WSO2 Adds API Management Platform Optimized for Kubernetes

WSO2 today added an open source application programming interface (API) management platform based on the Kubernetes Gateway API specification.

WSO2 CTO Asanka Abeysinghe said legacy approaches to managing APIs provide suboptimal performance compared to the WSO2 API Platform for Kubernetes (WSO2 APK); other approaches don’t scale as well nor are they as resilient.

Based on the open source Envoy proxy gateway software, core WSO2 API capabilities include the ability to configure API runtimes to create custom resource definitions (CRDs), discover Kubernetes services and convert them into APIs at scale across a cloud-native application environment.

The WSO2 APK API Gateway is built to manage high-volume, real-time data processing, acting as a policy enforcement point for incoming API traffic and the application of quality of service (QoS) features, including security via authentication and authorization, rate limiting, message transformation and request routing, noted Abeysinghe. Auto-scaling is enabled based on CPU utilization, memory usage and custom-defined metrics.

In addition, WSO2 provides support for container orchestration, namespaces for organizing clusters, fast boot-up times and integration of third-party identity providers such as the WSO2 Identity server.

The next release, scheduled for the first quarter of 2024, will add a user interface (UI) experience for API design and publishing, as well as enhanced administration and governance tools.

There are, of course, no shortage of ways to manage APIs. However, as more organizations embrace platform engineering as a DevOps methodology for centralizing the management of cloud-native application environments, the need to manage and govern APIs at scale will require an approach that runs natively on Kubernetes clusters, said Abeysinghe.

The challenge is that even with the rise of platform engineering, it’s not always clear who is in charge of managing APIs created by developers. Developers have an unfortunate tendency to create APIs without informing the rest of the IT organization that they exist. Most developers lack cybersecurity expertise, so it’s only a matter of time before cybercriminals scan for external-facing APIs that allow them to exfiltrate data. IT teams need a platform to discover and manage those APIs as part of a larger effort to secure and govern them.

Undoubtedly, the number of APIs that will need to be managed and secured in the months ahead will exponentially increase. The challenge and the opportunity now is to get ahead of that explosion rather than wait until after developers have enabled them. Not all of those APIs are going to be externally facing, but as the sheer volume of APIs increases, that potential for cybersecurity mayhem increases. It’s not uncommon for internally facing APIs to be reconfigured to be externally facing as new use cases arise.

Regardless of the approach to managing APIs, the need to manage them at scale in highly dynamic cloud-native application environments where every microservice has its own API will soon push every IT team to its limits.

Mike Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

Mike Vizard has 1634 posts and counting. See all posts by Mike Vizard