Thomas Rischbeck Real Life E S B

17
Founding Sponsors This Presentation Courtesy of the International SOA Symposium October 7-8, 2008 Amsterdam Arena www.soasymposium.com [email protected] Gold Sponsors Platinum Sponsors Silver Sponsors

Transcript of Thomas Rischbeck Real Life E S B

Page 1: Thomas  Rischbeck    Real  Life  E S B

Founding Sponsors

This Presentation Courtesy of the

International SOA Symposium

October 7-8, 2008 Amsterdam Arena

www.soasymposium.com

[email protected]

Gold Sponsors

Platinum Sponsors

Silver Sponsors

Page 2: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 1]

[innovation process technology inc.][www.ipt.ch]

Real Life ESBUse Cases,

Deployment Scenarios,Experiences.

Dr. Thomas Rischbeck2008-10-07, 11:00

SOA Symposium Amsterdam

[innovation process technology inc.][www.ipt.ch]

ESB Patterns

Page 3: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 2]

[page 3][©2008 ipt | switzerland]

Service Virtualization

Proxy PatternLocation TransparencyProtocol BridgingSecurity EnforcementTransformationContent-Based RoutingLoad-Balancing and FailoverService Monitoring Message QueueingComplex Event Processing

Source: BEA

[page 4][©2008 ipt | switzerland]

ESB Patterns

Data FormatTransformation

AsynchronousQueuing

Location TransparencyProtocol

Bridging

Policy EnforcementRouting

Content-basedRouting

Schema Validation

Load Balancing

Failover

Control/Audit SLA

Monitoring

PayloadVersioning

MLF to XML

Auditing/Charging

XSTL

Data ModelTransformation

ProtocolVersioning(eg SOAP)

Enforcement(PEP)

EDA

TransportProtocol Bridging

Security Mapping

Event Tracking

ComplexEvent

Processing

Event Tracking

Itinerary-based(orchestration)

Microflows(orchestration)

SecurityInterception publish-

subscribe

ServiceDiscovery

TokenValidation

Identity Mapping

Security Protocol Mapping

Authorization

MEPs

conversation

Temporal Decoupling

Sync/AsyncMapping

Aggregate/Split

ESB Pattern/Proxy Pattern

Broker

Core ESB

EDIFACT

Event StreamProcessing

Past Design-time

Optional Patterns

XML to MFL

ReliableDelivery

Virtualization

Page 4: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 3]

[page 5][©2008 ipt | switzerland]

Protocol Bridging

Protocol BridgingSynchronous to Asynchronous BridgingREST/POX SOAPRSS JMSFTP SMTPPOP3 File…

[page 6][©2008 ipt | switzerland]

Security

Security MappingTransport based Message Based: Basic Authentiation WS-SecurityMapping between Security Realms Bridge Identity Domains (user names, credential)

Policy Enforcement PointVerify SAML Token, Strong AuthenticationAccess Control: Authorization based on user, group, role, credentialsUnified Policies for all Services

ApplicationClient

Service Clients Enterprise Service Bus

Route

Proxy Flow

Service

HTTP/SOAP[X.509]

Encryption, signing

Business Services

SSL [X509]

Service

Security Framework

HTTP/SOAP Authentication

[Basic]Role based

Authorization

Page 5: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 4]

[page 7][©2008 ipt | switzerland]

Transformation

WebService

Service Clients Enterprise Service Bus Business Services

V 1.3

V 1.2

TransformationsSupport for multiple Service versionsSOAP 1.1 auf SOAP 1.2Namespace ChangeData Format: SemanticsHandle Non-XML Payloads (EDIFACT XML)

RouteTransform1.1 1.3V 1.1 V 1.1

RouteV 1.2

RouteV 1.3

Transform1.2 1.3

V 1.3

V 1.2

V 1.3

V 1.1

V 1.3

V 1.3V 1.3

[page 8][©2008 ipt | switzerland]

Content-based Routing (CBR)

ApplicationClient

Service Clients Enterprise Service Bus Business Services

HTTP/SOAPHTTP/SOAP

Content-Based RoutingSOAP HeadersTransport HeadersJMS PropertiesXML Payload (SOAP Body)Context

Service VIPCBR

Proxy Flow

$header

$body

$attachment

$fault

Service normal

HTTP/SOAP

Page 6: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 5]

[page 9][©2008 ipt | switzerland]

Load Balancing and Failover

Load BalancingRequires Stateless ServicesESB itself must be scalable!

FailoverRequires Idempotent Services

Service Client

Service Clients Enterprise Service Bus Business Services

JMSURI X

URI Y

HTTP/SOAP

Route

Proxy Flow

[page 10][©2008 ipt | switzerland]

Service Virtualization

Mix and match interfaces Service selection across multiple WSDLsSingle coherent interface to all authorized backend servicesMerge without namespace collisions

Service Client

Service Clients Enterprise Service Bus Business Services

Service X

Service Y

WSDL A

Routae

Proxy Flow

AggreateInterface

WSDL X

WSDL Y

Page 7: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 6]

[page 11][©2008 ipt | switzerland]

Error Handling

Error handling Features

Validation before the Request hits the ServiceReduces Service Load and Network Traffic

ApplicationClient

Service Clients Enterprise Service Bus Business Services

HTTP/SOAPWeb Service

Route

Proxy Flow

Validate

Error Code

[page 12][©2008 ipt | switzerland]

Service and SLA Monitoring

ApplicationClient

Service Clients Enterprise Service Bus Business Services

HTTP/SOAPHTTP/SOAPWeb ServiceRoute

Proxy Flow

Statistics

Monitor System OperationsAlerting and reporting key monitoring pointsGauge system health

Troubleshooting and ReportingDrill into message tracking and execution historyCaptures system statistics including threshold violations, en-queued messages, performance bottlenecks, task workloadsMonitor SLA: execution time, # of errors

Simple Business monitoringTrack relevant business/service data

Reporting Framework

On avg execution > 5 Ms

SMTPJMS

Page 8: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 7]

[page 13][©2008 ipt | switzerland]

Asynchronous Delivery

ApplicationClient

Service Clients Enterprise Service Bus Business Services

RequestRequestServiceRoute

Proxy Flow

Response

Proxy

ResponseRoute

Proxy Flow

Proxy

Improves Lose CouplingService Downtime

Intermittent CommunicationUnpredictable Load

No Peak Load, Service must handle only Average LoadLoad Balancing

Non-blocking for client (long-lasting activities)Inspect in-flight messages

Queue

Queue

Persistence

[page 14][©2008 ipt | switzerland]

EDA, CEP, and the works

ApplicationClient

Service Clients Complex Event Processing Business ServicesComplex

EventEvent

Service

Event-Driven Architecture (EDA)Events as “first-class citizens” in the integration modelPublish-Subscribe Messaging: Topics

Complex Event Processing (CEP)Detect Patterns in the Event StreamE.g., Fraud Detection

ApplicationClient

Event

ApplicationClient

Event

Page 9: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 8]

[innovation process technology inc.][www.ipt.ch]

ESB Risks

[page 16][©2008 ipt | switzerland]

ESB RISK 1: Vendor Lock-in

ESB is standards-based but not itself a standard!Every ESB is different and cannot easily be replacedRisk of disruption given market consolidation

IBM: ESB is just a Pattern

Burton: Managed Communications Infrastructure (2007)

Gartner: „low-cost lightweight alternative to traditional integration middleware“

Sonic: standards-based integration platform that combines messaging, web services, data transformation to reliably connect and coordinate the interaction of significant numbers of diverse applications across extended enterprises with transactional integrity (2004)

IDC: The ESB is an open standards-based technology concept that will revolutionize IT and enable flexible and scalable distributed computing for generations to come.

Zapthink: „message-bus with service-oriented interfaces“

I’m a TRUE ESB!

WS*-Stack is the ESB!

Cali-Mero Fio-Rano

MOM++ EAI++

Page 10: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 9]

[page 17][©2008 ipt | switzerland]

ESB RISK 2: ESB Archipelago

Multiple ESBs because of mergers and SOA projects in separate business units.

Finance Sales HR

ESB1 ESB2 ESB3

Services Services Services

ConsumersConsumersConsumers

STRATEGY: Plan for a logically coherent architecture despite multiple integration technologies

Interoperation Technology and Standards ConvergenceWatch WS-* standards, WS-I compliance and SCAHierarchy of ESBs?

[page 18][©2008 ipt | switzerland]

BusinessService

Browser

User-FacingLogic

BusinessService

Rich Client

BusinessService

BusinessService

BusinessService

DataService

ESB

Legacy App.

AdapterBusinessService

Protocol Bridging

Validate, Transform

Log,Monitor,

Audit

LoadBalance,Failover

Service discovery, binding, communicationWeb services (XML, SOAP, WSDL, HTTP)Extensible for plug-in services

Service URL "virtualization" and rule-based routingReliable message delivery

SecurityPublish-and-subscribe

ESB RISK 3: Distributed Business Logic

Page 11: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 10]

[page 19][©2008 ipt | switzerland]

ESB RISK 4: Semantic DifferencesIn Protocols

be

st-e

ffort

at

-leas

t-onc

e (r

etrie

s)

W

S-R

M (e

xact

ly o

nce)

be

st-e

ffort

at

-leas

t-on

ce

ex

actly

-onc

e

WTC

/Tux

edo

WTC

/Tux

edo

(Pr

oxy

Ret

ry)

RM

I/IIO

P

RM

I/IIO

P (

Prox

y R

etry

)

best-effort RE1 RE2 RE2at-least-once (retries) RE1 RE2 RE2 RE2 RE2WS-RM (exactly once)

best-effort

at-least-once

exactly-once

WTC/Tuxedo RE1WTC/Tuxedo - (app. Retry)

RMI/IIOP RE2RMI/IIOP - retry RE2 RE2

at-most-once = best effort at-least-once exactly-once kein Ziel - nicht unterstützt

Quality of Service (zuverlässig Nachrichtenzustellung)

Legacy Protokolle

Lega

cy P

roto

kolle

Grundsatz: Legacy Protokolle werden

nicht über den ESB geroutet

von

JM

S

H

TTP

/s

HTTP/s JMSauf

QoSSecuritysynchronous/asynchronousstateful/stateless

[innovation process technology inc.][www.ipt.ch]

ESB Use Cases

Page 12: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 11]

[page 21][©2008 ipt | switzerland]

e-licensing: Zone traversal, Security EnforcementClient-Server SOA“Brokering” WS callsEnforcement of Security PoliciesIsolation of the BackendsUnified Network policies (WISB)Location Transparency, loose couplingService Management, Monitoring, NotificationReporting

SSZ

BV-Netz

[page 22][©2008 ipt | switzerland]

e-dec: Infrastruktur-Services

Page 13: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 12]

[page 23][©2008 ipt | switzerland]

e-dec: service-oriented “interior architecture”Asynchronous multi step processing of messages (Itinerary-based routing)Lightweight containers for deploying services in a distributed environmentPersistenz, Garantierte QoSfür Nachrichten-austausch

34 5

21

Cus

tom

Cus

tom

Legacy MOMLegacy MOM

App

JCAAdapte

r

App

App

JCAAdapte

r

JCAAdapte

rFile

DropFile

DropFile

DropFile

Drop

Sonic ESB

[page 24][©2008 ipt | switzerland]

SAP XI: Legacy Enablement

HTTP/SOAP

Access SAP modules via WSLimited support of advanced WS* standards

Page 14: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 13]

[page 25][©2008 ipt | switzerland]

BAFU DAZU: Protocol Mapping

[page 26][©2008 ipt | switzerland]

EJPD: Schengen/Dublin Project

1. Protokoll Mapper/Integration BrokerProtocol BridgingData Modell TransformationData Format Transformation

2. Encapsulation/QuartersNetwork Zone TransversalSecurity Mapping(Realm, Protocol, Tokens)Wrapping SisOne4All, funnelling all external access

SOA

Infrastructure

EJPDRequirements

DataPower

BEAALSB

Page 15: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 14]

[page 27][©2008 ipt | switzerland]

EJPD: Schengen/Dublin Project

BEA Tuxedo

Web Services Protocol Mapping (Tuxedo WS)

Data Format Mapping (bin/WTC XML)

Security ID Mapping (no federation)

[page 28][©2008 ipt | switzerland]

e-licensing: Zonenübergang, Security EnforcementClient-Server SOA“Brokering” WS callsEnforcement von Security PoliciesIsolation des BackendsEinheitliche Netzwerkpolicies (WISB)Location Transparency, lose KopplungService Management, Monitoring, NotificationReporting

SSZ

BV-Netz

Page 16: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 15]

[page 29][©2008 ipt | switzerland]

hierarchical ESB landscape

[page 30][©2008 ipt | switzerland]

DHL ExpressProtocol Mapping (FTP, WS, Email)

Data Format Mapping (CSV XML)

Security Enforcement (SAML)

Page 17: Thomas  Rischbeck    Real  Life  E S B

[21.10.2008]

[©2002 ipt | switzerland germany austria] [seite 16]

[page 31][©2008 ipt | switzerland]

Outlook

Universal Business Adapter

SOA success

GovernanceSOAInfrastructure

Organ

izatio

nal

chan

ge

SOA ≠ SOA Runtime InfrastrukturAn ESB by itself is just useless plumbing!

Business Requirements, ServicesBuild as part of the SOAGovernance

Success necessitates organizational changeStructure and Project MethodDifferent application designCooperation between business and ITand across LOBs („interdiciplinary“)

Risk: Usage of SOA Infrastructure JUST for integration (modern-day EAI)

[innovation process technology inc.][www.ipt.ch]

Thank you![ipt]

innovation process technology___________________________

Dr. Thomas Rischbeck | it architect

Office ZugBaarerstrasse 14 | CH-6300 Zug

Phone: +41 41 727 25 25 | Fax: +41 41 727 25 26Email: [email protected]