Welcome!

@DevOpsSummit Authors: Kevin Jackson, Elizabeth White, Liz McMillan, Pat Romanski, Tim Hinds

Related Topics: @DevOpsSummit, Java IoT, Microservices Expo, @CloudExpo, @ThingsExpo

@DevOpsSummit: Article

APIs: A Costly Blind Spot | @CloudExpo #API #IoT #DigitalTransformation

The increased adoption of APIs brings with it some exciting opportunities

APIs: A Costly Blind Spot for Your Application
by Priyanka Tiwari

APIs have taken the world by storm in recent years.

The use of APIs has gone beyond just traditional "software" companies, to companies and organizations across industries using APIs to share information and power their applications.

According to SmartBear's State of API 2016 Report:

  • More than half of API providers began developing APIs within the last five years.
  • 1 in 5 API providers began developing APIs in the last two years alone.

The increased adoption of APIs brings with it some exciting opportunities.

For some organizations, APIs are the biggest revenue drivers. For example, Salesforce generates nearly 50% of annual revenue through APIs. In other cases, APIs can increase a business's footprint and initiate collaboration. Netflix, for example, reported over 5 billion calls per day to its API in 2014.

Increasingly, more organizations are adapting 3rd party or public APIs to accelerate R&D and leverage external programming talent. For example Visa, a leading player in highly regulated payment processing industry, recently released a set of APIs that includes 150 endpoints across all Visa products and welcome partners to their API ecosystem.

Another example of a thriving API ecosystem is Fitbit. Who reportedly saved over $1 million in R&D when it opened its APIs in 2011. Since then, hundreds of apps use FitBit APIs to collaborate and innovate.

What does this all mean for you?

All of these examples highlight the incredible opportunity that APIs present. But they also show the importance of API performance. Whether a business is using APIs to generate revenue, increase collaboration, or reduce costs - they need APIs to function properly at all times.

The importance of API performance isn't limited to organizations that provide APIs. For example, if your application depends on a third party API to complete a critical function for your users, you also need to be concerned about how that API is performing.

When an API breaks or malfunctions, your application feels the effects and so do your users.

  • One-third of API consumers will consider switching API providers permanently upon encountering an API quality issue.
  • 31% of consumers will report the problem externally to peers, customers, or partners.

When your application lags or crashes as the result of a problem with a third party app, your users will look to you for a solution and will associate a poor experience with your application, even if the issue is beyond your control.

Unfortunately, when SmartBear asked API consumers about the average time it takes providers to resolve an API quality issue, less than 10% said that issues are resolved within 24 hours. Nearly 1-in-4 said that quality issues remain unresolved for one week or more.

Bottom Line: Simply checking that your API is available is not enough.

If you look closely, APIs are not so different than your other online assets like websites, web applications, and mobile applications. They need to be up and running at all times, need to perform within a threshold defined by the consumer, and need to be functionally correct for all end users.

Gone are the days when performance could be measured in seconds. API performance is measured in milliseconds and simply 1/20th second of a delay could lead to unacceptable user experience and unsatisfied end user.

Functional correctness for APIs is as critical if not more as API availability. If the API doesn't return the right data at right places, it's as good as broken for your app.

What can you do?

First, spend the time to map out your expectations around uptime and response time.

Synthetic monitoring can be used to understand performance of third-party APIs before in pre-production environments. Proactively monitoring your APIs will help understanding infrastructure requirements of your APIs. This step will also help identify API's contribution to the availability and performance of your application.

Next, address the challenges that could keep you from resolving an API issue.

According to the State of API 2016 Report, the three biggest barriers to solving API issues are:

  • Determining the root cause of the issue (45%)
  • Isolating the API as being the cause of the issue (29%)
  • Engaging the correct person(s) to fix the problem (25%)

Addressing these challenges before an issue occurs will limit the amount of time it takes to resolve problems with your API.

Finally, you'll want to invest in the necessary tools to protect your application from API performance problems.

Proactively monitoring the APIs you consume will help you ensure availability, performance and functional correctness of your APIs and the applications that use them. Proactively monitoring the applications for all diverse user cases will help you find and fix issues before they impact your end users. Correlating API performance with the application performance will help you improve overall application performance and isolate faulty components in case of performance degradation.

When setting up your first API monitor, there are a few important steps you'll need to consider:

  • Re-use functional tests from development: Given that your functional API tests are set up to assert and provide relevant error messages, the corresponding API monitors will have the ability to give you much more detailed error information for root cause analysis than regular availability monitors.
  • Create tests that mimic your use cases: If you are mainly integrating with 3rd party APIs, need to make sure that you know about their failures before your users notice. Here it is essential that the monitors you create actually mimic how you use that API. Monitor the entire flow of your use cases; don't just monitor the first API request; monitor them all, in sequence - just like your application uses them.
  • Use a dedicated account: Many (most) APIs require you to specify some kind of credentials or access key in your requests; make sure you are using a dedicated account(s) for your monitoring, both for your own APIs and 3rd party ones.

With the right plan, you'll be able to cover your application's blind spot and ensure that your APIs and apps are exceeding user expectations.

More Stories By SmartBear Blog

As the leader in software quality tools for the connected world, SmartBear supports more than two million software professionals and over 25,000 organizations in 90 countries that use its products to build and deliver the world’s greatest applications. With today’s applications deploying on mobile, Web, desktop, Internet of Things (IoT) or even embedded computing platforms, the connected nature of these applications through public and private APIs presents a unique set of challenges for developers, testers and operations teams. SmartBear's software quality tools assist with code review, functional and load testing, API readiness as well as performance monitoring of these modern applications.

@DevOpsSummit Stories
"Storpool does only block-level storage so we do one thing extremely well. The growth in data is what drives the move to software-defined technologies in general and software-defined storage," explained Boyan Ivanov, CEO and co-founder at StorPool, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, which can process our conversational commands and orchestrate the outcomes we request across our personal and professional realm of connected devices.
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the public cloud best suits your organization, and what the future holds for operations and infrastructure engineers in a post-container world. Is a serverless world inevitable?
ChatOps is an emerging topic that has led to the wide availability of integrations between group chat and various other tools/platforms. Currently, HipChat is an extremely powerful collaboration platform due to the various ChatOps integrations that are available. However, DevOps automation can involve orchestration and complex workflows. In his session at @DevOpsSummit at 20th Cloud Expo, Himanshu Chhetri, CTO at Addteq, will cover practical examples and use cases such as self-provisioning infrastructure/applications, self-remediation workflows, integrating monitoring and complimenting integrations between Atlassian tools and other top tools in the industry.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory? In her Day 2 Keynote at @DevOpsSummit at 21st Cloud Expo, Aruna Ravichandran, VP, DevOps Solutions Marketing, CA Technologies, was joined by a panel of industry experts and real-world practitioners who shared their insight into an emerging set of best practices that lie at the heart of today's digital transformation.