Nicolas Fränkel
Developer Advocate for Apache APISIX
Genève, Switzerland
Developer Advocate with 15+ years experience consulting for many different customers, in a wide range of contexts (such as telecoms, banking, insurances, large retail and public sector). Usually working on Java/Java EE and Spring technologies, but with focused interests like Rich Internet Applications, Testing, CI/CD and DevOps. Also double as a trainer and triples as a book author.
Area of Expertise
Topics
A poor man's API
Creating a full-fledged API requires resources, both time and money. You need to think about the model, the design, the REST principles, etc., without writing a single line of code. Most of the time, you don’t know whether it’s worth it: you’d like to offer a Minimum Viable Product and iterate from there.
In this talk, I'd like to demo how you can do it with PostgreSQL, PostgREST and Apache APISIX.
Make your security policy auditable
Nowadays, everybody realizes the importance of preventing undue access to one's applications.
Many conceptual models are available: RBAC, ABAC, you name it.
Likewise, all popular stacks have frameworks and libraries to help developers implement your chosen policy access.
If your organization only has a handful of apps, that's all fine and dandy, but problems appear at scale.
One such problem is keeping under control access configuration across dozens or even hundreds of apps.
It requires regular, if not continuous, auditing:
it's impossible to achieve when the configuration is code, even worse if it's a compiled language.
Open Policy Agent aims to externalize such configuration in a text format with specified semantics.
In this presentation, I'll explain OPA in more detail and demo how to migrate from a regular Spring Boot application to an OPA-based approach in different steps.
Practical introduction to OpenTelemetry tracing
Tracking a request’s flow across different components in distributed systems is essential. With the rise of microservices, their importance has risen to critical levels. Some proprietary tools for tracking have been used already: Jaeger and Zipkin naturally come to mind.
Observability is built on three pillars: logging, metrics, and tracing. OpenTelemetry is a joint effort to bring an open standard to them. Jaeger and Zipkin joined the effort so that they are now OpenTelemetry compatible.
In this talk, I’ll describe the above in more detail and showcase a (simple) use case to demo how you could benefit from OpenTelemetry in your distributed architecture.
Hands on Apache APISIX
It has been said that data are the new oil. To connect oil pipelines between heterogeneous systems, the de facto standard is HTTP APIs, whether plain, RESTful or REST. But no company just expose their information system to the outside. You need a central unified entry-point to handle cross-cutting concerns: classic ones like authentication and IP blacklisting, but also API-related ones like rate limiting and canary release.
In this workshop, we will use Apache APISIX on Docker to show a couple of nifty features that can help your information system cope with the challenges introduced by APIs.
* Routing your calls to the correct upstream
* Available abstractions: Route, Upstream, Service
* The Apache APISIX dashboard
* Configuring APISIX with the dashboard
* Configuring APISIX with the command-line
* Monitoring APISIX
* Introduction to plugin development in Lua (basics of Lua included)
Data Residency: the fun of storing data worldwide
Data Residency is a critical consideration in today's global IT landscapes. It involves the storage and location of data, which are subject to varying legal requirements depending on their physical whereabouts. Some jurisdictions even mandate data to be stored exclusively within their own borders.
In this talk, we will delve into the intricacies of data residency, exploring its consequences for organizations operating across international boundaries. We will present various practical implementations of data residency, offering attendees a comprehensive understanding of the available strategies.
Finally, by leveraging fully OpenSource projects from the Apache Foundation, we will showcase a sample implementation that demonstrates the feasibility of adopting such solutions.
Chopping the monolith
Microservices, although widespread, often fall short of their potential benefits. The flawed assumption of deploying all capabilities continuously hinders their effectiveness. Instead, we can leverage Function-as-a-Service—a middle ground between Rule Engines and microservices. By embracing Serverless, we can design a pragmatic system that allows for flexible and frequent deployment of specific capabilities. In this talk, I will delve into the details and demonstrate how this approach empowers organizations to unlock the true potential of microservices.
Starting Apache APISIX on the right foot
It has been said that data are the new oil. The de facto standard is HTTP APIs to connect oil pipelines between heterogeneous systems, whether plain, RESTful or REST. But no company just exposes their information system to the outside.
You need a central unified entry-point to handle cross-cutting concerns: classic ones like authentication, security, observability, and IP blacklisting and API-related ones like rate limiting and canary release.
In this workshop, we will use Apache APISIX on Docker to show a couple of nifty features that can help your information system cope with the challenges introduced by APIs.
Routing your calls to the correct upstream
Available abstractions: Route, Upstream, Service
The Apache APISIX dashboard
Configuring APISIX with the dashboard
Configuring APISIX with the command-line
Monitoring APISIX
Low-code Plugin Orchestration
Back to basics, getting traffic into your Kubernetes cluster
However you're using your Kubernetes cluster, you'll sooner or later need to direct traffic into it.
At this point, you're spoiled with choice. Kubernetes provides no less than three different objects: NodePort, Ingress, and LoadBalancer. Of course, each of them comes with its limitations. For example, LoadBalancer requires a dedicated implementation provided by Cloud Platforms but not with most local distributions.
Moreover, Kubernetes is introducing a new Gateway API, adding one more way to direct traffic to the cluster.
In this talk, I'd like to offer an overview of all four options, with their pros and cons, and a more in-depth explanation of the new Gateway API.
Evolving your APIs, a step-by-step approach
When you publish your first HTTP API, you’re more focused on short-term issues than planning for the future. However, chances are you’ll be successful, and you’ll “hit the wall”. How do you evolve your API without breaking the contract with your existing users?
In this talk, I’ll first show you some tips and tricks to achieve that: moving your endpoints, deprecating them, monitoring who’s using them, and letting users know about the new endpoints. The talk is demo-based, and I’ll use the Apache APISIX project for it.
Designing a DSL with Kotlin
Although Kotlin has made a huge impact on Android, it’s equally good on the server side. As Domain-Specific Languages are constrained by the language they run on, Kotlin frees developers from Java fluent builders to propose something better.
Using the Vaadin web framework as an example, I’ll demo how one could design its own DSL with Kotlin.