Wednesday, July 31, 2019

APIM 3.0 add multiple apis - bash script

Created a bash script to create, tag and publish multiple APIs. This is useful to populate data for the landing page.


# get the URL of the current Astronomy Picture of the Day (APOD)
clientId=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientId')
clientSecret=$(curl -k -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json https://localhost:9443/client-registration/v0.14/register | jq -r '.clientSecret')
# get just the image name from the URL
echo $clientId
echo $clientSecret

encoded=$(echo -ne $clientId:$clientSecret | base64)
echo $encoded

# get access token
accessToken=$(curl -k -d "grant_type=password&username=admin&password=admin&scope=apim:api_view,apim:api_create" -H "Authorization: Basic $encoded" https://localhost:9443/oauth2/token | jq -r '.access_token')

echo "======= access token =========="
echo $accessToken

declare -a tags=("weather" "finance" )
for tag in "${tags[@]}"
    for i in {6..50}
        echo $tag
        apiId=$(curl -k -H "Authorization: Bearer $accessToken" -H "Content-Type: application/json" -X POST --data-binary '{"name":"'$tag'API'$i'","version":"1.0.0","context":"'$tag'API'$i'","tags":["'$tag'"],"isDefaultVersion":false,"gatewayEnvironments":["Production and Sandbox"],"transport":["http","https"],"visibility":"PUBLIC","endpointConfig":{"endpoint_type":"http","sandbox_endpoints":{"url":"http://apiendpoint"},"production_endpoints":{"url":"http://apiendpoint"}},"policies":["Unlimited"]}' https://localhost:9443/api/am/publisher/v1.0/apis  | jq -r '.id')
        echo "==============================================================="
        echo $apiId

        ## publishing
        echo "===========================publishing===================================="
        publishState=$(curl -k -H "Authorization: Bearer $accessToken" -H "Content-Type: application/json" -X POST "https://localhost:9443/api/am/publisher/v1.0/apis/change-lifecycle?action=Publish&apiId=$apiId" -H "accept: application/json")

Sunday, December 10, 2017

Microservices governance vs SOA

whether you enforce contracts is independent of if you connect through the service bus or directly. You could build your microservices to use SOAP and WSDL. The industry as a whole seems to be moving away from this.

The team responsible for deploying the microservice needs to treat all external parties like customers. This means when changes occur, they need to keep backwards compatibility and then undergo a change management process in other teams to have them upgrade before decommissioning the old version. We avoid breaking changes as much as possible, and use semantic versioning otherwise. Automated tests help keep all this possible.

In terms of governance, I would set ground-rules around the following:

  • what is (and is not) considered a breaking change, and how this is to be handled in the versioning system
  • how/where documentation for services is to be published and updated
  • how clients are to authenticate themselves
  • security recommendations such as TLS and authentication mechanisms

While you may not have a canonical data model covering all services, it could be wise to introduce some smaller conventions suitable to your domain. In my domain, this means always using 3-character ISO standard currency codes alongside monetary amounts. We never assume the currency or use a different representation.

Source: StackOverflow

Tuesday, September 6, 2016

Microservices and SOA

Microservices is one of the buzzwords that generate a lot of hype in these days.So we thought about discussing SOA(Service-oriented architecture) and Microservices.

(SOA): an architectural pattern in computer software design in which application components provide services to other components via a communications protocol, typically over a network.

Microservices: a software architecture style in which complex applications are composed of small, independent processes communicating with each other using language-agnostic APIs

When looking at Microservices and SOA based service, I can see a lot of similarities between them. However, Microservices is a special approach of breaking a monolithic SOA service into small parts. So finally one service can be divided into many smaller services that talk to each other. Ideally, each SOA service operation should be implemented as a Microservice.

A Service which is implemented based on Service-oriented architecture has a broader scope than a one Microservice. The primary driving force of a Microservices architectural solution is the scalability. When demand is increasing for one or two services, we can easily scale them with fewer resource constraints. However, if we have a monolithic service, scaling will bring up many unwanted resources as well. So, instead of deploying the entire application only once everyone is done, developers can deploy their respective services. Also, testing, issue isolation are manageable easily in microservices.

When considering disadvantages of microservices, implementing distributed systems can be complex. There will be multiple small-small services which complicates the deployment. Also when implementing a complex service, we need to think about database connectivity and transaction handling as well.

Thursday, August 18, 2016

What is SOA Governance?

What is Governance?

Governance is the process of ensuring that an organizations resource are utilized in a manner in which they contribute to the fulfillment of an organizations goal and it is done in a transparent and measurable manner.The resources can include both people , processes or other physical infrastructure.At the heart of Governance is the concept of controlling how decisions are made.There are a number of different types of Governance:

  • Corporate Governance
  • IT Governance
  • Architecture Governance
  • SOA Governance
  • SDLC Governance

Why has Governance become important?

The past decade has brought to light several corporate scandals that highlight the pitfalls when decisions are made without transparency and accountability. As an example in the late 90s the corporate IT departments initiated a number of IT projects based on the whimsical notion of staying on the bleeding edge without any clear motivation on how these projects would contribute to the business. 

What are the building blocks of Governance?

  1. Precepts
  2. People
  3. Processes
  4. Metrics


Precepts define the environment as well as the effects of a decision.It achieves this by defining the following:
  • Defines who can make decisions
  • Defines the constraints under which decisions are made
  • The consequence of non compliance

They can include one or more of the following elements:
  • Objectives
  • Policies
  • Standards
  • Guidelines


The focal point of any governance system; it is ultimately the human element that makes decisions. Thus people must be aware of the precepts.


A process within the context of Governance defines the steps in which decisions can be made, enforce precepts and corrective action can be taken.


Metrics provide a way to :
  • Measure the effectiveness of the Governance system
  • Measure compliance to Precepts
  • Assist in determining whether precepts are effective

What is SOA Governance?

SOA Governance ensures that a companies SOA IT projects are:
  • Necessary to meet an organization business goals
  • Producing actual results 

Why is SOA Governance important?

  1. Metrics on the usage of services
    • Are people actually using the service?
    • Is the service consumed in the way it was intended?
  2. Uniformity
    • Ensure that teams across departments are building inter-operable services


[2] SOA Governance in Action
[3] Service-Oriented Architecture (SOA) Governance for the Services Driven Enterprise

Friday, August 12, 2016

Taxonomy and SOA


Taxonomy is the classification of things based on their structural characteristics and evolutionary history. Animal taxonomy is a good real world example for classification and it is based on the tree like structure, and scientists have classified animal kingdom based on the phyla and classes.

Taxonomy and SOA

In SOA world, every asset can have its own attributes which are specific to the asset type or it’s instances. So we can classify assets based on the business classification or asset type level classification. Most of the time, SOA Taxonomy is defined using the business classification.

“Asset type level classification” is totally based on the common attributes in the given asset type and they can be used to filter assets based on “Refined By” option. However, in this article, we are mainly focused on the SOA Taxonomy which is based on the business classification. The Business classification also can be divided into two major taxonomy(classification) types as information taxonomy and compliance taxonomy.

Information taxonomy is mainly based on the business namespace, and examples are like  business area, Own by Team, Geo Location, etc . When considering the compliance taxonomy, they are more generic to the industry (ex: PCI for Internet payments).

The terms which are absorbed from the classification, can be used to tag assets(mainly services) in your Enterprise Governance Solution. Later Asset consumers can easily search and find services that match their needs based on the classification. In addition to that, by looking at taxonomy hierarchy, consumers can easily determine Asset related classifications as well.

However when classifying assets based on the taxonomy and their filtering, should be more user-friendly, and UX should be clearly understandable by the non-technical user as well.