Architecting the Right SOA Infrastructure

Similar documents
Sentinet for BizTalk Server SENTINET

Overview SENTINET 3.1

Smarter Business Agility with WebSphere DataPower Appliances Introduction

The Modern Mainframe At the Heart of Your Business

SOA-20: The Role of Policy Enforcement in SOA Management

Sentinet for BizTalk Server VERSION 2.2

Sentinet for Microsoft Azure SENTINET

IBM WebSphere Message Broker for z/os V6.1 delivers the enterprise service bus built for connectivity and transformation

Rational Asset Manager V7.5.1 packaging October, IBM Corporation

Leverage SOA for increased business flexibility What, why, how, and when

Accelerate Your Enterprise Private Cloud Initiative

Web Serving Architectures

SM40: Measuring Maturity and Preparedness

Using IBM DataPower as the ESB appliance, this provides the following benefits:

Sentinet for Windows Azure VERSION 2.2

Optimize Your Heterogeneous SOA Infrastructure

Tivoli Federated Identity Manager. Sven-Erik Vestergaard Certified IT Specialist Security architect SWG Nordic

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

Services Oriented Architecture and the Enterprise Services Bus

Data Center 3.0: Transforming the Data Center via the Network

Introduction to Worklight Integration IBM Corporation

Cisco UCS Central Software

IBM Tivoli Monitoring (ITM) And AIX. Andre Metelo IBM SWG Competitive Project Office

Technical Overview. Access control lists define the users, groups, and roles that can access content as well as the operations that can be performed.

Cisco Prime for Enterprise Innovative Network Management

Expose Existing z Systems Assets as APIs to extend your Customer Reach

WEB-202: Building End-to-end Security for XML Web Services Applied Techniques, Patterns and Best Practices

5 OAuth EssEntiAls for APi AccEss control layer7.com

IBM Rational Developer for System z Version 7.5

Cisco Integration Platform

Who s Protecting Your Keys? August 2018

5 OAuth Essentials for API Access Control

Policy and SLA Management / Monitoring at the Edge. Governance, Enforcement, and Monitoring using WSRR, DataPower, and ITCAM for SOA

Addressing Security, Governance and Performance Issues with an XML Gateway as part of a Service Oriented Architecture. Vic Morris CEO Vordel

WebSphere Application Server, Version 5. What s New?

Microsoft SharePoint Server 2013 Plan, Configure & Manage

McAfee epolicy Orchestrator

Protect your enterprise assets with integrated security management solution

Oliopäivät Modelling Now and in the Future, with Acronyms or without = RSA

Narration Script for Web Service Medation Patterns WebSphere DataPower Demo

Service-Oriented Architecture

IBM Rational Software

That Set the Foundation for the Private Cloud

<Insert Picture Here> Enterprise Data Management using Grid Technology

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Networking for a dynamic infrastructure: getting it right.

Features. HDX WAN optimization. QoS

The Modern Mainframe. IBM Systems. Powerful, secure, dependable and easier to use. Bernice Casey System z User Experience

Cloud Essentials for Architects using OpenStack

Extending Your Mainframe for More Business Value

Identity-Enabled Web Services

Linking ITSM and SOA a synergetic fusion

Barry D. Lamkin Executive IT Specialist Capitalware's MQ Technical Conference v

Enabling Cloud Adoption. Addressing the challenges of multi-cloud

VMware vsphere 4.0 The best platform for building cloud infrastructures

Service Mesh and Microservices Networking

itsmf ITIL V3: Accelerate Success with Tools Maria A Medvedeva, PMP, ITIL Regional Director CA, Inc. itsmf Middle East Board of Directors

IBM 00M passed

Monitoring Principles & z/vse Monitoring Options

Implementing a Ground Service- Oriented Architecture (SOA) March 28, 2006

Automating for Agility in the Data Center. Purnima Padmanabhan Jeff Evans BMC Software

IBM Tivoli Directory Server

I D C T E C H N O L O G Y S P O T L I G H T. V i r t u a l and Cloud D a t a Center Management

5 Pillars of API. management

Cisco Prime Collaboration 12

MetaMatrix Enterprise Data Services Platform

The Value of Migrating from Cisco Tidal Horizon to Cisco Process Orchestrator

Identität und Autorisierung als Grundlage für sichere Web-Services. Dr. Hannes P. Lubich IT Security Strategist

CISCO IT DEPARTMENT DEPLOYS INNOVATIVE CISCO APPLICATION- ORIENTED NETWORKING SOLUTION

IBM United States Software Announcement , dated April 23, 2013

Enterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape

Oracle Identity and Access Management

Taking your next integration or BPM project to the cloud WebSphere Integration User Group, 12 July 2012 IBM Hursley

Discover, Relate, Model, and Integrate Data Assets with Rational Data Architect

Exploiting IT Log Analytics to Find and Fix Problems Before They Become Outages

REDEFINING THE ENTERPRISE

WEBMETHODS AGILITY FOR THE DIGITAL ENTERPRISE WEBMETHODS. What you can expect from webmethods

TransactionVision Technical White Paper

Novell Access Manager 3.1

WAN Application Infrastructure Fueling Storage Networks

CA Automation Capabilities A Technical Look at Process and Runbook Automation. Tom Kouhsari and AJ Dennis

CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products

New Zealand Government IbM Infrastructure as a service

Xceedium Xio Framework: Securing Remote Out-of-band Access

Il Mainframe e il paradigma dell enterprise mobility. Carlo Ferrarini zsystems Hybrid Cloud

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved.

ForeScout Extended Module for Carbon Black

Module Day Topic. 1 Definition of Cloud Computing and its Basics

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

Architecting the ArcGIS Platform: Best Practices. Raymond Bunn, GISP, PMP Esri Patterns & Practices Solution Architect

IBM Tivoli Identity Manager V5.1 Fundamentals

Deliver End-to-End Systems Management for Cisco Data Centers That Run Microsoft Applications

A Survival Guide to Continuity of Operations. David B. Little Senior Principal Product Specialist

The Value of Data Modeling for the Data-Driven Enterprise

J2EE Application Development : Conversion and Beyond Osmond Ng

webmethods EntireX for ESB: Leveraging Platform and Application Flexibility While Optimizing Service Reuse

<Insert Picture Here> Managing Oracle Exadata Database Machine with Oracle Enterprise Manager 11g

Title DC Automation: It s a MARVEL!

Luckily, our enterprise had most of the back-end (services, middleware, business logic) already.

Networking for a smarter data center: Getting it right

Transcription:

Infrastructure Architecture: Architecting the Right SOA Infrastructure Robert Insley Principal SOA Global Technology Services 2007 IBM Corporation

SOA Architect Summit Roadmap What is the impact of SOA on current Enterprise Architectures? Business Strategy Information Technology Strategy Alignment of Business and IT Architectures SOA Reference Models SOA Governance Enterprise Architecture Business Architecture Processes Information People Transition Plan EA Governance Business Operating Environment and IT Infrastructure IT Solutions IT Architecture Applications Information Technology How do you develop SOA with a business focus? Business Components SOA Design Business Process Management How do you reuse applications in the context of SOA? Asset Discovery Application Reuse How do you leverage information in an SOA? Information as a Service Master Data Management How does my infrastructure support SOA? Service Management / QoS Security 3

Agenda IBM SOA Architect Summit SOA Requires New Thinking About Infrastructure Infrastructure Considerations for SOA Performance Availability Service Management Security Virtualization IBM Capabilities to Support SOA Infrastructure Architecture Summary 4

SOA Represents a Marked Change in IT Prioritization And Requires a New Way of Thinking Old Thinking IT maintains IT resources that support the business New Thinking IT delivers services designed to meet business goals From Silos to Services 5

SOA and Layers of Abstraction Processes Services Applications SOA Infrastructure Middleware Virtualized Infrastructure Physical Infrastructure 6

How Does SOA Impact Infrastructure and Management? SOA Characteristics Applications reused in new dynamic ways Key Infrastructure and Management Considerations Performance Services combined from multiple sources Rapid deployment Services route to any available resource Distributed access Service Management Virtualization Availability Security 7

Agenda IBM SOA Architect Summit SOA Requires New Thinking About Infrastructure Infrastructure Considerations for SOA Performance Availability Service Management Security Virtualization IBM Capabilities to Support SOA Infrastructure Architecture Summary 8

SOA Introduces Performance Challenges Measuring performance across organizational boundaries can be more difficult than in siloed applications Response time estimation is more challenging in a more distributed environment Performance costs can be difficult to predict Performance testing an SOA application requires the use of new techniques Increased requirement for XML processing may impact performance 9

Performance Should Not be an Afterthought It Should be Engineered into the Solution Performance in SOA systems should be a combination of performance engineering and performance management SOA-based applications can change the way an infrastructure performs XML message transformation, location, message size, frequency More complex applications and transactions Each of the components should be used to build a performance budget, transaction models and use cases Middleware and server sizing need to be done with the application teams How many, how available, virtualized, system platform Don t forget about security overhead Authentication, Authorization, Encryption 10

SOA Performance Testing Concepts Test SOA applications throughout the development lifecycle Test tools must be separate and external to the SOA environment Use multiple diverse datasets that are representative of an SOA workload Stress test the solution to detect latency issues Run tests in a comparable environment to the deployment environment Use multiple test tools similar results from multiple test tools using identical data sets validates the tests 11

SOA Performance Testing and Problem Analysis Tools Validate system scalability Workload modeling for automated generation of test clients Automated generation of performance tests Real-time reporting of server response time and throughput Service response time Isolate performance bottlenecks and resolve problems Monitoring support for services across multiple platforms Collection and visualization of server resource data root cause analysis Visualization of server resource data 12

Monitoring Transaction Performance in SOA Response Time Metrics in a Distributed Environment Composite applications span technology and platform boundaries Can be difficult to identify and isolate performance bottlenecks Use lightweight instrumentation that can be dynamically configured to proactively identify performance problems ITCAM for Response Time Tracking Use industry-standard ARM-based instrumentation to isolate the problem ITCAM for WebSphere 13

Guidance for SOA Performance The SOA performance model should be created and maintained throughout the lifecycle as the application is built Performance testing needs to obtain sufficient metrics to validate that services meet performance expectations Use established techniques to meet SOA performance requirements Design, test, and retest to confirm that non-functional requirements are met Implement an integrated solution that will automatically monitor, analyze and resolve response time problems Consider dedicated network appliances to optimize and accelerate XML parsing and security processing 14

IBM SOA Architect Summit Techniques for High Availability and Scalability Directory & Security Services 8 Existing Apps & Data 15 1 2 3 4 5 7 Business Logic 2 8 2 5 6 7 8 2 3 1 4 1 8 Connectors HTTP Server UI Logic 8 3 1 Internet Firewall App. Client Dispatcher Internet Firewall Browser Client 1 8 Business Partners / External Services 3 UI Data Business Data 1 Faster Machines 4 Segmented Workload 7 Connection Management 2 Replicated Machines 5 Request Batching 8 Caching 3 Specialized Machines 6 Data Aggregation

High Availability in the SOA World An application may exist on multiple servers in different locations Applications need to be availability aware in case a service within the workflow is unavailable SOA applications impact service availability levels SOA introduce new application dependencies, including externally provided services Need to understand the end-to-end view Monitoring, management and reporting is required to achieve predictable availability in an SOA environment Plan for the unexpected What are the non-functional requirements? What systems are you using? Distributed? Mainframe? Where are they located? How will they be accessed? The more components in the transaction, the greater the risks for failure or human error 16

Guidance for SOA Availability There are an increased number of components in an SOA infrastructure, so test rigorously for availability Create failover plans based on criticality of applications and services Take advantage of established availability techniques Each component requires its own availability architecture Leverage capabilities like Workload Management, High-Availability Manager, Deployment Manager, etc. Some components may require both hardware and software clustering Databases, enterprise messaging infrastructure, SOA appliances 99.9% 99.9% 99.9% 99% 99% Aggregate 97.7% Intranet Process Server Message Broker Relational Database 17

Monitoring of business processes Monitoring of services Governance Data Architecture (meta-data) & Business Intelligence QoS Layer (Security, Management & Monitoring Infrastructure Services) Integration (Enterprise Service Bus) Monitoring of operational systems IBM SOA Architect Summit The Challenges of Managing SOA Channel B2B Consumers Business Process Composition; choreography; business state machines Service Consumer Services atomic and composite Service Components OO Application Custom Application Packaged Application Operational Systems Service Provider 18

Service Management Requires a Closed-Loop Approach How does this relate to the business service? What s happening with the infrastructure? What actions do we take to correct the problems? 19

IBM Service Management What s happening with the infrastructure? How does this relate to the business service? What actions do we take? Infrastructure and application discovery Server monitoring Storage monitoring Network monitoring Data monitoring Application monitoring Service monitoring Dashboard Application dependency mapping Business service management Service level management System reconfiguration Data restore User identity provisioning System and application restart Infrastructure deployment Service mediation 20

Key Elements for Managing Services There are 3 key components in services management: 1. The runtime environment this is where messages are routed, secured, transformed, filtered and logged 2. The management server aggregates the data from all of the endpoints and runtimes and sends configuration changes based on policy Service Requestor Web Services 2 1 3 Runtime or Policy Enforcement Point SOA Management Server Service Provider 3. The registry stores meta data about services and policies SOA Registry 21

Dynamic Service Support Dynamically Changing Service and Application Relationships Support Change Process Initial state Use to validate that planned changes were executed and that the results are as expected Pre-Change Validation What applications does a component support? Reduce unintended consequences Improve MTTR (Mean Time to Resolution) Accurate application maps show you what is important Find the Last Change before a problem shows up Simplify impact analysis Configuration Drift Notice when Configurations change and notify operations Keep bit-rot from impacting operational readiness Relationships & Dependencies Service Registry & Repository Service Reconciliation Discover Services 22

Logical Elements of an SOA Management Solution Web Services Security PEP Web Services Application Server Container PEP Container PEP Integration PEP CICS/ IMS/ DB2 Service Requestor Services Management Service Registry & Repository Identity and Access Management Enterprise Identity Directory Enterprise Auditing and Data Warehousing Systems Management Portal and Service Level Reporting 23

Integrated Visibility of SOA Resources Integrated Console Service Consumer Service Provider Consumers Business Process Composition; choreography; business state machines Services atomic and composite Service Components Operational Systems Channel Service Management Application Monitoring Packaged Resource Application Monitoring B2B Custom Application Resource Monitoring OO Application Transaction Tracking Integration (Enterprise Service Bus) QoS Layer (Security, Management & Monitoring Infrastructure Services) Data Architecture (meta-data) & Business Intelligence Governance Integrated Reporting 24

Guidance for Service Management Establish operational and business-focused management and monitoring perspectives Monitor the end-to-end solution to isolate and fix problems Automate provisioning and control of services to meet SLAs Make use of tools to improve application availability Track/predict change to reduce costs and downtime 25

SOA Security Considerations SOA introduces raise additional security issues How do we identify and authenticate the service requester? How to we identify and authenticate the source of the message? Is the client authorized to send this message? Can we ensure message integrity & confidentiality? How do we audit the access to services? How do we leverage Web services security standards? How do we propagate identities with trusted service providers? XML Web services may expose backend systems in unintended ways SOA security may require multiple layers of enforcement perimeter, gateway, app server, application Traditional security devices do not secure XML/SOAP 26

Logical Elements of SOA Security Web Services Security PEP Web Services Application Server WSSM JAAS/ JACC Integration PEP CICS/ IMS/ DB2 Service Requestor ws-trust Trust Management ws-trust Line of Business Security Risk Assurance Network Operations Policy Management Identity and Access Management Enterprise Directory Enterprise Auditing and Data Warehousing Systems Management Portal and Service Level Reporting 27

SOA Security Trust Model Policy 1. Get Token Security Token Service Policy Security Token Claims Requestor 3. Validate Token Claims Security Token 2. Send Message (including token) Provider Policy Security Token Claims Identity Federation and Web Services requires trust This trust is based on agreements between partners & expressed as policies Trust can be enabled by technology Trust requirements expressed as infrastructure policies and requirements Security tokens include identity information; Cryptographic keys used to sign Security Tokens Technology needs to be standards based Standard ways to express and exchange policies that reflect trust relationships Agreed token format, information content, signing and encryption methods 28

XML Security Appliances Can Simplify and Accelerate SOA Security Internet IP Firewall XML Security Appliance Application Server Access & Identity Management XML/SOAP firewall enables filtering on any content, metadata or network variables Incoming and outgoing XML and SOAP is validated at wire speed Security can be performed at the field level WS-Security Encrypt & sign individual fields Non-repudiation Provides XML/Web services access control 29

Guidance for SOA Security Security authorization needs to be granular at the service level Understand existing corporate security policies (especially approval and audit process) and apply them in the SOA environment Work with the SOA application teams to understand the requirements Understand the trade-offs of security, performance and cost Choose policy-based over programmatic approaches to allow security decisions to be implemented at service invocation Evaluate performance implications of security implementations Consider XML appliances to accelerate security processing 30

Virtualization Decouples IT Infrastructure from Applications Windows Servers Windows Server Application Application Application Unix Servers Networking Unix Server Networking Virtualization Management Servers Storage Servers Storage Linux Server Networking Linux Servers Complex Islands of computing and data Physical resources are bound to applications Disparate management tools Manual provisioning Consolidated Fewer devices and licenses Increased utilization Physical resources still bound to applications disparate management tools Labor intensive provisioning Virtualized Pools of resources Logic and physical resources decoupled Standardized, automated infrastructure management Automated provisioning 31

Infrastructure Optimization & Virtualization Optimize infrastructure investment and prioritize applications and users in a mission-critical manner Provide high availability and redundancy for business-critical applications Increase server utilization to optimize capital & administration costs Ensure that the most important applications and users are given priority according to business and IT policies Flexibly respond to unforeseen application demand Resource Optimization Application Prioritization High Availability Utilization Importance Assurance 32

Guidance for Virtualization Consolidate servers, storage & network assets for greater efficiency & reduced complexity IT resources should be used across applications without regard to where they physically reside Replace error-prone manual tasks & repetitive IT resource/capacity management tasks with automated capabilities Dynamically allocate IT capacity to meet business goals for increased infrastructure agility and readiness for growth 33

Agenda IBM SOA Architect Summit SOA Requires New Thinking About Infrastructure Infrastructure Considerations for SOA Performance Availability Service Management Security Virtualization IBM Capabilities to Support SOA Infrastructure Architecture Summary 34

Mapping to the IBM Products Development Services Integrated environment for design and creation of solution assets Interaction Services Enables collaboration between people, processes & information WebSphere Portal Information Services Manages diverse data and content in a unified Partner Services Business App Services Access Services Connect with trading partners Business Services Supports enterprise business process and goals through businesses functional service Process Services Orchestrate and automate business processes Enterprise Service Bus Build on a robust, scaleable, and secure services environment Management WebSphere manner Process Server Services Facilitate interactions with existing information and application assets Apps & Info Assets Manage and secure services, applications & resources Tivoli Composite Application Managers Tivoli OMEGAMON XE for Messaging Tivoli Federated Identity Manager Tivoli Access Manager Infrastructure Services Optimizes throughput, availability and utilization Tivoli Provisioning Manager Rational Tester for SOA Quality Rational Performance Tester Extension for SOA Quality WebSphere XD WebSphere DataPower SOA Appliances Tivoli Intelligent Orchestrator 35

The Keys to Architecting an SOA Infrastructure In the real-world, SOA-based applications put a lot of stress on a typical infrastructure From a business view, the application layer is geared towards simplification but the infrastructure can become complex The IT Infrastructure/Middleware Architect cannot let the SOA application become a black box within the infrastructure Visibility of quality of service metrics within the SOA application is crucial to achieving performance and availability goals As an IT Infrastructure Architect, one needs to know what is in the toolbox and how to build the best infrastructure for the SOA application 36

Hindi Thai Traditional Chinese Gracias Russian Spanish Thank You Hvala Slovenian Arabic Grazie Italian Köszönöm Hungarian Simplified Chinese Danke German Korean Merci French Japanese 37

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback