APIOps

APIOps is the practice of managing your API management configuration declaratively. It follows GitOps principles such as version control, CI/CD, and pull request reviews, and applies them to APIm.

Kong Gateway is 100% APIOps compatible thanks to decK, which enables APIOps by providing a tool with varied commands that can be coordinated to build API delivery automations.

An APIOps Example

Let’s explore how KongAir, an imaginary airline, leverages decK to streamline its API management processes. The KongAir API Community of Practice has established a set of governance rules to ensure uniformity and efficiency across all API teams:

• Every API team within KongAir, including those responsible for the Flights and Routes APIs, adopts OpenAPI specifications to define their API contracts.
• These teams maintain the flexibility to employ Kong’s Transformation and Validation plugins to enhance their APIs. They manage these plugins’ configurations through modular decK state files, promoting autonomy and customization.
• The KongAir API Community of Practice has also embraced a comprehensive set of API Design Guidelines to standardize API development. These guidelines are implemented and monitored through a linting file overseen by the dedicated API Platform Team, ensuring adherence to best practices.
• The API Platform Team assumes a pivotal role in configuring critical plugins related to observability, security, and traffic control within Kong, centralizing expertise and governance for these essential aspects.
• Furthermore, this team is tasked with the management of environment-specific variables, ensuring seamless deployment and operation across different stages of the development lifecycle.

You can check out the KongAir demo app yourself to see how it all comes together in reality.

The diagram below delineates KongAir’s structured approach to deploying decK, steered by their established governance protocols:

1. The Flights API team initiates the process by converting their OpenAPI Specification into a decK state file using the deck file openapi2kong command.
2. Next, they enhance the state file by integrating transformation plugins (such as Request Transformer Advanced and Correlation ID and validation plugins (like OAS Validation using the deck file add-plugins command.
3. To track the configuration’s creation time, they apply relevant tags using deck file add-tags.
4. The state file undergoes a quality check against a predefined linting ruleset with deck file lint, ensuring adherence to best practices.
5. Environment-specific adjustments, including upstream API URLs, are made using the deck file patch command.
6. The Platform Team then merges global plugins for observability, authentication, authorization, and traffic control into the main state file with deck file merge.
7. At this stage, a comprehensive state file for the Flights API is ready. This file is combined with the Routes API’s state file using deck file render, creating a unified configuration.
8. The final state file is subjected to an offline validation through deck file validate.

9. The state file is deployed to the chosen runtime

   Konnect or Gateway

   KIC

   For Kong Konnect or Kong Gateway deployments, the process involves:

   1. Ensuring connectivity with the Admin API via deck gateway ping.
   2. Performing an online validation with deck gateway validate.
   3. Backing up the current Kong state with deck gateway dump.
   4. Previewing changes with deck gateway diff.
   5. Applying the new configuration with deck gateway sync.

   For Kong Ingress Controller deployments, the sequence is:

   1. Transforming the decK state file into Kubernetes manifests using deck file kong2kic.
   2. Deploying the configuration with kubectl apply.