Creating a SOA Application Gateway Center of Excellence


Published on

In this session, we will describe a phased approach to establishing an enterprise SOA Appliance/Application Gateway Center of Excellence in a heterogeneous environment with varied tools. We will go through a detailed best practices-based approach with pattern-based implementation to lay down the foundation of a DataPower CoE. This approach will include building the right resource model, determining the appropriate list of reusable artifacts, and selecting best-of-breed technology. We will also discuss balancing long-term visions with immediate goals, agile development and delivery, deployment topology, reusable common service patterns, frameworks, DataPower continuous integration and delivery, integrating with CentraSite, Venafi, Jenkins, RSA, WebMethods, CoE Road map, ESB, PCI, and API Integration.

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Background Corporate OverviewIT OverviewBusiness case for SOA appliance Original stateReference ArchitectureFuture stateApproachGuiding PrinciplesAgile MethodologyCOE ApproachRole & Scope of Datapower 10 minsArchitecture logical architecturePhysical and HA, Monitoring and Disaster RecoveryDetailed ArchitectureCOE Modules – Implementation 15 minsReusable PatternsSecurityIntegrationGovernanceCompositeStandards and Guidelines DocumentationContinuous IntegrationClosing notes 5Take away
  • Add Security in the Gateway
  • Change to SOA Gateway
  • Creating a SOA Application Gateway Center of Excellence

    1. 1. Creating a SOA Application GatewayCenter of Excellence2013Enterprise Integration ServicesPrithvi Srinivasan – SOA/Integration Practice Director(PROLIFICS)Krishna Alluru – Manager IT(ESB)-(STAPLES)Tate Crumbley – Solutions Architect(STAPLES)
    2. 2. Enterprise Integration ServicesSOA Gateway COE - Agenda• Background– Corporate Overview– IT Overview– Business case for SOA appliance– Original state– Reference Architecture– Future state• Approach– Guiding Principles– Agile Methodology– COE Approach– Role & Scope of Datapower• Architecture• logical architecture• Physical and HA, Monitoring and Disaster Recovery• Detailed Architecture• COE Modules – Implementation– Reusable Patterns• Security• Integration• Governance• Composite– Standards and Guidelines Documentation– Continuous Integration• Closing notes– Take away
    3. 3. Background2013Enterprise Integration Services
    4. 4. Enterprise Integration ServicesBackground -Corporate Overview• Staples is the world’s largest office products company and second largestinternet retailer.• For 26 years, Staples has served theneeds of business customers and its visionis to provide every product businessesneed to succeed.• Through its world-class retail, online anddelivery capabilities, Staples offers officesupplies, technology products andservices, facilities and breakroom supplies,furniture, copy and print services and awide range of other product categories.• With thousands of associates worldwide dedicated to making it easy forbusinesses of all sizes, Staples operates throughout North and SouthAmerica, Europe, Asia, Australia and New Zealand.
    5. 5. Enterprise Integration ServicesBackground - IT Overview2400 FTE capacity in the global IT organizationMultiple data centers – domestic and internationalA portfolio exceeding 800 applicationsIT development, management and governance activitiesApplications• Manage and prioritize enterprise work• Reduce ‘lights on’ costs by consolidatingapplications• Migrate existing applications to commonenterprise servicesInfrastructure• Virtualization and enterprise governance• Standard service catalog with wellunderstood SLAs• Implement ITIL, CMDB methodologies andtools
    6. 6. Enterprise Integration ServicesBackground - Business Use casesSecurity• PCI Compliance• Protect Staples applications andinfrastructure from internal and externalsecurity threatsService Governance• Runtime representation of ServiceCatalogue• Staples APIAccelerators - Increased performancewithout compromising design
    7. 7. Enterprise Integration ServicesBackground - Staples Original State
    8. 8. Enterprise Integration ServicesBackground - Staples Reference ArchitectureGatewayGatewaySecuritySecurity
    9. 9. Enterprise Integration ServicesBackground - Staples Current StateBrokerBrokerISISDatabaseMWSOptimizeActiveTransferCentraSiteEnterprise Service BusMQMQReplicatedAMLAMLIS BrokerServiceConsumersHTTP/sSOAPSOAP_JMSServiceProvidersHTTP/sSOAPSOAP_JMSNativeFileFTPNativeIdentity RegistrySource Code ControlSiteScope ovoCactiITMonitoringXMLGatewayApplianceXMLGatewayAppliance
    10. 10. ImplementationApproach2013Enterprise Integration Services
    11. 11. Enterprise Integration ServicesApproach - Guiding Principles• Single point for management/control• Configuration driven development• Continuous delivery• Use tools based on their strengths,market usage and TCO• New Implementations follow existingdesign patterns & frameworks
    12. 12. Enterprise Integration ServicesApproach – Agile Development• Incremental delivery• Continuous integration• Working software through referenceimplementations• Architecture envisioning
    13. 13. Enterprise Integration ServicesApproach – COE• Central team for creating andmaintaining vision and plans• Reusability & Reduced time tomarket• Balance short term vs long term• Engineering Discipline
    14. 14. Enterprise Integration ServicesApproach - Role & Scope of Datapower
    15. 15. Architecture2013Enterprise Integration Services
    16. 16. Enterprise Integration ServicesArchitecture- Logical Design
    17. 17. Enterprise Integration ServicesArchitecture - Physical Architecture
    18. 18. Enterprise Integration ServicesArchitecture - Macro DesignRouting HTTP(s) MPGBusiness Service GroupSecurity DomainRouting DomainSOAP Sec MPGXML Sec MPGSec MQ-TextSec JSONRouting MQ MPGSOAP Sec MPGXML Sec MPGSec MQ-TextSec JSONBusiness Service GroupApplication Domain
    19. 19. COE Modules2013Enterprise Integration Services
    20. 20. Enterprise Integration ServicesReusable Patterns - Security• Service Perimeter Guard• Tamper Proof Validation (Signatures)• Data Confidentiality (Encryption)• SSL Termination• Message Screening/Threat Protection• Authentication/Authorization/Auditing
    21. 21. Enterprise Integration ServicesReusable Patterns - Integration• Protocol Bridging• Service Facade• Content-Based Route• Message Translator
    22. 22. Enterprise Integration ServicesReusable Patterns - Integration• Normalizer• Polling Consumer• Multi-Channel endpoint• Legacy Wrapper• Exception Shielding
    23. 23. Enterprise Integration ServicesReusable Patterns - Governance• Decoupled Contract• Service Level Agreement (SLA)Enforcer• Concurrent Contracts
    24. 24. Security GatewayEnterprise Integration ServicesReusable Patterns - CompositeSimple Patterns Used• Protocol Bridging• Service Façade• Polling Consumer• Authentication• Authorization• Auditing• Security Gateway• Content Filter
    25. 25. Internal ESB GatewayEnterprise Integration ServicesReusable Patterns - CompositeSimple Patterns Used• Protocol Bridging• Service Façade• Content-Based Router• Polling Consumer• Legacy Wrapper• Decoupled Contract• Concurrent Contracts• SLM Enforcer• Exception Shielding• Threat Protection• Authentication• Authorization• Auditing• Security Gateway
    26. 26. DMZ ESB GatewayEnterprise Integration ServicesReusable Patterns - CompositeSimple Patterns Used• Protocol Bridging• Service Façade• Content-Based Router• Exception Shielding• Threat Protection• Authentication• Authorization• Auditing• Tamper Proof Validation• Data Confidentiality• Security Gateway
    27. 27. Enterprise Integration ServicesStandards and Guidelines DocumentationInfrastructure Model for DataPower• DataPower physical infrastructure design with Multisite High Availability, Disaster Recovery• DataPower domains• Appliance Configuration• DataPower Network ConfigurationDataPower Best Practice Guidelines• Administration• Development• Configuration• Architecture• Deployment• Backup & RestorationStaples Enterprise Reusable Design Patterns – Security/Integration/Governance/Composite• Based on Staples requirements created predefined design & development patterns that canbe readily used by future developers to tackle project requirements
    28. 28. Standards and Guidelines DocumentationDataPower Build, Merge & Deployment automation Guides• Document that explains about creating DataPower code build and merging different codebuilds. Also, it provides tips and tricks to help automate the deployment of created codebuilds to single/multiple environmentsDataPower path to production• Release management solution to help release DataPower code in fast, secure andautomated manner.DataPower Support & Maintenance• Document and processes that can be used by support team to perform• Application support• Infrastructure support• Upgrades• Alerting & Monitoring• Backup & restoration of the appliance meta data and application meta data on a regularbasisReference Implementations• A sample reference implementation of each pattern is created in the Design patternsdocument
    29. 29. Continuous Integration• Ability deploy all ESB components as a single deployable unit• Continuous testing to validate backward compatibility and functional integrityEnterprise Integration Services
    30. 30. Closing Notes2013Enterprise Integration Services
    31. 31. Enterprise Integration ServicesClosing Notes-Take away• Clearly define the usage scope• Iterative releases• Stick to common patterns• Follow 80-20 rule• Use best practices• Socialize, training and documentation
    32. 32. Enterprise Integration ServicesSOA Gateway - COESlide 5 - 6 - http://rmi.orgSlide 11 - 12 - 13 -