Welcome!

@CloudExpo Authors: Jyoti Bansal, Yeshim Deniz, Greg Schulz, ManageEngine IT Matters, William Schmarzo

Related Topics: @CloudExpo, Cloud Security, @ThingsExpo

@CloudExpo: Blog Feed Post

Five Ways to Safeguard Your Application from Third-Party API Outages By @webcodepro | @CloudExpo #Cloud

There have been a number of high-profile API outages in recently that caused some well-known websites & applications to go down

Five Ways to Safeguard Your Application from Third-Party API Outages
By Janet Wagner

The Internet of Things (IoT) is growing at a rapid pace with millions of new devices getting connected every day.

Gartner forecasts that 6.4 billion connected things will be in use in 2016 and by 2020, the number will reach 20.8 billion. Billions of devices including smartphones, laptops, cars, watches, refrigerators, and even thermostats are all getting connected thanks to APIs. Many of these devices are part of a larger application ecosystem, connected to the cloud and each other using the same APIs.

There have been a number of high-profile API outages in recent months that caused some well-known websites and applications to go down. With so many devices and applications using many of the same cloud services and APIs, one outage can potentially take down entire application ecosystems. While it may not be possible to completely prevent an API outage from taking down your website, web or mobile application, it is possible to take steps to reduce the impact of a third-party API outage.

Web Service Outages
Twitter experienced a major outage for about an hour on January 19, 2016 which caused the Twitter website and applications to malfunction for users worldwide.

Twitter Outage

Application ecosystems are getting larger and more complex with each passing day. While API providers do their best to ensure API availability, outages do still occur from time to time.

Consider the following examples:

  • On January 26, 2015, both the Facebook and Instagram API servers went down for about an hour taking down Facebook and Instagram. The outage also impacted a number of well-known websites including Tinder and HipChat.
  • On September 20, 2015, Amazon Web Services (AWS) experienced a brief disruption that caused an increase in faults for the EC2 Auto Scaling APIs. Within the same month, the Facebook Graph API went down briefly on three separate occasions. Facebook is considered a very reliable service so the fact that Facebook suffered from three outages in the same month was widely reported.
  • On January 19, 2016, Twitter experienced a major outage that impacted many of the websites and applications using Twitter APIs. The API outages caused the Twitter website and applications to malfunction for users worldwide for about an hour.

API outages aren't limited to the large scale APIs like those experienced by giants like Facebook and Amazon. And if you have an application that is dependent on external APIs to perform a critical function, you need to have a plan for dealing with disruptions.

There are a number of solutions that developers can use to prevent API outages from negatively impacting a website or application.

1. API Virtualization
API virtualization
is a process that makes it possible to create a virtual copy of an API capable of emulating the same functionality and performance of a production API. API virtualization can be used to create a virtual sandbox for integration, scenario, load, and performance testing of internal and third-party APIs. Unlike service virtualization, a process that mimics an entire system, API virtualization only emulates the API which is considerably less expensive, easier to implement, and less time consuming.

"It's all about time and cost. API virtualization, beyond simple service mocking, provides technical teams a frictionless way to reduce delays in development and testing. Lightweight, virtual APIs empower teams to simulate errors, network latency and congestion, and even stand up API sandboxes," said Paul Bruce, API team product manager at SmartBear. "These ‘virts' (as the folks at SmartBear call them), allow you overcome third-party downtime, safeguard you from running over subscription limits, and even help to simplify versioning and release logistics."

Using API virtualization tools like ServiceV Pro, developers can test third-party API integrations by mimicking errors, server, and network behavior.

Matti Hjelm, product owner at SmartBear, said that "ServiceV works from two angles: both from the dev perspective to quickly create APIs for own use or for others to use; and for testers to have something to test against. This will truly speed up the build and deploy workflows dramatically."

API virtualization can help developers anticipate how specific third-party API outages will impact their application allowing them to plan for outages before moving the application to general availability.

2. Synthetic and Real User Monitoring
Synthetic Monitoring

Synthetic monitoring
is a script or tool that is capable of monitoring various aspects of APIs, web and mobile applications. Synthetic monitoring effectively "simulates users" monitoring the paths that users may take while using an application. Synthetic monitoring can help developers discover problems with an application before users do. Using synthetic monitoring, developers can find out:

  • How well the website/application performs from specific geographic locations.
  • How long it takes web pages to load.
  • How an outage or slowdown will impact users.
  • How well third-party scripts and APIs are operating.
  • How well transactions are performing.
  • How new features will impact performance and speed.

These are just a few of the things that developers can learn about an application by using synthetic monitoring.

"On the production side, synthetic API monitoring provides critical visibility into how your APIs perform under real conditions, prove uptime and availability, and split out important layers of your user experience so you can involve the right people to quickly resolve problems when they arise," said Bruce.

Real User Monitoring
Real user monitoring (RUM
) is a script or tool designed to monitor and analyze all user transactions of a website or application. RUM is based on the traffic of actual application users, not virtual or simulated users like synthetic monitoring. RUM shows how users are interacting with an application, providing metrics that reflect the user experience (UX).

RUM can be used to monitor and capture a wide variety of web and mobile application metrics including load time, speed, errors, transaction performance, availability, and more. Problems with third-party APIs can impact the speed and performance of a website or application. There are RUM tools that can send automatic alerts in the event of a problem such as an API outage or application slowdown.

Products like AlertSite can be used for RUM monitoring as well as for synthetic monitoring of APIs, web and mobile applications.

3. A/B Testing
A/B testing is a method of testing in which two variants of a web page or application are compared to each other. For example, two versions of an application; one that includes a third-party API and one that does not, would be compared to see how that API will impact application speed and performance. A/B testing tools use data and metrics to determine the positive or negative impact of specific changes made to web pages or applications.

4. Asynchronous Scripting
Asynchronous scripting helps web pages render faster by allowing the main body of content to be loaded without having to wait for all of the external scripts to load. Without asynchronous scripting, users must wait for all of the external scripts to load first before they can view the main content of the web page. If a problem with a third-party script or API occurs, asynchronous scripting allows the body of content to be loaded despite the problem.

Many API providers offer APIs via JavaScript SDKs with code that is asynchronous by default. Third-party JavaScript APIs and code snippets that are not already asynchronous can be loaded asynchronously. In HTML5 for example, external JavaScript files can be loaded asynchronously using the async tag:

<script async src="script.js"></script>

5. Caching
Caching API responses allows API data to be stored on your website server instead of relying on the third-party server for every API call. Caching helps prevent an application from being impacted by third-party API outages because data is pulled from a local cache file instead of directly from the API server. Caching scripts are available in PHP, Python, and many other languages.

Conclusion
This article covers only a few of the steps that can be taken to safeguard your application from third-party API outages and errors.

Limiting the number of APIs your application uses, using well-designed APIs from reputable API providers, and using a full-featured APM tool can also help safeguard your application from API outages.

With the number of connected devices and application ecosystems growing at such as rapid pace, it is more important than ever for applications to be safeguarded from third-party API outages and errors.

Read the original blog entry...

More Stories By SmartBear Blog

As the leader in software quality tools for the connected world, SmartBear supports more than two million software professionals and over 25,000 organizations in 90 countries that use its products to build and deliver the world’s greatest applications. With today’s applications deploying on mobile, Web, desktop, Internet of Things (IoT) or even embedded computing platforms, the connected nature of these applications through public and private APIs presents a unique set of challenges for developers, testers and operations teams. SmartBear's software quality tools assist with code review, functional and load testing, API readiness as well as performance monitoring of these modern applications.

@CloudExpo Stories
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of Soli...
Almost two-thirds of companies either have or soon will have IoT as the backbone of their business. Though, IoT is far more complex than most firms expected with a majority of IoT projects having failed. How can you not get trapped in the pitfalls? In his session at @ThingsExpo, Tony Shan, Chief IoTologist at Wipro, will introduce a holistic method of IoTification, which is the process of IoTifying the existing technology portfolios and business models to adopt and leverage IoT. He will delve in...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Cloud Expo, Inc. has announced today that Aruna Ravichandran, vice president of DevOps Product and Solutions Marketing at CA Technologies, has been named co-conference chair of DevOps at Cloud Expo 2017. The @DevOpsSummit at Cloud Expo New York will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and @DevOpsSummit at Cloud Expo Silicon Valley will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In his session at @ThingsExpo, Steve Wilkes, CTO and founder of Striim, will delve into four enterprise-scale, business-critical case studies where streaming analytics serves as the key to enabling real-time data integration and right-time insights in hybrid cloud, IoT, and fog computing environments. As part of this discussion, he will also present a demo based on its partnership with Fujitsu, highlighting their technologies in a healthcare IoT use-case. The demo showcases the tracking of pati...
Tricky charts and visually deceptive graphs often make a case for the impact IT performance has on business. The debate isn't around the obvious; of course, IT performance metrics like website load time influence business metrics such as conversions and revenue. Rather, this presentation will explore various data analysis concepts to understand how, and how not to, assert such correlations. In his session at 20th Cloud Expo, Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Sys...
Stratoscale, the software company developing the next generation data center operating system, exhibited at SYS-CON's 18th International Cloud Expo®, which took place at the Javits Center in New York City, NY, in June 2016.Stratoscale is revolutionizing the data center with a zero-to-cloud-in-minutes solution. With Stratoscale’s hardware-agnostic, Software Defined Data Center (SDDC) solution to store everything, run anything and scale everywhere, IT is empowered to take control of their data ce...
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his Day 2 Keynote at @ThingsExpo, Henrik Kenani Dahlgren, Portfolio Marketing Manager at Ericsson, discussed how to plan to cooperate, partner, and form lasting all-star teams to change the...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
What are the new priorities for the connected business? First: businesses need to think differently about the types of connections they will need to make – these span well beyond the traditional app to app into more modern forms of integration including SaaS integrations, mobile integrations, APIs, device integration and Big Data integration. It’s important these are unified together vs. doing them all piecemeal. Second, these types of connections need to be simple to design, adapt and configure...
To manage complex web services with lots of calls to the cloud, many businesses have invested in Application Performance Management (APM) and Network Performance Management (NPM) tools. Together APM and NPM tools are essential aids in improving a business's infrastructure required to support an effective web experience... but they are missing a critical component - Internet visibility.
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem" ...
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, explained the best practices of continuous testing at high scale, which is rele...
Hardware virtualization and cloud computing allowed us to increase resource utilization and increase our flexibility to respond to business demand. Docker Containers are the next quantum leap - Are they?! Databases always represented an additional set of challenges unique to running workloads requiring a maximum of I/O, network, CPU resources combined with data locality.
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"A lot of times people will come to us and have a very diverse set of requirements or very customized need and we'll help them to implement it in a fashion that you can't just buy off of the shelf," explained Nick Rose, CTO of Enzu, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.