Cloud Architecture
Virtual Summit

Enterprise-Grade Integration Across Cloud and On-Premise

REGISTER

April 21, 2022

Online Conference

As organizations look to keep up with our increasingly digital and cloud-driven world, many are modernizing their IT infrastructure and adopting API-centric and microservices-based architectures to improve speed, agility, and efficiency.

Such uses of APIs support the rapid-response expectation of the modern era. In this case, APIs take the weight of a monolithic application and break it down into small microservices—which become independent units that promote agility when managing and scaling applications. Consistent and effective management of these interfaces and services is critical for successful deployment and use.

To receive these benefits, IT needs to implement a management architecture a to control these interfaces and services. Organizations have two options when building their service management architecture: API management and/or service mesh.

Both support cloud-native application development; however, key differences, such as the flow of traffic, decide how and when they are used.

The rest of this article explores these variables and when best to use each option.

Exploring API Management vis-à-vis Service Mesh:  Beginning with the Basics

Differentiating based on whether the traffic and interfaces are internal or external to the enterprise can be a straightforward guide for when to respectively choose an API management or service mesh solution. However, most organizations are not built so simply.

Typical organizations contain multiple groups that create and manage their own services and interact with other teams and external parties. Domain boundaries can help divide organizations into smaller, more manageable units. Much like the enterprise boundary denotes the perimeter of the overall organization, domain boundaries designate the perimeters of groups within the organization.

The best practices to manage interfaces at the domain boundaries benefit from many of the practices applied at the enterprise boundary. 

So now, let’s explore each option more deeply.

API Management
As companies seek to manage and share multiple applications across the web and engage large groups of developers to encourage new application growth, there has been an explosion of APIs. API management is the process of controlling and analyzing the interfaces that connect applications and data across an enterprise and across clouds. It encompasses the full API lifecycle needed to support digital transformation strategies, including product development, partner outreach, onboarding, monetization, and more.

API management is often described as a north-south traffic management pattern, which connects services and applications with external clients. This north-south pattern also applies to inter-domain traffic, as we saw earlier.

Companies control access to enterprise or domain boundaries and can discern who is allowed to access the systems, precisely which resources they are allowed to access, whether read and/or write permissions, and with customizable rate limits. This architecture provides authentication, traffic mediation, security, and encryption options, along with sophisticated authorization systems. In essence, it is about helping to manage the relationships between services or APIs and multiple consumers.

Service Mesh
Service meshes provide the connective tissue between services, ensuring that different parts of an application can reliably and securely share data with one another. They route requests from one service to the next, optimizing how all the moving parts work together. Within cloud-native application development approaches, they help to assemble large numbers of discrete services into functional applications. Service meshes provide transparency and security capabilities for developers, enabling them to focus on coding the application logic and thus increasing speed and quality.

Unlike API management, a service mesh is an infrastructure layer that runs alongside applications, which is also known as an east-west traffic management pattern or intra-domain traffic. As a contained system, service mesh is built into applications as an array of network proxies, which enables them to be updated and changed without affecting any of the services they support.

Creating a Comprehensive Application Connectivity Architecture

Most organizations look for either an API management or service mesh tool to create a comprehensive application connectivity architecture; however, it’s a mistake to approach this as an either-or decision. While they share similarities, API management and service mesh are complementary technologies that together deliver a complete architecture.

When it comes down to it, it’s important for teams to break down silos where they might make independent decisions about this architecture. Teams must have open communication and work together to make the best decision for their enterprise.

Customers should also look to their vendor partners for guidance, who have strong expertise in these areas. Considerations, such as the company’s existing infrastructure, business goals, and available time frame can also help shape the architecture design. Through education and collaboration, developers and application or service owners can avoid duplication and excess technology purchases and provide integration across their service management by maximizing the value of their infrastructure.

Mark Cheshire is Director of Product for Red Hat Integration (including 3scale API Management, AMQ Messaging plus Apache Kafka streaming, and Apache Camel distributed integration). Prior to acquisition by Red Hat, Mark served as Chief Operating Officer at 3scale, where he oversaw technical customer operations and business development for securing, controlling and monetizing APIs. Mark holds a degree in Software Engineering from the University Of Birmingham, UK and an MBA from MIT’s Sloan School of Management.