Organisation Structure
We are going to migrate to new architecture with Apigee Edge as our Api gateway platform. We will be using the on-premises installation. We have different business units within the enterprise,so we are thinking of either of the following solutions
First approach: Create an organisation for each business unit. Say Org A, Org B, Org C etc. Each Org will have 4 different environments - DEV,TEST,UAT and Prod. Is it possible to isolate traffic between environments within a org(we want to isolate production traffic) in edge on premises installation? It seems possible to allocate message processors to specific environment. What about Router and other components?
Second approach: Create organisation for prod and non-prod separately.Say Unit A- Prod, Unit A- NonProd, Unit B- Prod, Unit B- NonProd etc. Non-Prod organisation will comprise of DEV,TEST and UAT environments.
Which approach do you think is the better and most feasible that allows traffic/resource isolation for production.
Solved! Go to Solution.
In most private installations that i have managed or worked on, i always recommend that you keep your production traffic physically distinct from your non production traffic.
This is not unique to apigee, it's just good hygiene if you use any platform which spreads beyond 1 or 2 servers.
You want a separate physical installation for Production because:
In Apigee Parlance, I would recommend you do the following
Production Planet
Org A for Business Unit A
- Prod Env.
- Staging Env. (To replicate production issues)
Non Production Planet
Org A for Business Unit A
- Dev Env.
- QA Env.
- Test Env.
Obviously, you could break it down to more planets, but that depends on how much infrastructure you can pay for and maintain.
If you want to physically isolate traffic between environments in a Planet, i would recommend isolating Message Processors. You can do this by registering environments with MP's. You can look at Apigee's documentation for the same. I don't think separating routers by environment makes much sense (unless you have compliance reasons to do so)
HTH
In most private installations that i have managed or worked on, i always recommend that you keep your production traffic physically distinct from your non production traffic.
This is not unique to apigee, it's just good hygiene if you use any platform which spreads beyond 1 or 2 servers.
You want a separate physical installation for Production because:
In Apigee Parlance, I would recommend you do the following
Production Planet
Org A for Business Unit A
- Prod Env.
- Staging Env. (To replicate production issues)
Non Production Planet
Org A for Business Unit A
- Dev Env.
- QA Env.
- Test Env.
Obviously, you could break it down to more planets, but that depends on how much infrastructure you can pay for and maintain.
If you want to physically isolate traffic between environments in a Planet, i would recommend isolating Message Processors. You can do this by registering environments with MP's. You can look at Apigee's documentation for the same. I don't think separating routers by environment makes much sense (unless you have compliance reasons to do so)
HTH
User | Count |
---|---|
7 | |
2 | |
2 | |
1 | |
1 |