API for working with services: Basic moments

At its core, the API is a collection of ready-made classes, functions, variables, and constants provided by an application for use in external software products. These interfaces are used in a wide variety of areas: from IoT to analytics and service integration.

Roberto Medrano from SOA Software believes application programming interfaces will help develop innovation in two ways. First, companies will be able to open their data in order to spur the development of creative solutions from partner companies and third-party developers (an example of the implementation of a client application for Ccl API 1 in C # can be found here ).
')
Secondly, according to Medrano, products and services equipped with an API provide developers with tools so that they can concentrate on creating new useful products without thinking about managing backend development and servers.

Another API does not just provide data transfer and exchange, but allows you to analyze them. “The API provides us with a huge amount of data about the behavior of the buyer, which could not be obtained by other means,” notes Medrano. On their basis, one can try to understand whether modifications and changes in the operating systems are necessary.

Developing the 1cloud service, we are faced with the need to improve the quality of integration of client applications with our cloud. In other words, to facilitate interaction with our infrastructure for customers and partners. To solve this problem, we have developed our own API .

The 1cloud API automates the process of scaling a virtual infrastructure. For example, you can connect additional virtual machines when the load increases, and when there is a decrease in activity, they can be automatically disabled. Thus, application programming interfaces can be used to perform all actions available to users in the graphical interface of the control system.

One of the most common applications of the API is to create a new virtual server. By creating and sending a POST request, the user “raises” a new VM with the specified parameters. Here is one of the query options:

curl -X POST -H 'Content-Type: application/json' -H 'Authorization: Bearer 75bb9805c018b1267b2cf599a38b95a3a811e2ef7ad9ca5ed838ea4c6bafaf50' "https://api.1cloud.ru/Server" -d '{"Name":"testAPI","CPU":1,"RAM":1024,"HDD":40,"imageID":1,"HDDType":"SSD","IsHighPerformance":true}' 

In response, a JSON object with the attributes of the created server will come:

 { "ID":777, "Name":"testAPI", "State":"Active", "IsPowerOn":true, "CPU":1, "RAM":1024, "HDD":40, "IP":"5.200.XX.XX", "AdminUserName":"1CloudAdmin", "AdminPassword":"XXXXXXXX", "Image":"WinServer2008R2x64En", "IsHighPerformance":false, "HDDType":"SAS", "LinkedNetworks":[{"NetworkID":57, "IP":"10.0.1.1"}, {"NetworkID":98, "IP":"10.0.2.4"}] } 

Another type of task performed is the creation of a virtual server template . To do this, the user needs to send a POST request to the address api.1cloud.ru/image. Here is an example:

 curl -X POST -H 'Content-Type: application/json' -H 'Authorization: Bearer 75bb9805c018b1267b2cf599a38b95a3a811e2ef7ad9ca5ed838ea4c6bafaf50' "https://api.1cloud.ru/image" -d '{"Name":"","TechName":"TemplateAPI","ServerID":6940}' 

The response will be a JSON object containing all the attributes of the created template. For example:

 { "ID":72, "Name":"testAPITemplate" } 

The created template can then be deleted - just send a DELETE request to the address api.1cloud.ru/image after id}, where {id} is the identifier of the template being deleted.

 curl -X DELETE -H 'Content-Type: application/json' -H 'Authorization: Bearer 75bb9805c018b1267b2cf599a38b95a3a811e2ef7ad9ca5ed838ea4c6bafaf50' "https://api.1cloud.ru/image/72" 

Thus, using the API methods, you can deploy the server by sending just one request. We can automate all hosting management tasks. The API-interface can be useful both to private users who do not want to deal with complex technologies, and to large customers who are planning to start providing their own services based on the provider’s infrastructure.



Speaking of infrastructure. When creating it, we wanted to separate the hosting components as much as possible. In this case, when the load increases, we can simply transfer the necessary service to the new server. The 1cloud system contains the following elements: website, internal panel, administrator and support services, notification service, task processing service, payment service, asynchronous task development service, monitoring service.

The site 1cloud, about the redesign of which we recently told , serves as a peculiar showcase, which visitors first of all see. To improve usability, we added elements important to users, such as a calculator, allowing us to calculate the cost of services. Other services are responsible for charging and debiting customers, sending automatic messages with notifications and monitoring the system in order to search for “stuck” tasks. Read more about this here .

If we return to the question of the API, it can also help in the development of the Internet of Things. “There is no Internet of things without an API — every bit of information that is transferred from device to device is transmitted using the API,” says Medrano. Moreover, IoT allows "data transfer at the device level, without wasting time on their third-party processing."

So what does the Internet of things mean for business? What it is for an organization depends on what the company is going to do. Nevertheless, a certain “skeleton” still exists and, according to 451 Research researcher Brian Partridge, consists of devices connecting their network and cloud service.

The Internet of Things implies connections between many elements, which seriously complicates the infrastructure. However, according to Tech Pro Research, 29% of the polled American companies are already using IoT to collect data, and another 26% plan to do this in the near future.



But, according to Gartner, the amount of data generated each year will only increase and by 2020 will reach 40 zettabytes.



Data has always been the mainstream of the Internet of Things, so you need to take care of their security. According to Partridge, there are three main dangers associated with transferring data on the Internet of Things:

• Ensuring confidentiality - prevention of access to data by third parties
• Integrity preservation - data transfer with inability to intercept or change
• Authentication — A way to determine whether the transmitted data has reached its destination.

The task is not only to securely connect the device to the network, but to ensure the security of the interaction of different devices. Partridge says that he is often asked the same question: “So is it worth avoiding the Internet of Things?” He always replies that there is no need to be afraid of IoT technologies, because they give companies great opportunities for business development.

In this case, the point of interest in ensuring security should not be devices and software, but the ways of interaction between the various elements of the associated system. All this opens up new opportunities for service providers - they can offer as a service the protection of “interaction points” and gateways. This will help businesses to secure their data. Not all companies will be able to independently ensure the security of these IoT systems, so it will be easier for them to contact third-party suppliers to help protect corporate systems.

PS A couple of our publications on the topic on Habré:

• How-to: Automate accounting tasks hosting provider
• High performance and hosting infrastructure: Experience 1cloud
• How we created a load tracking system for user servers