Thomas Rischbeck Real Life E S B
-
Upload
soa-symposium -
Category
Technology
-
view
646 -
download
0
Transcript of Thomas Rischbeck Real Life E S B
Founding Sponsors
This Presentation Courtesy of the
International SOA Symposium
October 7-8, 2008 Amsterdam Arena
www.soasymposium.com
Gold Sponsors
Platinum Sponsors
Silver Sponsors
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 1]
[innovation process technology inc.][www.ipt.ch]
Real Life ESBUse Cases,
Deployment Scenarios,Experiences.
Dr. Thomas Rischbeck2008-10-07, 11:00
SOA Symposium Amsterdam
[innovation process technology inc.][www.ipt.ch]
ESB Patterns
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 2]
[page 3][©2008 ipt | switzerland]
Service Virtualization
Proxy PatternLocation TransparencyProtocol BridgingSecurity EnforcementTransformationContent-Based RoutingLoad-Balancing and FailoverService Monitoring Message QueueingComplex Event Processing
Source: BEA
[page 4][©2008 ipt | switzerland]
ESB Patterns
Data FormatTransformation
AsynchronousQueuing
Location TransparencyProtocol
Bridging
Policy EnforcementRouting
Content-basedRouting
Schema Validation
Load Balancing
Failover
Control/Audit SLA
Monitoring
PayloadVersioning
MLF to XML
Auditing/Charging
XSTL
Data ModelTransformation
ProtocolVersioning(eg SOAP)
Enforcement(PEP)
EDA
TransportProtocol Bridging
Security Mapping
Event Tracking
ComplexEvent
Processing
Event Tracking
Itinerary-based(orchestration)
Microflows(orchestration)
SecurityInterception publish-
subscribe
ServiceDiscovery
TokenValidation
Identity Mapping
Security Protocol Mapping
Authorization
MEPs
conversation
Temporal Decoupling
Sync/AsyncMapping
Aggregate/Split
ESB Pattern/Proxy Pattern
Broker
Core ESB
EDIFACT
Event StreamProcessing
Past Design-time
Optional Patterns
XML to MFL
ReliableDelivery
Virtualization
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 3]
[page 5][©2008 ipt | switzerland]
Protocol Bridging
Protocol BridgingSynchronous to Asynchronous BridgingREST/POX SOAPRSS JMSFTP SMTPPOP3 File…
[page 6][©2008 ipt | switzerland]
Security
Security MappingTransport based Message Based: Basic Authentiation WS-SecurityMapping between Security Realms Bridge Identity Domains (user names, credential)
Policy Enforcement PointVerify SAML Token, Strong AuthenticationAccess Control: Authorization based on user, group, role, credentialsUnified Policies for all Services
ApplicationClient
Service Clients Enterprise Service Bus
Route
Proxy Flow
Service
HTTP/SOAP[X.509]
Encryption, signing
Business Services
SSL [X509]
Service
Security Framework
HTTP/SOAP Authentication
[Basic]Role based
Authorization
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 4]
[page 7][©2008 ipt | switzerland]
Transformation
WebService
Service Clients Enterprise Service Bus Business Services
V 1.3
V 1.2
TransformationsSupport for multiple Service versionsSOAP 1.1 auf SOAP 1.2Namespace ChangeData Format: SemanticsHandle Non-XML Payloads (EDIFACT XML)
RouteTransform1.1 1.3V 1.1 V 1.1
RouteV 1.2
RouteV 1.3
Transform1.2 1.3
V 1.3
V 1.2
V 1.3
V 1.1
V 1.3
V 1.3V 1.3
[page 8][©2008 ipt | switzerland]
Content-based Routing (CBR)
ApplicationClient
Service Clients Enterprise Service Bus Business Services
HTTP/SOAPHTTP/SOAP
Content-Based RoutingSOAP HeadersTransport HeadersJMS PropertiesXML Payload (SOAP Body)Context
Service VIPCBR
Proxy Flow
$header
$body
$attachment
$fault
Service normal
HTTP/SOAP
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 5]
[page 9][©2008 ipt | switzerland]
Load Balancing and Failover
Load BalancingRequires Stateless ServicesESB itself must be scalable!
FailoverRequires Idempotent Services
Service Client
Service Clients Enterprise Service Bus Business Services
JMSURI X
URI Y
HTTP/SOAP
Route
Proxy Flow
[page 10][©2008 ipt | switzerland]
Service Virtualization
Mix and match interfaces Service selection across multiple WSDLsSingle coherent interface to all authorized backend servicesMerge without namespace collisions
Service Client
Service Clients Enterprise Service Bus Business Services
Service X
Service Y
WSDL A
Routae
Proxy Flow
AggreateInterface
WSDL X
WSDL Y
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 6]
[page 11][©2008 ipt | switzerland]
Error Handling
Error handling Features
Validation before the Request hits the ServiceReduces Service Load and Network Traffic
ApplicationClient
Service Clients Enterprise Service Bus Business Services
HTTP/SOAPWeb Service
Route
Proxy Flow
Validate
Error Code
[page 12][©2008 ipt | switzerland]
Service and SLA Monitoring
ApplicationClient
Service Clients Enterprise Service Bus Business Services
HTTP/SOAPHTTP/SOAPWeb ServiceRoute
Proxy Flow
Statistics
Monitor System OperationsAlerting and reporting key monitoring pointsGauge system health
Troubleshooting and ReportingDrill into message tracking and execution historyCaptures system statistics including threshold violations, en-queued messages, performance bottlenecks, task workloadsMonitor SLA: execution time, # of errors
Simple Business monitoringTrack relevant business/service data
Reporting Framework
On avg execution > 5 Ms
SMTPJMS
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 7]
[page 13][©2008 ipt | switzerland]
Asynchronous Delivery
ApplicationClient
Service Clients Enterprise Service Bus Business Services
RequestRequestServiceRoute
Proxy Flow
Response
Proxy
ResponseRoute
Proxy Flow
Proxy
Improves Lose CouplingService Downtime
Intermittent CommunicationUnpredictable Load
No Peak Load, Service must handle only Average LoadLoad Balancing
Non-blocking for client (long-lasting activities)Inspect in-flight messages
Queue
Queue
Persistence
[page 14][©2008 ipt | switzerland]
EDA, CEP, and the works
ApplicationClient
Service Clients Complex Event Processing Business ServicesComplex
EventEvent
Service
Event-Driven Architecture (EDA)Events as “first-class citizens” in the integration modelPublish-Subscribe Messaging: Topics
Complex Event Processing (CEP)Detect Patterns in the Event StreamE.g., Fraud Detection
ApplicationClient
Event
ApplicationClient
Event
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 8]
[innovation process technology inc.][www.ipt.ch]
ESB Risks
[page 16][©2008 ipt | switzerland]
ESB RISK 1: Vendor Lock-in
ESB is standards-based but not itself a standard!Every ESB is different and cannot easily be replacedRisk of disruption given market consolidation
IBM: ESB is just a Pattern
Burton: Managed Communications Infrastructure (2007)
Gartner: „low-cost lightweight alternative to traditional integration middleware“
Sonic: standards-based integration platform that combines messaging, web services, data transformation to reliably connect and coordinate the interaction of significant numbers of diverse applications across extended enterprises with transactional integrity (2004)
IDC: The ESB is an open standards-based technology concept that will revolutionize IT and enable flexible and scalable distributed computing for generations to come.
Zapthink: „message-bus with service-oriented interfaces“
I’m a TRUE ESB!
WS*-Stack is the ESB!
Cali-Mero Fio-Rano
MOM++ EAI++
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 9]
[page 17][©2008 ipt | switzerland]
ESB RISK 2: ESB Archipelago
Multiple ESBs because of mergers and SOA projects in separate business units.
Finance Sales HR
ESB1 ESB2 ESB3
Services Services Services
ConsumersConsumersConsumers
STRATEGY: Plan for a logically coherent architecture despite multiple integration technologies
Interoperation Technology and Standards ConvergenceWatch WS-* standards, WS-I compliance and SCAHierarchy of ESBs?
[page 18][©2008 ipt | switzerland]
BusinessService
Browser
User-FacingLogic
BusinessService
Rich Client
BusinessService
BusinessService
BusinessService
DataService
ESB
Legacy App.
AdapterBusinessService
Protocol Bridging
Validate, Transform
Log,Monitor,
Audit
LoadBalance,Failover
Service discovery, binding, communicationWeb services (XML, SOAP, WSDL, HTTP)Extensible for plug-in services
Service URL "virtualization" and rule-based routingReliable message delivery
SecurityPublish-and-subscribe
ESB RISK 3: Distributed Business Logic
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 10]
[page 19][©2008 ipt | switzerland]
ESB RISK 4: Semantic DifferencesIn Protocols
be
st-e
ffort
at
-leas
t-onc
e (r
etrie
s)
W
S-R
M (e
xact
ly o
nce)
be
st-e
ffort
at
-leas
t-on
ce
ex
actly
-onc
e
WTC
/Tux
edo
WTC
/Tux
edo
(Pr
oxy
Ret
ry)
RM
I/IIO
P
RM
I/IIO
P (
Prox
y R
etry
)
best-effort RE1 RE2 RE2at-least-once (retries) RE1 RE2 RE2 RE2 RE2WS-RM (exactly once)
best-effort
at-least-once
exactly-once
WTC/Tuxedo RE1WTC/Tuxedo - (app. Retry)
RMI/IIOP RE2RMI/IIOP - retry RE2 RE2
at-most-once = best effort at-least-once exactly-once kein Ziel - nicht unterstützt
Quality of Service (zuverlässig Nachrichtenzustellung)
Legacy Protokolle
Lega
cy P
roto
kolle
Grundsatz: Legacy Protokolle werden
nicht über den ESB geroutet
von
JM
S
H
TTP
/s
HTTP/s JMSauf
QoSSecuritysynchronous/asynchronousstateful/stateless
[innovation process technology inc.][www.ipt.ch]
ESB Use Cases
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 11]
[page 21][©2008 ipt | switzerland]
e-licensing: Zone traversal, Security EnforcementClient-Server SOA“Brokering” WS callsEnforcement of Security PoliciesIsolation of the BackendsUnified Network policies (WISB)Location Transparency, loose couplingService Management, Monitoring, NotificationReporting
SSZ
BV-Netz
[page 22][©2008 ipt | switzerland]
e-dec: Infrastruktur-Services
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 12]
[page 23][©2008 ipt | switzerland]
e-dec: service-oriented “interior architecture”Asynchronous multi step processing of messages (Itinerary-based routing)Lightweight containers for deploying services in a distributed environmentPersistenz, Garantierte QoSfür Nachrichten-austausch
34 5
21
Cus
tom
Cus
tom
Legacy MOMLegacy MOM
App
JCAAdapte
r
App
App
JCAAdapte
r
JCAAdapte
rFile
DropFile
DropFile
DropFile
Drop
Sonic ESB
[page 24][©2008 ipt | switzerland]
SAP XI: Legacy Enablement
HTTP/SOAP
Access SAP modules via WSLimited support of advanced WS* standards
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 13]
[page 25][©2008 ipt | switzerland]
BAFU DAZU: Protocol Mapping
[page 26][©2008 ipt | switzerland]
EJPD: Schengen/Dublin Project
1. Protokoll Mapper/Integration BrokerProtocol BridgingData Modell TransformationData Format Transformation
2. Encapsulation/QuartersNetwork Zone TransversalSecurity Mapping(Realm, Protocol, Tokens)Wrapping SisOne4All, funnelling all external access
SOA
Infrastructure
EJPDRequirements
DataPower
BEAALSB
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 14]
[page 27][©2008 ipt | switzerland]
EJPD: Schengen/Dublin Project
BEA Tuxedo
Web Services Protocol Mapping (Tuxedo WS)
Data Format Mapping (bin/WTC XML)
Security ID Mapping (no federation)
[page 28][©2008 ipt | switzerland]
e-licensing: Zonenübergang, Security EnforcementClient-Server SOA“Brokering” WS callsEnforcement von Security PoliciesIsolation des BackendsEinheitliche Netzwerkpolicies (WISB)Location Transparency, lose KopplungService Management, Monitoring, NotificationReporting
SSZ
BV-Netz
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 15]
[page 29][©2008 ipt | switzerland]
hierarchical ESB landscape
[page 30][©2008 ipt | switzerland]
DHL ExpressProtocol Mapping (FTP, WS, Email)
Data Format Mapping (CSV XML)
Security Enforcement (SAML)
[21.10.2008]
[©2002 ipt | switzerland germany austria] [seite 16]
[page 31][©2008 ipt | switzerland]
Outlook
Universal Business Adapter
SOA success
GovernanceSOAInfrastructure
Organ
izatio
nal
chan
ge
SOA ≠ SOA Runtime InfrastrukturAn ESB by itself is just useless plumbing!
Business Requirements, ServicesBuild as part of the SOAGovernance
Success necessitates organizational changeStructure and Project MethodDifferent application designCooperation between business and ITand across LOBs („interdiciplinary“)
Risk: Usage of SOA Infrastructure JUST for integration (modern-day EAI)
[innovation process technology inc.][www.ipt.ch]
Thank you![ipt]
innovation process technology___________________________
Dr. Thomas Rischbeck | it architect
Office ZugBaarerstrasse 14 | CH-6300 Zug
Phone: +41 41 727 25 25 | Fax: +41 41 727 25 26Email: [email protected]