radovan janecek avoiding s o a pitfalls
TRANSCRIPT
1 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
Founding Sponsors
This Presentation Courtesy of the
International SOA Symposium
October 7-8, 2008 Amsterdam Arena
www.soasymposium.com
Gold Sponsors
Platinum Sponsors
Silver Sponsors
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice
Avoiding SOA Pitfalls
Radovan Janecek
Chief Architect, BTO, HP Software
June 2008
2 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
Eight Years of SOA Wins and Mistakes
• Co-founded Systinet (2000)
−Web Services stacks in C++ and Java
−Service Registry
−SOA Governance
• Led SOA Center in Mercury/HP (2006)
−SOA Governance, Quality, Management
• BTO Architecture (2008)
−Service and Data Models
− Integration strategy (SOA based)
To Remember
• SOA is GOOD as it SIMPLIFIES big initiatives
−Business Service Management
−Business Service Automation
−Service Portfolio Management
• Beware of Snake-Oil Architecture
−The more EAI the worse SOA
• SOA Governance is a must
4 21 October 2008
3 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
BTO Blueprint
5 21 October 2008
IT STRATEGY IT OPERATIONSIT APPLICATIONS
Manage service lifecycle
Continually improve services
Manage assets, improve service cost efficiency
Self servicecapabilities
Manage business
requirements
Manage quality
requirements
Verify functional
quality
Automate test
planning, execution
Analysisof defects
Ensureapplication
security
Vulnerabilityassessments
for development,
QA and production
Validate performance
Diagnose performance
problems
Tune environment
Quality Management
QA
BusinessCAB
Automate configuration and change (client, server, network, storage)
. Manage IT compliance and auditProvision and scale
Baseline environment
IT Service Management
DESIGNASSEMBLE
/BUILD
Development
ITIL Service Desk
Compliance / Security
Operations CAB
Manage enterprise portfolio
Resource constrained
portfolio optimization
Manage projects and programs
Control and enforcement
Portfolio andFinancial
Management
CIO/Biz/IT Steering
Committee
FederatedCMDB
Discovery+ mapping
• Projectproposals
• Newapplications
• New services
• Newarchitectures
Strategic Demand
Operational Demand
• Defects• Enhancements
• Operationalchange requests
• Service catalog• Knowledge mgmt.
SLAs andincidents
RFCs and
incidents
Change impact andcollisions
Quality management
repository
Defects andissues
New projects and
enhancements
Remediation
BUSINESSBUSINESS STRATEGY BUSINESS OPERATIONS
Manage SOA portfolio
Publish services and manage consumption
CTO Office
SOArepository
Serviceportfolio repository
Change notification
Tests - Monitors
Manage business transaction and
end-user experience
Manage composite applications
and SOA services
Business Service
Management
Application Support
Manage infrastructure
domains, eventsand services
NOC
Isolation,triage
Business impact
PMO
Operations Orchestration
Business ServiceAutomation
LET’S TALK ABOUT PITFALLS
6 21 October 2008
4 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
Agenda
In scope
• Organization
• Solutions vs Integrations
• SOA vs EAI
• Point-to-Point vs HUB
• Common Data Model
• API granularity
• Standards
Out of scope
• Performance
• Security
• Language binding
• Testing
7 21 October 2008
Organization
• Project driven SOA
−Perhaps good validation in small scope
• SOA Governance
− Lack of
−Too ambitious
• Only technical view
−“It‟s a software architecture” view
8 21 October 2008
5 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#1: Project-driven SOA
• SOA is implemented within specific project(s)
• Good− Validation of the concept
− Starting point
• Bad− Silo reinforcement
− No proof it will work across silos
• Reasons− Alignment with business, Commitment, Experience
− Financial: funding, incentives
− Trust!
9 21 October 2008
#1: Suggestion
• Align with business on the importance
−Cross-portfolio (silo) integrated solutions
− Identify the most critical solutions (not services!)
• Define SOA Governance model
10 21 October 2008
Funding Model, Commitments
Trust, Experience, Alignment
6 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#2: SOA Governance
• No or wrong governance practices
• Good
−You can move faster short-term
• Bad
− JBOWS, poor execution
• Reasons
−Project scope (hard to find ROI)
−Technical view (we already have technical governance!)
−Too ambitious model inherited from project experience
11 21 October 2008
#2: Suggestion (part 1)
• Create centralized R&D counterpart to business for strategic decisions
• Create SOA Center that
−Defines processes, best practices, compliance guidelines
−Selects appropriate standards
−Executes the governance processes
−Centralizes Service and Data models creation efforts
12 21 October 2008
Expertise, Communication
7 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#2: Suggestion (part 2)
• May centralize Solution Testing and Certification
• Keep development decentralized
−Creation of centralized “integration team” reinforces “somebody-else‟s-problem” behavior
• VISIBILITY
−Everything online: plans, compliance reports, experience sharing, service rating, catalogs, blueprints
13 21 October 2008
Pragmatic Execution Model
#3: Technical View
• SOA seen as software development detail
• Good−Focus on technical excellence
• Bad−#1, #2
−Over-engineered architecture
−Focus on HOW instead of WHAT
• Reasons−SOA is driven mainly by architects
−Software creation doesn‟t matter anyway
14 21 October 2008
8 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#3: Suggestion
15 21 October 2008
Start with #1!
#4: Solutions vs Integrations
• Building integrations without higher-level view−Let‟s move customer entry from here over there
• Good− Integration is done fast
• Bad−Too many integrations are not reusable
−Hard to identify and remove functional overlaps
−Service and Data model cannot be reasonably created
• Reasons−EAI habits, #1 (project-driven soa)
16 21 October 2008
9 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
Example: Change Management Solution
• End-to-end− From discovering a reason for change
− Thru planning, approvals, and execution− To verifying the effect of the change
− Multiple reasons for change, multiple workflows/processes
17 21 October 2008
Nice and simple ITIL
One of multiple scenarios by BTO
#4: Suggestion
18 21 October 2008
Start with #1!
10 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#5: SOA vs EAI
• EAI in angle brackets
• One of the top SOA failure reasons
• Good
− Leveraging EAI tools and skills
• Bad
−Everything
• Reasons
−#1, #2, #3, #4
19 21 October 2008
More on SOA vs EAI
20 21 October 2008
EAI SOAa b
c
d
e
11 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
BTO Blueprint
21 21 October 2008
IT STRATEGY IT OPERATIONSIT APPLICATIONS
Manage service lifecycle
Continually improve services
Manage assets, improve service cost efficiency
Self servicecapabilities
Manage business
requirements
Manage quality
requirements
Verify functional
quality
Automate test
planning, execution
Analysisof defects
Ensureapplication
security
Vulnerabilityassessments
for development,
QA and production
Validate performance
Diagnose performance
problems
Tune environment
Quality Management
QA
BusinessCAB
Automate configuration and change (client, server, network, storage)
. Manage IT compliance and auditProvision and scale
Baseline environment
IT Service Management
DESIGNASSEMBLE
/BUILD
Development
ITIL Service Desk
Compliance / Security
Operations CAB
Manage enterprise portfolio
Resource constrained
portfolio optimization
Manage projects and programs
Control and enforcement
Portfolio andFinancial
Management
CIO/Biz/IT Steering
Committee
FederatedCMDB
Discovery+ mapping
• Projectproposals
• Newapplications
• New services
• Newarchitectures
Strategic Demand
Operational Demand
• Defects• Enhancements
• Operationalchange requests
• Service catalog• Knowledge mgmt.
SLAs andincidents
RFCs and
incidents
Change impact andcollisions
Quality management
repository
Defects andissues
New projects and
enhancements
Remediation
BUSINESSBUSINESS STRATEGY BUSINESS OPERATIONS
Manage SOA portfolio
Publish services and manage consumption
CTO Office
SOArepository
Serviceportfolio repository
Change notification
Tests - Monitors
Manage business transaction and
end-user experience
Manage composite applications
and SOA services
Business Service
Management
Application Support
Manage infrastructure
domains, eventsand services
NOC
Isolation,triage
Business impact
PMO
Operations Orchestration
Business ServiceAutomation
#5: Suggestions
• Observe warning signs
−“Let‟s put these two onto the same database”
−“We need distributed transactions here”
−…
• Be SOA fundamentalist until tightly coupled scenario is needed
22 21 October 2008
Understanding of SOA vs EAI
12 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#6: HUB Better Than Point-to-Point
23 21 October 2008
#6: HUB Better Than Point-to-Point
24 21 October 2008
13 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#6: HUB Better Than Point-to-Point
• Nothing wrong on P2P if Governance is in place
• HUB will not help if Governance is missing
• Advantages hypothetical− Real dependencies are not that complex
• Disadvantages are real− Deployment cost, integration cost (multiple HUBs), evolution
issues (multiple places to change)
• HUB de-facto implements additional business logic− E.g. content based routing, orchestration, etc.
− Who owns it? What about contracts?
− Why is this logic not provided by a service?
25 21 October 2008
#6: Suggestion
• SOA: Service, Consumer, Contract – no HUB
• Use Service Registry for late binding
• Strictly use middleware-type HUBs behind service‟s façade
• Do contract management (even very simple one helps)
26 21 October 2008
Time saving, Right focus, Success
14 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#7: Common Data Model
• False: Strict CDM is a must for SOA success
• Good
−Common vocabulary and shared data structures help
• Bad
−Slows down too much
−Questionable ROI
• Reasons
−EAI thinking not realizing SOA has bigger scope
27 21 October 2008
#7: Suggestion
• Align on key business taxonomies
• Define data model guidelines
−Standards, metadata, evolution, customizations
• Identify key use cases (solutions) and key services
• Allow for relaxed semantics across them
• Again: model is driven by contract
28 21 October 2008
Data Model will grow with your SOA
15 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
Other
Related
#7: Suggestion Visual
29 21 October 2008
CMS
Core
Configuration Management
#7: Suggestion Visual
30 21 October 2008
16 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#8: API Granularity
• Services provide rich „chatty‟ interfaces
• Good−Fast legacy API re-use
• Bad−Tight coupling
−Exploding complexity
• Reasons−Services treated as components
− Low control over 3rd party software
31 21 October 2008
#8: Suggestion
• Refactor existing API
−Consider REST
• Move as much business logic to the endpoints as possible
32 21 October 2008
Less features, More reliability
17 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
#8: Suggestion Visual: Create Incident
33 21 October 2008
lookup
create
update
?
lookup
create
update
?submit
BPEL
?
submit
?subscribe
Event Source Incident Manager
#9: Standards
• Standards are not enough!
− Generic envelopes
− Industry standards often „tailored‟ when used
• Data externalization rules
− Mapping to standards
• Dates, Versions, References, MIME types, etc.
− Identification
− Cross references (hyperlinks?)
• Business vocabulary and taxonomies
• Look carefully at adoption outside of your company
34 21 October 2008
18 October 2003 Copyright © 2006 HP corporate presentation. All rights reserved.
Summarizing…
• SOA is more about good methodology and process rather than technology−More guidelines than middlewares
−More communication than features
• Beware of pitfalls−Most of them come from „legacy thinking‟
• Governance is key as we are working on „global‟ level
35 21 October 2008
THANK YOUQ&A
36 21 October 2008