Web Services Lecture I Valdas Rapševičius Vilnius University Faculty of Mathematics and Informatics 2014.02.28 2014.02.28 Valdas Rapševičius. Java Technologies 1
Outline Introduction to SOA SOA Concepts: Services Loose Coupling Infrastructure SOA Layers MEPs Various Service Aspects SOA Governance Reference: Nicolai M. Josuttis SOA In Practice 2014.02.28 Valdas Rapševičius. Java Technologies 2
Motivation for SOA Distributed business processing Different Owners Heterogeneity Flexibility IT as the key business value enabler
SOA is NOT Concrete architecture it is something that leads to a concrete architecture. Concrete solution can t buy SOA Information technology a Silver Bullet
SOA is a way of information management. A set of principles and methodologies for designing and developing software in the form of interoperable services. (Wikipedia, 2013.02.21) A method of design, deployment and management of applications and software infrastructure where: all software is organized into business services that are network accessible and executable; service interfaces are based on public standards for interoperability. SOA is a strategy that, although it might be driven by IT, always impacts the business as a whole SOA is a software architecture that starts with an interface definition and builds the entire application topology as a topology of interfaces, interface implementations and interface calls Interface-oriented architecture Might call it a style, paradigm, concept, perspective, philosophy, or representation.
Important! Whether you introduce SOA is not what s important The important thing is that the IT solution you introduce is appropriate for your context and requirements of your business
Large Systems SOA is a concept for large distributed systems Large systems deal with legacies maintenance heterogeneous and their data have an incredibly long lifetime complex different owners imperfect redundancy bottlenecks are suicide
Major Elements Services self-contained business functionalities can be part of one or more processes can be implemented by any technology on any platform Specific infrastructure (ESB) Policies and processes
Magic Bus Bus EAI Bus ESB Piece of infrastructure software High interoperability Instead of creating and maintaining individual communication channels between different systems, each system only has to connect to the bus to be able to connect to all other systems.
SOA History 1994: Alexander Pasik, a former analyst at Gartner, coined the term SOA for a class on middleware that he was teaching. Pasik was working before XML or Web Services were invented, but the basic SOA principles have not changed. 1996: Gartner analysts Roy W. Schulte and Yefim V. Natis published the first reports about SOA in 1996. 2000: the real momentum for SOA was created by Web Services, which, initially driven by Microsoft, reached a broader public.
SOA Concepts Services Loose Coupling Infrastructure
Services Activities, Tasks Services Represent Business Functionality Definitions: The performance of work (a function) by one for another (dictionary) A self-contained, stateless business function that accepts one or more requests and returns one or more responses through a well-defined, standard interface (Wikipedia) A service represents a self-contained functionality that corresponds to a real-world business activity (SOA in Practice)
Interface A service is an interface for (multiple) messages that return information and/or change the state of an associated entity (backend) Interface properties: Signature describes the input parameters, output parameters, and possible exceptions. Well defined a consumer of a service must know the complete behavior and semantics of the service. contract the complete specification of a service between a specific provider and a specific consumer.
Interface Types Technically Driven Interface Business-Driven Interface
Service Attributes Self-Contained (independent, autonomous, autarkic) Coarse-Grained Visible/Discoverable Stateless Idempotent Reusable Composable Technical QoS- and SLA-Capable Pre- and Post-Conditions Vendor-Diverse Interoperable Implemented As Web Services?
Loose Coupling It is a principle Minimize dependencies Motivation Scalability Flexibility Fault tolerance
Loose Coupling Examples
Forms of Loose Coupling Asynchronous Communication Heterogeneous Data Types Mediators (Broker or Name Server) Weak Type Checking Binding Platform Dependencies Interaction Patterns Compensation Transactions (not 2PC) Control of Process Logic Deployment Versioning
Enterprise Service Bus (ESB) Major piece of OSA infrastructure Tasks: Providing connectivity Data transformation (Intelligent) routing Dealing with security Dealing with reliability Service management Business Activity Monitoring (BAM) Service Orchestrating, BPEL Monitoring and logging
Heterogeneous ESB
ESB: Point-to-Point vs Mediation
ESB: Interceptors
ESB: Protocol vs API
Service Layers Fundamental SOA First stage of expansion Basic services Federated (networked) SOA Micro-flow Orchestration or composition layer Second stage of expansion Basic and composed services Process-enabled SOA Macro-flow Third stage of expansion Basic, composed and process services
Basic Services Guidelines for achieving an optimum level of granularity for a lowest level service: describe the service in terms of function, information, goals, and rules, but not in terms of groups of other services single responsibility role self-contained as possible. Ideally autonomous. ACID principle Types: Basic Data Services Basic Logic Services
Basic Data Services Read or write data from or to one backend system. Represent a fundamental business operation of the backend. Examples: Create a new customer Change the address of a customer Return the address of a customer Create a new contract/portfolio/account Return a list of customers according to some search criteria Return a customer s balance Send an ordered item to a customer Return the number of customers Return details on a customer s payment practices
Basic Logic Services Basic logic services represent fundamental business rules Examples: Define product catalogs and price lists Define rules for changing customer contracts Return whether a year is a leap year Define allowed dates
Fundamental SOA
Composed Services Orchestrated services Orchestration - composing new services out of existing services Micro flow: Short-term running Stateless Transactions: Two-phase commit (2PC) Compensation Examples: Updates redundant data on multiple backends Money transfer from one backend to another
Federated SOA
Process Services Long-term workflows or business processes. Macro-flow: Long-running flow of activities (services) Interruptible (by human intervention) Stateful In the Backend In the Service Examples: Shopping cart Insurance policy purchase
Process-enabled SOA
BPM
Choreography Orchestration: One central controller that coordinates all the activities of the process Composite pattern, which means that the whole composition itself can be used as a service Choreography: No process control Not identified as a whole Used in Business process chains Event-driven architecture (EDA)
Example (1)
Example (2)
Example (3)
Message Exchange Patterns Basic MEPs Request/Response One way Complicated MEPs Request-Callback Publish-Subscribe
Request-Response MEP
One-Way MEP
Request/Callback MEP
Reliability
Service Lifecycle
Versioning Domain Versioning Trivial (new version = new service) Non-Trivial (i.e. backwards compatibility) Configuration-Management-Driven Versioning Pick required interface from VCS Data Types Versioning Use different types for typed interfaces Use the same types for typed interfaces Use generic code so that type differences don t matter
Performance ESB slows calls 5 to 10 times Techniques: Call Constraints Custom services
Customized Services 2014.02.28 Valdas Rapševičius. Java Technologies 46
Security Characteristics: Authentication (A) Authorization (A) Confidentiality Integrity Availability Accounting (A) Auditing Security is often neglected: Requires effort Impossible to achieve absolute security (except by disconnecting systems) Usual security mechanisms for the Internet (firewalls and special protocols such as SSL) are enough. Infrastructures provide enough security Not clear whether security is an issue for the infrastructure team or the business teams. 2014.02.28 Valdas Rapševičius. Java Technologies 47
SOA & Security Policy Decision Point Policy Enforcement Point Transport protocols (https) Message protocols DMZ 2014.02.28 Valdas Rapševičius. Java Technologies 48
Stateless Services 2014.02.28 Valdas Rapševičius. Java Technologies 49
Stateful Services 2014.02.28 Valdas Rapševičius. Java Technologies 50
Idempotency 2014.02.28 Valdas Rapševičius. Java Technologies 51
Governance Goals: Making sure that people do what s right. Controlling the development and operation of software. Technical Tasks: Documentation Service management Monitoring Change and configuration management Non Technical Tasks: Visions, objectives, business case, and funding model Reference architecture(s) Roles and responsibilities Policies, standards, and formats Processes and lifecycles 2014.02.28 Valdas Rapševičius. Java Technologies 52
Policy Example 2014.02.28 Valdas Rapševičius. Java Technologies 53
Establishing SOA SOA Steps (Josuttis): Understand SOA SOA Pilot Second and third SOA projects Become the General Strategy The Four Ps (Pulier and Taylor) All people have to learn about the principles of SOA and their associated technologies. A pilot project helps to prove the concept. A flexible multiphased project plan will help to integrate and validate the SOA strategy in a day-to-day business. Based on the first three Ps, you proceed by establishing SOA via actual developments. Architectural Roadmap (Krafzig, Banke, and Slama): Fundamental SOA (SOA with basic services only) Networked SOA (SOA with composed/orchestrated services) Process-enabled SOA (SOA with process services) 2014.02.28 Valdas Rapševičius. Java Technologies 54
SOA Maturity 2014.02.28 Valdas Rapševičius. Java Technologies 55
Conclusions Is SOA something new? You can not buy SOA Distributed computing increase complexity Recent trends: Distributed computing costs Loose coupling costs ROA RESTful APIs 2014.02.28 Valdas Rapševičius. Java Technologies 56