3.6.5.API Traffic Management

• Traffic Management?

  • Provider必須確定可以滿足Consumer的需求, 同時必須確保data的完整性, 以下有三個原因為何要做Traffic Management

    • Response time consistency

    • Service Level Agreement (SLA)

    • Protecting the backend

• Response time consistency

  • 必須確保應用程式不會被某一個功能異常的APP所影響

    

• Service Level Agreement (SLA)

  • Ensure that SLA is met by the provider

  • Ensure that SLA on the consumer

    SLA {
      Number of calls: 10,000 Calls/ day
      Concurrency: 5 Calls/ second
      Response time: Under 1 second
    }

• Protecting the backend

  • This can be done by way of blocking or throttling the request on the edge of the enterprise network

• Traffic management policies

  • Quota (限制單位時間的call數)

    • Defines maximum # of calls per unit time

    • Add quota for API: apigee

  • Rate limiting (限制瞬間的連線數)

    • Limits number of concurrent connections to API

    • API Rate limiting: walmart

      

  • Spike Arrest (限制Call/second的最大值)

    • Protect the API backend from server traffic spikes and denial of service attacks

    • Prevents calls beyond high water mark from reaching the backend

    • Add spike arrest: apigee