Malta soa infrastructure

Service Oriented IT Infrastructure Malta, feb 5th, 2008 Juan Claudio Agui IBM Technology Services [email_address]

Service Oriented Architecture and IT Infrastructure
What is SOA ?
SOA infrastructure
Why it is important to have a vision of SOA that includes the IT Infrastructure ?
What is the “SOA Infrastructure”
New key components in the SOA World
Key success factors for a Factores clave de Éxito en una infrastructura SOA
A SOA Project: Services and Architecture design
Final Message:
Examples….
“ Elevator Pitch” : Why think on the IT Infrastructure when initiating a SOA project ?

What is SOA ? How is the new SOA IT Infrastructure

Analysts suggest that Services Oriented Architecture will be a key tool for enabling change and alignment between business and IT Top Challenges in Managing IT Source: AMR Research, 2005 Top Expected Benefits of Services Oriented Architecture Integration Takes too long for IT to respond to changing requirements Can’t configure business processes as needed Faster and more flexible reconfiguration of business processes Cost of managing IT is too expensive Too hard to get ROI from upgrades Decrease of operational costs of information technology and business processes SOA is a strategy for designing software that helps eliminate the distinction between business processes and the technologies that enable them.

A Services Oriented Architecture (SOA) allows you to expose key IT capabilities and make them available in new ways … and breaks them down into services… These services can be integrated and used to build new capabilities… A service-oriented architecture (SOA) is an architectural framework that takes business applications… … supporting new functionality from within your current portfolio or from your extended value chain. … that can be made available for use independent of the applications and the computing platforms on which they run. Services … or repeatable business task – e.g., open new account, check credit history New Capabilities Hybrid Credit Product System (new) WebCredit Portal Access (new) Partner Service SOA Definition Business Applications Fixed Rate Mortgage System Adjustable Rate Mortgage System Unsecured Loan System Integrated Statement Processor Mainframe/Legacy .NET Custom J2EE Packages Request Answer Service

Example: A mortgage bank uses SOA to build a new hybrid credit product and a web portal as a new channel Business Applications New Offerings and Applications Services Hybrid Credit Product System (new) Submit Loan Application Calculate adjustable rate Check mortgage balance Check credit score Partner Service A bank has multiple systems for its various mortgage products and processes These systems can be broken down to expose the basic services they perform, such as submitting a loan application and calculating interest rates The services can be re-arranged to offer new products, such as a hybrid credit product that combines features of a fixed and adjustable mortgage, and a web portal that offers access to all credit products Fixed Rate Mortgage System Adjustable Rate Mortgage System Unsecured Loan System Integrated Statement Processor Submit Loan Application Select loan duration Determine Risk Profile Calculate adjustable rate Display Balance Due Calculate available credit Check mortgage balance Send billing notification WebCredit Portal Access (new) Send Billing Notification Display Credit Score

There are two forces behind SOA that differentiate it from previous architectural approaches
Maturing technology standards (web services) are the game changing aspect that allow for a new level of interaction and provide for a common standard that supports:
New component development
Transformation and integration of existing applications
Package integration
A new paradigm shift designing software as linked services changes the way software is designed and developed
Software developed and integrated by linking defined services
Services exposed from your existing, company portfolio of applications
Services exposed from new applications you are building
Services exposed from your partners systems or systems in your value chain
Called services orientation , this thinking enables a tighter alignment of business and technology.
Businesses are experiencing tremendous benefits as they put SOA into practice, such as increased revenues, decreased costs, and enhanced flexibility

SOA Impacts All Areas! Process People Reuse Connectivity Information Business view Process to optimize IT flexibility

The SOA Reference Model links the value of both Functinal and Technical teams Servers, Networks, Storage, Devices Physical Infrastructure ESB, Service Mgmt, Data Mgmt and Integration, Security Mgmt, Virtualization & Orchestration Middleware Processes Services Applications Virtualized Infrastructure “ Functional“ focus is on “ WHAT ” the processes and services should be, how to liberate services from applications and how to govern the services across lines of business. Technology focus is on “ HOW ” to integrate applications with IT infrastructure, simplifying interfaces, deploying a stable, robust infrastructure to support the business, and the operational management and efficiency of the IT. SOA Infrastructure Governance Data Architecture & BI Quality of Service Integration ESB Operational Systems Service Components Services - atomic and composite Business Process Consumers Packaged Appl. Custom Application

SOA Reference Architecture: Supporting your SOA Lifecycle Business Innovation & Optimization Services Development Services Interaction Services Process Services Information Services Partner Services Business App Services Access Services Integrated environment for design and creation of solution assets Manage and secure services, applications & resources Facilitates better decision-making with real-time business information Enables collaboration between people, processes & information Orchestrate and automate business processes Manages diverse data and content in a unified manner Connect with trading partners Build on a robust, scaleable, and secure services environment Facilitates interactions with existing information and application assets IT Service Management Infrastructure Services Optimizes throughput, availability and performance Apps & Info Assets ESB Facilitates communication between services

Una infraestructura emergente para SOA
Un conjunto de hardware y software que soporta las aplicaciones y sobre el que se construye una arquitectura orientada a servicios
Basada en estándares abiertos
Orientada a la Información
Service & event enabled
Portal Business Process Choreographer Process models Enterprise Service Bus Match and route messages Transform messages Distribute business events Activity Monitoring Service Registry and Repository Application Presentation Services Integration & Event Services ERP Apps Custom Apps ISV Apps Infrastructure Clustering Security Provisioning Configuration Data Management Directories Identity Management Web Cache Data and Metadata Services Activity Monitoring

SOA Governance Model Skills Infrastructure & Tools Skills Infrastructure & Tools Principles, Policies, Standards & Procedures Implemented by Monitors & Metrics Governance Mechanisms Managed by Monitored by SOA Vision Communication Exception/Appeals Vitality Compliance Organizational Change Management Governed Processes Service Design Service Transition Service Strategy Service Operation SOA Strategy Service Modeling Service Design Service Testing Service Deployment Service Delivery Service Architecture Define Service Funding Security Management Service Assembly Service Ownership Event Management & Service Monitoring Service Support Supported by

Why it is important to have a vision of SOA that includes the IT Infrastructure ?
New key components in the SOA World
Key sucess factors in an SOA infrastructure

SMART SOA... S calable M anageable A daptable R esponsive T ransactional

How Does SOA Impact Infrastructure and Management?
Applications reused in new dynamic ways
Services combined from multiple sources
Rapid deployment
Services route to any available resource
Distributed access
SOA Characteristics Key Infrastructure and Management Considerations Performance Service Management Security Virtualization Availability

SOA Introduces Performance Challenges
Measuring performance across organizational boundaries can be more difficult than in siloed applications
Response time estimation is more challenging in a more distributed environment
Performance costs can be difficult to predict
Performance testing an SOA application requires the use of new techniques
Increased requirement for XML processing may impact performance

Performance in SOA systems should be a combination of performance engineering and performance management
SOA-based applications can change the way an infrastructure performs
XML message transformation, location, message size, frequency
More complex applications and transactions
Each of the components should be used to build a performance budget, transaction models and use cases
Middleware and server sizing need to be done with the application teams
How many, how available, virtualized, system platform
Don’t forget about security overhead
Authentication, Authorization, Encryption
Performance Should Not be an Afterthought It Should be Engineered into the Solution

SOA Performance Testing Concepts
Test SOA applications throughout the development lifecycle
Test tools must be separate and external to the SOA environment
Use multiple diverse datasets that are representative of an SOA workload
Stress test the solution to detect latency issues
Run tests in a comparable environment to the deployment environment
Use multiple test tools – similar results from multiple test tools using identical data sets validates the tests

SOA Performance Testing and Problem Analysis Tools Service response time Visualization of server resource data
Validate system scalability
Workload modeling for automated generation of test clients
Automated generation of performance tests
Real-time reporting of server response time and throughput
Isolate performance bottlenecks and resolve problems
Monitoring support for services across multiple platforms
Collection and visualization of server resource data – root cause analysis

Monitoring Transaction Performance in SOA Response Time Metrics in a Distributed Environment
Composite applications span technology and platform boundaries
Can be difficult to identify and isolate performance bottlenecks
Use lightweight instrumentation that can be dynamically configured to proactively identify performance problems
Use industry-standard ARM-based instrumentation to isolate the problem
ITCAM for Response Time Tracking ITCAM for WebSphere

The SOA performance model should be created and maintained throughout the lifecycle as the application is built
Performance testing needs to obtain sufficient metrics to validate that services meet performance expectations
Use established techniques to meet SOA performance requirements
Design, test, and retest to confirm that non-functional requirements are met
Implement an integrated solution that will automatically monitor, analyze and resolve response time problems
Consider dedicated network appliances to optimize and accelerate XML parsing and security processing
Guidance for SOA Performance

There are an increased number of components in an SOA infrastructure, so test rigorously for availability
Create failover plans based on criticality of applications and services
Take advantage of established availability techniques
Each component requires its own availability architecture
Leverage capabilities like Workload Management, High-Availability Manager, Deployment Manager, etc.
Some components may require both hardware and software clustering
Databases, enterprise messaging infrastructure, SOA appliances
Guidance for SOA Availability Process Server Message Broker Relational Database 99.9% 99.9% 99.9% 99% 99% Aggregate 97.7% Intranet

Techniques for High Availability and Scalability Faster Machines 1 Existing Apps & Data Business Partners / External Services Business Data App. Client Browser Client UI Data 3 8 3 2 3 2 1 8 1 8 1 8 2 3 Replicated Machines Specialized Machines Segmented Workload 4 5 6 Request Batching Data Aggregation Connection Management 7 8 Caching Dispatcher UI Logic Business Logic Directory & Security Services 5 8 7 4 6 1 3 2 4 7 8 5 1 2 HTTP Server Connectors Internet Firewall Internet Firewall

Service Management Requires a Closed-Loop Approach What’s happening with the infrastructure? How does this relate to the business service? What actions do we take to correct the problems?

IBM Service Management What’s happening with the infrastructure?
Infrastructure and application discovery
Server monitoring
Storage monitoring
Network monitoring
Data monitoring
Application monitoring
Service monitoring
How does this relate to the business service?
Dashboard
Application dependency mapping
Business service management
Service level management
What actions do we take?
System reconfiguration
Data restore
User identity provisioning
System and application restart
Infrastructure deployment
Service mediation

There are 3 key components in services management:
Key Elements for Managing Services SOA Management Server Runtime or Policy Enforcement Point Web Services Service Requestor Service Provider 1 2 3
The runtime environment – this is where messages are routed, secured, transformed, filtered and logged
The management server – aggregates the data from all of the endpoints and runtimes and sends configuration changes based on policy
The registry – stores meta data about services and policies
SOA Registry

Improve MTTR (Mean Time to Resolution)
Accurate application maps show you what is important
Find the “Last Change” before a problem shows up
Simplify impact analysis
Configuration Drift
Notice when Configurations change and notify operations
Keep “bit-rot” from impacting operational readiness
Dynamic Service Support Dynamically Changing Service and Application Relationships Discover Services Relationships & Dependencies Service Reconciliation Service Registry & Repository
Support Change Process
Initial state
Use to validate that planned changes were executed and that the results are as expected
Pre-Change Validation
What applications does a component support?
Reduce unintended consequences

Logical Elements of an SOA Management Solution Security PEP Enterprise Identity Directory Identity and Access Management Services Management Application Server CICS/ IMS/ DB2 Container PEP Enterprise Auditing and Data Warehousing Web Services Web Services Service Requestor Container PEP Integration PEP Service Registry & Repository Systems Management Portal and Service Level Reporting

Integrated Visibility of SOA Resources Services atomic and composite Operational Systems Service Components Consumers Business Process Composition; choreography; business state machines Service Provider Service Consumer Integration (Enterprise Service Bus) QoS Layer (Security, Management & Monitoring Infrastructure Services) Data Architecture (meta-data) & Business Intelligence Governance Channel B2B Packaged Application Custom Application OO Application Integrated Reporting Service Management Application Monitoring Resource Monitoring Resource Monitoring Transaction Tracking Integrated Console

SOA Security Considerations
SOA introduces raise additional security issues
How do we identify and authenticate the service requester?
How to we identify and authenticate the source of the message?
Is the client authorized to send this message?
Can we ensure message integrity & confidentiality?
How do we audit the access to services?
How do we leverage Web services security standards?
How do we propagate identities with trusted service providers?
XML Web services may expose backend systems in unintended ways
SOA security may require multiple layers of enforcement – perimeter, gateway, app server, application
Traditional security devices do not secure XML/SOAP

Extending Security for SOA Identity, Assurance and Compliance
End-to-end identity propagation from silos to services
Control access levels to services with trusted identities
Provision identities automatically to reduce costs
Identity & access control across services Assure service security with message and user-based protection
Unified trust management to create secure communities
Secure XML messaging and threat protection
Identity-driven security across heterogeneous domains & environments (applications, services, data & transactions)
Monitor and enforce policies for audit & compliance
Enterprise security monitoring, management and reporting
Consistently enforce security policies for services
Automate user account validation to enforce access policies
Identity and Access Control Assurance Compliance

Logical Elements of SOA Security Security PEP Enterprise Directory Identity and Access Management Trust Management Application Server CICS/ IMS/ DB2 JAAS/ JACC Enterprise Auditing and Data Warehousing Web Services Web Services Service Requestor WSSM Integration PEP Systems Management Portal and Service Level Reporting Policy Management Line of Business Security Risk Assurance Network Operations ws - trust ws - trust

SOA Security – Trust Model Requestor Policy Security Token Security Token Service Policy Security Token Provider Policy Security Token Claims Claims Claims 1. Get Token 2. Send Message (including token) 3. Validate Token
Identity Federation and Web Services requires trust
This trust is based on agreements between partners & expressed as policies
Trust can be enabled by technology
Trust requirements expressed as infrastructure policies and requirements
Security tokens include identity information; Cryptographic keys used to sign Security Tokens
Technology needs to be standards based
Standard ways to express and exchange policies that reflect trust relationships
Agreed token format, information content, signing and encryption methods

XML Security Appliances Can Simplify and Accelerate SOA Security
XML/SOAP firewall enables filtering on any content, metadata or network variables
Incoming and outgoing XML and SOAP is validated at wire speed
Security can be performed at the field level
WS-Security
Encrypt & sign individual fields
Non-repudiation
Provides XML/Web services access control
IP Firewall Internet Application Server XML Security Appliance Access & Identity Management

Are hardened security devices – Penetration tested
Are purpose built embedded systems – Optimized for SOA processing
Are highly configurable – Simplified SOA architecture
Are able to process all formats of data (XML and others)
Are standards based – Work with existing infrastructure
Are used to address XML processing performance issues
Are used to augment standard infrastructure security
Can be used for light-weight message transformation
Are Not a general purpose server with some pre-loaded software
Are Not running a full standard operating system
The Emergence of SOA Appliances

Virtualization Decouples IT Infrastructure from Applications Windows Server Unix Server Linux Server Networking Storage Virtualization Storage Servers Networking Windows Servers Linux Servers Unix Servers Management Servers Networking Consolidated Complex Virtualized Application Application Application
Islands of computing and data
Physical resources are bound to applications
Disparate management tools
Manual provisioning
Fewer devices and licenses
Increased utilization
Physical resources still bound to applications
disparate management tools
Labor intensive provisioning
Pools of resources
Logic and physical resources decoupled
Standardized, automated infrastructure management
Automated provisioning

Value of a dynamic infrastructure for SOA implementations Support dynamic workload Increased integration required Decoupling of application from business process Need to meet Service Quality demands Manage to service levels & business goals Predict & manage across linked services Virtualized systems with access and resource pooling across a shared infrastructure Integration middleware connects processes Storage virtualization allows info sharing Manage virtualized infrastructure response to meet workload demands

End-to-end Virtualization Workload Virtualization Information Virtualization
Use server resources more effectively
Quickly adapt to changing workload and business requirements
Drive up utilization, achieve SLA
Automate selected admin functions to reduce complexity
Relieve load on backend data store
Improve transaction throughput & response time
Achieve near-linear scalability
Reduce or eliminate need for constant tuning
Resource Virtualization
Consolidate resources into a single virtual pool
Improved asset utilization
Dynamically allocate processing capabilities

SOA Implications on Non-functional Requirements
Infrastructure and Services security —How do we secure services, and how does this affect my overall infrastructure security goals?
Systems performance —How will XML transformation, between our legacy and distributed systems, affect application performance?
Availability/Recoverability/Reliability —What happens if one of my services is unavailable? Where are my applications located, and what are my dependencies between my business partners? How do I restore and resynchronize any associated data and metadata to keep data consistency?
Scalability —How do I ensure that the infrastructure will grow in line with volumes?
Manageability —How do I manage my services to tell whether they are available and performing? How do I validate my applications and ensure that they are meeting business goals?

Design the application without looking at the infrastructure
Just leave the infrastructure “as-is”
Have the application and infrastructure groups not talk to one another
Over-engineering the IT infrastructure
Not updating any of the processes that are involved with the new applications
Not focusing on the BASICS of good IT infrastructure and application development
SOA Infrastructure “Anti-patterns”

SOA Project…
Synched Functional and Technical approach

A dual path, for functional and Technical SOA adoption Strategy and Planing Design Implementation SOA Strategy Application Services Middleware Services Infrastructure Services Business Services SOA Governance and Project Management Test + Cutover Business Monitoring Infrastructure Roadmap Infrastructure Design Service Management Design Infrastructure Rollout Security Orchestration Virtualization Service Management and Monitoring Management Service Management Configuration Process Modeling Service Design Service Development Service ssembly

Final message
Real examples
A one-liner for SOA IT infrastructure

#1: <Bank> ESB PoC: Logical Architecture Service Registry & Governance (WSRR) Enterprise Service Bus (WESB + WMB) Business Process Management (WPS) WID : Websphere Integration Developer WMB : Websphere Message Broker WMB FE : WMB File Extender WTX : Websphere Transformation Extender File Handling (WMB FE) Interactive Applications (.Net) Back-End Applications (CICS/zSeries) Web Services Web Services BPEL Process Development (WID) Direct: Connect File Adapter WESB : Websphere Enterprise Bus (standalone or built-in WPS) WPS : Websphere Process Server WSRR : Websphere Registry & Repository Data Transformation Unit (WTX) Packaged Applications (ISVs) Web Services Adapters Phase 1

#2: <Telco> SDP PoC Caller ID Notification Service: “Call Control functionalities can route incoming calls to be presented (Caller ID) on the TV and the PC.”

#2: <Telco> SDP PoC SMS Voting : “This service enables voting while watching TV, using the mobile. Notification channels can be IPTV and the mobile.”

The role of IT Technical Architecture in SOA Projects: “An Elevator Pitch” The success of an SOA Project also requires the planned satisfaction of new requirements regarding Performance, Availability, Service Management, Security, and Virtualization on the underlying development, management, and production technical architectures. Moreover, an Enterprise SOA Architecture will require a well designed integration and connectivity architecture, with specific components, like the ESB, a BPM, and the services Registry; they are now a key part of the IT Infrastructure.

Thank You Merci Grazie Gracias Obrigado Danke Japanese French Russian German Italian Spanish Brazilian Portuguese Arabic Traditional Chinese Simplified Chinese Hindi Tamil Thai Korean

Malta soa infrastructure

by AngelKnight

Accessibility

Upload Details

Usage Rights

2 Embeds 5

Statistics

Malta soa infrastructure Presentation Transcript

http://www.slideshare.net	4
http://localhost	1