Is it Time to Go Hybrid?
Is it Time to Go Hybrid?
When road mapping API management, should you go on-premise, in the cloud, or use a hybrid approach that combines the two?
Join the DZone community and get the full member experience.Join For Free
The selection of the proper architecture for deploying your APIs should be based on a comprehensive analysis of business objectives, the target audience for the API(s), performance expectations, security policies, and so on. More often than not, pure cloud, as well as complete on-premise, solutions to API management are incapable of satisfying the diverse contradictory requirements of enterprise applications in today’s highly volatile business world.
For example, if you have a set of APIs that needs to be managed in a cost-effective manner with minimal intervention from your end, going for a 100% cloud-based API management offering may indeed seem like an ideal solution. While such API management platforms offer you a range of clear-cut benefits, are you aware of the inherent disadvantages associated with traditional SaaS offerings for managing your APIs? Have you considered the inefficiencies arising if both the API backends and the API consumers are behind your enterprise firewall, security concerns associated with API calls going through external gateways, and so on?
What if only a portion of your APIs have strict compliance requirements which necessitate having complete control over them and the rest would actually benefit from being deployed in a cloud environment which offers accessibility to a wider target audience with greater convenience? Do you still have to bear the increased cost and maintenance overhead associated with managing all your APIs on-premise? Or do you go for a pure cloud solution despite the security vulnerabilities that doing so may impose?
An important fact to realize is that neither a cloud deployment nor an on-premise deployment may equally suit all of your organization's APIs. Some APIs may thrive in the cloud while others may work best if deployed on-premise.
So what if your organization has a mix of both these API categories?
Well, the good news is hybrid SaaS API management solutions excel in serving these kinds of situations with contradictory requirements by delivering the benefits of on-premises, with minimal infrastructure overhead. In essence with hybrid API management:
- API creation and deployment are facilitated through self-service portals deployed in a public SaaS environment.
- An API gateway is deployed on your infrastructure, closer to your backend services, thus minimizing latencies resulting in better performance.
- API metadata required for API policy enforcement such as API keys, throttling, security policies, etc., are communicated to the API gateway and API usage statistics collected in the API gateway are communicated back to the cloud via secure back channels.
- API traffic can be completely managed in the on-premise gateways, thus eliminating the need for API calls to go through external gateways. This allows enterprises to overcome risks associated with exposing sensitive information beyond enterprise firewalls.
- API data is retained in the cloud, eliminating the need to configure and maintain databases in your infrastructure.
Although the underlying concepts are essentially similar to the aforementioned features, the manner in which hybrid API management is facilitated may differ from one vendor to another. The diagram below illustrates an overview of the implementation architecture of hybrid API management in WSO2 API cloud.
The idea of managing your APIs in a hybrid manner or migrating your current API management infrastructure to a hybrid deployment may indeed seem daunting at first. However, with the right amount of guidance from an experienced vendor, this transition can be made in a very smooth manner.
Published at DZone with permission of Amanda Jayanetti . See the original article here.
Opinions expressed by DZone contributors are their own.