API workshop by AWS and 3scale

Designing and Managing
Scalable APIs with
AWS and 3scale
Matthew McClean, @matthewmcclean
Nicolas Grenié, @picsoung
Manfred, @ManfredBo

Workshop logistics:
bit.ly/API-workshop (GH repo)
AWS and 3scale accounts:
3scale.net/aws-loft/
Prerequisites:
● AWS CLI
● Java 1.8
● Maven
● Node.js
● Serverless.com framework

Content
1. API Design Best-Practices
○ API design principles
○ Practical tips
○ API definitions
2. AWS Services
○ Amazon API Gateway
○ AWS Lambda
3. 3scale API Management
○ Amazon API Gateway and 3scale integration
○ Customer Case Study: Rosette API

First API Design Principle
Design the API with the developer in mind
...because developers are people too.
Provide outstanding developer experience.
Make developers successful
...and they make you successful.
Img Src: http://dx.jeremiahlee.com/

API Design vs Resource Design
Resources are nucleus of REST API design.
A resource is an abstraction of a certain piece of
information.
The selection of resources depends on business domain
and developer needs.
Fine-grained vs coarse-grained selection of resources.
APIs are operations on the resources.

Fine-grained vs coarse-grained API Design
Simple vs flexible

Fine-grained vs coarse-grained API Design

Verb Endpoint What for
GET /book/{book_id} Retrieve details of a resource
POST /book Create resource
DELETE /book/{book_id} Delete resource
PUT /book/{book_id} Update or create resource
PATCH /book/{book_id} Update partial resource
OPTIONS any URL return methods supported on
this URL
TRACE any URL Echoes
CONNECT any URL Convert to TCP/IP tunnel
HEAD /book/{book_id} Same as GET w/o response
body

Design - HTTP code
Source: https://http.cat/

Design - HTTP code
Custom error? Create your own.
it should not be already defined in the spec
1xx Informational
2xx Success
3xx Redirection
4xx Client error
5xx Server error
document it !!

Design - URLs
Be explicit and intuitive
GET /books - Retrieves a list of books
GET /books/42 - Retrieves a specific book
POST /books - Creates a new book
PUT /books/42 - Updates book #42
PATCH /books/42 - Partially updates book #42
DELETE /books/42 - Deletes book #42
Singular or plural? keep it simple

Design - Versioning
Following software analogy
API should be versionated v1 , v1.1, v2.0
curl -X GET -H “X-API-VERSION: 1.1”
http://mysite.com/api/books.json
http://mysite.com/api/v1/books.json
http://mysite.com/api/v1.1/books.json
http://mysite.com/api/books.json?v=1.1

Design - Versioning
How often are you going to change
version?
What about people already using your
API?
How many versions will you keep maintaining?
What’s the roadmap?

Design - Versioning
Don’t explicitly version your API
non breaking changes
no version = flexibility = win

API Definition Formats
Support (API) design-first approaches
Benefits:
● Language-agnostic API description
● Human- and machine-readable
● Understand capability without source code
● API discovery
● Interactive documentation
Most common OpenAPI (born out of Swagger)

OpenAPI? Swagger?
API description spec contains:
● Endpoints
● Parameters
● Expected inputs, outputs
Machine readable:
● Automate testing
● Interactive documentation
● SDK generation
Petstore
Example

3scale and API Gateway Integration

API workshop by AWS and 3scale

How to achieve the Integration
API deployed
on API Gateway
3scale
Custom
Authorizer
functions
Cache API key to
reduce latency
framework
To deploy
Lambda
functions
SNS used for async
update of cache

Serverless module for easy configuration
Community framework to build, deploy and maintain Lambda functions
Clone our repo and deploy functions on your own infrastructure
serverless function create
serverless function deploy

Hosted API Rollout with 3Scale
Gregor Stewart, Basis Technology
@olakrez

Design
36
Minimise effort to support Hosted and In a Box deployment
● Develop “in a box” first, add 3Scale to deliver Hosted
● From “RPC” to API: Entities
○ Three Components, represented by two Endpoints
○ Reduced to a single endpoint, with options
○ Common options across entity-centric endpoints
○ Separately documented option blob and output type to enable
full control
● Explicit Versioning

37
● Server-based
● Custom NGINX
● Specialised
Workers in Auto
Scale Groups
● Integrated Caching
and Queuing
● Security Focused
Implementation

Challenges and Next Steps
38
● Stateless to Stateful Endpoints
● Further “idiomatising” hosted implementation to AWS
○ Moving cache outside to service
○ Porting suitable functions to Lambda
■ LanguageID vs Entity Linking

Try it at: developer.rosette.com
Gregor Stewart, Basis Technology
@olakrez

Wrap-up
Successful API starts with good API design.
Lambda is an effective way to implement APIs.
Amazon API Gateway adds crucial API security features.
Serverless allows to configure and deploy Lambda easily.
3scale adds valuable API business features.
AWS and 3scale provide a full complement API
program management solution.

Lab overview
1. Create and deploy an API using the Amazon API
Gateway and AWS Lambda
2. Integrate with 3scale to add API management features
3. Create tiered application plans with different API
contracts (Optional)
4. Expose your API to developers with a developer portal
and interactive API documentation (Optional)
Github repo: bit.ly/API-workshop

Contact Details
Nico
nicolas@3scale.net
@picsoung
www.3scale.net
Manfred
manfred@3scale.net
@ManfredBo
bit.ly/API-workshop

API workshop by AWS and 3scale

More Related Content

What's hot (20)

Viewers also liked (20)

Similar to API workshop by AWS and 3scale (20)

More from 3scale (16)

Recently uploaded (20)

API workshop by AWS and 3scale