SBN

Akamai: Supporting Development at the Edge

The pressures on application and web development teams to deliver exceptional customer experiences have never been greater than they are at this time. With consumer expectations growing, the ability of developers to deliver fresh, leading-edge digital experiences confidently and at high velocity is at a premium.

Developer-centric organizations are looking to:

  • Accelerate time to market with solutions that allow them to quickly develop and deliver consumer experiences
  • Enable innovation with the ability to rapidly create and deploy microservices and functions as a service (FaaS) as they move away from monolithic origin architectures and applications
  • Just code and manage their infrastructure with solutions that scale within existing workflows

Akamai continues our long-standing commitment to supporting customers that are looking to elevate the delivery and security of their end-user experiences. We have delivered and continue to build improvements to our content delivery and security solutions that focus on the needs of forward-leaning development teams. From a broad and growing array of APIs to new technologies, enhanced documentation, and expanded training options, Akamai is focused on enabling our customers to optimize the development and delivery of leading-edge consumer experiences across our platform.

In creating new and expanded developer-centric methods of interacting with the Akamai Edge, we are continuing to build three areas of emphasis across our product teams:

  1. Managing Akamai as code
  2. Providing visibility to mission-critical data
  3. Creating the world’s largest low-latency serverless compute network

At Akamai, our goal is to help all our customers achieve elite performance. We recognize that enterprises are at different points across the spectrum of DevOps and agile processes, but we have seen a deliberate movement among businesses in every major vertical toward implementation of DevOps practices as they embrace cloud services and move away from monolithic application development. As such, we have deepened our commitment to making a true DevOps approach achievable on Akamai.

Akamai as Code

Managing Akamai as code means utilizing our APIs in conjunction with existing developer tools. This process is commonly referred to in the industry as infrastructure as code (IaC) and allows developers to manage the Akamai side of their infrastructure through configuration files.

Managing Akamai as Code empowers:

  • Speed: The ability to manage infrastructure and services quickly and reliably
  • Consistency: The ability to consistently deploy code without the unavoidable discrepancies when deployments are done manually
  • Accountability: The ability to fully trace changes to configuration files by leveraging existing IaC setups and versioning systems
  • Flexibility: The ability for individual application developers to write application-specific logic independently without worrying about infrastructure management
  • Cost Control: The ability to automate processes decreases the demand on development resources

Some best practices for managing Akamai as code:

  • Insistence that configuration files be the single source of truth for infrastructure management
  • Utilization of version control systems, such as GitHub, Bitbucket, and GitLab
  • Leverage of intuitive configuration files as the single source of truth and reduction of redundant documentation
  • Employment of testing, monitoring, and debugging tools — as well as sandbox and staging environments — to catch errors before deployment to production

To make it easier for our customers to follow best practices, we have created a broad array of resources — such as our series of video tutorials and webinars and a robust repository of code examples.

Akamai’s customers can also leverage Terraform, a prominent IaC tool, to easily manage Akamai infrastructure using the same tools used to provision cloud infrastructure. Our edge computing solutions also support a wide range of language bindings to plug into CI/CD solutions.

Akamai’s API authentication model

Securing APIs is mission-critical for application development. Our platform uses a robust and secure API authentication model called EdgeGrid as the de facto authentication mechanism for APIs. The EdgeGrid authentication model ensures that API requests are properly authenticated with timestamps and hashing checks to ensure integrity. Akamai offers EdgeGrid authentication libraries for the most popular programming languages like JavaScript, Python, Golang, and many others, and integrations with popular third-party tools like curl, HTTPie, or Postman.

Each API client uses a dedicated API hostname — this allows the Akamai API infrastructure to apply firewall policies and rate limits per API client, creating a sandbox around each client and protecting the overall API platform.

How Akamai APIs enhance workflows
  • Operating: Akamai provides many APIs to manage most of the services in a programmatical way. For example, the Property Manager API allows developers to manage how Akamai handles requests, objects, and responses for websites. 
  • Securing: The Akamai Application Security APIs allow users to protect sites against attacks within seconds with just a few calls as shown on this blog and short video. Other security related use cases include:
  • Monitoring: Reporting and alerts API will allow users to augment origin monitoring tools by adding an extra layer of monitoring though the Akamai network. Akamai services can send alert notifications whenever a specific threshold of Akamai Edge servers has issues reaching origin servers, resolving DNS records, or getting server errors from origin infrastructure.
  • Debugging:The Diagnostic Tools API provides several endpoints that can help support teams diagnose issues. For example:
    • Identifying if connecting IPs to your origin servers are Akamai servers
    • Identifying the GEO-location of client IPs
    • Making web requests (curl) from specific locations around the world
    • Resolving DNS (dig) from specific locations around the world
    • Collecting edge client access logs from specific edge servers in real time
    • Running connectivity tests (mtr) from specific locations around the world
    • Getting error statistics for specific content provider codes in real time
    • Debugging specific URLs
  • Testing: Akamai provides robust developer and functional testing tools. The Sandbox API allows developers to create isolated sandbox environments to test site changes and Akamai property configurations locally in a few seconds prior to deploying on the Akamai network. The Akamai Test Center API allows DevOps teams to run additional functional and comparative tests on the Akamai staging network to check configuration changes before activating them on production.
Additional resources on managing Akamai as code

In this 2020 Developer Webinar, ARC Publishing (a Washington Post company) shared how it leverages a DevOps workflow, based on a Slack bot and AWS step functions, to allow its developers to easily automate the management of thousands of properties by sending a short message in a slack channel.

This blog post, explains how to use a CI/CD Jenkins workflow triggered by a Git commit to leverage the Docker versions of the Akamai Property Manager and Sandbox CLI packages to run a cloud native workflow to push changes to an environment pipeline that can be tested on Akamai staging servers in seconds and automate validation using third-party CLI tools like curl.

Data Visibility with Akamai

Visibility and observability are mission-critical for application development and experience delivery — development teams can’t assess how well digital experiences are performing without having a good insight into key metrics.

In business, you can assess how well a company is doing and decide if you want to invest your resources in it by looking at metrics like revenue, profitability, and risk. In the realm of digital experiences, metrics like availability, performance, and user engagement help identify the success of a website or application. Having defined metrics and good visibility allows the creation of baselines and measurable objectives to improve the service. 

The Akamai platform processes trillions of HTTP requests every day, providing a private data lake to our customers — without ever sharing identifiable information across customers or with third parties — giving them the benefit of the massive business intelligence the Akamai platform gathers. For example, the Akamai platform tracks the IP addresses behind security attacks on its customers and uses that collective intelligence to provide a client reputation service that Akamai customers can subscribe to in order to get a score on how likely a user visiting a site has performed a security attack on other sites across the Akamai platform and intelligent bot detection.

To provide visibility to your infrastructure, you can integrate Akamai data sources like edge access logs, real-time beacons from DataStream, real user monitoring performance metrics, or security events into your visualization tools and dashboards.

Available data sources

Akamai provides multiple data sources that can be configured to feed analytics dashboards via APIs and connectors.

  • Log Delivery Service (LDS): Configure Akamai edge access logs to be pushed to an Akamai cloud storage service (or FTP server) and pulled into any log-processing/visualization tool
  • Real-Time logs (DataStream): Get real-time beacons (with aggregation support) of CDN health, latency, offload, errors, and events. In addition to providing an API to configure the service, Akamai offers integrations to GCP BigQuery, DataDog, Sumo Logic, Splunk, and other monitoring services.
  • Real user monitoring data (RUM): The Akamai mPulse system is a highly configurable RUM system that allows you to monitor end-user performance in real time.
  • Security events: Akamai provides a Security Information and Event Management (SIEM) integration that allows you to send security events in real time to a SIEM solution. This blog provides details on feeding Akamai data to SIEM solutions.

Akamai’s Edge Compute

The actualization of DevOps methodologies supports an ongoing shift (or perhaps a return) to a maker culture among developers a desire to create and granularly control digital experiences. This cultural shift among our customers has fueled Akamai’s delivery of edge computing solutions since our inception and drives our most recent edge compute option — EdgeWorkers.

Since our inception, Akamai has delivered edge compute solutions to meet the changing needs of our customers — evolving from a proprietary language of ESi to edge configuration with Cloudlets to, most recently, EdgeWorkers. EdgeWorkers empowers developers to just code: to create their own microservices using JavaScript and deploy them across our platform. Deploying logic at the edge brings data, insights, and decision-making closer to the things that act upon them. Akamai provides a reliable and scalable implementation model so that data and computation are not hampered by latency issues that can have a negative impact on digital experiences.

Although EdgeWorkers is the latest advance, Akamai’s edge platform has been delivering edge-computing capabilities for more than 20 years. The Akamai Intelligent Edge is broadly recognized as the largest distributed network platform — from day one, our customers have been taking advantage of the benefits of computing at the edge.

The future of applications is on the edge; serverless computing at the edge with Akamai provides several advantages.

  • The ability to build low-latency applications on the most widely distributed edge platform — delivering access to unmatched scale, visibility, and reach
  • Pre-written and fully customizable options for edge functions using Cloudlets and EdgeWorkers that seamlessly integrate into CI/CD workflows
  • Akamai’s broad serverless computing capabilities, reliable worldwide network, and fully-integrated security solutions support innovation without increasing your infrastructure demands or exposure to threats

Learn more about Akamai Edge Compute here.

What’s Next for Development Teams

Akamai has laid down the foundation for developers to manage Akamai’s infrastructure and services as code using the same tools they use to manage other cloud applications. Adopting DevOps and GitOps allows companies to operate and innovate at faster speeds and achieve more with the same people; however, adoption often requires a culture change within all the aspects of the organization, and that is very hard to achieve without complete commitment from its leadership.

From DevOps to GitOps

In the last couple of years, there has been a tendency toward GitOps-driven CI/CD implementations in native cloud environments. GitOps provides two key things:

  • An operating model for Kubernetes and other cloud-native technologies, providing a set of best practices that unify deployment, management, and monitoring for containerized clusters and applications
  • A path toward a developer experience for managing applications where end-to-end CICD pipelines and git workflows are applied to both operations and development
Additional Resources

Akamai offers many APIs and tools to allow the integration of Akamai services into DevOps and GitOps workflows. Additional details and customer success stories can be found on the Akamai Developer blog and Akamai Developer YouTube channel.


*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Javier Garza. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/e95fz3JVTs4/akamai-supporting-development-at-the-edge.html