Fighting API Sprawl in the Modern Cloud Maul

Technology often moves in circles. Back in the good old days (around the turn of the millennium), enterprise IT teams that were busy embracing cloud computing had a comparatively new headache on their hands. Virtual machine (VM) management proliferation, or VM sprawl as it was known, was the new bugbear.

Now increasingly handled by server-side autonomous management and forms of artificial intelligence (AI) -based automation directed at system-level operations, the ‘too many spinning plates’ headaches (figuratively and literally) experienced in VM sprawl do still exist, but they have given way to a more granular brain ache that stems from the same type of neural imbalance.

The new network malady is API sprawl, also potentially known as API abomination or API application anathema if we’re looking for a snappier and more alliterative name tag. So what kind of  API meltdown is happening and what can we do about it?

A Latticework of Layers

If we accept the new well-worn suggestion that digital transformation is underway and enterprises are embracing cloud, mobile, data analytics, and device ubiquity, then we don’t need to remind ourselves that computing is becoming an inter-networked lattice of layered services and tiers. 

In this new IT fabric, the growing use of hybrid, multi and poly cloud environments means everyone’s application programming interfaces (APIs) are spread out all over the place. They’re all built with different standards, gateways, frameworks, policies and so on, subject to the environment they live in. It’s a Wild West API sprawl inside the new cloud maul.

Trying to manage all those APIs—keeping them secure, setting governance policies, maintaining performance plus availability and so on—is like herding cattle. Developers are forced to constantly switch from dashboard to dashboard as they hop between different sets of APIs to keep their house in order.

Also read:  What You Need to Know About Cloud Automation: Tools, Benefits, and Use Cases

An API Lasso

Integration and management centric API platform company MuleSoft’s answer is—give everyone a universal platform that can lasso any environment and round APIs up into a central corral—so developers and ‘business technologists’ (people outside IT who use APIs to build new stuff for themselves) can just head to one place to manage and access them all.

The company this month detailed its latest universal API management capabilities designed to enable IT teams to securely create, manage and govern any API across any environment. The universal API management capabilities—including Anypoint Flex Gateway, API Manager, API Experience Hub, API Designer with event-driven capabilities and API Governance—are built directly on Anypoint Platform, MuleSoft’s own branded platform for integration, API management and automation. 

MuleSoft reminds us that with the proliferation of digital touchpoints and the need to create seamless experiences for employees and customers, companies are creating more APIs than ever before. The firm points to its own research which suggests that the average enterprise organization today uses over 800 applications on average and  96% of them currently use public or private APIs—up from 80% last year. 

“Companies now have to manage and compose thousands of APIs spanning different teams, environments, and technologies,” said Meir Amiel, chief product officer, MuleSoft. “[Our] universal API management capabilities bring companies closer to achieving the composable business vision, by allowing them to choose and integrate best-of-breed solutions and compose new services using any API.” 

Also read: Juniper Launches Software Agent to Protect Applications in Cloud, On Premises

Composable Complexity vs. Consistency & Compliance

If there are opposing forces in action here, it may be the composable complexity of cloud vs. the need to strive for consistency, compliance, and compatibility. 

There is much talk among the behemoth cloud hyperscaler vendors and their dutiful litany of partner practitioners, protagonists and (even among some) pretenders about the need to enable so-called ‘unlocked innovation’ and be able to use cloud as it was intended for true breadth and flexibility. Without the ability to shift workloads across clouds effectively, that innovation channel remains closed off (or at least partially blocked) for many.

To navigate these hybrid and distributed ecosystems, IT teams can use MuleSoft’s new universal API management capabilities on Anypoint Platform to design, build, deploy, operate, and discover all of their organization’s APIs. In addition, MuleSoft also aims to help companies operationalize governance across all of their enterprise APIs to help them comply with industry regulations and internal design standards, without adding friction to development. 

But Mulesoft is not the only player; security stalwart F5 also plays heavily in this space.

Senior director and distinguished technologist at F5 Rajesh Narayanan says that enterprises are, irrespective of size, a combination of product and IT services developed on behalf of business units that make up the organization.

“Enterprises are naturally siloed with information shared on a need-to-know basis. As enterprises expand, so do the various business units, product teams and operational teams. In essence, the business ‘sprawls’. Because every team and business unit today relies significantly on APIs, we can see the inevitable result is API sprawl,” said Narayanan.

Looking at where we go next, Narayanan said that we can see that a new approach is needed to address the challenges that will arise from API sprawl because existing solutions focus on challenges within a cluster; that is, the challenges of managing APIs within a microservices environment. 

“Existing solutions have not yet expanded their scope to address the challenges of API sprawl across clusters; that is, between microservices environments that span locations, business units, and product and operational teams,” wrote Narayanan, in a technical discussion blog jointly authored by Lori MacVittie in her role as F5 principal technical evangelist.

Hybrid, distributed ecosystems have become the norm, which adds complexity to the IT landscape. According to Deloitte, 97% of IT managers are planning to take a best-of-breed approach by distributing workloads across two or more clouds to boost resilience and support regulatory requirements. These distributed ecosystems result in data silos, limited reuse, inconsistent governance, and security across services. 

There’s also the spectre of limited visibility with many management consoles across cloud vendors. API management has clearly become an entire sub-genre and sub-discipline of cloud computing in and of itself. 

 Read next: The Integration Chasm that is Killing Cloud

Adrian Bridgwater
Adrian Bridgwater is a technology journalist with three decades of press experience. Primarily he works as a news analysis writer dedicated to a software application development ‘beat’; but, in a fluid media world, he is also an analyst, technology evangelist, and content consultant. As the previously narrow discipline of programming now extends across a wider transept of the enterprise IT landscape, his own editorial purview has also broadened. He has spent much of the last 10 years also focusing on open source, data analytics and intelligence, cloud computing, mobile devices, and data management.

Latest Articles

Follow Us On Social Media

Explore More