SlideShare a Scribd company logo

University of Washington - The New API Pattern

ā€¢Download as PPTX, PDFā€¢
ā€¢
Owen Rubel
Owen Rubel

Talk about why the current API pattern is broken and how to fix shared IO state in distributed architectures and the architectural cross cutting concern as well as new patterns like API Chaining(tm)

Technology
1 of 33
The New API Pattern Owen Rubel owenr@uw.edu
Title TextFirst Lets Understand The Difference Between Centralized and Distributed Architecturesā€¦ Understanding The API Pattern Owen Rubel owenr@uw.edu
Title Text Centralized vs Distributed Architecture Centralized Architecture (Unshared I/O) Distributed Architecture (Shared I/O) microservices monolith application monolith application proxy MQapp server Owen Rubel owenr@uw.edu Client Client ClientClient (CORS,security) (caching,security)
Title Text Owen Rubel owenr@uw.edu ā€¢ How many developers still use a centralized architecture vs a distributed architecture in their development? Centralized vs Distributed Architecture
Title Text Owen Rubel owenr@uw.edu ā€¢ How many developers still use a centralized architecture vs a distributed architecture in their development? ā€¢ How many developers used a centralized architecture for their development 5 years ago? 10 years ago? Centralized vs Distributed Architecture
Title Text Owen Rubel owenr@uw.edu ā€¢ How many developers still use a centralized architecture vs a distributed architecture in their development? ā€¢ How many developers used a centralized architecture for their development 5 years ago? 10 years ago? ā€¢ Over the last 20+ years, there has been a trend toward distributed architectures due to separation of services/concerns, micro services, and Aspect Oriented Programming Centralized vs Distributed Architecture
Title Text ā€œ An API is Standardized Input/Output (I/O) to/from a Separation of Concern (usually being Business Logic).ā€ In Short : What Is An API? (1 OF 2) Owen Rubel owenr@uw.edu
Title Text What Is An API? (2 OF 2) Owen Rubel owenr@uw.edu
Title Text ā€œ In computer science, separation of concerns (SoC) is a design principle for separating a computer program into distinct sections, such that each section addresses a separate concern. A concern is a set of information that affects the code of a computer programā€ (ex HTML, CSS, JS) - Source : Separation Of Concern, Wikipedia What Is Separation of Concern? (1 of 2) Owen Rubel owenr@uw.edu
Title Text What Is Separation of Concern? (2 of 2) Bound Secondary Concern (Communication Logic) Primary Concern (Business Logic) Owen Rubel owenr@uw.edu
Title Text API Pattern in Distributed Architecture Bound I/O Data and/or Functionality Owen Rubel owenr@uw.edu
Title Text !!!WARNING!!! CROSS CUTTING CONCERN API Pattern in Distributed Architecture Bound I/O Data and/or Functionality Duplicated I/O Data and/or Functionality Duplicated I/O Data and/or Functionality Owen Rubel owenr@uw.edu
Title Text ā€œCross-cutting concerns can be directly responsible for tangling, or system inter-dependencies, within a program. Because procedural and functional language constructs consist entirely of procedure calling, there is no semantic through where two goals (the capability to be implemented and the related cross-cutting concern) can be addressed simultaneously.[3] As a result, the code addressing the cross-cutting concern must be scattered, or duplicated, across the various related locations, resulting in a loss of modularity.[2]ā€ - Source : Cross Cutting Concern, Wikipedia What is a Cross Cutting Concern? Owen Rubel owenr@uw.edu
Title Text ā€¢ Synchronization ā€¢ Real-time constraints ā€¢ Error detection and correction ā€¢ Product features ā€¢ Memory management ā€¢ Data validation ā€¢ Persistence ā€¢ Transaction processing ā€¢ Internationalization and localization which includes Language localisation ā€¢ Information security ā€¢ Caching ā€¢ Logging ā€¢ Monitoring ā€¢ Business rules ā€¢ Code mobility ā€¢ Domain-specific optimizations Issues of a Cross Cutting Concern Owen Rubel owenr@uw.edu
Title Text This is The API Patterns Brick Wall Brick Wall Owen Rubel owenr@uw.edu
Title Text ā€¢ APIā€™s were created in 70ā€™s to standardize information exchanged between services ā€¢ 70ā€™s api pattern was designed for centralized architecture; distributed architectures didn't exist. ā€¢ Web APIā€™s were based on 70ā€™s api pattern; Roy Fielding based his dissertation on this pre-existing pattern. ā€¢ Web APIā€™s were integrated into MVC frameworks and tools; it is now used everywhere. Why Did This Happen? (1 of 2) Owen Rubel owenr@uw.edu
Title Text ā€¢ Distributed Architectures are a New Pattern. Old principles and patterns are often not re-examined unless an issue is discovered. In the case of APIā€™s, they are a tried and true pattern and still work locallyā€¦ but not ā€˜distributedā€™ ā€¢ People ASSUMED the resource was the endpoint; The controller hands the resource OFF to the communication layer. The communication layer hands off I/O to other services in a distributed architecture. Hence, the communication layer is the endpoint. Why Did This Happen? (2 of 2) Owen Rubel owenr@uw.edu
Title Text So How Do We Fix? Title Text Owen Rubel owenr@uw.edu
Title Text Old API Pattern in MVC Owen Rubel owenr@uw.edu redirect/response
Title Text New API Pattern in MVC Owen Rubel owenr@uw.edu
Title Text Shared I/O State In Distributed Architecture Owen Rubel owenr@uw.edu
Title Text This allows: ā€¢ Central Piece of architecture (where REQUEST AND RESPONSE are handled) to be ā€˜Single Version of Truthā€™ (SOV) called ā€˜IO Stateā€™ ā€¢ All services to sync data from SOV ā€¢ Failure of SOV DOES NOT affect synchronization of data ā€¢ Reload state on the fly at SOV and update ALL subscribed services Shared IO State Owen Rubel owenr@uw.edu
Title Text So What Is IO State? Owen Rubel owenr@uw.edu
Title Text What is IO State? ā€¢ Caches Communications Data ā€¢ Synchronizes Architectural Props (distribute rules of communication) ā€¢ Handles API Authorizations (access for communication) ā€¢ Api Docs Definitions (how to communicate) I/O State is data directly related to a request/response, normally separated from functionality. Handles all data associated with communication and communication access owenr@uw.eduOwen Rubel
Title Text What Does IO State Contain ā€¢all the data contained in annotations act as rules associated with the URI endpoint (not URL or the FQDN) ā€¢by containing all those rules in one file and caching that data, we can share it with the other architectural components (and abstract data from functionality) ā€¢this enables us to change it on the fly and reload without having to restart any services allowing subscribed services to get changes pushed to them through web hooks owenr@uw.eduOwen Rubel
Title Text I/O State : Communications Properties Owen Rubel owenr@uw.edu Shared I/O State is ā€˜IO Stateā€™ data unbound from functionality so that it can be shared across architectural components. This is the approach used by distributed architectures. Bound I/O State is ā€˜I/O Stateā€™ data bound to functionality which cannot be shared or synchronized with additional architectural components creating an ā€˜architectural cross cutting concernā€™. This is commonly found in centralized architectures.
Title Text Shared I/O State Owen Rubel owenr@uw.edu ā€¢ DOESNā€™T bind to the application ā€¢ DOESNā€™T bind to functionality ā€¢ DOESNā€™T bind to a resource
Title Text What Does It Look Like? Title Text Owen Rubel owenr@uw.edu https://gist.github.com/orubel/7c4d0290c7b8896667a3
Title Text Owen Rubel owenr@uw.edu ā€¢ Api Blueprint ā€¢ not role based ā€¢ confuses I/O state with content/resource ā€¢ duplicitous; lack of separation ā€¢ Swagger ā€¢ not role based ā€¢ based on annotations and thus not sharable in distributed architecture ā€¢ duplicitous; lack of separation ā€¢ redundant functionality for docs; does not make use of OPTIONS ā€¢ RAML ā€¢ not role based ā€¢ limited to CRUD-based REST of 4 calls per class ā€¢ duplicitous; lack of separation
Title Text ā€¢ Dramatic Code reduction By Reducing Duplication ā€¢ Automation of nearly all aspects of API ā€¢ Nearly 0% downtime for changes to endpoint data and rules ā€¢ New API Patterns (ie API Chaining (tm) ) What Does It Improve? Owen Rubel owenr@uw.edu
Title Text Code Reduction (1 of 2) Controller : Mixed Concerns (Duplication) @Secured(['ROLE_ADMIN', ā€˜ROLE_USER']) @RequestMapping(value="/create", method=RequestMethod.POST) @ResponseBody public ModelAndView createAddress(){ List authorities = springSecurityService.getPrincipal().getAuthorities() User user if(authorities.contains(ā€˜ROLE_ADMINā€™)){ if(params.id){ user = User.get(params.id.toLong()) }else{ render(status:HttpServletResponse.SC_BAD_REQUEST) } }else if(authorities.contains(ā€˜ROLE_USERā€™)){ user = User.get(principal.id) } Address address = new Address(params) ā€¦ address.user = user ā€¦ } Owen Rubel owenr@uw.edu
Title Text Code Reduction (2 of 2) Controller : Single Concern public ModelAndView createAddress(){ User user= (params.id)?User.get(params.id.toLong()): User.get(principal.id) Address address = new Address(params) address.user = user ā€¦ } Owen Rubel owenr@uw.edu
Owen Rubel owenr@uw.edu Questions? Grant Money?

Recommended

Apiworld
ApiworldApiworld
ApiworldOwen Rubel
Ā 
IO State In Distributed API Architecture
IO State In Distributed API ArchitectureIO State In Distributed API Architecture
IO State In Distributed API ArchitectureOwen Rubel
Ā 
Api Abstraction & Api Chaining
Api Abstraction & Api ChainingApi Abstraction & Api Chaining
Api Abstraction & Api ChainingOwen Rubel
Ā 
San vitale
San vitaleSan vitale
San vitaleDaumant Frideberg
Ā 
Agriculture Production and Food and Nutrition Security in Malawi
Agriculture Production and Food and Nutrition Security in MalawiAgriculture Production and Food and Nutrition Security in Malawi
Agriculture Production and Food and Nutrition Security in MalawiNAP Events
Ā 
International seo, Gobal Search Engine Optimization
International seo, Gobal Search Engine OptimizationInternational seo, Gobal Search Engine Optimization
International seo, Gobal Search Engine OptimizationBrian Bluff
Ā 
Untitled Presentation
Untitled PresentationUntitled Presentation
Untitled PresentationDeborah Walker
Ā 
Tugas 4 api "studi kasus data mobil "
Tugas 4 api "studi kasus data mobil "Tugas 4 api "studi kasus data mobil "
Tugas 4 api "studi kasus data mobil "icank_07
Ā 

Recommended

Apiworld
ApiworldApiworld
ApiworldOwen Rubel
Ā 
IO State In Distributed API Architecture
IO State In Distributed API ArchitectureIO State In Distributed API Architecture
IO State In Distributed API ArchitectureOwen Rubel
Ā 
Api Abstraction & Api Chaining
Api Abstraction & Api ChainingApi Abstraction & Api Chaining
Api Abstraction & Api ChainingOwen Rubel
Ā 
San vitale
San vitaleSan vitale
San vitaleDaumant Frideberg
Ā 
Agriculture Production and Food and Nutrition Security in Malawi
Agriculture Production and Food and Nutrition Security in MalawiAgriculture Production and Food and Nutrition Security in Malawi
Agriculture Production and Food and Nutrition Security in MalawiNAP Events
Ā 
International seo, Gobal Search Engine Optimization
International seo, Gobal Search Engine OptimizationInternational seo, Gobal Search Engine Optimization
International seo, Gobal Search Engine OptimizationBrian Bluff
Ā 
Untitled Presentation
Untitled PresentationUntitled Presentation
Untitled PresentationDeborah Walker
Ā 
Tugas 4 api "studi kasus data mobil "
Tugas 4 api "studi kasus data mobil "Tugas 4 api "studi kasus data mobil "
Tugas 4 api "studi kasus data mobil "icank_07
Ā 
Blinddateposters
BlinddatepostersBlinddateposters
Blinddatepostersmmendez1
Ā 
University of Manchester - Overview
University of Manchester - OverviewUniversity of Manchester - Overview
University of Manchester - OverviewPOPcomms
Ā 
AnƔlisis de Materiales Digitales
AnƔlisis de Materiales DigitalesAnƔlisis de Materiales Digitales
AnƔlisis de Materiales DigitalesMaria Fabiola Alvarado Pinedo
Ā 
HPC on IBM Cloud
HPC on IBM CloudHPC on IBM Cloud
HPC on IBM CloudHyunHwa Myoung
Ā 
Limites infinitos
Limites infinitosLimites infinitos
Limites infinitosDaumant Frideberg
Ā 
Concepts through cartoons- 1
Concepts through cartoons- 1 Concepts through cartoons- 1
Concepts through cartoons- 1 Farkhondeh parsa
Ā 
Concepts through cartoons- 2
Concepts through cartoons- 2Concepts through cartoons- 2
Concepts through cartoons- 2Farkhondeh parsa
Ā 
Hot air balloons - 2
Hot air balloons - 2Hot air balloons - 2
Hot air balloons - 2Farkhondeh parsa
Ā 
Top 10 Lessons Learned from the Netflix API - OSCON 2014
Top 10 Lessons Learned from the Netflix API - OSCON 2014Top 10 Lessons Learned from the Netflix API - OSCON 2014
Top 10 Lessons Learned from the Netflix API - OSCON 2014Daniel Jacobson
Ā 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
Ā 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
Ā 
šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜RTylerCroy
Ā 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
Ā 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
Ā 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
Ā 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
Ā 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
Ā 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
Ā 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
Ā 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
Ā 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
Ā 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
Ā 

More Related Content

Viewers also liked

Blinddateposters
BlinddatepostersBlinddateposters
Blinddatepostersmmendez1
Ā 
University of Manchester - Overview
University of Manchester - OverviewUniversity of Manchester - Overview
University of Manchester - OverviewPOPcomms
Ā 
HPC on IBM Cloud
HPC on IBM CloudHPC on IBM Cloud
HPC on IBM CloudHyunHwa Myoung
Ā 
Concepts through cartoons- 1
Concepts through cartoons- 1 Concepts through cartoons- 1
Concepts through cartoons- 1 Farkhondeh parsa
Ā 
Concepts through cartoons- 2
Concepts through cartoons- 2Concepts through cartoons- 2
Concepts through cartoons- 2Farkhondeh parsa
Ā 
Hot air balloons - 2
Hot air balloons - 2Hot air balloons - 2
Hot air balloons - 2Farkhondeh parsa
Ā 
Top 10 Lessons Learned from the Netflix API - OSCON 2014
Top 10 Lessons Learned from the Netflix API - OSCON 2014Top 10 Lessons Learned from the Netflix API - OSCON 2014
Top 10 Lessons Learned from the Netflix API - OSCON 2014Daniel Jacobson
Ā 

Viewers also liked (9)

Blinddateposters
BlinddatepostersBlinddateposters
Blinddateposters
Ā 
University of Manchester - Overview
University of Manchester - OverviewUniversity of Manchester - Overview
University of Manchester - Overview
Ā 
AnƔlisis de Materiales Digitales
AnƔlisis de Materiales DigitalesAnƔlisis de Materiales Digitales
AnƔlisis de Materiales Digitales
Ā 
HPC on IBM Cloud
HPC on IBM CloudHPC on IBM Cloud
HPC on IBM Cloud
Ā 
Limites infinitos
Limites infinitosLimites infinitos
Limites infinitos
Ā 
Concepts through cartoons- 1
Concepts through cartoons- 1 Concepts through cartoons- 1
Concepts through cartoons- 1
Ā 
Concepts through cartoons- 2
Concepts through cartoons- 2Concepts through cartoons- 2
Concepts through cartoons- 2
Ā 
Hot air balloons - 2
Hot air balloons - 2Hot air balloons - 2
Hot air balloons - 2
Ā 
Top 10 Lessons Learned from the Netflix API - OSCON 2014
Top 10 Lessons Learned from the Netflix API - OSCON 2014Top 10 Lessons Learned from the Netflix API - OSCON 2014
Top 10 Lessons Learned from the Netflix API - OSCON 2014
Ā 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
Ā 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
Ā 
šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜RTylerCroy
Ā 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
Ā 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
Ā 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
Ā 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
Ā 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
Ā 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
Ā 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
Ā 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
Ā 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
Ā 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
Ā 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
Ā 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
Ā 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
Ā 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
Ā 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
Ā 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
Ā 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
Ā 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Ā 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Ā 
šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜šŸ¬ The future of MySQL is Postgres šŸ˜
šŸ¬ The future of MySQL is Postgres šŸ˜
Ā 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
Ā 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Ā 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Ā 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Ā 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Ā 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Ā 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
Ā 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Ā 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Ā 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Ā 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Ā 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
Ā 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Ā 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Ā 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Ā 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Ā 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
Ā 

University of Washington - The New API Pattern

  • 1. The New API Pattern Owen Rubel owenr@uw.edu
  • 2. Title TextFirst Lets Understand The Difference Between Centralized and Distributed Architecturesā€¦ Understanding The API Pattern Owen Rubel owenr@uw.edu
  • 3. Title Text Centralized vs Distributed Architecture Centralized Architecture (Unshared I/O) Distributed Architecture (Shared I/O) microservices monolith application monolith application proxy MQapp server Owen Rubel owenr@uw.edu Client Client ClientClient (CORS,security) (caching,security)
  • 4. Title Text Owen Rubel owenr@uw.edu ā€¢ How many developers still use a centralized architecture vs a distributed architecture in their development? Centralized vs Distributed Architecture
  • 5. Title Text Owen Rubel owenr@uw.edu ā€¢ How many developers still use a centralized architecture vs a distributed architecture in their development? ā€¢ How many developers used a centralized architecture for their development 5 years ago? 10 years ago? Centralized vs Distributed Architecture
  • 6. Title Text Owen Rubel owenr@uw.edu ā€¢ How many developers still use a centralized architecture vs a distributed architecture in their development? ā€¢ How many developers used a centralized architecture for their development 5 years ago? 10 years ago? ā€¢ Over the last 20+ years, there has been a trend toward distributed architectures due to separation of services/concerns, micro services, and Aspect Oriented Programming Centralized vs Distributed Architecture
  • 7. Title Text ā€œ An API is Standardized Input/Output (I/O) to/from a Separation of Concern (usually being Business Logic).ā€ In Short : What Is An API? (1 OF 2) Owen Rubel owenr@uw.edu
  • 8. Title Text What Is An API? (2 OF 2) Owen Rubel owenr@uw.edu
  • 9. Title Text ā€œ In computer science, separation of concerns (SoC) is a design principle for separating a computer program into distinct sections, such that each section addresses a separate concern. A concern is a set of information that affects the code of a computer programā€ (ex HTML, CSS, JS) - Source : Separation Of Concern, Wikipedia What Is Separation of Concern? (1 of 2) Owen Rubel owenr@uw.edu
  • 10. Title Text What Is Separation of Concern? (2 of 2) Bound Secondary Concern (Communication Logic) Primary Concern (Business Logic) Owen Rubel owenr@uw.edu
  • 11. Title Text API Pattern in Distributed Architecture Bound I/O Data and/or Functionality Owen Rubel owenr@uw.edu
  • 12. Title Text !!!WARNING!!! CROSS CUTTING CONCERN API Pattern in Distributed Architecture Bound I/O Data and/or Functionality Duplicated I/O Data and/or Functionality Duplicated I/O Data and/or Functionality Owen Rubel owenr@uw.edu
  • 13. Title Text ā€œCross-cutting concerns can be directly responsible for tangling, or system inter-dependencies, within a program. Because procedural and functional language constructs consist entirely of procedure calling, there is no semantic through where two goals (the capability to be implemented and the related cross-cutting concern) can be addressed simultaneously.[3] As a result, the code addressing the cross-cutting concern must be scattered, or duplicated, across the various related locations, resulting in a loss of modularity.[2]ā€ - Source : Cross Cutting Concern, Wikipedia What is a Cross Cutting Concern? Owen Rubel owenr@uw.edu
  • 14. Title Text ā€¢ Synchronization ā€¢ Real-time constraints ā€¢ Error detection and correction ā€¢ Product features ā€¢ Memory management ā€¢ Data validation ā€¢ Persistence ā€¢ Transaction processing ā€¢ Internationalization and localization which includes Language localisation ā€¢ Information security ā€¢ Caching ā€¢ Logging ā€¢ Monitoring ā€¢ Business rules ā€¢ Code mobility ā€¢ Domain-specific optimizations Issues of a Cross Cutting Concern Owen Rubel owenr@uw.edu
  • 15. Title Text This is The API Patterns Brick Wall Brick Wall Owen Rubel owenr@uw.edu
  • 16. Title Text ā€¢ APIā€™s were created in 70ā€™s to standardize information exchanged between services ā€¢ 70ā€™s api pattern was designed for centralized architecture; distributed architectures didn't exist. ā€¢ Web APIā€™s were based on 70ā€™s api pattern; Roy Fielding based his dissertation on this pre-existing pattern. ā€¢ Web APIā€™s were integrated into MVC frameworks and tools; it is now used everywhere. Why Did This Happen? (1 of 2) Owen Rubel owenr@uw.edu
  • 17. Title Text ā€¢ Distributed Architectures are a New Pattern. Old principles and patterns are often not re-examined unless an issue is discovered. In the case of APIā€™s, they are a tried and true pattern and still work locallyā€¦ but not ā€˜distributedā€™ ā€¢ People ASSUMED the resource was the endpoint; The controller hands the resource OFF to the communication layer. The communication layer hands off I/O to other services in a distributed architecture. Hence, the communication layer is the endpoint. Why Did This Happen? (2 of 2) Owen Rubel owenr@uw.edu
  • 18. Title Text So How Do We Fix? Title Text Owen Rubel owenr@uw.edu
  • 19. Title Text Old API Pattern in MVC Owen Rubel owenr@uw.edu redirect/response
  • 20. Title Text New API Pattern in MVC Owen Rubel owenr@uw.edu
  • 21. Title Text Shared I/O State In Distributed Architecture Owen Rubel owenr@uw.edu
  • 22. Title Text This allows: ā€¢ Central Piece of architecture (where REQUEST AND RESPONSE are handled) to be ā€˜Single Version of Truthā€™ (SOV) called ā€˜IO Stateā€™ ā€¢ All services to sync data from SOV ā€¢ Failure of SOV DOES NOT affect synchronization of data ā€¢ Reload state on the fly at SOV and update ALL subscribed services Shared IO State Owen Rubel owenr@uw.edu
  • 23. Title Text So What Is IO State? Owen Rubel owenr@uw.edu
  • 24. Title Text What is IO State? ā€¢ Caches Communications Data ā€¢ Synchronizes Architectural Props (distribute rules of communication) ā€¢ Handles API Authorizations (access for communication) ā€¢ Api Docs Definitions (how to communicate) I/O State is data directly related to a request/response, normally separated from functionality. Handles all data associated with communication and communication access owenr@uw.eduOwen Rubel
  • 25. Title Text What Does IO State Contain ā€¢all the data contained in annotations act as rules associated with the URI endpoint (not URL or the FQDN) ā€¢by containing all those rules in one file and caching that data, we can share it with the other architectural components (and abstract data from functionality) ā€¢this enables us to change it on the fly and reload without having to restart any services allowing subscribed services to get changes pushed to them through web hooks owenr@uw.eduOwen Rubel
  • 26. Title Text I/O State : Communications Properties Owen Rubel owenr@uw.edu Shared I/O State is ā€˜IO Stateā€™ data unbound from functionality so that it can be shared across architectural components. This is the approach used by distributed architectures. Bound I/O State is ā€˜I/O Stateā€™ data bound to functionality which cannot be shared or synchronized with additional architectural components creating an ā€˜architectural cross cutting concernā€™. This is commonly found in centralized architectures.
  • 27. Title Text Shared I/O State Owen Rubel owenr@uw.edu ā€¢ DOESNā€™T bind to the application ā€¢ DOESNā€™T bind to functionality ā€¢ DOESNā€™T bind to a resource
  • 28. Title Text What Does It Look Like? Title Text Owen Rubel owenr@uw.edu https://gist.github.com/orubel/7c4d0290c7b8896667a3
  • 29. Title Text Owen Rubel owenr@uw.edu ā€¢ Api Blueprint ā€¢ not role based ā€¢ confuses I/O state with content/resource ā€¢ duplicitous; lack of separation ā€¢ Swagger ā€¢ not role based ā€¢ based on annotations and thus not sharable in distributed architecture ā€¢ duplicitous; lack of separation ā€¢ redundant functionality for docs; does not make use of OPTIONS ā€¢ RAML ā€¢ not role based ā€¢ limited to CRUD-based REST of 4 calls per class ā€¢ duplicitous; lack of separation
  • 30. Title Text ā€¢ Dramatic Code reduction By Reducing Duplication ā€¢ Automation of nearly all aspects of API ā€¢ Nearly 0% downtime for changes to endpoint data and rules ā€¢ New API Patterns (ie API Chaining (tm) ) What Does It Improve? Owen Rubel owenr@uw.edu
  • 31. Title Text Code Reduction (1 of 2) Controller : Mixed Concerns (Duplication) @Secured(['ROLE_ADMIN', ā€˜ROLE_USER']) @RequestMapping(value="/create", method=RequestMethod.POST) @ResponseBody public ModelAndView createAddress(){ List authorities = springSecurityService.getPrincipal().getAuthorities() User user if(authorities.contains(ā€˜ROLE_ADMINā€™)){ if(params.id){ user = User.get(params.id.toLong()) }else{ render(status:HttpServletResponse.SC_BAD_REQUEST) } }else if(authorities.contains(ā€˜ROLE_USERā€™)){ user = User.get(principal.id) } Address address = new Address(params) ā€¦ address.user = user ā€¦ } Owen Rubel owenr@uw.edu
  • 32. Title Text Code Reduction (2 of 2) Controller : Single Concern public ModelAndView createAddress(){ User user= (params.id)?User.get(params.id.toLong()): User.get(principal.id) Address address = new Address(params) address.user = user ā€¦ } Owen Rubel owenr@uw.edu

Editor's Notes

  1. The sad fact is that in todays development environment, engineers are still sadly under informed on micro services and distributed architectures. Even off the shelf tooling does not meet the needs of modern standards
  2. Before I begin, Iā€™d like to explain a few key principles that a few people might not be familiar with. In a centralized architecture, we donā€™t have to share I/O In a distributed architecture, shared I/O is REQUIRED!!! Keep this picture in your mind: youā€™ll notice the deployment pyramid is ā€˜flippedā€™; this shows how I/O is completely backwards now and how all previous development principles about I/O because they canā€™t be shared! MQ: caching, queueing & postchecks on response data Proxy: security & prechecks on request data app server: core application, endpoints
  3. If you are familiar with MVC, this can be considered SOC; objects/classes, config, services, database class, etc. all separate of concern/control why donā€™t we mix? because we often have to share without sharing the other and a binding can create a difficulty or make it impossible without creating issues such as a ā€˜cross cutting concernā€™
  4. in this case where I/O is not shared, this is perfectly acceptable because this is what is known as a ā€˜centralized architectureā€™; I/O is not shared with other services.
  5. Use ā€˜pickle jarā€™ analogy
  6. refer to slide 8
  7. Abstract API data/function from Biz Logic to a ā€˜interceptorā€™ layer and add localized cache (interceptors are also know as ā€˜filtersā€™ in Ruby and Python)
  8. Abstract API data/function from Biz Logic to a ā€˜interceptorā€™ layer and add localized cache (interceptors are also know as ā€˜filtersā€™ in Ruby and Python)
  9. Use web hooks to get all services subscribed to API server so the can subscribe to CENTRALIZED cache and receive updates. This keeps all services in ā€˜sychedā€™ state. refer to slide 10
  10. It is a properties file that can be cached by all parts of the architecture
  11. It is a properties file that can be cached by all parts of the architecture
  12. Youā€™ll notice in this example the controller is doing ALOT of additional work: role checking request.method enforcement uri mapping input checking A lot of I/O and security that has been tacked on; these are not part of its ā€˜separation of concernā€™ and need to be shared with the architectural components.
  13. The controller is now a proper separation of concern and is STRICTLY focused on business logic