Leveraging Thriftly to Manage and Monitor APIs in the Cloud

398 VIEWS

·

APIs are the language of modern cloud-native applications. However, most large organizations rely on monolithic applications that work well on their own, but aren’t flexible enough to connect with other applications. At a time when an organization’s success is closely tied with how well it can allow its solutions to be extended by partners and users, transitioning applications from a monolithic architecture to microservices architecture is becoming a necessity.

The challenge with APIs

Even if an organization realizes the need to re-architect its applications, actually executing such large-scale change is a daunting prospect. Developers may not have the necessary skills and experience to execute complete application transformation. The multiple programming languages that need to be supported make things even more complex. Finally, securing and monitoring the application APIs can’t be compromised. The thought of having to deal with completely new problems and the resulting downtime keep organizations from beginning the journey of application transformation.

Faced with this dilemma, organizations look for ways to simplify application modernization. Particularly, they look for ways to easily extend their applications with APIs. This is where a solution like Thriftly comes in — it simplifies API creation, management, and monitoring in the cloud. Purpose-built for transforming legacy windows applications into modern cloud-native API services, Thriftly makes it easy to convert functions into APIs without writing any extra code.

The Thriftly approach to APIs

All it takes is importing the appropriate Thriftly libraries into your application code, and then referencing those libraries to create new services with an attribute. You use one attribute per service, and these services are hosted in the cloud as easily accessible APIs.

Supporting a variety of programming languages (C#, Java, DataFlex, and Delphi), Thriftly closely integrates with the respective IDEs of these languages for a familiar and native developer experience. The learning curve isn’t steep, so you can go from Windows app to cloud-native in a matter of minutes. This is powerful for organizations that have held back from application modernization because of the complexity involved.

While creating APIs is an important step, the bulk of the work with APIs is managing them as they become more complex, grow in usage, and face security threats. As business needs change, new APIs need to be created and existing ones need to be updated constantly.

The importance of API monitoring  

Every API needs to be monitored to ensure that it has sufficient resources to perform optimally, and that it isn’t overwhelmed with more load than it can handle. API monitoring is more difficult than monitoring a static application as APIs are dynamic. They interact with other applications, and are externally visible. Of course, it is very possible to run APIs safely and securely in the cloud today, but it’s also possible to slip up on securing every API all the time. This is where monitoring is essential to ensure the availability, performance, and security of APIs.

Monitoring an API involves recording every API call so you can view metrics in aggregate and drill down to metrics for specific calls, or specific time durations when troubleshooting. The volume of API calls at any given time is an important metric to track. It can indicate if an API is under strain.

Similarly, the time taken for each API request is an important metric that reflects the performance of an API. When working with tightly integrated applications, latency in one API can have a ripple effect on other APIs and on the overall performance of the applications that rely on it. Latency can be caused by issues with the host infrastructure, bugs in the application code, or even by external users and applications sending or requesting too much data too frequently.

APIs are the gateway to an application as they can send and receive data to and from external unknown sources. This makes them prone to attack. During a security incident, time is of the essence. Being able to view the performance history and change history of an API quickly is necessary. A log of errors and failed requests needs to be maintained and easily accessible during incidents. When troubleshooting, the ability to correlate data from one part of the system to another is essential.

The Thriftly approach to API monitoring

Thriftly doesn’t just help create APIs in the cloud; it also vitally helps manage and monitor them. For monitoring, Thriftly uses one of the leading open source monitoring tools — Prometheus. For metrics, Prometheus enables real-time monitoring of streaming performance data. It is able to operate at scale and can handle the high volume of incoming performance data as APIs scale.

Beyond Prometheus, Thriftly also integrates with Grafana to enable visualization of all data in Prometheus. Grafana allows to set alerts to notify of abnormal behavior, or whenever a performance metric crosses a threshold. This is very useful for quick notification of high-priority incidents, and taking action on them before they escalate further.

Beyond your own efforts to monitor and secure your API, you also need to equip your partners and consumers of your API to understand your APIs and build services around them that are secure and performant. For this, you need to have useful documentation that is close to reality. The best way of doing this is to include documentation as part of your API, and create and maintain your documentation during the API-creation process.

Thriftly enables this by allowing you to create documentation as part of the API, right within the application. You can embed one-line documentation comments (as many as you need to) and define what a service does. These comments are visible to users from the API endpoint, and facilitate interaction with the APIs. Though not directly related to monitoring and security, having great documentation is a contributing factor to ensuring well-managed APIs.

In conclusion, APIs are the force behind modern cloud-native applications. However, they aren’t easy to create, and are even harder to manage and monitor. By leveraging a powerful solution like Thriftly, you can turn functions into cloud-based APIs easily, and you can be fully equipped to manage them at scale.  


Twain began his career at Google, where, among other things, he was involved in technical support for the AdWords team.Today, as a technology journalist he helps IT magazines, and startups change the way teams build and ship applications.


Discussion

Click on a tab to select how you'd like to leave your comment

Leave a Comment

Your email address will not be published. Required fields are marked *

Menu