Ensure API Management availability and reliability
APPLIES TO: Premium
This article is an overview of service capabilities to ensure that your API Management instance continues to serve API requests if Azure outages occur.
API Management offers the following capabilities for reliable and resilient Azure solutions. Use them individually or together to enhance availability:
Availability zones: Resilience to datacenter-level outages
Multi-region deployment: Resilience to regional outages
Note
- Availability zones and multi-region deployment are supported in the Premium tier.
- For configuration, see Migrate API Management to availability zone support and Deploy API Management in multiple regions.
Azure availability zones are physically separate locations within an Azure region that are tolerant to datacenter-level failures. Each zone is composed of one or more datacenters equipped with independent power, cooling, and networking infrastructure. To ensure resiliency, a minimum of 3 separate availability zones are present in all availability zone-enabled regions. Learn more
Enabling zone redundancy for an API Management instance in a supported region provides redundancy for all service components: gateway, management plane, and developer portal. Azure automatically replicates all service components across the zones that you select.
When you enable zone redundancy in a region, consider the number of API Management scale units that need to be distributed. Minimally, configure the same number of units as the number of availability zones, or a multiple so that the units are distributed evenly across the zones. For example, if you select 3 availability zones in a region, you could have 3 units so that each zone hosts one unit.
Note
Use capacity metrics and your own testing to decide the number of scale units that will provide the gateway performance for your needs. Adding units incurs additional costs. Learn more about scaling and upgrading your service instance.
Note
When availability zones are configured for your API Management instance, under normal operating conditions all scale units in all configured zones are active and serve gateway traffic.
With multi-region deployment, you can add regional API gateways to an existing API Management instance in one or more supported Azure regions. Multi-region deployment helps reduce request latency perceived by geographically distributed API consumers and improves service availability if one region goes offline.
Only the gateway component of your API Management instance is replicated to multiple regions. The instance's management plane and developer portal remain hosted only in the primary region, the region where you originally deployed the service.
If you want to configure a secondary location for your API Management instance when it's deployed (injected) in a virtual network, the VNet and subnet region should match with the secondary location you're configuring. If you're adding, removing, or enabling the availability zone in the primary region, or if you're changing the subnet of the primary region, then the VIP address of your API Management instance will change. For more information, see IP addresses of Azure API Management service. However, if you're adding a secondary region, the primary region's VIP won't change because every region has its own private VIP.
Gateway configurations such as APIs and policy definitions are regularly synchronized between the primary and secondary regions you add. Propagation of updates to the regional gateways normally takes less than 10 seconds. Multi-region deployment provides availability of the API gateway in more than one region and provides service availability if one region goes offline.
When API Management receives public HTTP requests to the traffic manager endpoint (applies for the external VNet and non-networked modes of API Management), traffic is routed to a regional gateway based on lowest latency, which can reduce latency experienced by geographically distributed API consumers. In internal VNet mode, customers must configure their own solution to route and load-balance traffic across the regional gateways. For details, see Networking considerations.
The gateway in each region (including the primary region) has a regional DNS name that follows the URL pattern of
https://<service-name>-<region>-01.regional.azure-api.net
, for examplehttps://contoso-westus2-01.regional.azure-api.net
.If a region goes offline, API requests are automatically routed around the failed region to the next closest gateway.
If the primary region goes offline, the API Management management plane and developer portal become unavailable, but secondary regions continue to serve API requests using the most recent gateway configuration.
The combination of availability zones for redundancy within a region, and multi-region deployments to improve the gateway availability if there's a regional outage, helps enhance both the reliability and performance of your API Management instance.
Examples:
Use availability zones to improve the resilience of the primary region in a multi-region deployment
Distribute scale units across availability zones and regions to enhance regional gateway performance
API Management provides an SLA of 99.99% when you deploy at least one unit in two or more availability zones or regions. For more information, see Pricing.
Note
While Azure continually strives for highest possible resiliency in SLA for the cloud platform, you must define your own target SLAs for other components of your solution.
Depending on where and how your backend services are hosted, you may need to set up redundant backends in different regions to meet your requirements for service availability. You can also configure backend properties to improve the resilience and availability of your backend services.
You can manage regional backends and handle failover through API Management to maintain availability. For example:
In multi-region deployments, use policies to route requests through regional gateways to regional backends.
Configure policies to route requests conditionally to different backends if there's backend failure in a particular region.
Use caching to reduce failing calls.
For details, see the blog post Back-end API redundancy with Azure API Manager.
API Management backend entities allow you to manage and apply backend properties to improve the availability of backends. For example:
- Distribute and load-balance traffic to a pool of URLs
- Configure circuit breaker rules to apply the circuit breaker pattern to protect the backend from too many requests
- Learn more about reliability in Azure
- Learn more about designing reliable Azure applications
- Read API Management and reliability in the Azure Well-Architected Framework