Welcome!

Related Topics: @DevOpsSummit, Linux Containers, Containers Expo Blog, @ThingsExpo

@DevOpsSummit: Blog Feed Post

APIs Are Not Web Pages | @DevOpsSummit #API #IoT #M2M #DNS #DevOps

Even though web pages might be built from APIs, they are not the same

There’s a tendency, particularly for networkers, to classify applications by the protocols they use. If it uses HTTP, it must be a web app. The thing is that HTTP has become what it was intended to be: a transport protocol. It is not an application protocol, in the sense that it defines application messages and states. It merely transports data in a very specific way.

That’s particularly important in the age of the API and, increasingly, the age of things that might be using APIs. You see, APIs are primarily data centric constructs while web pages (think any HTML-based app) are document centric constructs.

Data centric constructs tend to exchange, well, data. And document centric constructs… yes, exchange documents. Both might use HTTP as a mechanism to do that, but the actual payload carried differs dramatically. That’s because data centric constructs are concerned with exchanging data that is not necessarily meant for human consumption. It’s meant to provide the application with information that it can then process and display or act on accordingly. Document centric constructs, on the other hand, are meant to be consumed by human beings. Because of that they tend to include all the stuffs required to format, display, and present information.

Now, some web apps are a combination of both. There’s a framework composed of HTML that lays out the user interface, and then scripting that exchanges and processes data via APIs. The initial “load” grabs the document, subsequent interactions exchange data.

The reason I’m being so pedantic about this difference (ignoring that pedantry is my superpower) is because this distinction is critical when architecting for scale. The load generated by these interactions is different. Loading a single page is no trivial task these days. HTTP Archive, which tracks these fascinating kinds of numbers, notes that the average page required 35 TCP connections to load.

35 TCP connections.

That may be because the average document size was 24kB, comprising 889 elements.

So not only do we need to open a lot of connections, we’re taking a lot of time transferring data over those connections.

Now it is true that APIs also get objects. The thing is that except for images, almost all data is a far more compact form and it is data, not visual elements of a document or UI. For APIs, JSON is universally favored right now, and it adheres to a fairly consistent key:value paradigm, with appropriate embedded lists (arrays) of objects within it. Pagination and a smaller screen size dictate generally smaller pieces of data at a time, displayed in preparation for user interaction. The interface already exists, the data is simply used to populate that interface. This is not the same as HTML, where both interface and data presentation often need to occur as the result of transferring the objects.

Dependencies, too, are different. Many of the optimization techniques used by ADCs and front-end optimization services focus on the web of interdependencies that exist naturally in an HTML document. You can’t layout the page until you’ve loaded the style sheet that dictates it (CSS), and scripts may need to execute before data is processed for display (or as part of that process), and so on. The display of one object might depend on the existence of another that is not yet loaded. Hence the focus on optimizing the transfer of objects in an order that allows the UI to begin parsing and presenting information as soon as possible, giving the illusion, at least, of greater speed whether or not reality matches the illusion.

In other words, the API returns a single, large chunk of data. It may or may not trigger additional calls to retrieve additional objects. A web page, by design, automatically will.

So… to sum up this comparison, APIs exchanging JSON are not the same as HTML even though both are using HTTP as the transport layer.

What does that mean?
It means, kids, that optimizing an API is not the same as optimizing a web page. It means that techniques like minification (stripping out white space and comments) isn’t necessarily going to improve performance of APIs, nor will reordering objects or inlining scripts and style sheet elements. It means that optimization an API depends a whole lot on design (which networkers can’t do that much about) and on the intermediaries you use to scale and secure that API.

A significant number of APIs are geared toward mobile devices. Mobile devices are infamously plagued by poor performance largely due to excessive round trip times (RTT) from DNS and the overhead of connection establishment. APIs delivered via HTTP can stand to be connected with longer TCP idle times to prevent requiring re-establishment of the underlying TCP session during the application experience. To offset the impact on capacity that has (servers can only serve so many concurrent connections, after all), using an intermediary (a full proxy) that effectively splits the interaction between “client” side and “server” side can reduce the impact of longer-lived sessions while simultaneously improving performance by eliminating the extra round trips required to establish a TCP session by employing TCP multiplexing techniques (similar to HTTP/2).

Compression, too, if your API is returning significantly large chunks of data, can be a bonus. Many API optimizing blogs and articles point out that for some reason, compression is rarely “on” at the server. There are reasons for this, good reasons, but that doesn’t mean compression shouldn’t be used at all. When appropriate, let the intermediary (proxy) apply compression, as it is usually far enough upstream to avoid the potential negative impact of doing so.

The big deal here is that optimizing an API for performance is not necessarily the same as optimizing a web application, even though both use HTTP. So if you’re really looking for a performance boost for APIs and you can’t get developers to change what they’re doing, look to the network and, as is increasingly the case today, to the architecture.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

Latest Stories
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
Multiple data types are pouring into IoT deployments. Data is coming in small packages as well as enormous files and data streams of many sizes. Widespread use of mobile devices adds to the total. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will look at the tools and environments that are being put to use in IoT deployments, as well as the team skills a modern enterprise IT shop needs to keep things running, get a handle on all this data, and deli...
As enterprise cloud becomes the norm, businesses and government programs must address compounded regulatory compliance related to data privacy and information protection. The most recent, Controlled Unclassified Information and the EU’s GDPR have board level implications and companies still struggle with demonstrating due diligence. Developers and DevOps leaders, as part of the pre-planning process and the associated supply chain, could benefit from updating their code libraries and design by in...
In his opening keynote at 20th Cloud Expo, Michael Maximilien, Research Scientist, Architect, and Engineer at IBM, will motivate why realizing the full potential of the cloud and social data requires artificial intelligence. By mixing Cloud Foundry and the rich set of Watson services, IBM's Bluemix is the best cloud operating system for enterprises today, providing rapid development and deployment of applications that can take advantage of the rich catalog of Watson services to help drive insigh...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Five years ago development was seen as a dead-end career, now it’s anything but – with an explosion in mobile and IoT initiatives increasing the demand for skilled engineers. But apart from having a ready supply of great coders, what constitutes true ‘DevOps Royalty’? It’ll be the ability to craft resilient architectures, supportability, security everywhere across the software lifecycle. In his keynote at @DevOpsSummit at 20th Cloud Expo, Jeffrey Scheaffer, GM and SVP, Continuous Delivery Busine...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
SYS-CON Events announced today that EARP Integration will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. EARP Integration is a passionate software house. Since its inception in 2009 the company successfully delivers smart solutions for cities and factories that start their digital transformation. EARP provides bespoke solutions like, for example, advanced enterprise portals, business intelligence systems an...
SYS-CON Events announced today that WineSOFT will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Based in Seoul and Irvine, WineSOFT is an innovative software house focusing on internet infrastructure solutions. The venture started as a bootstrap start-up in 2010 by focusing on making the internet faster and more powerful. WineSOFT’s knowledge is based on the expertise of TCP/IP, VPN, SSL, peer-to-peer, mob...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
SYS-CON Events announced today that Carbonite will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Carbonite protects your entire IT footprint with the right level of protection for each workload, ensuring lower costs and dependable solutions with DoubleTake and Evault.
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs oft...
One of the biggest challenges with adopting a DevOps mentality is: new applications are easily adapted to cloud-native, microservice-based, or containerized architectures - they can be built for them - but old applications need complex refactoring. On the other hand, these new technologies can require relearning or adapting new, oftentimes more complex, methodologies and tools to be ready for production. In his general session at @DevOpsSummit at 20th Cloud Expo, Chris Brown, Solutions Marketi...
SYS-CON Events announced today that Outscale will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Outscale's technology makes an automated and adaptable Cloud available to businesses, supporting them in the most complex IT projects while controlling their operational aspects. You boost your IT infrastructure's reactivity, with request responses that only take a few seconds.
As cloud adoption continues to transform business, today's global enterprises are challenged with managing a growing amount of information living outside of the data center. The rapid adoption of IoT and increasingly mobile workforce are exacerbating the problem. Ensuring secure data sharing and efficient backup poses capacity and bandwidth considerations as well as policy and regulatory compliance issues.