How APIOps is reshaping the entire API lifecycle

Brad Drysdale, APAC Field Chief Technology Officer at Kong, tells us how APIOps is reshaping the entire API lifecycle.

The pandemic lockdowns caused many technical challenges for Australian businesses, but one attracting increasing attention is the use of application programming interfaces (APIs).

APIs have been used to create new digital experiences for customers and allow more efficient interactions in a world where face-to-face communication is difficult. They can support everything from order placement and payments to access to professional services.

However, frustratingly, many organizations are finding their API development methods are becoming a barrier that makes extending API usage difficult. A reliance on manual processes, complex steps, and costly builds makes creating and deploying them a challenging activity.

For this reason, increasing numbers of development teams are turning to a strategy of APIOps. With its application of proven DevOps and GitOps principles, an APIOps strategy can help to streamline the API lifecycle and expedite business benefits.

Reuse is key

To deliver the agility needed for rapid innovation, APIs must be built for consumption and reuse. This must be true for every service across the distributed ecosystem as reinventing the wheel creates costs in both time and money.

In the early days of API management, achieving reuse meant putting APIs into a themed portal for consumers to find and access. However, in today’s API economy, this is no longer enough.

Reuse has become a more complex equation which is dependent on multiple criteria, from an organization’s operating model to the desired end-user experience. As a result, the culture in successful API teams follows a product mindset, where each API is regarded as a product with a goal, a value and its own lifecycle.

For any of those ‘products’ to be reused, they need to be consumable.This means they:
 

• Are well designed, secure and compliant, and follow industry best usage and security practices
• Are fully documented, discoverable and accessible for consumers to find and (re)use
• Are performant, reliable and scalable so consumers enjoy a high-quality service and want to continue reusing the organization’s services

An absence of any one of these properties won’t prevent an API from being deployed, but it will limit the value it can provide. APIs missing these properties may also be unreliable and difficult to use and could even cause security risks.

The evolving role of APIOps

To overcome these challenges, development teams are applying the proven principles of DevOps and GitOps to the API lifecycle and creating an APIOps environment.

APIOps equips developers, architects and operators with self-serve and automated tools that ensure the quality of API specifications, implementations and operations is maintained throughout the lifecycle. It works by combining a service connectivity platform that supports APIOps with declarative delivery pipelines, automated governance checks and version control.

Building on GitOps, APIOps uses declarative configuration for automated deployments, which has superseded imperative configuration as the best practise approach to CI/CD because of its simplicity and efficiency.

Modern service connectivity platforms support declarative-driven automation, enabling API gateways to configure themselves based on those instructions, rather than wasting time building and maintaining scripts to manage the configuration of policies and endpoints.

Improved quality

An APIOps approach enforces API, security and governance standards throughout the pipeline, making it much easier to deliver consumable, high-quality APIs.

When designing an API, an APIOps environment also enables developers to design, test and debug in one place. Developers will be able to generate unit tests for the service’s functionality and follow policies for governance and security.

They will also be able to automatically generate the declarative config for an API in the API design platform for rapid local checks before committing and pushing their code to the right repo. Each API is thus governed from the design phase onwards with instant local testing of design and governance available throughout.

The API build phase is also improved. With APIOps, teams can use the API platform’s CLI to programmatically invoke all the quality and governance checks available to the developers any time a PR is made. As a result, teams can configure the different checks to run in whichever order best suits the use case, pipeline stage and deployment target.

Completing the process, the operator can programmatically upload the declarative config to the various modules and runtimes in the service connectivity platform which automatically self-configures. The benefits of GitOps for continuous deployment are thus being applied to the full API lifecycle.

Used effectively, APIOps can deliver the levels of automation needed to accelerate API delivery and adoption.

The end result will be better levels of customer service and a boost to the business bottom line.