Service Governance meets API Governance Kiran Kumar NS Enterprise Architect Wipro Technologies
Feb 13, 2017
Agenda• Customerask• Agreeonterms–service,API,Governance• SignificanceofServiceGovernance• SignificanceofGovernance• Governanceregistry• WhyServiceGovernance• WhyAPIGovernance• ImpactofAPIGovernance• RealizaFonofGovernance• TrendsinGovernance• RoadMapofGovernance• WSO2GovernanceRegistry
CaseStudy• Customerask
– OnesinglelocaFontostorealltheassets– Up-to-datedocumentaFonofallartefacts– Toknowthestatusofaserviceand/orAPIlifecycleatanyFme– InanintegraFonlandscapeof500+servicesand100+APIs,
• AsingleplacetovisualizealltheservicesandAPIs• HowisthedependencyofthoseservicesandAPIsoneachother,• WhatistheimpactofmodifyingoneservicestootherservicesorAPIs• ReusabilityIndexforservices,indexofauditcases(threatprotecFons,errorrates)
Services,APIsandGovernance
• Services:ServicesaretheimplementaFonofbusinessfuncFonaliFesofanorganizaFon
• APIs:APIsareinterfacesforconsumerstoconsumebusinesscapabiliFesembeddedinservices
• Governance:AcourseofacFon,policies,processesandresponsibiliFesappliedatArchitecture,DesignTime,RunTimeandOrganizaFonallevel
Co-existenceofServices,APIsandGovernance
• DigitalWorld• Microservices• PervasiveAPIs
Governance
Services
APIs
SignificanceofServicesGovernance• Lackofclarityonserviceownershipandfunding• DuplicaFonofServicesinterfaces,liZleornoreuse• Novisibilityofwhatservicesareplannedandthestatusoftheservicesbeingbuilt• Noclarityonroles&responsibiliFes• LackofvisibilityonserviceusageandrunFmemetrics• Lackofstandardpoliciesandnomeasureofcompliancetopoliciesandstandards• LackofprocesstomeasurebenefitsofSOA/Services• LackofrunFmemonitoringtomeasureQoS
BusinessDrivers• Servicesinterfacescomplainttostandards• Servicesofrightgranularity,alignmentofservicestostandards,roadmapandreferencearchitecture• DiscoverableServicesthroughserviceCatalogmaximizingservicereuseacrossdifferentdomainsbyenablingservicediscovery• Abilitytomeasurebenefits,metrics,governanceeffecFvenessandROI• MonitoringofkeyrunFmeprocess,services• Abilitytoquicklytroubleshootfailures• ConsistentapplicaFonpoliciesatdesignFmeandrunFmeacrosstheenterprise
Benefits
SOAGovernance
SignificanceofAPIGovernance• DataandContentrequiredanywhere,anyFmeacrossanydevicesandchannelsforaconsumer• Enterpriseswantstoreachcustomersdirectlyandquickly• SMAC,IoT&M2Menablementistreatedasgiven• BeZerControlonentryandexitofinformaFonrequestandresponseatenterprise• BeZerbillingabiliFes• BeZervisibilityofinteracFonofconsumerswiththeenterprisesformakingbusinessdecisions• OpFontointeractwithdevicesoverinternetwithbeZervisibilityofthebusinessassetstoconsumers
BusinessDrivers• SeparaFonofconcernisenforcedtohandlenonfuncFonalaspectsinathinlayerattheedgeofenterpriseintegraFoninfrastructureinaagilemanner• BeZerAPIadopFonbecauseofAPIcatalogues,categorizaFonofassets,tagsandsearch,consumeronboardingprocesses,metadataavailability• QoSsuchassecurity,responseFme,errorrates,accessacrossgeo,usagemetricsaremeasured• MoneFzaFonmadeeasy• Businessdecisionsaretakenquickly• Inventoryofassetsandimpactanalysisismadehandy• CentralizedplaceforAPISDLC(CreaFon,publish,deploy,version,reFre)
Benefits
APIGovernance
ServicesGovernance APIGovernanceService
IdenFficaFon
ServiceVersion
ServicePublish
ServiceDeploy
ServiceTest
ServiceDevelop
ServiceDesign
APIResourceIdenFficaFon
APIDesign
APIConfigure
APITest
APIPublish
APIVersion
Community
DifferentStakeHolders:AppDevonboarding
InternetThreatProtecFon
AnalyFcs&MoneFzaFon
DependencyVisualizaFon
AssetCategorizaFon
GraphicalDiffview
APIMIntegraFon
GovernanceRegistry
WhyAPIGovernanceiscriFcal• WideScopeofAPIs(Cross
enterprise/CrossPartnernetworks)
• HeterogeneousStakeholders• UsageSensiFvity• Security• PervasiveAPIs• Customerexperience
engineering
WhyServiceGovernanceisCriFcalØ ServiceContracts(StandardizaFonandDesign)Ø ServiceCoupling(Intra-ServiceandConsumerDependencies)Ø ServiceAbstracFon(InformaFonHidingandMetaAbstracFonTypes)Ø ServiceReusability(CommercialandAgnosFcDesign)Ø ServiceAutonomy(ProcessingBoundariesandControl)Ø ServiceStatelessness(StateDeferralandStatelessDesign)Ø ServiceDiscoverability(InterpretabilityandCommunicaFon)Ø ServiceComposability(ComposiFonMemberDesignandComplex
ComposiFons)
ImpactofAPIGovernance• Culturalchanges
– APIfirstdesignprinciple– Compliancesense
• CustomerExperience– Security– EaseofaccessandquickreacFontomarkettrends
• Focus– CrossorganizaFonwidedataexchangeratherthanenterprisewide– APPDeveloperadopFonratherthanreuse
RealizaFonofGovernance
CustomerOnboarding
DeveloperEcoSystem
OrganizaFonalChanges
ComplianceSetup
WSO2GovernanceRegistrySetup
ResourceOntologyDefiniFon
MoneFzaFon
TrendsinGovernance• IOT
– ThereisaneedtoimplementanAPImanagementplabormtogovernthecommunicaFonthroughAPIsacrossdifferentdevicesatrestandmoFonsecurely,monitor,noFfyetc
• SMAC– Socialmedia,mobile,analyFcsandcloudawareplabormisrequiredasAPIsare
beingheavilyusedintheseareas• BigData
– Contextaware,Fmebasedresponsive,predicFveanalyFcscanbeextendedtomoneFzaFonthroughAPIs
• Adoptabletocurrentneeds– SincetheITplabormsaremovingaheadwithlatestpracFcessuchasDevops,
microservices,APIgovernanceneedstobeextendedtoincludethesepracFces
GovernanceRoadmap
• Definethegovernanceprocesses
• Evaluatethegovernanceproduct
• ImplementthegovernanceorganizaFon
• Implementgovernancetools
• AdoptSharedfundingmodeltogovernanceorganizaFon
• Governance• Createcommon
SLAs• Implement
compliancemonitoring
• AdoptIoT&M2M
Level0(IniFate)
Level1(Adopt)
Level2(OpFmize)
WSO2GovernanceRegistry-Overview§ GovernanceCentre(StoreandPublisher)§ AssetDependencyvisualizaFonUI§ MulFpleLifeCyclesupport§ CategorizaFonsupportinstore/publisher§ Graphicaldiffview§ IntegraFonwithWSO2APImanager