http://apievangelist.com/2014/10/05/taking-a-fresh-look-at-what-open-source-api-management-architecture-is-available/

05 Oct 2014

I’ve been a outspoken advocate for more open source API management tooling, for some time now. I'm sensitive to the fact that startups have to make money in the API space, but in my opinion a certain layer of the API space needs to remain open and interoperable for this all to work, and I feel that open source tools are an important variable in this equation. When I last checked into what was available in the space, there really wasn't much, so in 2014 I figured I'd take another look.

Originally there is just one player on the space who was completely open source, and that is WSO2:

API management is just one tool in the massive open source catalog that WSO2 brings to the table. The company provides a number of open source tools including identity & authentication, ESB, data and API management solutions.

WSO2 is the shining open source example in the space currently, and I was very happy to see them emerge on the landscape. I feel WSO2 plays a strong role in the API space, but their approach to open source is the enterprise version, where the open gets rid of software licensing cost (yay), but is targeted specifically at an enterprise audience. I’m not the enterprise, so to compliment what they bring to the table, I’m also looking for a different version of “community”, and eager to see smaller players step up as well.

After WSO2 I got a taste of open source from Alcatel Lucent, with their release of API Grove, which was a whole other definition of open source:

API Grove was open sourced late in 2012 by Alcatel Lucent, holding some promise that another strong enterprise open source player would step up, but within months it would be clear that it was not a live open source offering, but Alcatel abandoning their API program, and publishing as open source to get the press release.

I’d call API Grove, enterprise fire sale open source, and while the code is out there (I think), there is nobody home, not an enterprise, or other community to be seen. This type of open source releases just make me sad.

After WSO2 and API Grove, the only other player that saw emerg on the scene was ApiAxle:

ApiAxle is an proxy that sits on your network, in front of API(s)and and provides common API management features like rate limiting, authentication and caching. ApiAxle was recently purchase by application platform infrastructure provider Exicon.

ApiAxle has been on my list for a couple years now, and was recently purchased by Exicon. The site is pretty good looking, but I can't tell if there is any activity in the community recently. The blog is silent, but the site was updated a few days ago, and the Github repo for the project was last updated July 31st—it can be hard to tell sometimes, just how active an open source project is.

Beyond ApiAxle, there are two API management pioneers who been hard at work releasing open source tooling:

3Scale is one of the original API infrastructure providers, and has developed an open source API proxy using the NGINX Web Server, designed to work independently, but also be able to take advantage of freemium 3Scale API analytics, billing, etc.
Like 3Scale, Apigee is one of the original API infrastructure provider, and has been working on Volos an open source Node.js solution for developing and deploying production-level APIs, providing common features such as oAuth 2.0, caching, and quota management into APIs.

It can be hard to envision exactly how open source fits into 3Scale or Apigee’s business model, but as the core features of API management become more commoditized, I can't help but think that open source tooling will increasingly be a reality on the front-line for these API infrastructure providers.

After these projects from leading API management providers, I hadn't see any other open source API management tooling until I started to look closer at APIs in the public sector:

Socrata has been providing API and open data management tools to government of all shapes and sizes for some time now, and along the way is open sourcing many of its tools including an open source developer portal that anyone can use to management their API.
API Umbrella was born out of the National Renewable Energy Laboratory (NREL) to manage their own APIs, but then has evolved to be used by other agences, as well as being adopted by central data.gov efforts within the federal government. API Umbrella is a proxy that sits in front of your APIs. It can seamlessly add common functionality like api keys, rate limiting, and analytics to any API.

I think what is happening in the public sector API space, reflects what the private sector is needing as well, in regards to open, interoperability, and the room to play, experiment and figure things out before you have to start putting to much cash on the line. I just think the government is in more of a position to mandate this, where in the public sector freemium solutions from 3Scale have been a buffer for this demand, but as the space expands I think open source tooling will begin to evolve to provide further relief valves.

In doing this research, what has really caught my attention, is the number of new players that are picking up momentum in 2014:

Repose is an open-source platform that you can use to build stacks of reusable software components. These components can be leveraged by service developers to perform common API processing tasks. Repose can be used inside a service to perform API operations. It can also run on one or more separate servers as a proxy to one or more services. 
Tyk is an open source, lightweight, fast and scalable API gateway. Set rate limiting, request throttling, and auto-renewing request quotas to manage how your users access your API. Tyk supports access tokens, HMAC request signing, basic authentication and OAuth 2.0 to integrate old and new services easily.
Gluu provides open source authentication and API access management stack, called the Gluu Server, helps companies secure Web and mobile applications. The Gluu Server leverages standards such as OAuth2, OpenID Connect, UMA, SAML 2.0, and SCIM to enable federated single sign-on (SSO) and trust elevation.
Loopback is an open source API framework powered by Node for quickly creating APIs. Node is good for getting projects done quickly, leveraging the broad knowledge of JavaScript, and to scale to the concurrency that is well suited for web APIs.

Overall I think these new players reflect the maturation of the space, but beyond that I'm not sure what it means for the API world, it will take some time for me to work through what features are being offered, and what business models exist around these open tools. In my experience, the motivations behind open source mean everything, and the relationship a open source project has to their parent company can make or break the momentum any open source project will possess--setting the tone for any community, enteprise or otherwise.

Eventually I'll bring together the open source tools I've found in the API management layer, with the open source design tooling I'm seeing from Apiary and Swagger, and other API design providers, as well as the wealth of tooling I'm seeing for API integration—still playing catch up on the roundup here. When I squint my eyes, and think about the space, I can't help but feel that we are getting closer to my earlier vision of open source in the API space, but we still have a lot of work to do.

What else am I msising from the pool of open source API management tooling? I depend on my audience letting me know what they are using.

P.S. I know I'm going to get an email from Mulesoft on the piece, I’m sure you guys fit in here somewhere, but honestly I spent about 2 hours looking through your stuff, and I can’t figure out just exactly what version of open source you guys are. I understand the Mule ESB is open source, which isn't squarely in my API management category, and after that I really can't tell with the other open tooling you guys have—feel free to post a blog post response, helping me, and the community understand better.

Taking A Fresh Look At What Open Source API Management Architecture Is Available的更多相关文章

  1. Top free and open source log management software

    As mentioned in the previous post, in my quest to find an alternative to Kiwi Syslog, I looked at a ...

  2. Fluentd: Open Source Log Management

    Fluentd: Open Source Log Management "Fluentd" is an open-source tool to collect events and ...

  3. Jekens Source Code Management None 源码管理没有Git

    jekens安装完成后,在配置中Source Code Management没有Git的选项,只有none,搞了大半天,一直安装插件报错,网上找的各种文章均未能解决我的问题,多次尝试后终于解决了这个问 ...

  4. 100 open source Big Data architecture papers for data professionals

    zhuan :https://www.linkedin.com/pulse/100-open-source-big-data-architecture-papers-anil-madan Big Da ...

  5. Open Source Log Management

    https://www.elastic.co/solutions/logging The Elastic Stack (sometimes known as the ELK Stack) is the ...

  6. 125 open source Big Data architecture papers for data professionals

    https://www.linkedin.com/pulse/100-open-source-big-data-architecture-papers-anil-madan

  7. 使用 Git + Dropbox + SourceTree 做 Source Code Management

    此篇文章主要針對有安裝 XCode 的 Mac 用戶. Git 版本控管工具,作用類似 CVS.Subversion(簡 稱SVN),好處在於 Git 不像 CVS 及 SVN 是屬於集中式的版本控管 ...

  8. API Management Architecture Notes

    Kong/Tyk/Zuul/strongloop/Ambassador/Gravitee IBM Reference Architecture for API Management: https:// ...

  9. Red Gate - SQL Source Control实现对SQL SERVER 的源代码控制

    原文地址:http://bbs.csdn.net/topics/350165431 SQL Server 一直没有一款很好的源码控制器,之前自己曾尝试自己写一个,将所有的 脚本 自动生成到某一目录下, ...

随机推荐

  1. rsync进行不同服务器之间的数据同步

    2台服务器上都要安装rsync,sudo yum install rsync. 把远程的数据备份到本机: rsync -rP --rsh=ssh root@IP:/data/tmp /data/tmp ...

  2. Python学习(六)模块

    Python 模块 模块定义 随着程序越来越庞大,需要分隔成几个文件:也需要能在不同文件中复用函数.类和变量,而不是拷贝代码.为了满足这些需要,Python提供了模块. 简单来说,模块就是一个保存了P ...

  3. spring mvc 基于注解 配置默认 handlermapping

    spring mvc 是类似于 Struts 的框架.他们都有一个最主要的功能就是URL路由.URL路由能将请求与响应请求处理逻辑的类(在Struts中即是action,在spring mvc 中即是 ...

  4. dedecms织梦 v5.5 两处跨站漏洞

    漏洞版本: dedecms织梦5.5 漏洞描述: 北洋贱队(http://bbs.seceye.org)首发 demo1:http://www.dedecms.com/plus/search.php? ...

  5. 深度Linux Deepin系统安装教程使用体验

    很早以前,试用过一次深度的OS,那时深度刚出自己的Linux修改版系统,过了有两年了,准备看看Deepin OS有什么变化,和雨林木风的Start OS比,有什么不同 1.安装的引导菜单和Start ...

  6. SVG 可伸缩矢量图形 简介 Path路径

    w3school:http://www.w3school.com.cn/svg/svg_intro.asp  SVG 意为可缩放矢量图形(Scalable Vector Graphics). SVG ...

  7. 根据WSDL文件生成代理类

    D:\Program Files\Microsoft Visual Studio 10.0\VC>wsdl  /l:c#  /n:cmsserver  /out:E:\ospsoft\Trave ...

  8. 使用HTML5的两个api,前端js完成图片压缩

    主要用了两个html5的 API,一个file,一个canvas,压缩主要使用cnavas做的,file是读取文件,之后把压缩好的照片放入内存,最后内存转入表单下img.src,随着表单提交. 照片是 ...

  9. [置顶] 关于Qt的学习

    初学习QT,希望用此来记录学习的轨迹....... 1.Qt版本为Qt5.1.0 2.使用Qt-Creator进行变成. 3.第一个例子 打印出“Hello World” 3.1  打开Qt-Crea ...

  10. [置顶] 深入浅出Spring(四) Spring实例分析

    上次的博文中 深入浅出Spring(二) IoC详解 和 深入浅出Spring(三) AOP详解中,我们分别介绍了一下Spring框架的两个核心一个是IoC,一个是AOP.接下来我们来做一个Sprin ...