Terms of Service • Build it into your SDKs, suggest it in your code samples • Calculate your rate limits by assuming caching • Use Caching headers • Consider caching both reads and writes Make the Client Work! e.g Again you need to ensure the core API Use cases are still supported if you go this route
  • 17. 3scale XtremeCapacity 3scale XC Nodes offboard Lookup & Processing to Local Resources
  • 18. 5. SDK Provision • It can be tough for third developers to write good code • Writing SDKs can make it easier • Encodes best practice in terms of API Calls • Makes Call Patterns more predictable • You can encode counterpart behavior to your rate limits • Local check for errors in calls (so your backend never receives them). Optimize your Clients e.g SDKs can create maintenance issues - but critical for large developer bases
  • 19. Five Techniques 1. API Design 2. API Call Aggregation 3. Rate Limiting 4. Off Boarding Calls 5. SDK Provision Almost Certainly you have some wins here….
  • 20. Conclusions Make sure you are asking the right question! Your API structure and policies massively affect how it scales Out of the Box thinking can save a lot of dollars (and the planet)