Top Banner
World ® ’1 6 Gateway Deployment Scenarios and Best Practices Jamie Williams Senior Software Engineer CA Technologies DO3X48E DEVOPS
31

Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

Apr 15, 2017

Download

Technology

CA Technologies
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

World®’16

GatewayDeploymentScenariosandBestPracticesJamieWilliamsSeniorSoftwareEngineerCATechnologies

DO3X48E

DEVOPS

Page 2: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.

Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.

ForInformationalPurposesOnlyTermsofthisPresentation

Page 3: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Abstract

Inthissession,wewilllookatenterprisescenariosofdeployingyourCAAPIGateway.Wewillcoveron-premises,publiccloud,andPaaS/privateclouddeployment,andthedifferentformfactorsavailableforeach.

Thecomparisonofthevariousmodelsanddiscussionofrealworldexampleswillhelptheattendeeunderstandtheprosandconsofeach.Wewillalsolearnsomebestpracticesinimplementingsuchmodels.

JamieWilliamsCATechnologiesSeniorSoftwareEngineer

Page 4: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

4 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Agenda

INTRODUCTIONTOTHECAAPIGATEWAY

GATEWAYDEPLOYMENTSCENARIOS

CHOOSINGAMODEL

1

2

3

REALWORLDEXAMPLES4

BESTPRACTICES5

Page 5: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CAAPIGateway

§ EnablesenterprisestosecurelyexposeservicestoexternalclientapplicationsasAPIs.

§ Providesruntimecontroloverservice-levelauthentication,authorization,keymanagement,credentialing,integrity,confidentiality,schemavalidation,contentinspection,datatransformation,threatprotection,routing,protocolswitching,SLAenforcement,logging,andotherfunctions.

§ ActsasanintegrationpointforextendingexistingsecurityandmessageinfrastructuretoAPIs.

Page 6: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

CAAPIGateway

CAAPIGateway

EnterpriseDirectory

APIServer

SecurityBoundary

Page 7: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

GatewayDeploymentScenarios

§ On-Premises

§ PublicCloud

§ PaaS/PrivateCloud

§ Hybrid

Page 8: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

On-PremisesDeployment

§ HardwareAppliance

§ VirtualAppliance

§ DockerContainer

§ Software

Page 9: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

On-PremisesDeployment

VirtualorHardwareAppliance

Page 10: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

FormFactorOptionsforOn-PremisesDeployment

FORM FACTOR PROS CONS

Hardware • Best performance• Bestphysicalsecurity• Purposebuiltappliance• ThalesnCipher HSM

• Requiresrackspace• No hardwaremigration• Disasterrecovery

VirtualAppliance • Mobility• Scalability• Easeofdeployment• Disasterrecovery• Monitoringandmanagementtooling

• Reducedperformanceduetooverhead• Potentialresourcecontention• ESXhostmaintenance

Docker • Mobility• Scalability• Ease ofdeployment• Disasterrecovery• Simpleupgradestory

• Migration, monitoringandmanagementtooling/UI notasdevelopedasVMware

• Emergenttechnology

Page 11: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PublicCloudDeployment

§ AMI

§ Azure

§ Otherhosting

Page 12: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PublicCloudDeployment

APIs

AMI,Azure,Docker,etc.

Page 13: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PublicCloudDeployment

Page 14: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

FormFactorOptionsforPublicCloudDeployment

FORM FACTOR PROS CONS

AMI • ManyGateway-friendlyservices• Goodmonitoring• Auto-scaling• RDS

• Matureplatform

• Expensive

Azure • Cheaper thanAMI• Goodmonitoring• Auto-scaling

• Relativelyfewservices• Windows-centric

Page 15: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

15 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PaaS/PrivateCloudDeployment

§ CloudFoundry

§ OpenShift

§ OtherPaaS

Page 16: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

16 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PaaS/PrivateCloudDeployment

DockerContainer

Page 17: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

17 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

ProsandConsofPaaS/PrivateCloud

PROS CONS

• Mobility• Scalability• Easeofdeployment• Disasterrecovery• Auto-scaling• Simpleautomatedupgradestory• Somehavegooddeployment,managementtooling

• Canbeveryopinionated/presecriptive• Often minimal ornoservices• Canhaveexpensivelicensesandsupportcontracts• Somehavelimitedorunfriendlytooling

Page 18: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

18 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

HybridDeployment

§ Combinationofotherscenarios

Page 19: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

19 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

HybridDeploymentExampleOn-premiseshardwarewithAmazonWebServices

AMI

HardwareAppliance

Page 20: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

20 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

ChoosingaModel

§ Performance

§ Latency

§ Uptime

§ Governance

§ TimetoMarket

Whatareyournon-functionalrequirements?

Page 21: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

21 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

ChoosingaModel

§ Sizeofdatacentre

§ Budget,capitalvsoperational

§ Departmentalsilos

§ Willyourcorporatelimitationsbechangingsoon?

§ Mightyouchangeyourmindaboutwhereaserviceisdeployed?

Whatareyourcorporatelimitations?

Page 22: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

22 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

RealWorldExamples

§ On-premiseshardwareforTLS,AWSfornon-TLS(HTTP)traffic

§ On-premisesVMware,auto-scalinginAWSforpeaktraffic

§ FederatedGatewayclustersinseparateITinfrastructures

§ AzureforMicrosoftecosystemsupport

CAcustomers’Gatewaydeploymentscenarios

Page 23: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

23 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

BestPractices

§ LoadBalancing

§ VMwarebestpractice

§ Performancetesting

Page 24: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

24 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

LoadBalancing

§ Failover

§ Highavailability

§ Balanceload

§ Reduceoverloadingofindividualnodes

Whyimplementloadbalancing?

Page 25: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

25 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

LoadBalancing

§ ChooseAffinityandBalancingalgorithmsappropriatetotheusercase

§ ConfiguretimeoutsforbothLoadBalancerandGatewayroutingappropriatetosystembehaviouratbusinesslevel

§ ConsiderSSLTermination

Realworldguidance

Page 26: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

26 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

VMwareBestPractices

§ EnsureGatewayVMshavereservedmemoryandprocessors

§ DisableDRSorconfigureNodeAffinityforGatewayVMsonhypervisorclusters

§ DonotrunGatewayVMsonanovercommittedhost

§ Donotconfusehyperthreaded coresforphysicalcoreswhenallocatingprocessors

§ SizeGatewayVMssuitablyfortheusercase

Consistentperformancerequiresconsistentresources

Page 27: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

27 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

PerformanceTesting

§ Networksubsystemsandback-endlatency

§ ConnectiontimeoutvsResponsetimeout

§ Concurrency&Keepalive

§ Synchronizationoftesting

§ LonglivedvsShortlivedrequests

§ Loadbalancing,errorcases,andlongerlastingeffects

Confoundingfactorstobemindfulof

Page 28: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

28 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

RecommendedSessions

SESSION# TITLE DATE/TIME

DO3X47EVCAAPIGateway:DevelopingCustomPoliciestoSecureYourEnterpriseAPIs

11/14/2016at10:00am

DO3X49ECAAPIGateway:ManagingandmigratingGatewaypolicieswiththeGatewayMigrationUtility

11/14/2016at11:00am

DO3X52ECAMobileAppServices:BuildthePowerfulMobileAppEveryEnterpriseNeedsinUnderanHour

11/14/2016at1:00pm

Page 29: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

29 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Questions?

Page 30: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

30 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD

Thankyou.

Stayconnectedatcommunities.ca.com

Page 31: Pre-Con Ed: CA API Gateway: How to Deploy Your Gateway Across Multiple Environments and Architectures

@CAWORLD#CAWORLD ©2016CA.AllRIGHTSRESERVED.31 @CAWORLD#CAWORLD

DevOps– APIManagementandApplicationDevelopment

FormoreinformationonDevOps– APIManagementandApplicationDevelopment,pleasevisit:http://cainc.to/DL8ozQ


Related Documents
LoRaWAN Gateway and Wireless Sensor Catalog Gateway and... · 2020. 6. 4. · SenseCAP is an industrial wireless sensor network that integrates easy-to-deploy hardware and data API

LoRaWAN Gateway and Wireless Sensor Catalog Gateway...

Category: Documents
1Y0-231: Deploy and Manage Citrix ADC 13 with Citrix Gateway

1Y0-231: Deploy and Manage Citrix ADC 13 with Citrix Gateway

Category: Documents
File Gateway for Hybrid Cloud Storage Architectures

File Gateway for Hybrid Cloud Storage Architectures

Category: Documents
File Gateway for Hybrid Cloud Storage Architectures · 2020-03-06 · Amazon Web Services File Gateway for Hybrid Cloud Storage Architectures Page 2 access to data for file share

File Gateway for Hybrid Cloud Storage Architectures ·...

Category: Documents
The Kubernetes platform for big ideas · Building next-gen applications. Flexible app architectures Uniform deploy and debug No reinvention of core concepts Truly hybrid Operators

The Kubernetes platform for big ideas · Building next-gen....

Category: Documents
Deploying and Configuring VMware Unified Access Gateway ... · PDF fileDeploying and Configuring VMware Unified ... Deploy Unified Access Gateway Using the OVF Template Wizard 20 ...

Deploying and Configuring VMware Unified Access Gateway .......

Category: Documents
642-874 - Designing Cisco Network Service Architectures€¦ · A. Inability to deploy new functional servers without requiring physical changes on the network B. Complexity added

642-874 - Designing Cisco Network Service...

Category: Documents
Gateway Architectures for Service Oriented Application

Gateway Architectures for Service Oriented Application

Category: Documents
Download Ruckus P300 - Amazon Web Servicesruckus- · Ruckus P300 enables installers to deploy wireless bridges ... deploy multimedia hotspots, or ... SmartCell Gateway* P300 Network

Download Ruckus P300 - Amazon Web Servicesruckus- · Ruckus...

Category: Documents
Deploy an API gateway with Docker

Deploy an API gateway with Docker

Category: Documents
REPLACEMENT FOR OPENSTACK SWIFT DEPLOY CEPH RADOS … · DEPLOY CEPH RADOS GATEWAY AS A REPLACEMENT FOR OPENSTACK SWIFT Hands On Lab - L103175 Gregory Charot - Senior Field Product

REPLACEMENT FOR OPENSTACK SWIFT DEPLOY CEPH RADOS … ·...

Category: Documents
Migrating Content Gateway to Unified Access Gateway - VMware … · 2019-07-19 · Requirements 2 To migrate from Content Gateway to Unified Access Gateway, you must first deploy

Migrating Content Gateway to Unified Access Gateway - VMware...

Category: Documents