API overview from a DevOps perspective
-
3137
-
8
-
0
-
0
Most of you use APIs without even knowing it. What is API, how it works and what can it do? IT Svit explains API basics from a DevOps perspective.
Most people use APIs — Application Programming Interfaces without even paying attention. Whenever you book a room, order a pizza online from your mobile app or perform literally any other action online — you use API somewhere along the way. Today we discuss why API adoption is important for modern business, how API works from a DevOps perspective, types of APIs existing, what are the latest API trends of 2020 and what are API implementation use cases and benefits.
Why APIs are important
From a software engineering standpoint, API is an intermediary between two independent systems allowing hem to interact with each other and exchange data. Much like a USB cable connecting your smartphone to your laptop allows synchronizing data, uploading pics to the laptop and charging your smartphone battery along the way, working with APIs enable software engineers to operate a set of standardized functions that will work as intended in any business scenario.
This effectively means that when building a new product or service and designing its future functionality you can minimize the number of unique code that needs to be written, as you can utilize a huge publicly available library of common APIs (15,000 according to Programmable Web) as building blocks and implement standard functions like authentication quickly, greatly reducing time-to-market for your projects. API allows avoiding reinventing the wheel while building systems that work reliably regardless of the infrastructure behind their respective components.
Thus said, if you have a legacy system running on on-prem servers with hardcoded functionalities described in code, replacing these functionalities with the corresponding APIs allows moving your IT operations to much more cost-efficient virtual servers in the cloud to enjoy the security and scalability without having to handle maintenance and manual server configuration. If your credit card payment processor is a Java software that operates on a legacy Oracle-based app server, using API allows moving to the latest version of the Node.JS server-side Javascript server hosted at AWS or Microsoft Azure, for example.
To wrap it up, using APIs enables the developers to be greatly more productive, as implementing any function quite often requires simply using the right API and writing a few lines of code to make the needed API call. This way new features can be built, tested and released within days and weeks, not months and years.
How API works from a DevOps perspective
API is a container of code with endpoints and webhooks that allow making API calls from external systems. As such, API is a great component for DevOps processes, as API containers can be stored as Docker Registry images and composed into Docker containers on request, or kept dormant to minimize the resource consumption until they have to operate. APIs can be launched and ran as a separate microservice and benefit from all advantages of this approach — security, repeatability, scalability, transparency. This is essential, as it combines perfectly with DevOps concepts of CI/CD, IaC and service meshes.
Service meshes have quite evolved in complexity over the last few years, and instead of additional control plane they were initially introduced as, service meshes now represent complex microservice environments with “dumb CI pipelines and smart endpoints”. As long as the API is configured correctly, it matters not what data is transmitted, making the same logic and system components applicable in a wide range of business scenarios. This allows saving money at scale instead of writing the code from scratch for every new business case.
Types of APIs
There are several important branches of APIs used for various purposes:
- RESTful API (Representational State Transfer) — a software architecture style and a set of rules and constraints designed for ensuring interoperability between web services
- SOAP (Simple Object Access Protocol) — standardized communication protocol for allowing different operating systems to exchange sensitive data like account details via HTTPS and XML.
- OAS API (Open API Specification) — a standard interface allowing people and computers to assess the capabilities of any service written in any programming language without reading the source code, inspecting the traffic or diving into developer documentation.
- GraphQL — in innovative syntax for building APIs and describes the ways to get various data from various sources, allowing easy aggregation for data analytics.
- cloud-native gRPC — a project from Cloud Native Computing Foundation, gRPC-Web is an open-source JavaScript library allowing frontend web apps to interact directly with web backend gRPC services.
- AsyncAPI — a set of rules for data handling in oversaturated data processing systems, ensuring delivery of every event exactly once regardless of the time needed to perform the operation.
- Browser and iOS/Android APIs — every browser, as well as iOS/Android OS for mobile apps, have their set of APIs to simplify building the services that will be run on them.
REST APIs are by far the most popular kind of Advanced Programming Interfaces, as they are needed to enable smooth interoperability between a myriad of components for various web services. Over 70% of all publicly available APIs use REST for JSON processing, due to its reliability, speed of performance, and ability to scale modularly, without affecting other system components.
REST or Representational State Transfer stands for a software design that enables stable and predictable data operations by providing a uniformed set of rules for data operations. The payload or the data to be processed is defined in the request and is delivered in HTTP, JSON or XML format using standardized HTTP operations like GET, PUT, POST, DELETE, etc. REST API request consists of 4 main parts:
- URI or Uniform Resource Identifier — the URL address of the resource, so-called endpoint.
- The HTTP method used for operation — almost always GET or POST
- HTTP headers that perform various administrative tasks like defining the format of the data expected in the response, expected response rate limits, etc.
- Body — the actual request content.
Of course, there are thousands of proprietary APIs used in various systems to perform app-specific operations. This results in an emerging API economy, where the companies with the required expertise can write an API of one of the types listed above for you, optimize the performance of the existing one or replace an outdated bespoke API with some fresh common alternative to minimize your operational expenses and provide a massive boost to your business performance.
Latest API trends of 2020
APIs transformed from custom-built implementations of repetitive code functions into standardized sets of rules that simplify the operations of uncountable web services and make the IT industry much more productive as a whole. They continue to evolve due to a huge and passionate community that uses them in their operations and constantly finds new ways of API implementation to speed up the software delivery process.
In autumn of 2019, Linux foundation has held the first-ever API Specification Conference in Vancouver. The even has gathered API experts and enthusiasts who shared their experience and vision on and has outlined the major trends of API development in 2020:
- This conference showed what many understood already — despite a wide variety of API implementations, the general rules and best practices of API design are ubiquitous as they are dictated by common sense and business logic. Therefore, a common set of specifications can be developed to unify and standardize API development, which will be very beneficial for the IT industry as a whole.
- API-powered organizations see great differentiation in roles and tools. 5-8 years ago APIs were the concern of the IT departments and managerial staff took little concern with them. Now, as they have proven to be instrumental in decreasing OPEX and improving customer experience, more people are involved with designing and implementing APIs, and these people fill many more roles than simply a developer and a DevOps engineer. The tools used to introduce APIs into enterprise workflows also differ based on the level where they are deployed.
- APIs grow in complexity, and instead of being passive building blocks for infrastructures and workflows can serve as active components of service meshes and serverless computing. This way the software engineers and DevOps specialists get a much wider array of tools to work with when enabling digital transformation for enterprise legacy infrastructures. They can also avoid costly mistakes due to using ready polished solutions for standardized function instead of starting from scratch every time.
- Robotic Process Automation or RPA is on the rise nowadays, as enterprises find it a worthy alternative to costly refactoring of their legacy infrastructures and processes. It might soon grow into a unified approach for people and computers to access back-end APIs which will solve lots of system design complexities.
API use cases
We have briefly mentioned several API use cases above, but now we want to share how IT Svit handles APIs in our daily workflows. As one of the leading Managed DevOps Services Providers worldwide, we deal with all sorts of APIs in our projects.
- API dockerization. One of our customers had a cloud-based enterprise-grade CMS written in Java with nearly 100 modules working at any given moment and communicating via APIs. Its deployment and configuration according to a checklist took around 4 hours. We helped split a monolith app into microservices and dockerized all APIs to enable separate scaling up and down on demand. By building CI/CD installation pipelines we were able to shorten the installation time to 15 minutes and helped reduce the overall resource usage for the system by 40%.
- Blockchain API operations. Blockchain is on the rise again, as more and more businesses find ways to implement the concept of decentralized record ledgers into their operations. We have accomplished a wide variety of Blockchain-centered projects — from fiat-to-crypto exchanges like Yallabit to various decentralized record-keeping solutions. We have ample experience with containerizing Blockchain apps, ensuring ledger immutability, scaling the operations up and down automatically on demand and enabling various business operations through API calls.
- Integrations with public APIs. While developing one of our products, Hurma System — an end-to-end solution for HR, recruitment and OKR, we faced the need to integrate it with various internal resources like Google calendar, social media, LinkedIn, job portals, company websites, messengers, etc. Due to our in-depth experience, Hurma is now accessible via AI-powered chatbot in Telegram and through a web application, can parse candidate profiles from LinkedIn and multiple job portals, can publish vacancies there and to a corporate website in one click — and new features are added constantly.
Thus said, APIs are great tools for building modular and flexible applications and services and ensure their smooth interaction with other web platforms. IT Svit has long-term experience with handling all API-related tasks and we can help you accomplish your project successfully. Should you need any help with APIs — let us know, we would be glad to help!