It’s hard not to talk about DevOps today. From startups to large enterprises, companies across all industries are turning to DevOps practices to improve the speed and quality of their application development. And it’s not hard to see why.
According to the 2019 Accelerate State of DevOps report, compared to software teams with inefficient app development and delivery processes, teams leveraging DevOps at the highest level can:
- Release code updates 208 times more frequently
- Maintain lead times from commit to deploy that are less than one day
- Recover from failures 2,604 times faster – on average in under an hour
But with all the discussion around DevOps adoption, there’s one key ingredient that shouldn’t be overlooked – API management (APIM).
DevOps and APIs Are Great Alone, Even Better Together
APIs, both internal and external, have become ubiquitous in powering modern application development, enabling applications and devices to communicate. While a wide variety of software professionals work with APIs, more than 77% are in development, with 26% specifically in DevOps. The connection is logical – APIs play an instrumental role in enabling the automation, consistency, and efficiency that make DevOps methodologies so successful.
DevOps, on its own, focuses on improving the development and deployment of code. APIs expose components and assets, so they can be more broadly consumed and reused across the business, enabling developers to build new capabilities faster because they don’t have to start from scratch.
As reliance on DevOps grows, so does the need to enable automation of APIM for DevOps teams in order to support modern digital experiences powered by APIs. Unfortunately, traditional APIM solutions fall short of the requirements.
Traditional API Management Solutions Are Missing the Mark
The biggest problem with traditional APIM solutions is that they weren’t created to meet the needs of modern applications and APIs. They were designed before the era of public cloud, microservices, and Kubernetes. As a result, companies are finding their efforts impeded by one of the tools meant to enable them.
The 2020 State of the API Report found that:
- More than half of professionals working with APIs say they don’t have enough time to develop APIs.
- The most common ways to collaborate on APIs is sharing URLs to API artifacts or publishing them to repos like GitLab, GitHub, and Bitbucket.
Legacy self‑managed or SaaS‑based APIM frameworks are poorly suited to distributed architectures, causing unnecessary delays and increased operational overhead. Organizations managing microservices in hybrid environments struggle to achieve acceptable latency as API traffic must be authenticated and routed via a tightly coupled control and data plane. Teams also run into issues if the APIM solution and API gateways are hosted in the public cloud, as any updates or changes also require changes to the corporate firewall, significantly increasing complexity for DevOps teams deploying APIs in test, development, or sandbox environments.
The decentralized nature of modern IT and software development teams poses another problem for traditional APIM solutions. DevOps only works well when development teams can manage and scale infrastructure according to their needs, but traditional APIM solutions are designed to be managed by a single team – in most organizations, a centralized Infrastructure & Operations or NetOps team. DevOps teams have to rely on NetOps to deploy API gateways even within private dev, test, and sandbox environments. Nor can DevOps teams automate API creation, security (such as certificate renewal), or monitoring tasks in their CI/CD pipelines. Testing, QA, security, and operation of code is baked into the pipeline. Shouldn’t APIM be too?
API Management Is the Last Frontier for DevOps
Modern application development is in full revolution as businesses rethink IT processes, technology, and collaboration – and it’s clear there’s still a lot of room to grow. DevOps is at the center of this shift, but APIM has lagged behind. Organizations looking to reap the full benefits of DevOps‑driven development need a new breed of APIM tools to manage the entire API lifecycle and integrate into the CI/CD pipeline.
We designed and developed the NGINX Controller API Management Module with DevOps in mind, addressing the real needs and pain points we have heard from our customers.
NGINX is powering APIM for DevOps teams by providing:
- A unique architecture that reduces complexity. Controller APIM decouples the control and data planes, so they don’t have to be connected constantly during API traffic processing. This reduces latency because API calls no longer pass through the control plane, and it means teams can run the data plane (API gateways) closer to their applications.
- Multi‑cloud versatility. The API Management Module (control plane) can be deployed in any environment – containers, virtual machines, and public, private, and hybrid clouds. The API gateway (data plane) can run next to each application, while the control plane can run anywhere without impacting performance and stability.
- Self‑service API deployment and management. Multiple teams, such as DevOps, can deploy their own API gateways in private environments, while NetOps and SecOps stay in control of security policies for APIs deployed in production on the control plane.
- Automated APIM. Controller APIM provides APIs to define and publish multiple API definitions and their component resources, route API traffic to the appropriate resources, manage API versioning, and publish configurations to one or more environments.
- Integration of APIM in CI/CD pipelines. Controller APIM integrates into DevOps workflows, allowing teams to define and publish APIs, and configure API gateways as part of the CI/CD pipeline for accelerated API release velocity.
- A developer portal. Controller APIM makes it easy to organize and catalog published APIs, documentation, and sample code, so developers understand how to use APIs.