With “Mobile-First Cloud-First” being the new trending mantra, the communication between devices, Services on-prem(ise) and cloud are growing tremendously. Such a scenario drives the necessity to have a means that provides a high level perspective and complete control of all the services irrespective of their hosting model and aggregate, secure and tune them to business efficiency.
Sentinet by Nevatech
Sentinet is a lightweight and scalable SOA and API management platform that helps to define, secure and evolve your API program.
It delivers runtime SOA management by enforcing design-time decisions using policies and remote declarative configurations. These capabilities provide SOA and REST implementations in a completely non-intrusive manner.
Based on the concept of the service virtualization and service brokerage, it allows to transparently manage solutions that run on a diverse SOA infrastructure and quickly adapt to changes.
In this blog post I want to give you an overview of the components and the main features.
- Sentinet Nodes. A high-performance, low latency, scalable hosting model that can dynamically and non-intrusively extend and modify the behavior of existing services.
- Sentinet Console. A web-based interactive application that allows SOA administrators and IT operators to manage and monitor the APIs and SOA services.
- Sentinet Management API: An API that developers can leverage and extend to build their own management extensions and applications
- SOA Repository. It provides a centralized and secured repository of all SOA managed assets like services, policies, authorization rules, service level agreements and metrics.
Explore the main features
The Sentinet Nodes hosting model enables to aggregate and compose multiple business services in a single Virtual Service. Thanks to the fine-grained virtualization it is possible to configure details like which operations to be virtualized, the uri templates, versions, routing criteria, etc.
In this sample two different services (one SOAP and one REST) have been virtualized in a single REST service, two operations have been renamed and included and two excluded from the virtualization.
Business services can be developed and deployed in the application layer with a unified communication and security pattern, while aspects like protocols, security, authorization and versioning are delegated to the Sentinet platform.
In this example, a service is exposed as netTcp with Integrated Security and the security configurations are delegated to the virtualized service that has multiple endpoint with different bindings and different security models like TransportWithMessageCredential or Message security with a client certificate. In other words: a protocol mapping and a security mapping has been applied.
Security and Access Control
Sentinet Nodes dynamically implement and enforce SOA solutions’ security via managed authentication, authorization and access control.
Sentinet security models enable SOA services with Single-Sign-On and Federated Security scenarios and extend implementations with industry standard Security Token Services.
In this example I applied a custom access control rule that implement a rate limit of 7000 requests in 10 minutes, an ip filter and a timerange filter. An access rule can be applied to different scopes (Service, Operation, Endpoint), it’s also possible to multiple rules to the same scope to create a chained Access Control.
Then I run a quick load test for testing the rule I created.
When the rate limit is hit an HTTP 403 status code is returned.
Monitoring and Reporting
Sentinet provides real-time and historical monitoring, auditing and messages recording.
The image here under, reports the real-time graph related to the run test for the Access Control rule. At a glance we can see the performance trend and other metrics like the number of successful/failed calls, maximum message size and response times.
In this particular case, the real time view helped me to quickly notice that the test has been run in a scenario with a high network latency. Indeed, the summary box reports average duration of 10ms when the average response time measured by the test client was 413ms.
Switching to the logs tab we can find the list of the transactions occurred with additional details like the operation and the triggered access rule. It’s also possible to record the message content or to completely disable changing the monitor.
Other reports with aggregated metrics are available. For more details, visit the Nevatech website.
Sentinet Service Agreements helps to monitor products and maintain them reliable and scalable. A service agreement can cover multiple services and different service scopes (Interface, Operation, Endpoint) and it’s validated against multiple performance metrics.
During the definition of the scope to be monitored, you can choose which message will be targeted specifying an access rule.
SLA violations can trigger alerts and custom actions.
In this example,I created a new service agreement that covers two version of the same service. The SLA is applied to different services and the SLA violation is calculated every 5/10 minutes.
Then I created another SLA for the maximum duration. Positioning on the Service agreement node, you can monitor in real-time all the agreements merged together. This is very helpful especially when you define different groupes of SLAs.
Finally, in the logs tab you can find all the violation details within the agreement. the metric violated and the metric value at the time the violation occurred.
There are many SOA management products out there. Sentinet is the one we've chosen to enrich our integration offer because it fits perfectly with solutions that leverage the Microsoft technology stack, it has a little footprint, it’s highly extensible with remarkable performances.