Net API Notes for 2022/01/19 - Issue 187

Given the rate in which elementary teachers were out last week, it seemed like only a matter of time before the kids brought something home. I'm off to curl up under some blankets, but, before I do, here is a fresh set of notes!

NOTES

SCALING MICROSERVICE PRODUCTIVITY AT LYFT

STRAT / DESIGN / DOC / DEV & TEST / DEPLOY / SECURITY / MONITOR / DISCOVERY

Microservices are fantastic... until one has to perform integration tests locally. That effort can involve untold numbers of configuration files, painful dependency management, and the sacrifice of more than one symbolic chicken.

Garrett Heel presents a different approach in his multi-part series, "Scaling Productivity at Lyft". Perhaps, surprisingly, Lyft's solution was to run code natively and avoid containers or VMs:

"From previous experience, we learned that running code within containers is not a free abstraction. While it makes it easier to set up an execution environment, it resulted in confusion by users and additional challenges debugging when things like container networking or filesystem mounts went wrong. Running natively also allowed much better IDE support compared to running in containers."

If this line of thinking is relevant to the work that you're doing, also check out Cindy Sridharan's similar series from a few years ago.

EXPERIAN AND DIGITAL TRANSFORMATION WITH APIS

STRAT / DESIGN / DOC / DEV & TEST / DEPLOY / SECURITY / MONITOR / DISCOVERY

So, the last time I mentioned Experian in this newsletter, a college sophomore was calling its unsecured API endpoint. Thankfully, they fixed that issue. The company is now looking to increase it's API usage in a big way.

In a recent Medium post, Greg Satell describes how APIs are at the core of Experian's digital transformation. It details the efforts of Barry Libenson, Experian's Global CIO.

I like the article because it details the strategy of implementing API change in a large company, not just the technology. For example, to create momentum and get quick wins, Libensen:

1. Started with internal API's, rather than fully open applications, to bridge the gap between the initial and desired future state
2. Made the program opt-in, rather than a "burn the boats", top-down approach
3. Established an "API Center of Excellence", a place where employees enthusiastic about leveraging new technology could rally and support each other

Of course, traction doesn't happen instantaneously. Like many other shops, Experian underwent the efficiency paradox: where to produce a change for the long-term, you lose a little bit of efficiency in the short term (the "slow down to speed up" in corporate speak).

That is why shrinking the change and acquiring accumulating wins is so important.

DATA MESH, JSON SCHEMA, AND APIS

STRAT / DESIGN / DOC / DEV & TEST / DEPLOY / SECURITY / MONITOR / DISCOVERY

The last piece that I want to highlight is an impressive effort by Eric Broda. In his article, he gives a comprehensive overview of a data mesh, why APIs are useful in this architecture, and how JSON schema ties the whole thing together.

As a visual learner, I greatly appreciate the excellent visuals - they helped connect several dots regarding what made a data mesh unique that I didn't previously grasp. Eric's mention of the data catalog was also well received; having previously worked in an enterprise environment, I can confidently say that discovering data - not just using it - is a real barrier (something that people in even medium-sized businesses might find outrageous).

MILESTONES

• Last week I saw that Optic released a new open source project that catches breaking changes in Github pull requests. What constitutes a breaking change is always tricky, and I'd like to hear more about what this entails.
• Jochen Christ published https://http-feeds.org, a specification for asynchronous event streaming and data replication with plain HTTP APIs. If you'd like to take advantage of asynchronous systems without standing up message brokers like Kafka or RabbitMQ, check it out (yes, I know, those two things aren't technically both queuing systems, but you know what I mean).
• Need to practice your API security? Check out vAPIs, an Open Source Github repository developed by Tushar Kulkarni.

WRAPPING UP

What are your favorite API lies? As I shared my favorites on the APIs You Won't Hate Slack Channel, it quickly became apparent that our tall-tales and occasional tear-jerkers warranted their own blog post. If you hurry on over to their blog, you might just still catch the lingering new-post smell.

I also wanted to remind people that James Higginbotham's new book, Principles of Web API Design is now available for purchase in all formats. I recently received my complimentary copy for the reviewing work I contributed along the way. When people ask for suggestions on a more formalized API design process, I now have a place to point them.

Can't get enough APIs even after all this? Check out these two resources:

• The LinkedIn API and Web Services Professional Group; find out what over 3000 other API professionals have already discovered
• NetAPI.events, a pointer to upcoming events, presentations, and conferences

Finally, thank you to this newsletter's Patrons. This week on their exclusive, members-only podcast, I go a bit deeper on last week's web3 discussion, talk about books, and MAKE A ZAMBONI! Good times all around.

Till next time,

Matthew @libel_vox and matthewreinbold.com

While I work at Postman, whose inbox smells vaguely of your grandmother's kitchen, the opinions presented above are mine.