How to secure microservices with Red Hat Single Sign-On, Fuse, and 3scale

In this article, we’ll cover microservice security concepts by using protocols such as OpenID Connect with the support of Red Hat Single Sign-On and 3scale. Working with a microservice-based architecture, user identity, and access control in a distributed, in-depth form must be carefully designed. Here, the integration of these tools will be detailed, step-by-step, in a realistic view.

This article exemplifies the use of tools that can securely run your businesses, avoiding using homemade solutions, and protecting your services by using an API gateway, preventing your applications from being exposed to the public network. The use of an API gateway also provides additional access control, monetization, and analytics.

Continue reading “How to secure microservices with Red Hat Single Sign-On, Fuse, and 3scale”

Share

Install Red Hat 3scale and configure tenants with 7 simple commands

A couple weeks ago I was faced with the challenge of installing Red Hat 3scale and configuring its tenants using solely the command line — no GUI allowed. This is a rather interesting use case, so I decided to write this article and show how to do it with just seven commands!

(By the way, I also decided to include Red Hat Single Sign-On (SSO) in the mix because I want my APIs to use OpenID Connect (OIDC) for authentication. But I’ll leave those commands to a future article.)

Continue reading “Install Red Hat 3scale and configure tenants with 7 simple commands”

Share

Using the 3scale toolbox Jenkins Shared Library

In the previous article of this series, Deploy your API from a Jenkins Pipeline, we discovered how the 3scale toolbox can help you deploy your API from a Jenkins Pipeline on Red Hat OpenShift/Kubernetes. In this article, we will improve the pipeline from the previous article to make it more robust, less verbose, and also offer more features by using the 3scale toolbox Jenkins Shared Library.

Continue reading “Using the 3scale toolbox Jenkins Shared Library”

Share

Deploy your API from a Jenkins Pipeline

In a previous article, 5 principles for deploying your API from a CI/CD pipeline, we discovered the main steps required to deploy your API from a CI/CD pipeline and this can prove to be a tremendous amount of work. Hopefully, the latest release of Red Hat Integration greatly improved this situation by adding new capabilities to the 3scale CLI. In 3scale toolbox: Deploy an API from the CLI, we discovered how the 3scale toolbox strives to automate the delivery of APIs. In this article, we will discuss how the 3scale toolbox can help you deploy your API from a Jenkins pipeline on Red Hat OpenShift/Kubernetes.

Continue reading “Deploy your API from a Jenkins Pipeline”

Share

3scale toolbox: Deploy an API from the CLI

Deploying your API from a CI/CD pipeline can be a tremendous amount of work. The latest release of Red Hat Integration greatly improved this situation by adding new capabilities to the 3scale CLI. The 3scale CLI is named 3scale toolbox and strives to help API administrators to operate their services as well as automate the delivery of their API through Continuous Delivery pipelines.

Having a standard CLI is a great advantage for our customers since they can use it in the CI/CD solution of their choice (Jenkins, GitLab CI, Ansible, Tekton, etc.). It is also a means for Red Hat to capture customer needs as much as possible and offer the same feature set to all our customers.

Continue reading “3scale toolbox: Deploy an API from the CLI”

Share

5 principles for deploying your API from a CI/CD pipeline

With companies generating more and more revenue through their APIs, these APIs also have become even more critical. Quality and reliability are key goals sought by companies looking for large scale use of their APIs, and those goals are usually supported through well-crafted DevOps processes. Figures from the tech giants make us dizzy: Amazon is deploying code to production every 11.7 seconds, Netflix deploys thousands of time per day, and Fidelity saved $2.3 million per year with their new release framework. So, if you have APIs, you might want to deploy your API from a CI/CD pipeline.

Deploying your API from a CI/CD pipeline is a key activity of the “Full API Lifecycle Management.” Sitting between the “Implement” and “Secure” phases, the “Deploy” activity encompasses every process needed to bring the API from source code to the production environment. To be more specific, it covers Continuous Integration and Continuous Delivery.

Deploy your API from a CI/CD pipeline - High Level view

Continue reading “5 principles for deploying your API from a CI/CD pipeline”

Share

Looking up a hash table library for caching in the 3scale Istio adapter

You have probably already heard about the service mesh concept and one of its leading implementations, Istio. In the 3scale engineering team at Red Hat, we are working on a component to extend the functionality of Istio (and Red Hat’s distribution, Maistra) by integrating some API Management features via the 3scale platform. In this article, I’ll describe this work and some of the decisions made along the way.

Continue reading “Looking up a hash table library for caching in the 3scale Istio adapter”

Share

Red Hat Summit 2019 Labs: Integration and APIs roadmap

Red Hat Summit 2019 is rocking Boston, MA from May 7-9 in the Boston Convention and Exhibition Center. Everything you need to know about the current state of open source enterprise-ready software can be found at this event. From customers talking about their experiences leveraging open source in their solutions, to the creators of open source technologies you’re using, and all the way down to hands-on lab experiences on these technologies.

This hands-on appeal is what this series of articles is about. Previously, we looked at the labs in the Cloud-Native App Dev track, and this time, we provide a roadmap to the “Integration and APIs” lab content.

Continue reading “Red Hat Summit 2019 Labs: Integration and APIs roadmap”

Share

Distributed microservices architecture: Istio, managed API gateways and, enterprise integration

The rise of microservices architectures drastically changed the software development landscape. In the past few years, we have seen a shift from centralized monoliths to distributed computing that benefits from cloud infrastructure. With distributed deployments, the adoption of microservices, and system scaling to cloud levels, new problems emerged, as well as new components that tried to solve the problems.

By now, you most likely have heard that the service mesh or Istio is here to save the day. However, you might be wondering how it fits with your current enterprise integration investments and API management initiatives. That is what I discuss in this article.

Continue reading “Distributed microservices architecture: Istio, managed API gateways and, enterprise integration”

Share

Full API lifecycle management: A primer

APIs are the cornerstone of so many recent breakthroughs: from mobile applications, to the Internet of Things, to cloud computing. All those technologies expose, consume, and are built on APIs. And those APIs are a key driver for generating new revenue. Salesforce generates 50% of its revenue through APIs, Expedia generates 90% of its, and eBay generates 60% of its. With APIs becoming so central, it becomes essential to deal with full API lifecycle management. The success of your digital transformation project depends on it!

This article describes a set of full API lifecycle management activities that can guide you from an idea to the realization, from the inception of an API program up to management at scale throughout your whole company.

Continue reading “Full API lifecycle management: A primer”

Share