Monolithic API Gateways: Out of Step in a Hybrid World

Coding and programming mobile applications for devices. Design and programming. Responsive web design and optimization - vector illustration
Reading Time: 3 minutes

I’m constantly amazed by the rate of change and innovation in my personal life and in the world we live in today. Just when you think the world is slowing down, it just gets faster. New paradigms and ways of doing things are popping up everywhere, largely enabled by our ability to connect to, and communicate with just about anything and everything.

The business world is experiencing the same rate of change, although in different ways. The crisp boundaries that used to exist between organizations, technologies, business partners, and how work gets done on a day-to-day basis have become very blurry. Digital technologies have pushed the edge of the enterprise out, making it hard to distinguish internal business from external relationships and customer interactions. Business is becoming a hybrid organism.

The best example of this is the very essence of how application software is built today. Applications are no longer discrete collections of data and business logic packaged and deployed as a standalone thing. Applications have become ecosystems of functionality, some of which you create yourself, some of which you incorporate from other sources, often from outside of your company, where you have far less control (eg; integrated public APIs and 3rd party code). The magical pixie dust that makes all of this work is APIs. They are the connective tissue for modern applications, and they are everywhere.

APIs are access points to business logic and data that generally need to be protected and secured. This has led to a rapid expansion of API management platforms and API gateways, designed to provide the security and operational controls for internal or external applications that interact with these APIs. This is a good thing. What’s not so good is that most of these gateways are built on older monolithic architectures that were designed at a time when everything ran in a data center, where all of your IT assets were physically in one place under your direct control. That’s no longer true.

Today’s reality for IT is that they need to build capabilities that allow them to move at the accelerating rate of business. Companies that can’t make this transition will be become casualties of the digital era and be left in the dust. This is the inevitable fallout of paradigm shifts, which is exactly what digital transformation is all about.

So, the obvious question here, is “what do I have to do differently to make this transition”? Well, there have been entire books written on this topic, and this is just a blog post, so I’ll have to be concise. First, embrace change; it’ll happen with or without you. Then, be brutally focused on building an IT portfolio that delivers more agility and speed in everything you do. Think hybrid; be strategic in how you blend cloud architectures and cloud-native application development into your app dev portfolio.

A big part of this revolves around the adoption of container based architectures (eg; Docker). The flexibility and agility that containers provide are powerful, especially when combined with devops methodologies. You have the ability to deploy these containers, and the software running in them, to private or public clouds (or a mix), and to redeploy your IT resources very quickly to respond to changing business needs, project resourcing, or organizational shifts.

TIBCO’s Mashery API management platform takes an approach that’s unique in the industry. We give you the choice of running your gateway as embedded functionality in our Mashery SaaS solution, or on-premise, tethered to the SaaS platform. This is a hybrid approach, and when combined with the ability to deploy the gateway into containers, provides a lot of flexibility for where and how you choose to deploy your gateway.

This hybrid approach also has some other less obvious benefits; it’s very easy to replicate or cluster gateway instances when working with containers, and the loose coupling to the SaaS environment provides a single management console and policy definition framework, regardless of how many instances of the gateway you have deployed. Basically, your gateway design-time sits in the cloud and your runtime executes on-premise.

This approach is very different than existing monolithic gateway architectures, which don’t provide any of the benefits of a container based architecture, don’t integrate well with PaaS based DevOps tooling, and don’t replicate easily to provide web scale performance required in modern applications.

As you think about your needs for an API platform and the kind of capabilities you need in your API gateway, think about the implications of the gateway architecture you choose. If you value speed and agility as a core capability, and plan to incorporate more containerized solutions into your infrastructure, you should seriously look at the benefits that a modern hybrid gateway, such as Mashery Local, can provide you.