WSO2Con ASIA 2016: Service Governance Meets API Governance: A Case Study

ServiceGovernancemeetsAPIGovernance

KiranKumarNSEnterpriseArchitectWiproTechnologies

Agenda•  Customerask•  Agreeonterms–service,API,Governance•  SignificanceofServiceGovernance•  SignificanceofGovernance•  Governanceregistry•  WhyServiceGovernance•  WhyAPIGovernance•  ImpactofAPIGovernance•  RealizaFonofGovernance•  TrendsinGovernance•  RoadMapofGovernance•  WSO2GovernanceRegistry

CaseStudy•  Customerask

–  OnesinglelocaFontostorealltheassets–  Up-to-datedocumentaFonofallartefacts–  Toknowthestatusofaserviceand/orAPIlifecycleatanyFme–  InanintegraFonlandscapeof500+servicesand100+APIs,

•  AsingleplacetovisualizealltheservicesandAPIs•  HowisthedependencyofthoseservicesandAPIsoneachother,•  WhatistheimpactofmodifyingoneservicestootherservicesorAPIs•  ReusabilityIndexforservices,indexofauditcases(threatprotecFons,errorrates)

Services,APIsandGovernance

•  Services:ServicesaretheimplementaFonofbusinessfuncFonaliFesofanorganizaFon

•  APIs:APIsareinterfacesforconsumerstoconsumebusinesscapabiliFesembeddedinservices

•  Governance:AcourseofacFon,policies,processesandresponsibiliFesappliedatArchitecture,DesignTime,RunTimeandOrganizaFonallevel

Co-existenceofServices,APIsandGovernance

•  DigitalWorld•  Microservices•  PervasiveAPIs

Governance

Services

APIs

SignificanceofServicesGovernance•  Lackofclarityonserviceownershipandfunding• DuplicaFonofServicesinterfaces,liZleornoreuse• Novisibilityofwhatservicesareplannedandthestatusoftheservicesbeingbuilt• Noclarityonroles&responsibiliFes•  LackofvisibilityonserviceusageandrunFmemetrics•  Lackofstandardpoliciesandnomeasureofcompliancetopoliciesandstandards•  LackofprocesstomeasurebenefitsofSOA/Services•  LackofrunFmemonitoringtomeasureQoS

BusinessDrivers•  Servicesinterfacescomplainttostandards•  Servicesofrightgranularity,alignmentofservicestostandards,roadmapandreferencearchitecture• DiscoverableServicesthroughserviceCatalogmaximizingservicereuseacrossdifferentdomainsbyenablingservicediscovery•  Abilitytomeasurebenefits,metrics,governanceeffecFvenessandROI• MonitoringofkeyrunFmeprocess,services• Abilitytoquicklytroubleshootfailures•  ConsistentapplicaFonpoliciesatdesignFmeandrunFmeacrosstheenterprise

Benefits

SOAGovernance

SignificanceofAPIGovernance• DataandContentrequiredanywhere,anyFmeacrossanydevicesandchannelsforaconsumer•  Enterpriseswantstoreachcustomersdirectlyandquickly•  SMAC,IoT&M2Menablementistreatedasgiven• BeZerControlonentryandexitofinformaFonrequestandresponseatenterprise• BeZerbillingabiliFes• BeZervisibilityofinteracFonofconsumerswiththeenterprisesformakingbusinessdecisions• OpFontointeractwithdevicesoverinternetwithbeZervisibilityofthebusinessassetstoconsumers

BusinessDrivers•  SeparaFonofconcernisenforcedtohandlenonfuncFonalaspectsinathinlayerattheedgeofenterpriseintegraFoninfrastructureinaagilemanner• BeZerAPIadopFonbecauseofAPIcatalogues,categorizaFonofassets,tagsandsearch,consumeronboardingprocesses,metadataavailability• QoSsuchassecurity,responseFme,errorrates,accessacrossgeo,usagemetricsaremeasured• MoneFzaFonmadeeasy• Businessdecisionsaretakenquickly•  Inventoryofassetsandimpactanalysisismadehandy•  CentralizedplaceforAPISDLC(CreaFon,publish,deploy,version,reFre)

Benefits

APIGovernance

ServicesGovernance APIGovernanceService

IdenFficaFon

ServiceVersion

ServicePublish

ServiceDeploy

ServiceTest

ServiceDevelop

ServiceDesign

APIResourceIdenFficaFon

APIDesign

APIConfigure

APITest

APIPublish

APIVersion

Community

DifferentStakeHolders:AppDevonboarding

InternetThreatProtecFon

AnalyFcs&MoneFzaFon

DependencyVisualizaFon

AssetCategorizaFon

GraphicalDiffview

APIMIntegraFon

GovernanceRegistry

WhyAPIGovernanceiscriFcal•  WideScopeofAPIs(Cross

enterprise/CrossPartnernetworks)

•  HeterogeneousStakeholders•  UsageSensiFvity•  Security•  PervasiveAPIs•  Customerexperience

engineering

WhyServiceGovernanceisCriFcalØ  ServiceContracts(StandardizaFonandDesign)Ø  ServiceCoupling(Intra-ServiceandConsumerDependencies)Ø  ServiceAbstracFon(InformaFonHidingandMetaAbstracFonTypes)Ø  ServiceReusability(CommercialandAgnosFcDesign)Ø  ServiceAutonomy(ProcessingBoundariesandControl)Ø  ServiceStatelessness(StateDeferralandStatelessDesign)Ø  ServiceDiscoverability(InterpretabilityandCommunicaFon)Ø  ServiceComposability(ComposiFonMemberDesignandComplex

ComposiFons)

ImpactofAPIGovernance•  Culturalchanges

–  APIfirstdesignprinciple–  Compliancesense

•  CustomerExperience–  Security–  EaseofaccessandquickreacFontomarkettrends

•  Focus–  CrossorganizaFonwidedataexchangeratherthanenterprisewide–  APPDeveloperadopFonratherthanreuse

RealizaFonofGovernance

CustomerOnboarding

DeveloperEcoSystem

OrganizaFonalChanges

ComplianceSetup

WSO2GovernanceRegistrySetup

ResourceOntologyDefiniFon

MoneFzaFon

TrendsinGovernance•  IOT

–  ThereisaneedtoimplementanAPImanagementplabormtogovernthecommunicaFonthroughAPIsacrossdifferentdevicesatrestandmoFonsecurely,monitor,noFfyetc

•  SMAC–  Socialmedia,mobile,analyFcsandcloudawareplabormisrequiredasAPIsare

beingheavilyusedintheseareas•  BigData

–  Contextaware,Fmebasedresponsive,predicFveanalyFcscanbeextendedtomoneFzaFonthroughAPIs

•  Adoptabletocurrentneeds–  SincetheITplabormsaremovingaheadwithlatestpracFcessuchasDevops,

microservices,APIgovernanceneedstobeextendedtoincludethesepracFces

GovernanceRoadmap

•  Definethegovernanceprocesses

•  Evaluatethegovernanceproduct

•  ImplementthegovernanceorganizaFon

•  Implementgovernancetools

•  AdoptSharedfundingmodeltogovernanceorganizaFon

•  Governance•  Createcommon

SLAs•  Implement

compliancemonitoring

•  AdoptIoT&M2M

Level0(IniFate)

Level1(Adopt)

Level2(OpFmize)

WSO2GovernanceRegistry-Overview§  GovernanceCentre(StoreandPublisher)§  AssetDependencyvisualizaFonUI§  MulFpleLifeCyclesupport§  CategorizaFonsupportinstore/publisher§  Graphicaldiffview§  IntegraFonwithWSO2APImanager

ThankYou