Looking at a SOA world Matias Cuenca-Acuna December, 2006.
-
date post
19-Dec-2015 -
Category
Documents
-
view
213 -
download
0
Transcript of Looking at a SOA world Matias Cuenca-Acuna December, 2006.
04/18/23 2
Talk Outline
• Introduction to Intel Software and ASDC• SOA and the technologies behind it• The challenges• Beyond SOA
04/18/23 3
What is Intel Software?
• Why does Intel care about software?– Adds value to its hardware
• The different sides of Intel Software– Enabling
• Microsoft, Adobe, BEA, etc.– Software development products
• Compilers– C/C++, Fortran, etc.
• Libraries– IPP, MKL, etc
• Tools– vTune, Thread Checker, GPE
– Open Source• Harmony, PPTP, etc.
04/18/23 4
How does ASDC fits into the picture?
• ASDC is part of Intel Software• ASDC’s core competencies (for now)
– Technology areas• SOA• Clustering• GRID
– Knowledge areas• Security• Management• Performance
• Other activities at ASDC– Involvement with higher education
• Specialization program on distributed services & systems• We awarded 14 scholarships for grads & under-grads• Internship program
– Involvement with the local industry• Telemedicine project
– Involvement with the community
04/18/23 7
What is SOA?
• A service-oriented architecture is essentially a collection of services – These services communicate with each other and the communication can
involve either simple data passing or direct application execution;– also it could involve two or more services coordinating some activity.
• What is a Service?– A service is a function that is well-defined, self-contained, and does not
depend on the context or state of others.
• What is a Web Service?– Typically a web service is XML/SOAP based and most often described by
WSDL and Schemas. In most SOA implementations a directory system known as UDDI is used to for Web Service discovery and central publication.
04/18/23 8
It’s a SOA World after all…
• Massive growth in SOA, Web Services and XML• More XML traffic on LAN than email
– Average XML traffic load increasing 50% Y/Y– XML data 5x-20x the size of “normal” data
• Web Services applications on enterprises is growing 300% Y/Y• Web services have reopened 70 percent of the attack paths against
Internet connected systems (Source: Gartner)– 75% of hacks occur at the Application/Service level (Source: Gartner)
• In 2010 46% of IT professional services market will be Web Services related (Source: Gartner)
04/18/23 9
The SOA Stack
• More layers are being constantly added– Security– Reliable messaging– Manageability
NE
T
NE
T
Pe
rsp
ec
tive
Pe
rsp
ec
tive
DA
TA
D
AT
A
Pe
rsp
ec
tive
Pe
rsp
ec
tive
04/18/23 10
Putting the pieces together
• Foundational technologies– XML– SOAP– WSDL– UDDI
• Other technologies involved– XSLT– XML Schema– WS-Security– WS-RM
04/18/23 11
Where does SOA take us?
• Lower cost of development for new apps• Reusable Functionality• Common Interfaces (Reduced Integration Costs)• Real collaboration• Real-time Data• User driven Apps• True e-Marketplaces• Ad hoc business relationships
04/18/23 13
Same old problems new game rules
• Problems: Speed, Security, Manageability, Availability, etc.• What is new about them?
– Operations span multiple organizations– Heterogeneous software & SLAs– No centralized server or authority– Self describing languages have a high performance cost (i.e. XML)– The processor’s speed race days are over!
04/18/23 14
Security in a SOA world
<XML>
MP3 Player order
</XML>
Product info
Shipping info
Credit card info
mystore.com
<XML>
</XML>
<XML>
</XML>
<XML>
</XML>
<XML>
</XML>
<XML>
</XML>
04/18/23 15
The Security Challenge
• Why is security so important in SOA?– Drastic & Fundamental shift in Authentication & Authorization models
• Firewalls are oblivious to XML traffic• SSL is not enough
– Real Business apps affected• WS-Security jumped from 15% in 2005 to 33% in 2006
– Source: Evan’s 2006– Non repudiation
• On the previous slide, how does Sony proves that Amazon owes them money?– Externalization of application functionality and loss of internal controls– Next generation threats and new risks
• We have already identified some• We need to improve on
– Distributed identity– Languages for defining and agreeing on security policies
• How do I trust that company X’s developers did a good job?– Faster and parallel cryptography/XML processing
04/18/23 16
The Speed Challenge
• XML is inherently inefficient– It consumes a considerable amount of bandwidth, storage and CPU– Large XML documents may need to be loaded into memory before
processing• XML content is 20-50 times larger than text/binary equivalent
• How slow is it?– An XML based address book service can process 25 req/sec (40ms/req)
• The data is coming from memory!!• Using Tomcat 4.0.1 on a AMD Athlon XP 2Ghz with 1GB of RAM• Source: Apache (http://tomcat.apache.org/articles/performance.pdf)
– SSL reduces performance by 3 (Source: BEA)– To put it in perspective
• Google performs 1000 queries per second at 200ms latency• A query can span 128 machines (shards) and 3 to 4 tiers• Throw in SSL and assume that query complexity is up by … 10? 100?• We have a resulting latency of 6 to 60 seconds (i.e at least 30X
slower!!)
04/18/23 17
The Speed Challenge
• In real life XML is a multi-step process which is hard to parallelize– State of the art HW can give you a 6X boost on latency
• We need to improve on– XML parsing, transformation, querying and validation– We need parallel algorithms for all of the above– Faster and parallel cryptography
04/18/23 18
Want more challenges?
• Management Challenge– We have too many management layers
• Configuration Management, Performance Management, Security Management, Application Management, etc.
– The ultimate SOA goal is to provide a service• Knowing that a computer is down at company X is not enough• We need end to end management
– Across platforms, languages, applications, and existing management technologies
• Reliable communication– How do we guarantee that a service ahs received and is processing a
request?– TCP cares about a single hop
• Also it only says that a front end got the message
04/18/23 20
Life outside of SOAP
• There is REST, AJAX, and others
• In 2003 80% of Amazon's WS traffic was REST and 20% SOAP– Tim O’Reilly claimed on Nov 2005 that REST was 95%
• As of Nov 2006 Yahoo! provides REST only WS
• A 2006 Evan’s study suggests 60% SOAP adoption and 51% REST– 375 employees from companies that use SOA were interviewed
04/18/23 21
Meet Web 2.0©
• Web 2.0 is Growing Faster Than Online Video & News – Source: Nielsen Netratings
• Social networking sites have the highest Y/Y traffic growth– Feedburner (385%), Digg.com (286%), MySpace (170%), Wikipedia
(161%), and Facebook (134%)
• Software as a service (SaaS)• Mash ups
– 40% of the companies that use SOA plan to integrate with Google• 18% with eBay
04/18/23 22
To wrap up
• Large scale heterogeneous systems are becoming a reality
• Ubiquitous software will replace traditional PC applications
• At ASDC we are starting some related projects on– Cluster computing– SOA & Grid– SOA Security– Manageability– Virtualization