staples - an approach to a soa application gateway center of excellence

IBM IMPACT 2014 Conference (2800A)

An approach to a SOA application Gateway Center of Excellence

2014

Enterprise Integration Services

Prithvi Srinivasan(Prolifics) – Practice Director SOA/IntegrationAnandakrishnan Ramakrishnan(Staples) - Principle Software Engineer

Confidential - for internal use onlyEnterprise Integration Services

SOA Gateway COE - Agenda

• Background – Corporate Overview– IT Overview– Business case for SOA appliance

• Architecture • logical architecture• Physical and HA, Monitoring and

Disaster Recovery• Detailed Architecture

• Composite Service Patterns– Reusable Patterns– Service Design– Continuous Integration

• API Strategy– Take away

Confidential - for internal use only

Why a COE ?

• Centralized group to enforce Best Practice guidelines for all Services hosted on DataPower.

• Focused on building Reusable Patterns(Cookie Cutters)

• Focused on building Common Frameworks to offload NFRs – Security, Governance, Monitoring, limited Data Transform.

• High Level of Automation and High Quality Documentation

Background

• 2014• Enterprise Integration Services


Background -Corporate Overview

• Staples is the world’s largest office products company and second largest internet retailer.

• For 26 years, Staples has served the needs of business customers and its vision is to provide every product businesses need to succeed.

• Through its world-class retail, online and delivery capabilities, Staples offers office supplies, technology products and services, facilities and breakroom supplies, furniture, copy and print services and a wide range of other product categories.

• With thousands of associates worldwide dedicated to making it easy for businesses of all sizes, Staples operates throughout North and South America, Europe, Asia, Australia and New Zealand.


Background - IT Overview

2400 FTE capacity in the global IT organization

Multiple data centers – domestic and international

A portfolio exceeding 800 applications

IT development, management and governance activities

Applications• Manage and prioritize enterprise work• Reduce ‘lights on’ costs by consolidating

applications• Migrate existing applications to common

enterprise services

Infrastructure• Virtualization and enterprise governance• Standard service catalog with well

understood SLAs• Implement ITIL, CMDB methodologies and

tools


Background - Business Use cases

Security • PCI Compliance• Protect Staples applications and

infrastructure from internal and external security threats

Service Governance• Runtime representation of Service

Catalogue • Staples API

Accelerators - Increased performance without compromising design

Architecture



Architecture- Logical Design


Architecture - Physical Architecture

Composite Service Patterns



Security Gateway – PCI Domain


Reusable Patterns - Composite

Simple Patterns Used• Protocol Bridging • Service Façade• Polling Consumer• Authentication• Authorization• Auditing • Security Gateway• Content Filter


Internal ESB Security Gateway



Simple Patterns Used• Protocol Bridging• Service Façade• Content-Based Router• Polling Consumer• Legacy Wrapper• Decoupled Contract• Concurrent Contracts• SLM Enforcer• Exception Shielding• Threat Protection• Authentication• Authorization• Auditing• Security Gateway


DMZ B2B Gateway



Simple Patterns Used• Protocol Bridging• Service Façade• Content-Based Router• Exception Shielding• Threat Protection• Authentication• Authorization• Auditing• Tamper Proof Validation• Data Confidentiality• Security Gateway


Service Design - Logical View


Service Design - Routing


Service Design - Security


Service Design - Canonical

Continuous Delivery



Continuous Integration

•Ability deploy all ESB components as a single deployable unit• Continuous testing to validate backward compatibility and functional integrity



Continuous Integration – Check in process


Continuous Integration – Deployment process


Continuous Integration – Deployment process(Contd)

API Strategy



Website

SmartPhone

TabletPartners

ConnectedAppliances

ConnectedCars

GameConsoles

Internet TVs

Trillions2013 →

Website

Millions~1999 - 2000

stores (800) ###s web sites

Not having an API today is like not having a website in the 1990s…

APIs

Consumers expect to access data any time across multiple devices

Companies can re-invent interactions with customers,

suppliers & partners

Explosion of potential clients increases opportunity, risk and

innovation

The API and Service Economy


Business Owner IT

Developer

Consumers

New business opportunities• New markets• Increase customers• Enhance branding• Competitive advantage

Extend development team• Increase innovation• Increase scale

Partner/supplier alignment

Benefits

ChallengesBusiness strategy

Infrastructure• Security• Creation• Scalability

Operational control• Publish• Analyze• Monitor

API(s) – Opportunities vs Challenges

Closing Notes



Closing Notes-Take away

• Don’t short-change yourself on the vision to meet existing constraints• Phased Delivery Plan• Stick to common patterns and promote reuse• Follow 80-20 rule – Don’t make Perfect the enemy of Good• Use best practices • Socialize, training and documentation – Lunch and Learns, Webinars,

Architecture Forums…. Talk, Talk, Talk

staples - an approach to a soa application gateway center of excellence

Technology