1 / 39

Avoiding SOA Pitfalls

Avoiding SOA Pitfalls. Radovan Jane ček SOFSEM 2009. Agenda. Definitions and context settings Pitfalls: Organization Methodology Technology Summarizing. Definitions and context. Eight Years of SOA Wins and Mistakes. Co-founded Systinet (2000) Web Services stacks in C++ and Java

qiana
Download Presentation

Avoiding SOA Pitfalls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Avoiding SOA Pitfalls Radovan Janeček SOFSEM 2009

  2. Agenda • Definitions and context settings • Pitfalls: • Organization • Methodology • Technology • Summarizing

  3. Definitions and context

  4. Eight Years of SOA Wins and Mistakes • Co-founded Systinet (2000) • Web Services stacks in C++ and Java • Service Registry • SOA Governance • Led SOA Center in Mercury/HP (2006) • SOA Governance, Quality, Management • BTO, Chief Architect (2008) • Service and Data Models • Integration strategy (SOA based) • R&D Director, HP Service Portfolio Management

  5. Quality management repository New projects and enhancements Defects andissues DESIGN ASSEMBLE/BUILD Development BTO Blueprint BUSINESS BUSINESS OPERATIONS BUSINESS STRATEGY IT STRATEGY IT APPLICATIONS IT OPERATIONS ITIL Service Desk Strategic Demand Application Support CIO/Biz/IT Steering Committee Business CAB Portfolio and Financial Management Quality Management Business Service Management IT Service Management Tests - Monitors Verify functional quality Automate test planning, execution Analysisof defects Manage enterprise portfolio Resource constrained portfolio optimization Manage projects and programs Control and enforcement Manage business requirements Manage quality requirements Validate performance Diagnose performance problems Tune environment Manage business transaction and end-user experience Manage composite applications and SOA services Manage service lifecycle Continually improve services Manage assets, improve service cost efficiency Self servicecapabilities Ensureapplicationsecurity Vulnerabilityassessmentsfor development,QA and production QA SLAs andincidents • Projectproposals • Newapplications • New services • Newarchitectures FederatedCMDB Discovery+ mapping PMO Isolation,triage Business impact Serviceportfolio repository Manage infrastructuredomains, events and services Change impact andcollisions RFCs andincidents CTO Office Operations CAB NOC Manage SOA portfolio Publish services and manage consumption Change notification SOArepository Operations Orchestration Operational Demand Business ServiceAutomation Remediation Automate configuration and change (client, server, network, storage) . Manage IT compliance and audit Provision and scale Baseline environment Compliance / Security • Defects • Enhancements • Operationalchange requests • Service catalog • Knowledge mgmt.

  6. Service Oriented Architecture • Technology • Methodology • Organization • Snake-Oil Archtiecture

  7. SOA: Technology • WSA – Web Services Architecture http://www.w3.org/TR/ws-arch/ • SOAP and WS-* • HTTP used as transport protocol for SOAP messages • WSDL for service definition (ala IDL) • WOA – Web Oriented Architecture http://en.wikipedia.org/wiki/Web_Oriented_Architecture • REST – REpresentational State Transfer • XML/HTTP; Atom; APP • HTTP used as application protocol • No explicit contract - Introspection

  8. SOA: Methodology • ESB – Enterprise Service Bus • Strong middleware: security, content based routing, reliability, process execution, failover, load balancing, monitoring, auditing, … • Clients talk to ESB and ESB distributes messages to Services • ESN – Enterprise Service Network (very unknown term) • Clients talk directly to Services • Services are responsible for security, failover, etc.

  9. SOA: Organization • Business Service Lifecycle • Inception • Budgeting • Governance • Development • Production • Retirement • Visibility, Trust, Control

  10. SOA: Snake-Oil • Business and IT alignment • Faster development • Easier and more robust integration • Services are loosely coupled / more • Robust • Flexible • You can buy SOA

  11. Observations You Can Make • Lighter-weight middlewares are winning • EAI is ‘enemy’ of SOA • EAI and SOA projects are failing mainly due to organization aspects • Subjective presentation

  12. SOA is so powerful. Why is it failing? Again? SOA Pitfalls

  13. SOA: Organization • SOA is failing because of its ‘success’ • Became visible to business • Large scope • Snake-oil • Agreement: Organization changes necessary • … but which ones?

  14. #10: Project-driven SOA • SOA is implemented within specific project(s) • Good • Validation of the concept • Starting point • Bad • Silo reinforcement • No proof it will work across silos • Reasons • Alignment with business, Commitment, Experience • Financial: funding, incentives • Trust!

  15. #10: Suggestion • Align with business on the importance • Cross-portfolio (silo) integrated solutions • Identify the most critical solutions (not services!) • Define SOA Governance model Funding Model, Commitments Trust, Experience, Alignment

  16. SOA: Organization Summary • Centralized SOA Governance • Visibility • Trust • Control • Decentralized development • Services are FEATURES • Centralizedsolutiontesting • Service Portfolio Management • Budgeting • Incentives to • Use • Provide • Subscription models

  17. SOA: Methodology • Blind application of Distributed Systems theory • Transparency doesn’t work in real life • (not) Delivered by EAI middlewares • #1: SOA as ‘better’ EAI • #3: API granularity • #5: New business logic • #6: Intermediaries and de-coupling • #7: ESB (or HUB) improves the overall system • #8: Common data model

  18. More on SOA vs EAI EAI SOA a b e c d

  19. Quality management repository New projects and enhancements Defects andissues DESIGN ASSEMBLE/BUILD Development BTO Blueprint BUSINESS BUSINESS OPERATIONS BUSINESS STRATEGY IT STRATEGY IT APPLICATIONS IT OPERATIONS ITIL Service Desk Strategic Demand Application Support CIO/Biz/IT Steering Committee Business CAB Portfolio and Financial Management Quality Management Business Service Management IT Service Management Tests - Monitors Verify functional quality Automate test planning, execution Analysisof defects Manage enterprise portfolio Resource constrained portfolio optimization Manage projects and programs Control and enforcement Manage business requirements Manage quality requirements Validate performance Diagnose performance problems Tune environment Manage business transaction and end-user experience Manage composite applications and SOA services Manage service lifecycle Continually improve services Manage assets, improve service cost efficiency Self servicecapabilities Ensureapplicationsecurity Vulnerabilityassessmentsfor development,QA and production QA SLAs andincidents • Projectproposals • Newapplications • New services • Newarchitectures FederatedCMDB Discovery+ mapping PMO Isolation,triage Business impact Serviceportfolio repository Manage infrastructuredomains, events and services Change impact andcollisions RFCs andincidents CTO Office Operations CAB NOC Manage SOA portfolio Publish services and manage consumption Change notification SOArepository Operations Orchestration Operational Demand Business ServiceAutomation Remediation Automate configuration and change (client, server, network, storage) . Manage IT compliance and audit Provision and scale Baseline environment Compliance / Security • Defects • Enhancements • Operationalchange requests • Service catalog • Knowledge mgmt.

  20. ESN vs. ESB Service A Service B ESN ESB ESB

  21. #7: HUB Better Than Point-to-Point

  22. #7: HUB Better Than Point-to-Point

  23. #7: HUB Better Than Point-to-Point • Nothing wrong on P2P if Governance is in place • HUB will not help if Governance is missing • Advantages hypothetical • Real dependencies are not that complex • Disadvantages are real • Deployment cost, integration cost (multiple HUBs), evolution issues (multiple places to change) • HUB de-facto implements additional business logic • E.g. content based routing, orchestration, etc. • Who owns it? What about contracts? • Why is this logic not provided by a service?

  24. #7: Suggestion • SOA: Service, Consumer, Contract – no HUB • Use Service Registry for late binding • Strictly use middleware-type HUBs behind service’s façade • Do contract management (even very simple one helps) Time saving, Right focus, Success

  25. Four Ways for One Use Case Incident Manager Event Source ? lookup create update ? submit lookup PUT BPEL create update ? ? GET

  26. #8: Common Data Model Alternative Quality Management Configuration Management Other Other Related Related CMS Core QM Core

  27. #8: Service Model Overlaps Create CDM Quality Management Configuration Management Other Other Related Related CMS Core QM Core

  28. SOA: Technology • WSA is ‘CORBA in angle brackets’ • WOA builds on successful history and experience • #2: Standard compliance gives loose coupling • #4: REST not enterprise ready

  29. #2: WS-* Standards • Innoq: http://www.innoq.com/soa/ws-standards/poster/innoQ%20WS-Standards%20Poster%202007-02.pdf • SOAP, WS-Security, WS-Transactions, WS-BPEL, WS-ReliableMessaging, WS-Addressing • XML Schema • Data description • Strong typing (usually used for) • Strong typing creates tight coupling among systems • Changes into data schema affect consumers

  30. #2: Standards • Standards are not enough! • Generic envelopes • Industry standards often ‘tailored’ when used • Data externalization rules • Mapping to standards • Dates, Versions, References, MIME types, etc. • Identification • Cross references (hyperlinks?) • Business vocabulary and taxonomies • Look carefully at adoption outside of your company

  31. Scalability: # of Changes and Evolution • http://www.google.com/search?q=20/5 • http://www.google.com/search?q=ba856 • http://www.google.com/search?q=5m+in+inches • http://www.google.com/search?q=weather+San+Francisco How many different APIs? How many changes into client code? Impact on existing clients? REST wins

  32. Summarizing

  33. Good Distributed Applications/Services • Should not ‘outsource’ their BL to middleware • Should minimize use of middleware even for fulfilling ‘enterprise readiness’ requirements • i.e. moving them to application level • Should realize the distribution is part of the business logic • E.g. no distributed transactions!

  34. Observations You Can Make • Lighter-weight middlewares are winning • EAI is ‘enemy’ of SOA • EAI and SOA projects are failing mainly due to organization aspects • Subjective presentation

  35. Building distributed services is HARD. No silver bullet. Thank you

More Related