5.1 Back-End Services Throttling Policy

Use the following information to determine why and when you would use a back-end service throttling policy and how to configure the policy.

5.1.1 Understanding Why and When to Use a Back-End Services Throttling Policy

The APIs stored in the API Gateway act as proxies to the back-end services in your company. These back-end services are the services within your company or your company’s services hosted in the cloud. These back-end services have a physical capacity limit of the load that they can process. As the number of APIs in the API Gateway increase, the number of applications in your environment increase which in turn increases the load on these back-end services.

Secure API Manager allows you to create defined controls (subscription limits) that limit access to the APIs. Even though each API might not surpass the subscription limits, this increases the total load on the back-end services and you might overload these back-end services.

Secure API Manager provides a back-end service throttling policy through the Maximum Backend Throughput setting when you create an API or edit an API. This setting provides a defined limit of how many requests can be made per API over a certain amount of time to the back-end service. Secure API Manager maintains this setting when evaluating the maximum back-end throughput that is shared across all nodes of the API Gateway cluster and applies across all users using any application that accesses that particular API.

By default, this setting is set to Unlimited to allow unlimited connections to a specific back-end service. You would change this setting only if you knew that a specific back-end service could not handle the requests from multiple APIs.

5.1.2 Configuring a Back-End Services Throttling Policy

The back-end services throttling policy is a Throttling Setting named Maximum Backend Throughput that you define when you create or edit an API. You must configure this setting for each API that connects to the same back-end service that might not be able to handle the load. This allows Secure API Manager to uniformly affect the specific back-end service.

By default this setting is set to Unlimited to allow unlimited connections to the back-end service. If you want to control how many requests APIs can make to a specific back-end service over time, you must change this setting.

To change the Maximum Backend Throughput setting:

  1. Log in to the Publisher using an administrative account.

    https://lifecycle-manager-dns-name:9444/publisher

    The dns-name is the fully qualified hostname of the appliance running the Lifecycle Manager component.

  2. On an API whose access a specific back-end service you want to limit, click Edit.

  3. Scroll to the end of the page, then click Next: Implement.

  4. Scroll to the end of the page, then click Next: Manage.

  5. Under Throttling Settings > Maximum Backend Throughput, click Specify.

  6. Specify the length of time in seconds for the throughput per second to the back-end service.

  7. Click Save and Publish.

  8. Repeat Step 2 through Step 7 for each API that uses the back-end service where you want to limit the requests.