Cloud-native API Administration with Red Hat 3scale API Management
Abstract
| Goal | Describe API management concepts and the architecture of Red Hat 3scale API Management. |
| Objectives |
|
| Sections |
|
After completing this section, you should be able to describe the architecture of Red Hat 3scale API Management and the benefits of API Management.
You can use Red Hat 3cale API Management to easily manage your APIs. You can focus on creating the business logic of your APIs, delegating to 3scale tasks such as authentication, rate limits, or user management.
You can deploy 3scale on-premises, in the cloud, as a managed service, or as a combination.
There are two different logical components: the API Manager and the API Gateway. If the API Manager is down, then the API Gateway still works.
Routing policies, rate limiting, user management, and monetization.
Administrators can manage their APIs through a rich user interface, the Admin Portal.
Administrator can manage their APIs through a rich command-line utility, the 3scale Toolbox CLI.
The two main logical components of 3scale are the API Manager and the API Gateway. The API Manager holds all the information regarding routing policies, users, rate limits, etc. The API Gateway receives the actual external requests and handles them according to the API Manager information.
 |
The API Gateway fetches the API Manager information (routing policies, users, rate limits…) periodically and saves it. This means that the API Gateway does not have to get the information from the API Manager on every incoming request, therefore, reducing latency. At the same time, if the API Manager is down for some minutes, the API Gateway can work independently because it holds the cached information.
You can consider the API Manager the administrative part of your 3scale installation. The API Manager provides the Admin Portal user interface for managing APIs, routing policies, users, rate limits, and more.
You can use a routing policy to define an external route where the consumers of your APIs will make requests. Then, after these requests reach 3scale, you define where they are delivered.
For example, consider that you have a book API available at http://books.mystore.com/.
You want your clients to consume your API through 3scale to be able to manage different aspects of the API.
Consider also that you define a 3scale route /books, which is the public external route that your clients will use.
With the routing capabilities of 3scale, you can map the /books route to your external service http://books.mystore.com/.
The following diagram illustrates this process.
 |
To create routing policies, 3scale provides two abstractions: products and backends.
A product is used to define the external routes accessible by your clients.
A backend is used to define your API services.
Then, a product is mapped to one or several backends to achieve the routing policy.
The following diagram illustrates the books example with a new route, /authors.
The /books route is mapped to http://books.mystore.com/ and the /authors route is mapped to http://authors.mystore.com/.
 |
Both products and backends are covered later in this course.
You can use rate limits to control the number of requests that each of your clients can make to your APIs.
3scale provides the abstraction of an application. You can consider that each of your clients is a 3scale application. On every request, 3scale must identify which of your clients (i.e. applications) is making the request to be able to apply the rate limits. Every application is assigned a random user key. Then, your client must include this user key on every request.
At the same time, an application holds an application plan, which is used to define the rate limits for every application.
For example, consider the books example previously mentioned.
If you have two clients, client1 and client2, then you can create two applications.
For every application, a random user key is generated, which must be provided when making external requests.
For every application, you can create an application plan, which contains the rate limits of the application (i.e. how many requests the application can make in a specific period of time).
The following diagram illustrates this behavior.
 |
Applications and application plans are covered later in this course.
The Developer Portal is a public web page that you can use to provide information about your APIs. The Developer Portal is entirely customizable and it provides features such as Swagger definitions importing, authentication for developers, or email templates.
 |
The Developer Portal is covered later in this course.
In the context of 3scale API Management, a tenant acts as an instance of 3scale. Within the same 3scale installation, you can create several instances of the product.
By using several tenants, you can create a logical separation of your APIs.
For example, consider that you have two tenants: orders and finance.
In the order tenants you create APIs related to orders, and in the finance tenant you create APIs related to payments.
At the same time, you can restrict who has access to every tenant independently.
The default tenant is called 3scale, and you can create as many tenants as you want depending on your needs.
Tenants are covered later in this course.
The API Gateway receives the actual external traffic and redirects or denies requests based on the rules provided by the API Manager. The API Gateway caches the API Manager information regarding routing and limits, so it can work independently in the case of a failure in the API Manager.
The implementation of the API Gateway is APIcast, an open-source NGINX-based API Gateway.
The default 3scale installation comes with two APIcast instances: one for a staging environment and another one for a production environment.
 |
APIcast is covered later in this course.
