Learn to Love Day 2 Operations with GitOps-Driven API Management
Let’s face it: It can be hard to love Day 2 — everything that happens after an application is deployed into production. For many engineers supporting modern, cloud native apps, Day 2 has been a time of manual monitoring and management processes, siloed operations and stress about breaking something.
A core part of the reason Day 2 is often so challenging in modern environments is they involve tons of connected systems, and managing all of those systems — and the APIs that connect them — can be very difficult. APIs are the glue that hold modern, distributed applications together; yet developing, monitoring and updating APIs can prove tremendously time-consuming and tedious if you do it in an imperative, manual way.
This is the situation for traditional approaches to managing APIs for microservices apps. But it doesn’t have to be this way. With a more modern strategy — one based on Git and other tools central to modern operations — you can simplify and streamline Day 2 operations, even with the most complex cloud native apps.
Day 2 and API Management
Day 2 operations encompass all the tasks — including API deployment, versioning, monitoring, troubleshooting, incident mitigation and updates — that teams must perform to keep applications up and running on an ongoing basis.
Given that a single app today depends on an average of 26 and 50 APIs according to Palo Alto Networks, there are many reasons why managing Day 2 operations can be challenging:
- Slow change management: Developers often push out changes to modern apps on a continuous basis, but implementing those changes can be a slow and tedious process. This is especially true if teams must test and deploy each new release manually or release processes are not fully automated.
- Root-cause analysis: The complex nature of modern apps combined with the vast number of APIs they depend on means pinpointing the source of a failure is no simple feat. For example, if an API sends a malformed request, how do you know if the issue is due to an API configuration problem, an application-processing failure, a network failure or something else? The answer is rarely obvious.
- Slow incident mitigation: Continuous improvement, the idea that teams should always be on the lookout for opportunities to improve apps and APIs, goes hand-in-hand with modern environments. But to put continuous improvement into practice, you must be able to document changes as quickly as you make them. This enables your team to more easily troubleshoot issues or incidents that arise following a change.
- Collaboration: Monitoring and managing apps requires collaboration between different stakeholders, such as IT engineers (who typically detect stability or performance problems), security analysts (who identify security issues) and developers (who write and update code to fix problems). Unless each group has access to the same insights, it’s hard for them to work together efficiently.
These distinct challenges are rooted in the same underlying cause: complexity. When you have complex application architectures and complex APIs, innovating quickly while mitigating risk is much harder than it would be in simpler environments. A virtual machine-based monolithic app that depends on few, if any, APIs can be monitored and updated faster and with less fuss because it includes fewer moving pieces and fewer potential points of failure. The same isn’t true for cloud native apps.
Solving Day 2 API Management Headaches with Modern Operations
Faced with the challenges of Day 2 operations for modern apps, what’s a team to do?
The wrong answer is to avoid complex architectures. Cloud native apps and the APIs that power them are harder to manage, but avoiding them means missing out on greater scalability, reliability, cost-effectiveness and other important benefits modern apps offer.
A healthier strategy is to develop cloud native apps (or refactor monoliths into a cloud native architecture) wherever it makes sense while simultaneously leveraging modern operations to simplify Day 2 operations.
For example, modern operations means using Git to manage and automate environment configurations. This enables GitOps, which involves writing declarative configuration files for resources, storing and version-controlling them in Git, and pushing out updates to production environments automatically.
The GitOps approach simplifies some of the deepest challenges surrounding Day 2 operations, especially those involving APIs:
- Streamlined change management: When you manage all your API configurations in Git, any stakeholder who wants to make a change can do so through the appropriate Git repository. This leads to faster incident resolution and easier collaboration between teams.
- Central source of truth: Git becomes a central source of truth that anyone on your team can use to track the status of API configurations and deployments, along with the rest of your infrastructure and apps (since their configurations are also managed via Git). This also simplifies collaboration across teams.
- Instant rollbacks: Because configurations stored in Git are automatically version-controlled, it’s easy to roll back a change that causes a problem. You can quickly revert to an earlier version of your configuration file and restore it to a working state, buying time to address the issue that triggered the failure.
- Faster innovation: Automated management of API configurations means you can quickly and efficiently make changes, leading to faster innovation and happier engineers, since your team won’t have to devote as much time and tedium to making improvements.
- Ability to “fail fast”: Performing automated configuration checks through linting and leveraging repeatable deployments helps teams fail fast as they innovate while also keeping risks in check.
In short, modern operations gives you the best of both worlds on Day 2: reduced risk and rapid, collaborative innovation. And because modern operations are automated and repeatable, you can use it to manage 1,000 APIs just as easily as you can manage one. Your ability to scale is virtually unlimited.
Learning to Love Day 2 Again
Traditional approaches to API management date to before the cloud native revolution, which made highly scalable, distributed environments the norm. Today, Day 2 operations demand automation. Indeed, automation is the only way to reap the benefits of cloud native strategies.
From the perspective of API management, automation means moving beyond slow change management, long recovery processes and poor control over APIs. It entails adopting a modern, lightweight, modular, Kubernetes-native, GitOps-based approach to managing APIs, which is what you should expect from a modern API management solution.
To learn more about Kubernetes and the cloud native ecosystem, join us at KubeCon + CloudNativeCon Europe in Paris, from March 19-22.
