Post on 05-Jan-2016
description
© 2006 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
Avoiding SOA Pitfalls
Radovan Janeček
SOFSEM 2009
Agenda• Definitions and context settings
• Pitfalls:−Organization
−Methodology
−Technology
• Summarizing
2 April 20, 2023
DEFINITIONS AND CONTEXT
3 April 20, 2023
Eight Years of SOA Wins and Mistakes• Co-founded Systinet (2000)
−Web Services stacks in C++ and Java−Service Registry−SOA Governance
• Led SOA Center in Mercury/HP (2006)−SOA Governance, Quality, Management
• BTO, Chief Architect (2008)−Service and Data Models−Integration strategy (SOA based)
• R&D Director, HP Service Portfolio Management
5 April 20, 2023
6
7 April 20, 2023
BTO Blueprint
8 April 20, 2023
IT STRATEGY IT OPERATIONSIT APPLICATIONS
Manage service lifecycle
Continually improve services
Manage assets, improve
service cost efficiency
Self servicecapabilities
Manage business
requirements
Manage quality
requirements
Verify functional
quality
Automate test
planning, execution
Analysisof defects
Ensureapplication
security
Vulnerability
assessments
for developme
nt,QA and
production
Validate performanc
e
Diagnose performance problems
Tune environme
nt
Quality Management
QA
Business
CAB
Automate configuration and change (client, server, network, storage)
. Manage IT compliance and audit
Provision and scale
Baseline environment
IT Service Manageme
nt
DESIGN ASSEMBLE
/BUILD
Development
ITIL Service Desk
Compliance /
Security
Operations CAB
Manage enterprise portfolio
Resource constrained portfolio optimizatio
n
Manage projects
and programs
Control and
enforcement
Portfolio and
Financial Management
CIO/Biz/IT Steering
Committee
FederatedCMDB
Discovery+ mapping
• Projectproposals
• Newapplications
• New services
• Newarchitectures
Strategic Demand
Operational Demand
• Defects
• Enhancements• Operational
change requests
• Service catalog
• Knowledge mgmt.
SLAs andincidents
RFCs and
incidents
Change impact
andcollisions
Quality management
repository
Defects andissues
New projects
and enhanceme
nts
Remediation
BUSINESSBUSINESS STRATEGY
BUSINESS OPERATIONS
Manage SOA portfolio
Publish services and manage consumption
CTO Office
SOArepository
Serviceportfolio
repository
Change notification
Tests - Monitors
Manage business transaction and
end-user experience
Manage composite
applications and SOA services
Business Service
Management
Application
Support
Manage infrastructure
domains, events and services
NOC
Isolation,triage
Business impact
PMO
Operations OrchestrationBusiness Service
Automation
Service Oriented Architecture• Technology
• Methodology
• Organization
• Snake-Oil Archtiecture
9 April 20, 2023
SOA: Technology• WSA – Web Services Architecture
http://www.w3.org/TR/ws-arch/
−SOAP and WS-*−HTTP used as transport protocol for SOAP
messages−WSDL for service definition (ala IDL)
• WOA – Web Oriented Architecture http://en.wikipedia.org/wiki/Web_Oriented_Architecture
−REST – REpresentational State Transfer−XML/HTTP; Atom; APP−HTTP used as application protocol−No explicit contract - Introspection
10 April 20, 2023
SOA: Methodology• ESB – Enterprise Service Bus
−Strong middleware: security, content based routing, reliability, process execution, failover, load balancing, monitoring, auditing, …
−Clients talk to ESB and ESB distributes messages to Services
• ESN – Enterprise Service Network (very unknown term)−Clients talk directly to Services
−Services are responsible for security, failover, etc.
11 April 20, 2023
SOA: Organization• Business Service Lifecycle
−Inception
−Budgeting
−Governance
−Development
−Production
−Retirement
• Visibility, Trust, Control
12 April 20, 2023
SOA: Snake-Oil• Business and IT alignment• Faster development• Easier and more robust integration• Services are loosely coupled / more
−Robust
−Flexible
• You can buy SOA
13 April 20, 2023
14 April 20, 2023
Observations You Can Make• Lighter-weight middlewares are winning
• EAI is ‘enemy’ of SOA
• EAI and SOA projects are failing mainly due to organization aspects
• Subjective presentation
SOA PITFALLSSOA is so powerful. Why is it failing? Again?
15 April 20, 2023
SOA: Organization• SOA is failing because of its ‘success’
−Became visible to business
−Large scope
−Snake-oil
• Agreement: Organization changes necessary−… but which ones?
16 April 20, 2023
#10: Project-driven SOA• SOA is implemented within specific project(s)• Good
−Validation of the concept−Starting point
• Bad−Silo reinforcement−No proof it will work across silos
• Reasons−Alignment with business, Commitment, Experience−Financial: funding, incentives−Trust!
17 April 20, 2023
#10: Suggestion• Align with business on the importance
−Cross-portfolio (silo) integrated solutions
−Identify the most critical solutions (not services!)
• Define SOA Governance model
18 April 20, 2023
Funding Model, Commitments
Trust, Experience, Alignment
SOA: Organization Summary• Centralized SOA Governance
−Visibility−Trust −Control
• Decentralized development• Services are FEATURES• Centralized solution testing• Service Portfolio Management• Budgeting
−Incentives to• Use• Provide
−Subscription models
19 April 20, 2023
SOA: Methodology• Blind application of Distributed Systems theory
−Transparency doesn’t work in real life• (not) Delivered by EAI middlewares
• #1: SOA as ‘better’ EAI• #3: API granularity• #5: New business logic• #6: Intermediaries and de-coupling• #7: ESB (or HUB) improves the overall system• #8: Common data model
20 April 20, 2023
More on SOA vs EAI
21 April 20, 2023
EAI SOAa b
c
d
e
BTO Blueprint
22 April 20, 2023
IT STRATEGY IT OPERATIONSIT APPLICATIONS
Manage service lifecycle
Continually improve services
Manage assets, improve
service cost efficiency
Self servicecapabilities
Manage business
requirements
Manage quality
requirements
Verify functional
quality
Automate test
planning, execution
Analysisof defects
Ensureapplication
security
Vulnerability
assessments
for developme
nt,QA and
production
Validate performanc
e
Diagnose performance problems
Tune environme
nt
Quality Management
QA
Business
CAB
Automate configuration and change (client, server, network, storage)
. Manage IT compliance and audit
Provision and scale
Baseline environment
IT Service Manageme
nt
DESIGN ASSEMBLE
/BUILD
Development
ITIL Service Desk
Compliance /
Security
Operations CAB
Manage enterprise portfolio
Resource constrained portfolio optimizatio
n
Manage projects
and programs
Control and
enforcement
Portfolio and
Financial Management
CIO/Biz/IT Steering
Committee
FederatedCMDB
Discovery+ mapping
• Projectproposals
• Newapplications
• New services
• Newarchitectures
Strategic Demand
Operational Demand
• Defects
• Enhancements• Operational
change requests
• Service catalog
• Knowledge mgmt.
SLAs andincidents
RFCs and
incidents
Change impact
andcollisions
Quality management
repository
Defects andissues
New projects
and enhanceme
nts
Remediation
BUSINESSBUSINESS STRATEGY
BUSINESS OPERATIONS
Manage SOA portfolio
Publish services and manage consumption
CTO Office
SOArepository
Serviceportfolio
repository
Change notification
Tests - Monitors
Manage business transaction and
end-user experience
Manage composite
applications and SOA services
Business Service
Management
Application
Support
Manage infrastructure
domains, events and services
NOC
Isolation,triage
Business impact
PMO
Operations OrchestrationBusiness Service
Automation
ESN vs. ESB
23 April 20, 2023
ESN ESBE
SB
Service A Service B
#7: HUB Better Than Point-to-Point
24 April 20, 2023
#7: HUB Better Than Point-to-Point
25 April 20, 2023
#7: HUB Better Than Point-to-Point• Nothing wrong on P2P if Governance is in place• HUB will not help if Governance is missing• Advantages hypothetical
−Real dependencies are not that complex• Disadvantages are real
−Deployment cost, integration cost (multiple HUBs), evolution issues (multiple places to change)
• HUB de-facto implements additional business logic−E.g. content based routing, orchestration, etc.−Who owns it? What about contracts?−Why is this logic not provided by a service?
26 April 20, 2023
#7: Suggestion• SOA: Service, Consumer, Contract – no HUB• Use Service Registry for late binding• Strictly use middleware-type HUBs behind
service’s façade• Do contract management (even very
simple one helps)
27 April 20, 2023
Time saving, Right focus, Success
Four Ways for One Use Case
28 April 20, 2023
lookup
create
update
?
lookup
create
update
?submit
BPEL
?
PUT
?GET
Event Source Incident Manager
Other
Related
#8: Common Data Model Alternative
29 April 20, 2023
CMS
Core
Configuration Management
Other
Related
QM
Core
Quality Management
#8: Service Model Overlaps Create CDM
30 April 20, 2023
Other
Related
CMS
Core
Configuration M
anagement
Other
Related
QMCore
Quality Management
SOA: Technology• WSA is ‘CORBA in angle brackets’• WOA builds on successful history and
experience
• #2: Standard compliance gives loose coupling
• #4: REST not enterprise ready
31 April 20, 2023
32 April 20, 2023
#2: WS-* Standards• Innoq: http://www.innoq.com/soa/ws-standards/poster/innoQ%20WS-Standards%20Poster%202007-
02.pdf
• SOAP, WS-Security, WS-Transactions, WS-BPEL, WS-ReliableMessaging, WS-Addressing
• XML Schema−Data description
−Strong typing (usually used for)
• Strong typing creates tight coupling among systems−Changes into data schema affect consumers
33 April 20, 2023
#2: Standards• Standards are not enough!
−Generic envelopes
−Industry standards often ‘tailored’ when used
• Data externalization rules−Mapping to standards
• Dates, Versions, References, MIME types, etc.
−Identification
−Cross references (hyperlinks?)
• Business vocabulary and taxonomies• Look carefully at adoption outside of your
company
34 April 20, 2023
Scalability: # of Changes and Evolution
• http://www.google.com/search?q=20/5• http://www.google.com/search?q=ba856• http://www.google.com/search?q=5m+in+inches• http://www.google.com/search?
q=weather+San+Francisco
35 April 20, 2023
How many different APIs?
How many changes into client code?
Impact on existing clients?
REST wins
SUMMARIZING
36 April 20, 2023
Good Distributed Applications/Services• Should not ‘outsource’ their BL to
middleware• Should minimize use of middleware even
for fulfilling ‘enterprise readiness’ requirements−i.e. moving them to application level
• Should realize the distribution is part of the business logic−E.g. no distributed transactions!
37 April 20, 2023
38 April 20, 2023
Observations You Can Make• Lighter-weight middlewares are winning
• EAI is ‘enemy’ of SOA
• EAI and SOA projects are failing mainly due to organization aspects
• Subjective presentation
THANK YOUBuilding distributed services is HARD. No silver bullet.
39 April 20, 2023