Technology Keynote I Love APIs 2015: Anant Jhingran, Apigee CTO
I Love APIs Europe 2015: Technical Sessions
-
Upload
apigee -
Category
Technology
-
view
718 -
download
7
Transcript of I Love APIs Europe 2015: Technical Sessions
Welcome
2
GET » DIGITAL READY
Defining Digital Leading Digital Executing Digital�
Defining Digital
Digital business creates value by delivering a �connected digital experience �
to customers, partners and employees
The Web Didn’t Change Your Core Business��The Value Chain Has Stayed The Same
Raw materials Supplier R&D Marketing Sales Retailer Customer
Source: Forrester
Digital Transforms Your Fundamental Business
Nature of Market
Retail!
Music!
Cars!
CPG!
Books!
Food!
Cleaning!Services!
Consulting!
Mining!
Weightless
Intermediate
Nature of Product
2000s
2030s
Heavy
B2CB2B2CB2B2020s
Source: Gartner - CEOs and CIOs Must Assume That Every Industry Will Be Digitally Remastered, 2014, Raskino
The Paths To Digital
Digital �Business
Digitize �Operations
Digitize �Processes
Digitize �Business Models
Digitize Channels
Digitize Marketing
Revenue
External Focus
Internal Focus Margin
Source: Accenture - Growth Strategies for a Digital World, 2014, McDonald, McManus
Growth Strategies for a Digital World,Accenture - March 2014
Three Eras of Enterprise IT
Focus
Capabilities
Engagement
Outputs and Outcomes
IT Craftsmanship
Technology
Programming; "system management
Isolated; disengaged "internally and externally
Sporadic automation and innovation; frequent issues
Process
IT management; "service management
Treat colleagues as "customers; unengaged "with external customers
Services and solutions; efficiency and effectiveness
IT Industrialization
Business models
Digital "leadership
Treat colleagues as "partners; engaged "
with external customers
Digital business innovation; new types of value
Digitalization
We are here
IT Service Leadership for the Digital BusinessPublished: 10 July 2014Analyst(s): Suzanne Adnams, Debra Curtis
Leading Digital
Survey of executives in �200 large companies across �
30 industries
Three Keys to Digital Transformation.Apigee Institute Report
Digital Leaders Lead From The Top
CTO 26% CEO 30%
CIO 22%
CDO 7%
CMO 8% Other C-Level 3%
Other IT 2% Other Marketing 2% Other 2%
Traits Of The Highly Successful Digital Leader
Has experience managing across
departments.Can simplify complexity.
Will adapt quickly and flexibly to the market, internal needs, and
performance results.
Where Must The Leader Lead You?
Technology Changes
From
Governance Curation
Waterfall Agile
Virtualization Abstraction
To
IT Ops DevOps
Business Changes
From
Central Planning Edge Innovation
Control Context
Precise Execution Speed and Iteration
To
Prevention Encouragement
Executing Digital
Enterprises Need a New Stack
CRM
Days
Years
Consumer Layer
ERP Database
ESB / Integration
System of Engagement![API First Platform Approach]
Consumers Employees Partners
Data Warehouse Data LakeSystem of Record
Consumption Layer
API First
Monolithic Web App
Web Apps
App Server
Backend Services
API-adapted Web AppsConsumption focused
Web Apps
App Server
Backend Services
Other Apps
API
API-adapted SOAExposure focused
Web Apps
App Server
InternalServices
Other Apps
API
ESB
API-First Enterprise
Web Apps
App Servers BackendServicesESB
Mobile Apps
API Tier
All Apps
Security AnalyticsPersistence Orchestration
Other Apps
What Comes Next?
API Mass Customization
App “B”
App Servers BackendServicesESB
App “A”
API Tier
App “C”
API “B”API “A” API “C”
Delivering an “Intelligent” Connected Experience
ability to" predict behavior
Intelligent connected
experiences
data
interactions
contextual time-based "journey analytics deep insights
Defining Digital
Leading Digital
Executing Digital�
Business Models
CxO Leadership
IntelligentConnected Experiences
Business = DigitalDigital = Intelligent Connected Experiences
Intelligent Connected Experiences = API First
Thank you
Keynote PanelistsKevin Gallagher, CIOChannel 4
Jack Ramsay, Director, Global Technology DeliveryAccenture
Paul Clark, Controller, Online, Pay & Interactive TechnologyITV
Alberto Prado, VP, Digital Innovation, Consumer LifestylePhilips
Morning Break��
General Hall / Main Concourse�(Sessions resume at 11:00)
API-First ArchitectureEd Anuff, Apigee !Bernhard Walter, Apigee !
@edanuffEd Anuff
Bernhard Walter
What do we mean by APIs?
The A in API is for Apps
Rich Clients(Visual Basic, Delphi, etc.)
Thin Clients (Web Applications)
Rich Clients (Mobile Apps)
App
HTTP
Browser
App
InternalExternal
App
Modern Server-side App
• Often runs in an App Server• Monolithic presentation and business logic• Hosted in an environment�
(often a virtualized container)
• Increasingly lightweight
Backend API
App
Apps Need Resources
• Databases and storage• Email services• Sometimes integration-based,�
but increasingly API-based
12-Factor Apps
MIT License
Adam Wiggins http://12factor.net/
IV. Backing ServicesTreat backing services as attached resources
Cloud Business Services
• Database-as-a-Service• Storage-as-a-Service• Email-as-a-Service• MQ-as-a-Service
• All are already in widespread use…
Internal Resources
• Many new resource services already are API-based
• Developers prefer to use APIs even with the added work of learning APIs versus ESB approaches
API
Front end
Backend API
App
InternalExternal
SDK API
Mobile API Architecture
CC-BY-SA
Device-Side App
Logic
Server-Side Application Logic &
Infrastructure
Clients
• Mobile clients talking to server-side apps via an API» APP-SPECIFIC, OFTEN NOT REUSABLE» NOT INTEGRATION, NOT SOA
• HTML5/JS and single page apps
API
Front end
Backend API
App API API AppApp
InternalExternal
App-to-App
• API-centric: app developers expose their own APIs and learns others’ APIs
• Integration: normalized data interchange• Agility trade-off
API
Front end
Backend API
App API API AppApp
InternalExternal
API
Front end
Backend API
App
Partner App
3rd Party App
InternalExternal
App-to-External-App (API Ecosystems)
• API design matters• New security concerns• Different metrics
Internal
API
Front end
Backend API
API API AppAppService Service Service
Service Service Service
Service Service Service
APIs
APIs
Micro service architecture
External
Micro-Services
• Components are services, not in-process objects
• Allows polyglot programming• Easier to scale component services individually
Evolving towards�API First
Monolithic Web App
Web Apps
App Server
Backend Services
API-adapted Web AppsConsumption focused
Web Apps
App Server
Backend Services
Other Apps
API
API-adapted SOAExposure focused
Web Apps
App Server
InternalServices
Other Apps
API
ESB
API-First Enterprise
Web Apps
App Servers BackendServicesESB
Mobile Apps
API Tier
All Apps
Security AnalyticsPersistence Orchestration
Other Apps
What comes next?
API Mass Customization
App “B”
App Servers BackendServicesESB
App “A”
API Tier
App “C”
API “B”API “A” API “C”
API Tier AnalyticsAll Channels
API Tier
All Backends
All Interactions
Analytics
CorrelationsCohortsConversionsSegmentationA/B & Multivariate
API Tier with Analytics
• API adaptations needed for apps• Enable developers for business• Security for app-to-API• App and behavior analytics
• APIs architected for abstraction• Enable developers for API use• Security for API-to-backend• API Analytics
APIAPI
App Consumption API Exposure
App Server Services App
Analytics
Summary
• What to ask when people say “we need APIs”• How to get to an API-centric Architecture• Where to go once you’ve become API-centric
Thank you
Insights: From Prediction to ActionAnant Jhingran, Apigee !Andrew Braithwaite, Laterooms !
66
Summary• APIs and Other Channels contain extremely useful information about customer behavior.
• Tapping into the sequence of events + profiles leads to better predictions
• Understanding the journey leads to better optimization of the channel.
• When the channel is APIs, one can learn and act in that channel.
• Apigee Insights is our product for all of you to understand and predict customer journeys
• Laterooms is using Apigee Insights to understand and adapt its APIs.
67
Customer View: A journey
68
Affecting Apps
69
Inform & Transact Learn & Adapt
Currently Journeys and Analytics happen in silos
70
Email Analytics
Mobile Analytics
Web Analytics
POS Analytics
Social Analytics
Call Center Analytics
Some happen through APIs
71
Email Analytics
Mobile Analytics
Web Analytics
POS Analytics
Social Analytics
Call Center Analytics
Our Core IP
72
Email Analytics
Mobile Analytics
Web Analytics
POS Analytics
Social Analytics
Call Center Analytics
GRASP Graph and Sequence Processing
time-sequenced graph analytics on Hadoop
Understand and optimize the customer journey
73
GRASP Graph and Sequence Processing
Customer Journey Analytics Customer Journey
time-sequenced graph analytics on Hadoop
And “act” back into the appropriate channel
74
Direct Mail
Web
Mobile
Service
Predictive ModelsTargeting, Recommendations, Churn, Other Advanced
Context In Store 20% off
Free Shipping
Online 10% off
Sunny 0.72 0.52 0.33
Showers 0.56 0.81 0.55
Snow 0.20 0.33 0.67
What is more important – the who or the what?
Most Prediction Algorithms convert journey into profile attributes. That sucksAND
Tools for exploring journey patterns are very poor. That sucks
PROFILE =Male25 YearsTravels 20 miles/every day
JOURNEY =Received Mail, thenLooked at a Product, thenTweeted about it, thenBought it
GRASP enables predictive and descriptive analytics
76
1 A
Y
X
C D
B
2
GRASP
3
Predict likely outcome
Example:For User 3 who has completed Activity D, the likely outcome is either X or Y
Describe known facts
Example:For User 1 who has completed activity X, the intermediate activities are B and A
Descriptive (“roll back”), aka Explore Predictive (“roll forward”), aka Model
Users
Activity
A Scalable Data Structure with a Query Language that allows questions to be asked
Customer Data
Insights Architecture Overview
ModelingSDK
Hadoop
Modeling Workbench
R
Data �Scientist
queriesGraph Query�
Manager
Business User
Segments �Manager
GRASPA
Y
X
C D
B
ScoresPropensity Upgrade 10% Off Churn
User 1 0.72 0.68 0.33
User 2 0.56 0.23 0.55
User 3 0.32 0.45 0.67
User 4 0.20 0.32 0.18
User 5 0.44 0.69 0.22
API BaaS
API
Business User
API
End User Tools
Exact Target Web & Mobile
Customer Datastore Interface
Other
GQL allows you to query profiles + events
78
( $x _ * $y ) >> filter $x . hitType == " VisitOrderPage "
And Optimizes for execution on GRASP where possible
Visualize the journey followed by a specific class of consumers by tracing channel interactions and other events either forward or backward in time
The results of GQL can also be visualized
79
Using GRASP modeling algorithms in R Studio, create a model that would compute the propensity of a consumer to purchase a specific product category.
Prediction Models can be built on Profiles + Events
80
And Business Users can look at segments
81
82
IBC: proactive customer service with predictive analytics
“Apigee has helped us move from simply answering customers’ calls to proactively reaching out to our members before they have issues.”
Somesh Nigam, SVP and Chief Informatics Officer, Independence Blue Cross
• $1.2B Medicare Advantage business
• 50+% Reduction in complaints to Medicare
• Transformed from reactive to proactive customer service
• Identified root causes for dissatisfaction
Put insights into action
83
• Enable developers to build new adaptive apps and APIs
• Enable business users and analysts to interact with predictive insights
• Integrate predictive insights into existing apps and systems
Predictive
Insights
Business Value
84
?
85
Modeling Tools
Access to Raw Data
The key is “APIs” between the two parties
86
Developer Data Scientist
Allowing each party to iterate independently
Each has different worries
87
Developer Data Scientist
88
/recommendation
• Popular Items /popularscores
• Rule-Based
• Profiles à Items (Manual)
• Behaviors à Items (Manual)
• Profiles à Items (Scores) /profilescores
• Users à Items (Scores) /userscores
89
/userscores
• Profile-based models
• Ensemble-based Models
• Multi-Channel Data
• Event-Based Models
• Model Maintenance/profilescores
Scientists and Developers
90
Direct Mail
Web
Mobile
Service
Predictive ModelsTargeting, Recommendations, Churn, Other Advanced
Context In Store 20% off
Free Shipping
Online 10% off
Sunny 0.72 0.52 0.33
Showers 0.56 0.81 0.55
Snow 0.20 0.33 0.67
Developer Data Scientist
One Experience
Access expertise of world-class team of data scientists trained to derive actionable insights from Hadoop, API / real-time, and unstructured data
Benefit from experience gained from many successful enterprise deployments for market leaders
Complement internal efforts
Data Science Services
91
~100person-years of wasted
time
Streamline error / retry logic to increase
partner effectiveness
Develop category and device specific content to improve
engagement
Web Mobile
Brow
sing
Time Cat A
Cat B 2X
web vs. mobileconversion
Target abandoned users with email reminders to improve
checkout rate
Accelerate the development, delivery, and impact of predictive apps and APIs
Client Engagement Examples and Recommendations
92
Andrew Braithwaite
TLRG - A global leader in online accommodation
• Through our brands – LateRooms.com, and MalaPronta.com – our vision is to give customers a hotel booking experience that provides more choice, better service and genuine innovation.
• LateRooms.com is the UK’s leading online accommodation site offering fantastic deals in over 65,000 properties worldwide, ranging from bed and breakfasts to five star luxury hotels.
• Founded in 2004, MalaPronta.com is one of Brazil’s leading domestic accommodation online travel agents, offering customers fantastic deals in more than 2,500 properties in destinations across Brazil.
93
TLRG - APIs• Mobile
– APIs power our mobile apps across multiple brands and devices.• Acquisition
– Hotels, Hotel Groups and Channel Managers can use our APIs make their stock available on our websites.
• Distribution– We have an extensive affiliate network. Our APIs allow affiliates to market our stock on their platforms.
• Hotel Partners– Our APIs give us a secure method of sharing booking information with our hotel partners.
94
95
96
97
Summary• APIs and Other Channels contain extremely useful information about customer behavior.
• Tapping into the sequence of events + profiles leads to better predictions
• Understanding the journey leads to better optimization of the channel.
• When the channel is APIs, one can learn and act in that channel.
• Apigee Insights is our product for all of you to understand and predict customer journeys
• Laterooms is using Apigee Insights to understand and adapt its APIs.
98
Thank you
LUNCH��
General Hall / Main Concourse�(Sessions resume at 14:00)
Understanding Apigee Products & Roadmap� Anant Jhingran, Apigee� Oliver Ogg, M&S
Apigee Enables Companies to Become Digital Businesses
102
Everything = Interconnected Interactions = Data
Modern software is built and operated differently
Developers = Growth
Why
AP
I Firs
t Guided by Our Core Architecture Principles
103
Private Cloud Equals Apigee Cloud Mission-Critical Operations
Isolation and Efficiency Optimized Infrastructure
State at Scale High Performance
Measure and Monitor Everything Continuous Improvement
Secure All Points of Engagement Trusted Interactions
Code & Configuration Developer Productivity
Use, Contribute, and Drive Open Source
How
The Intelligent API Platform
User
Apps
Developer
Analytics Services
Ops �Metrics
App Performance
Developer Metrics
Business �Metrics
Developer Services
Developer Portal
API �Console
Modeling & Management Monetization
API Services
API Management BaaSSecurity API �
Programmability
P A I API Team
Backend
Apigee Edge
P A I Adaptive Interactions
Segmentation & Profiling
RESTful APIs
Real Time Scores
Predictive Customer Journey Analytics
Customer Journey Analytics
Predictive �Modeling
Unstructured Data Processor
API Services
Time-sequenced Graph Database Data LoadersData Management
User
Apps
Developer
API Team
Data Scientist
Hadoop
Apigee Insights
Design
Share
Deploy
Code < >
Apigee 127
What
API First
105
API Tier All�
Backends
All Channels
Build Your Apps Using APIs We Built Our Own Product on APIs
Analytics Reports
Developer Portal UI
Monetization UI Management
UI
User Mgmt. AuthN / AuthZ
Monetization
Console
App Mgmt. Caching
Traffic Mgmt.
Analytics
API Mgmt. Persistence Logging
Metrics CollectionAP
Is
APIs
APIs
Automated Deployment
Custom BI Dashboard Data Import
Code & Configuration
106
Configuration Driven Proxy Definition Code Driven Proxy Definition
Complexity
Effort ConfigurationCode
Connections, Resources, Security,�Quotas, Policies (30+ OOTB)
Developer�Productivity
107
“Reduced time to first app
from 4 weeks to 6 hours”
- Apigee Customer
Security at All Points of Engagement
108
Backend
P A I
API TeamAPIsDevelopersAppsUsers
Mutual TLSIP Access Control
RBACAD / LDAP
Audit
QuotasSpike Arrest
Threat ProtectionIntrusion Detection
Bot DetectionDDoS
Access�Block
RevokeSSORBAC
API keyOAuth2
Mutual TLS
OAuth2MFA
Federated LoginIP Access Control
Measure and Monitor Everything
109
What You See
What We See
State at Scale
110
Traffic Analytics BaaS
clients targets
Scale without Compromising on LatencyTechnologies
Data TypesUser Data Device IDs Traffic Metrics Oauth Tokens Cache, Data
RequirementsLocation Queries Dimensional & Structured Analysis Fast Lookup & Eventual Consistency
Isolation And Efficiency
111
Region
Pod Pod
API Processing
Data
Management
Region
Pod Pod
UI, API Definitions, Users, Roles, System Configurations
Traffic IsolationIndependent Scaling
Simpler Administration
Low Latency
Another Media Company• Apigee Cloud
• 100+ APIs• 700+ Apps• 1,200+ avg. TPS• 9+ TB analytics data
112
8x growth within 6 months No change in latency
Jan-13 Jan-14
API Traffic
Latency
Jun 2014 Dec 2014
400 Million
3.1 Billion
20 ms 20 ms
Private Cloud Equals Apigee Cloud
113
Apigee Cloud
Multi-Datacenter Deployment
Leading TelcoPrivate Cloud
1+ Billion calls / month
7 Regions, 19 Availability zones3000+ servers
~1/2 Billion transactions / day>99.9% API availability
~20 ms average latency
Private Cloud Equals Apigee Cloud
114
Monitoring Alerting
Diagnostics
Zero-Downtime�Updates
Multi-Region�Traffic Routing
Cross�Datacenter�
Failover
Apigee
Better�Product
Your Cloud
Operations Innovations
Retail Customers on Apigee Cloud
Nov 2014
Nov 20134x
Quickly scaled capacity�by 2x within 2 hours
Maintain 99.99%�service availability
�Zero impact to �
any other customer
Black Friday Holiday Traffic
Operations�Efficiency
116
“To do something similar
would have taken us many months”
- Retailer
AP
I Firs
t From Project to Platform
117
On-Premises Equals Cloud
Isolation and Efficiency
State at Scale
Measure and Monitor Everything
Secure All Points of Engagement
Code & Configuration
Project
Platform
The features and timing listed on the attached roadmap are at the sole discretion of Apigee, and should not be interpreted as a commitment to deliver.
Moreover, no promise or commitment is made as to whether the features will be included in future versions of our products, nor should it be assumed that any feature will be made available to customers currently on a support/maintenance contract if/when generally available.
Example Things We’re Working on What
Apigee Edge Apigee Insights
Apigee 127
WebSockets Better Private Cloud Deployment Proxy Inheritance and Chaining Full Swagger Support SmartDocs New Analytics Reports New Revenue Reports BaaS Performance …
Self-Service Algorithmic Expansion GQL Flexible Scoring Models Swagger Integration Bird’s Eye View of Journeys …
Self-Service Algorithmic Expansion GQL Flexible Scoring Models Swagger Integration Bird’s Eye View of Journeys …
Project Programme
Success?
Inspired by Simon Sinek’s TED talk
Our Approach
How
What
Why
AP
I Firs
t
Isolation and Efficiency
State at Scale
Measure and Monitor Everything
Secure All Points of Engagement
Code & Configuration
Project
Platform
Value to you
Roadmap
Thank you
API Design Dos and Don’ts�for your digital journeyOzan Seymen – Architect @Apigee !Nicola Cardace – Architect @Apigee !Ole Dallerup – VP of Engineering @Trustpilot !!
Topics
• Developer Experience• API Design Best Practices• API Façade Pattern• Non-functional aspects
132
Developer Experience
Developer Experience• Application developers are the consumer of your APIs• Success of your API is measured by how quickly developers can get up to speed with it and
start innovating
134
API Value Chain
Design for Usability�User Experience = Developer Experience
135
Developer Experience• Increasing adoption
– Pursuit of growth in API usage– Pursuit of code reduction and reuse in application development
136
Help and support your developers�in their journey
137
Developer Experience• Produce usable APIs that are consistent
and standards compliant• Recognize developer touch-points
138
Developer’s Journey
139
Discovery Learning Interaction Support
Developer’s Journey - Discovery
140
Developer’s Journey - Discovery
141
Developer’s Journey - Discovery• For internal or partners
– direct and targeted communication– internal registry
• For public APIs– advertise and link from main website to developer microsite– email marketing– conferences– hackathon events– social media
142
Communicate the value you are proposing
143
Developer’s Journey - Learning
144
Developer’s Journey - Interaction• Hand in hand with learning• Developers writing code to test a scenario – validating their understanding and assumptions
• Provide client libraries, SDKs• Provide API console
145
Developer’s Journey - Interaction
146
https://dev.twitter.com/rest/tools/console
Developer’s Journey - Discovery
147
http://apigee.com/docs/apigee-api-platform-console
Developer’s Journey - Discovery
148
http://developers.google.com/apis-explorer
Developer’s Journey - Discovery
149
http://open-platform.theguardian.com/explore/
Developer’s Journey - Support• Continuous support to developers and their applications• Adequate support channels
150
Developer’s Journey - Support• Expose analytics that shows:
– Level of activity and usage for the application– Performance of the requests application is making– Usage patterns of my application
151
Developer’s Journey - Support• Expose API performance statistics• Export API availability status
152
Design consistent and standards compliant APIs
153
HTTP MethodsMethod Safe Idempotent Cacheable Semantics
OPTIONS ✔ ✔ ✖ Options or requirements for a resource or capabilities of the server
HEAD ✔ ✔ ✔ Retrieve metadata information without contentGET ✔ ✔ ✔ Retrieve resource representation
POST ✖ ✖ ✖ Create new resourcePUT ✖ ✔ ✖ Replace resource
DELETE ✖ ✔ ✖ Delete resourcePATCH ✖ ✖ ✖ Partial modification to resource
154
Safe: intended only for information retrieval and should not change the state of the server. In other words, they should not have side effects.Idempotent: multiple identical requests should have the same effect as a single request - in terms of resource state on the server.
HTTP Methods
155
Dropbox:“We could have somehow contorted /delta to mesh better with the HTTP worldview, but there are other things to consider when designing an API, like performance, simplicity, and developer ergonomics”
HTTP Methods
156
http://www.programmableweb.com/news/dropbox-sparks-controversy-api-design-decision/analysis/2015/03/03
Response Codes• For every single API request, there are 3 possible outcomes:
– Everything worked = success– Application did something wrong = client error– API did something wrong – server error
• Map these to:– 2xx – Success– 4xx – client errors– 5xx – server errors
157
Response Codes• 201 – Created• 304 – Not Modified• 404 – Not Found• 401 – Unauthorized• 403 - Forbidden
158
Response Codes
159
HTTP/1.1 200 OK { "type": "OauthException", "message": "Some of the aliases you requested do not exist: foo.bar" }
None of this please…
Fail in Style• Be helpful!• Code for machines, message for people• Link to documentation
160
HTTP/1.1 400 Bad Request Content-‐Type: application/json {
“code”: “400.02.006”, “message”: “verbose, plain-‐text language error description for humans”, “documentation”: “http://developers.foo.com/documentation/errors/invalid-‐subscriber-‐id”
}
161
About Trustpilot
● Always build APIs first● REST API● Build atomic and generic APIs● We use the same APIs as our clients
Design & Decisions
API Façade Pattern
The “API Façade” Pattern
USE THE FAÇADE PATTERN WHEN YOU WANT TO PROVIDE
A SIMPLE INTERFACE TO A COMPLEX SUBSYSTEM
SUBSYSTEMS OFTEN GET MORE COMPLEX AS THEY EVOLVE
Design Patterns – Elements of Reusable Object-Oriented Software (Erich Gamma, Richard Helm, Ralph Johnson, John Vlissides)
The “API Façade” Pattern • Virtual layer between the two API interfaces • Solution for exposing complex internal systems’ functionality in a way useful to developers
The “API Façade” Pattern
1. Design the ideal API’s 2. Implement design with stubs 3. Mediate across with internal systems
Traffic Management
Traffic Management • Management features added to open API’s • Technical - Need to regulate traffic flow
– Inefficient application code – Malicious use – DDoS, crawlers and robotic traffic
• Business - Consumption against quotas – Upsell, customer daily usage – Product / Service tiers – Billing, revenue protection
Traffic Management • Document your rate limiting and application quota values • Return quota information in response headers
Response Header Meaning
X-Rate-Limit-Limit Overall quota allowance for this request app, IP, org, etc
X-Rate-Limit-Remaining Remaining quota left for this app, IP, org, etc
X-Rate-Limit-Reset Remaining window before quota resets
Twitter REST API Documentation - https://dev.twitter.com/rest/public/rate-limiting
Implement Caching Headers
Caching • Time-based
– Last-Modified – If-Modified-Since
• Content-based – ETags
• Apigee Edge is fully compliant with HTTP/1.1 cache headers
Improve API Performance
Think API Performance during design • Using gzip compression
– Convenient way to reduce bandwidth – Requires some additional CPU on both sides to compress and uncompress
data
Think API Performance during design • Partial response
– Specify fields to include in the response – LinkedIn: /people:(id,first-name,last-name,industry) – Facebook: /friends?fields=id,name,picture – Google: ?fields=kind,items(title,characteristics/length)
Think API Performance during design • PATCH HTTP Method (not idempotent)
• Only send properties you want to modify • PUT will replace a resource, while PATCH is to partially modify it.• POST will create a new resource with a different ID PATCH /customers/1234 Content-‐Type: application/json { “email”: “[email protected]” }
Plan Early for Performance Testing • Identify KPI’s and SLA’s (throughput, service performance metrics) • Set the maximum target latency expectations for each use cases • Build your performance testing arsenal (both silicon and carbon) • Automate • Design a repeatable performance test suite • Incorporate performance measurement in your C.I. and deployment workflow
– Place adequate alerting when thresholds are breached during C.I. • Learn from failures
Measure your Capacity Limits
Measure your Capacity Limits • Measure, infer, extrapolate production capacity limits early • Cloud Deployment
• Horizontal and Vertical scalability • Multi-region, availability zones, elastic load balancing, geo-redundancy
• On Premises Deployment
– Horizontal and vertical scalability – Multi-datacenter, load balancing – Customers plan and provision capacity
Measure your Capacity Limits
Measure your Capacity Limits
Enforce end-to-end Security
Enforce End-to-End Security - Transport
Consumer A API Gateway API
TargetSSL 2-way SSL
Consumer B
2-way SSL
● Northbound:○ Use 2-way SSL in B2B scenarios and if you are in control of the client ○ Otherwise use 1-way SSL
● Southbound:○ Always Use 2-way SSL in Cloud-based and hybrid deployments
● Perform SSL vulnerability checks https://www.ssllabs.com/ssltest○ Target A or A+ grades
NORTHBOUND SOUTHBOUND
184
How we are working:● Building independent services● Communication between them…
How it benefits us● Teams own products● Grow more teams faster
How APIs have changed the way we work
● The atomic model● Communication between services
The down side (maybe not the DON’Ts)
● Clients● Partner● Consultants● Teams with ownership● Technologies to use
How APIs are changing Trustpilot
Thank you
Afternoon Break��
General Hall / Main Concourse�(Sessions resume at 16:00)
Two-Speed ITEd Anuff, Apigee !Ian Cooper, Thomson Reuters !
@edanuffEd Anuff
Ian Cooper
What is “2-Speed IT”?
192
Systems of Record
Systems of Engagement
Partner �Apps
Employee �Apps
Consumer �Apps Insights
ESB / Integration
ERP DatabaseCRM Data LakeData Warehouse
Two-Speed IT
What about “Bimodal” IT?
194
Gartner’s Bimodal IT
195
Source: Gartner- Drive Digital Business Using Insights From Symposium's Analyst Keynote
Pace Layering
196
197
Bimodal IT and Pace Layering
198
Systems OfEngagement
Systems OfDifferentiation
Systems OfRecord
Mode 1
Mode 2
+
-
Cha
nge
-
+
Governance
Source: Gartner
Decentralizing Excellence
199 Source: Forrester - The Digital Business Imperative, 2014, Fenwick, Gill
Impact of Two-Speed IT
200
Do these phrases describe your IT organization? Outside in, Cloud-first, Mobile-centric
Elements of 2-Speed IT drive pace that others can’t match
201 Source: Apigee Institute survey of 800 IT decision makers at companies with over $500M in annual revenue, 8 countries, 25 industries
Yes(12%)
No(88%)
12X more likely to greatly exceed expectations for speed building & delivering apps
7X more likely to fail to meet expectations for speed with apps
Are there only 2 speeds or modes?
202
203
No, the point is there’s more than 1…
204
205 Source: Simon Wardley
How are APIs relevant to 2-Speed IT?
206
Systems of Record
Systems of Engagement
Partner �Apps
Employee �Apps
Consumer �Apps Insights
ESB / Integration
ERP DatabaseCRM Data LakeData Warehouse
API Gateway Tier
Software-defined Application Services
208 Source: Gartner- Application Architecture For Digital Business, Anne Thomas, Yefim Natis, Ross Altman
Software-defined Application Services
209 Source: Gartner- Application Architecture For Digital Business, Anne Thomas, Yefim Natis, Ross Altman
Two Speed IT at ReutersIan Cooper, Reuters !
Topics
• About the company
• Thomson Reuters and Two Speed IT
• Two use cases
211
About Thomson Reuters
• Global company best known to the public through Reuters News
• Reuters News only represents ~2% of revenues
• Behind this is the world’s leading source of intelligent informaDon for businesses and professionals
• Ranked #57 in Best Global Brands
212
About Thomson Reuters
• We serve four core customer groups in global professional markets
• Finance & Risk, Legal, Tax & AccounDng and IP & Science
• We pride ourselves in being #1 or #2 in each of these markets
• Huge breadth and depth of historical informaDon and analyDcs
213
Why Two Speed IT
• Historically we have been managed as a porQolio business
• Core business units were treated like separate companies
• Massive push to become one company, from culture and technology perspecDves
• Requires the breakdown of data silos across the company
• Already have lots of APIs built for specific tasks, can they be shared to create value?
214
Use Case -‐ RESTificaDon
• Taking SOAP endpoints and making them RESTful
• Many APIs built when SOAP was king, providing great informaDon and funcDonality, but not what our internal clients want…
• QuesDon -‐ how do we modernize these APIs in the least risky way?
• Answer – we take a two pronged approach
215
Use Case -‐ RESTificaDon
• Long vision – invest in these APIs to make them RESTful, following good REST best pracDces a. Big investment of Dme and resources b. May not be commercially viable c. O`en requires a big bang approach (all exisDng funcDonality
required in new API). d. SomeDmes difficult to sell the business case
216
Use Case -‐ RESTificaDon
• PracDcal delivery – perform agile SOAP to REST conversion outside the applicaDon a. Easier to be iteraDve b. Prototype API fast and refine the structure c. Work with select clients to thrash out the API d. No interrupDon to exisDng client base e. Feed API design back into the long term API redesign f. Use success to drive the business case for API redesign
217
Use Case – API FederaDon
• Combining mulDple target APIs into a coherent whole
• Numerous APIs that expose a narrow set of resources
• Hard to integrate as developers need to incorporate many different APIs
• QuesDon -‐ how do make developers’ lives much easier?
• Answer – we federate and combine the APIs to hide the complexity
218
Use Case – API FederaDon
• Bigger process than RESTificaDon
• May include RESTificaDon on some underlying APIs
• Usually spend more Dme designing the overall look and feel of the API
• Must take into account the exisDng APIs’ structures and try to harmonize
• Create a core for the API and add incrementally add targets
219
Conclusion
• We would love our APIs to be perfect already
• But they are not…
• Using tools that abstract the client experience from the target API allows us to:
a. Deliver results faster b. Prove out API designs before commigng to large projects c. Provide the APIs that thrill our internal clients when they need
them
220
Thank you
Two-Speed IT with ApigeeGreg Brail, Apigee !Matthew Newton, glh. Hotels !
Start with the Customer• End users want rock-solid apps that work every time
223
Or, Start with your Partners• Partners want you to make it easy to integrate with you
224
Hyperconnectivity, Either Way• Either way, they are “hyperconnected”
• They don’t want: – Latency – Unreliability – Lack of privacy – Complexity – VPNs
225
Three Layers for Multi-Speed IT• Reusable API layer to adapt systems of record • Agile API layer that can quickly adapt to changing requirements • Feedback loop that affects both the APIs and the apps
226
Systems of Record
Reusable APIs
Agile API Adaptation Feedback Loop
Apps Partners
Layer I: Reusable APIs
227
Systems of Record
Reusable APIs
Agile API Adaptation Feedback Loop
Apps Partners
Where do we Start?• With what you have: • Systems of record
– REST APIs – SOAP web services – Databases – Data
228
API Challenges• Systems of record have lots of integration requirements:
– Security – Transformation – Connectivity
• They also have restrictions: – Low performance – Low availability – Inadequate security
229
Make Some APIs• Turn those assets into APIs!
– Consistent design – Consistent documentation – Consistent security – Traffic management – Caching
230
Layer II: Agile API Adaptation
231
Systems of Record
Reusable APIs
Agile API Adaptation Feedback Loop
Apps Partners
Building Agility
232
Now we have an API layer
You can build apps on it
Or you can customize it
Device APIs• Devices are different • They may need different APIs
233
Partner APIs• Different partners have different requirements
– Different levels of access control – Different formats – Different security requirements
• Can they have different APIs too?
234
Can you have 1000 APIs?• Of course you can.
235
Agile Data• Agile apps and APIs require agile data • Quickly build new data sets • Scale data access around the world
236
Adding the Feedback Loop
237
Systems of Record
Reusable APIs
Agile API Adaptation Feedback Loop
Apps Partners
OODA and You
238
• John Boyd is a fighter pilot from the 1950s and 60s who came up the “OODA Loop” • Observe. Orient. Decide. Act.
"OODA.Boyd" by Patrick Edwin Moran - Own work. Licensed under CC BY 3.0 via Wikimedia Commons
An Earlier Implementation
239
Controlling the Feedback Loop
240
• What are the customers and partners doing?
• Collect all the data while your apps are running
OBSERVE DECIDEORIENT ACT
• What does it mean? • Visualize the data.
Correlate it with other signals
• What are we going to do about it?
• Tailor app results for specific customers
• Create new apps and APIs
• Deploy new API versions
• Adjust API results
Bringing Feedback to the User
241
Putting it Together
242
Hadoop
In-Memory
Insights (GRASP)
Node.js
Node.js Node.js
Node.js Node.js
Node.js Node.js
API BaaS
(APIs)
Direct Mail
Web
Mobile
Outreach
(Batch Scores)
(Counters / Activities)
(Query)
Historical Events
Realtime Events
(Context)
Backend
(Mashup)
3
4
5
1
2
6
Conclusion• Successful two-speed IT initiatives come in three parts:
– A consistent API tier layered on top of existing “systems of record” – An agile tier that allows those basic APIs to be composed into new ones – A feedback loop so that changes in the performance of the API affect what the user sees
243
Two-Speed IT In Action at glh.
244
Who are glh. ?
245
2012: glh. Enterprise IT• Slow and unsteady
• No automation; little reproducible
• Customer under-represented
• Shadow IT on growth path
• Feedback but no loop
246
2013: Ship Alongside; get moving• Unfreeze the organisation
• Value based decisions
• Support both success and failure
• Embrace Shadow IT
• “Let’s make it a competition”
• Early OODA
247
2014: Innovation delivery startup• Customer-centric
• 100% new systems, and 80% overall, ‘in the cloud’ and consumed as a service
• Shadow IT doesn’t exist!
• Automating for continuous delivery
• Enjoying the OODA sound
248
2015: Innovation & Business Experiments• Quickly test hypotheses, cheaply
• Listen to the what and why
• Add to what we have so far
• Reuse what we have so far
• Adapt what we have so far
• …………and beware Waterfall!
249
250
Thank you
Closing Keynote�Great Hall�
Closing Keynote�Jack Ramsay, Accenture
From Digitally Disrupted to Digital Disrupter
Jack Ramsay, Senior Managing Director Digital Business Group
Copyright © 2014 Accenture All rights reserved. 255
Copyright © 2014 Accenture All rights reserved. 256
Where did today’s corporate leaders grow up?
Copyright © 2014 Accenture All rights reserved. 258
Copyright © 2014 Accenture All rights reserved. 259
Today’s corporate leaders grew up here We were machine operators rather than technology users…..
Copyright © 2014 Accenture All rights reserved. 260
Copyright © 2014 Accenture All rights reserved. 261
Copyright © 2014 Accenture All rights reserved. 262
Copyright © 2014 Accenture All rights reserved. 263
Copyright © 2014 Accenture All rights reserved. 264
And if you wanted to also watch the second channel…..
Copyright © 2014 Accenture All rights reserved. 265
And finally, machines with software behind the buttons where you were a user and not an operator….
Copyright © 2013 Accenture All rights reserved. 266
Then came the Personal Computer (PC)….. and you then had to learn once again how the machine worked…..
is largely different from the 1960s… the 1970s…
Copyright © 2013 Accenture All rights reserved. 266
Copyright © 2014 Accenture All rights reserved. 267
In the 1960s… In the 1970s… In the 1980s… And in the 1990s…
Their personal experience of technology was at best this…
Copyright © 2014 Accenture All rights reserved. 268
How does she see Technology? How many devices does she own? How many devices does she use? Does she have a digital identity? How many? Who “owns” them?
Technology is not the disrupter – it is her!
Copyright © 2013 Accenture All rights reserved. 269
And today‘s „Modern Family“?
Copyright © 2015 Accenture All rights reserved. 271 271 271
Did you know?
4,5 billion people have a mobile phone subscription…
… yet only 3.5 billion people use a toothbrush
Copyright © 2015 Accenture All rights reserved. 272 272 272
Did you know?
More people are online …
… than have access to refrigeration.
Copyright © 2015 Accenture All rights reserved. 273 273 273
On Facebook Did you know?
2.7 billion likes are sent
300 million photos are uploaded
There are more visits than on any other site on the net, with 20% of all page views
11% of the world population have an account
618 million users are active per day
Copyright © 2015 Accenture All rights reserved. 274 274 274
Personalized Communication Did you know?
A computer could more accurately predict the subject's personality than • A work colleague by analyzing just 10 likes • More than a friend or a roommate with 70 • A family member with 150 • A spouse with 300 likes The average person on Facebook has 227 likes.
Copyright © 2015 Accenture All rights reserved. 275
What do you get your son for his birthday, if you want to be
cool?
Copyright © 2014 Accenture All rights reserved. 276
Copyright © 2014 Accenture All rights reserved. 277
On Twitter
Amazing facts about the internet
the top three countries are the United States, Brazil, and Japan
200 million tweets are posted each day, enough to fill 8,163 copies of Leo Tolstoy’s War and Peace
1.6 billion queries are handled per day
1 million accounts are added every day
30% of the users have an annual income greater than $100,000
Over 456 million accounts
+
Copyright © 2014 Accenture All rights reserved. 278
On Google
Amazing facts about the internet
4.8 billion searches are performed every day and until now overall about 2 trillion searches
more than
100 million Android devices are registered
each query consumes 0.00007 kWh of energy, which is equal to turning on a 60W light bulb for 4,4 seconds
260 million Watts power is required for its servers
45% of its services are currently in beta stage
Copyright © 2014 Accenture All rights reserved. 279
As we speak, within 60 seconds
Data is increasing faster than ever before!
7,000 pictures uploaded
370,000 Skype voice-calls
700,000 search engine inquiries
700,000 Facebook status updates
170 million e-mails sent
600 videos uploaded 700 new Twitter accounts &
140,000 tweets
Copyright © 2013 Accenture All rights reserved. 280
Internet census 2012
Copyright © 2014 Accenture All rights reserved. 281
My Dad says you are spying on us online!
He‘s not your Dad
Copyright © 2014 Accenture All rights reserved. 282
Technology Trends 2014
Data Supply Chain
Harnessing Hyperscale Business of Applications Architecting Resilience
From Workforce to Crowdsource
Digital Physical Blur
What happens next?
Copyright © 2014 Accenture All rights reserved. 284
The basis for Industry 4.0 has been laid by technology innovation
Technology Innovation Smart Devices Cyber Physical Systems (4th Industrial Revolution)
Profound changes in the entire industrial ecosystem
Connectivity
Hyperscale Data Centers IT Standards
CPU Performance
Chip Miniaturization
Agile Software
Internet Backbone
+
=
Connected, always-on, intelligent, software & data powered autonomous devices
Nanotechnology
3D Printing Analytics & Algorithms
LTE
Copyright © 2014 Accenture All rights reserved. 285
The Internet of Things
The Internet of Things
Copyright © 2013 Accenture All rights reserved. 286
3D printing continues to revolutionize how we work
Copyright © 2013 Accenture All rights reserved. 286
Copyright © 2013 Accenture All rights reserved. 287
My son – „Anything we cannot print Daddy?“ Jack – „Yes, nobody will ever be able to print me!“
Copyright © 2015 Accenture All rights reserved. 288
Automotive – past generation
288 288 288 288 288 Copyright © 2015 Accenture All rights reserved.
Copyright © 2015 Accenture All rights reserved. 289
Automotive – Today
289 289 289 289 289 289 Copyright © 2015 Accenture All rights reserved.
Copyright © 2015 Accenture All rights reserved. 290
Automotive – Today
290 290 290 290 290 290 Copyright © 2015 Accenture All rights reserved.
You are 23 times more likely to get in an accident when texting and driving Costs billions in losses and thousands in lives
25% of all accidents in the US involved Cell Phones 1.6 Million accidents a year
Copyright © 2015 Accenture All rights reserved. 291
Automotive – Next Generation
291 291 291 291 291 291
Copyright © 2015 Accenture All rights reserved. 292
Healthcare – Last Generation
292 292 292 292 292 292 Copyright © 2015 Accenture All rights reserved.
Copyright © 2015 Accenture All rights reserved. 293
Healthcare – Today
293 293 293 293 293 293 293 Copyright © 2015 Accenture All rights reserved.
Copyright © 2015 Accenture All rights reserved. 294
Healthcare – Next Generation
294 294 294 294 294 294 294 Copyright © 2015 Accenture All rights reserved.
Copyright © 2015 Accenture All rights reserved. 295
Agriculture – Last Generation
295 295 295 295 295 295 295 Copyright © 2015 Accenture All rights reserved.
Copyright © 2015 Accenture All rights reserved. 296
Agriculture – Today
296 296 296 296 296 296 296 Copyright © 2015 Accenture All rights reserved.
Copyright © 2015 Accenture All rights reserved. 297
Agriculture – Next Generation
297 297 297 297 297 297 297 Copyright © 2015 Accenture All rights reserved.
HD Image
Thermal Image
NDVI* Image
* Normalized Difference Vegetation Index shows stress level of vegetation
Area of potential crop stress
Copyright © 2015 Accenture All rights reserved. 298
Digital Security – Last Generation
Copyright © 2015 Accenture All rights reserved. 298
Copyright © 2015 Accenture All rights reserved. 299
Digital Security – Today
Copyright © 2015 Accenture All rights reserved. 299
Copyright © 2015 Accenture All rights reserved. 300
Digital Security – Next Generation
Copyright © 2015 Accenture All rights reserved. 300
Copyright © 2013 Accenture All rights reserved. 301
Robots in our time?
Copyright © 2013 Accenture All rights reserved. 302
Affordable PCs will gain sufficient power to emulate the human brain
Copyright © 2014 Accenture All rights reserved. 303
Brain scanning is making the transition from science fiction novels to reality
Copyright © 2013 Accenture All rights reserved. 304
Only legislation will stop them, not Technology!
accenture.com/technologyvision
Thank you