Conrad Electronics: Simplifying and accelerating development with Apigee and GKE
Sebastian Misch
Platform Architect, Technology and Digital Solutions, Conrad Electronics
Since 1923, Conrad Electronic has been a reliable partner for companies and organizations when it comes to technology and electronics. Today, as a sourcing platform, the company provides all parts for a successful sourcing of technical supplies. At Conrad, business customers get exactly what makes their project or business a success: a wide and deep product range comprising nine million products from more than 6000 brands, customer-centric solutions and services, and face-to-face expert advice. Conrad’s tailored e-procurement solutions simplify complex sourcing processes and help businesses of all types and sizes save time and costs.The company has over 21 million B2B and B2C customers worldwide and operates in 17 European countries.
We have been running on Google Cloud since 2016. The launch of Conrad Marketplace in 2017 marked the beginning of our transformation towards a B2B sourcing platform, future-proofing our business in the process. Our strategy also works on a global scale: Conrad Marketplace Austria went live in 2021; last year it was the Netherlands and Italy, and most recently, France.
In deciding what to prioritize, we chose to focus on increasing engineering and development ROI, while accelerating and simplifying development. Not only did we want to tick all of those boxes, we were going to do it while providing best-in-class security without burdening our engineering team. Migrating to Google Cloud’s Apigee, we centralized API management, sped up response time by 15-25 milliseconds per request, and greatly simplified security. And with Google Kubernetes Engine (GKE), App Engine, Compute Engine, and Cloud Functions, we streamlined Kubernetes and container management, all while optimizing microservices and app development.
Improving development with a convenient, central API Gateway in the cloud
A B2B sourcing platform consists of an e-commerce website, a marketplace, and eprocurement solutions. With access into our corporate network, and the ability to share private and confidential data, our guardrails must be unassailable. Therefore, our platform requires a great deal of development, APIs, proxies, and security. It also means exposing middleware services to third-party partners. Before 2021, we did not have a convenient way to provide those services to our partners.
We decided to migrate our on-premises version of Apigee, Apigee Edge, to the cloud-based platform, giving us faster network integration between our backend services, and enabling full access for all our developers.
Migrating to API management in the cloud: Adventures in automation
When we started the migration, we had 150 proxies, almost 100 apps, and additional fine-grained and discarded artifacts in Apigee Edge. The first thing we did was take stock of what we had and decide what we wanted to migrate. Then we followed the very detailed setup documentation. To automate as much of the migration as we could, we modified an open-source NodeJS project. For proxies, target servers, and shared flows, we used our own pipelines.
Whenever we found ourselves up against a limitation, our team was able to work through them with minimal effort.It’s a continuing testament to the team that, when we ran into some speed bumps with routing via private service connect and moving client JPS to our target servers, Google provided much-welcomed support. After the switchover to the cloud-native Apigee, most of our proxies, apps, and so on worked with minor adjustments. Managing APIs was similar to Apigee Edge, and so the interface was familiar, but came with new features such as Google authentication to harden our security posture.
Speeding response time and development by removing unnecessary layers
In our on-premises environments, Apigee Edge was deployed outside of our network, so for it to talk to our middleware and our backend services, there has to be an additional layer of security in the middle. However, once we migrated to Apigee's fully managed service in Google Cloud, traffic flows internally between it and our infrastructure. Therefore, the additional security mechanisms we installed to create the additional layer were unnecessary. With traffic going directly to our services internally, we reduced response time by 15-25 milliseconds, which for some proxies, was 40-60% better than when we used Apigee Edge. For a few, we were able to achieve up to an 80% improvement.
Simplifying and streamlining deployment
With Apigee, application deployment is a seamless experience. We send a bundle, which is basically the zip file of the proxy to Apigee, and it notifies us that it received it. When it says that it has deployed the bundle, we have almost immediate visibility.
GKE also gives our deployment a boost. Most of our infrastructure is in Kubernetes. With GKE, deployment is easy — you can hook it up to a configurable GitLab repository or run GitLab deployment pipelines in Kubernetes — and costs are lower. Also, we like its versatility. We can give it to different teams because they have their own namespaces. As a result, they only access their work products, and if something breaks, no other teams are impacted.
Enabling access and management for all
One of the biggest benefits that we’ve experienced with Apigee is centralized control. For example, whoever wants to have access gets it. Identity and Access Management (IAM) enables us to open as many seats as we need. Therefore, developers can see what they’re doing in the UI, which means they have more control.
Then there’s the ability for each team to manage their own proxies in Apigee, exposing their own services. The teams all have their own apps, API keys, proxies, as well as one place where they can go to publish their APIs. Authentication is unified, so everyone can use everyone else’s proxies there. Since Apigee, we’ve been able to expand collaboration between teams, driving innovation and development forward.
Looking ahead
As we further harness the power of Apigee to orchestrate our APIs, our commitment to network optimization and the provision of new services and benefits for our teams remains unwavering. In the future, we aim to push the boundaries of security and threat assessments by utilizing Apigee’s embedded traffic control and payload threat safeguard features. The agility and adaptability of Apigee is ushering in a new era of operational efficiency. By facilitating a smooth exchange of data through APIs, we are not only streamlining our current operations but also paving the way for a resilient, future-ready network in a perpetually evolving digital environment. Leveraging Apigee’s comprehensive management and security functionalities, ever-expanding feature set, and dedicated support teams, we are poised to discover novel ways in which it can enhance our forthcoming initiatives.