Paul Butterworth S O A Runtime Governance Practices

537 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
537
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Paul Butterworth S O A Runtime Governance Practices

  1. 1. 1 Founding Sponsors This Presentation Courtesy of the International SOA Symposium October 7-8, 2008 Amsterdam Arena www.soasymposium.com info@soasymposium.com Gold Sponsors Platinum Sponsors Silver Sponsors SOA Runtime Governance Practices Paul Butterworth Chief Technology Officer AmberPoint, Inc October 2008
  2. 2. 2 © 2008 AmberPoint, Inc. 3 Agenda SOA Topologies SOA Runtime Governance Practices  Discover  Manage Service Quality  Manage Business Transactions  Prepare for greater scale  Validate changes Based on experiences with ~200 users © 2008 AmberPoint, Inc. 4 firewall Typical Service Network Topology Shared Services External Services Order Entry Accounting Partner Internal Services Credit  Services not applications  Shared  Dynamic  Federated
  3. 3. 3 © 2008 AmberPoint, Inc. Typical Service Network Infrastructure Java Service Mainframe Application Web Service DBMS Biz Application Biz Application Network Service Bus Appliance In all but the newest of environments, “SOA” ≠ “Just Web Services & XML” © 2008 AmberPoint, Inc. 6 Keys to Successful Governance and Management of SOA Applications  Continuous SOA Discovery  Service Management & Security
  4. 4. 4 © 2008 AmberPoint, Inc. 7 Keys to Successful Governance and Management of SOA Applications  Business System Validation  Closed Loop Governance  Continuous SOA Discovery  Service Management & Security  Business Transaction Management   Business  Architects & Development  Operations © 2008 AmberPoint, Inc. 8 Agenda SOA Topologies SOA Runtime Governance Practices  Discover  Manage Service Quality  Manage Business Transactions  Prepare for greater scale  Validate changes Based on experiences with ~200 users
  5. 5. 5 © 2008 AmberPoint, Inc. 9 Messaging Discovery and Application Mapping  Dynamic Discovery of your SOA environment…  Application Flow & Transactions  Dependencies  Services  Consumers  Runtime Policies & Metadata  …across Heterogeneous Infrastructure  Containers  ESBs & Process Engines  Appliances  Registries / Repositories  No application, message or header modifications  Closes the loop with design time governance A complete accounting of your SOA application environment Intended Design Running Reality Repositories Service Registries Home-grown Databases © 2008 AmberPoint, Inc. Hybrid Discovery Model Enterprise Service Bus • Approved Services • Intended Usage • Policies Runtime Repository Policies Data / Results service contract • Services (discovered, changes) • Scorecard Information • Policies (new, changes) Discovers Publishes  Publishes  Changes to services, endpoints and policies  Scorecard metrics – availability, performance, etc.  Dependencies  Detects discrepancy between intentions (design/dev) and reality (runtime) RealityDesign vs. Service Management Xact Management System Validation Closed Loop Governance Ensures Closed Loop Governance ? ? ? Software Development Tools Development Tools Repositories/ Registries Home-grown Databases
  6. 6. 6 © 2008 AmberPoint, Inc. 11 Detailed Metadata of Your SOA Environment Operational Info:  When service was discovered  Availability  Type of service  Type of container  Link to WSDL Business Info:  Business owner  Division  Version  Etc. Custom:  Chargeback info  Risk assessment  Links to URL‟s  Etc. Operational Info Business Info © 2008 AmberPoint, Inc. 12 Agenda  SOA Topologies  SOA Runtime Governance Practices  Discover  Manage Service Quality  Manage Business Transactions  Prepare for greater scale  Validate changes
  7. 7. 7 © 2008 AmberPoint, Inc. 13 Service Quality Management Monitor Performance & Availability  Trends, thresholds, varying intervals, etc. Isolate areas of interest  Recent additions  “Rogue” services  Problem areas  Specific application groups Filters Detail Graphical View Table View Monitor Security Respond to anomalies © 2008 AmberPoint, Inc. Service Level Management Service- and Business-level Visibility Service View Alerts User Summary and Objectives Historical Reporting  Enforce agreements based on business criteria  Flexible calendars, multiple objectives  Granular visibility – groups, users, services, operations  Preventative and corrective actions
  8. 8. 8 © 2008 AmberPoint, Inc. 15 Firewall Identity Management Systems Security First- and Last-Mile Enforcement First Mile Security - Client-side agent - Automatic enforcement of out- bound security Last Mile Security - Plug-ins provide endpoint protection - No ability to circumvent Extensive Integration - Identity Management Systems - Security Appliances - App Server / ESB / OS Security <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <EncryptedData Type='http://www.w3.org/2001/04/xml enc#Element' xmlns='http://www.w3.org/2001/04/x mlenc#'> <CipherData> <CipherValue>A23B45C56</Cipher Value> </CipherData> </EncryptedData> </PaymentInfo> env:Fault> Unknown Servic "urn:ups-shipping Service Down server:8192/e /soapenv: <Name> <Encrypted Type='http <CipherDa <Cipher </Ciphe Complete Policy Library - Authentication - Authorization - Credential Mapping - Censorship - Crypto © 2008 AmberPoint, Inc. 16 Agenda SOA Topologies SOA Runtime Governance Practices  Discover  Manage Service Quality  Manage Business Transactions  Prepare for greater scale  Validate changes
  9. 9. 9 © 2008 AmberPoint, Inc. 17 Business Transaction Management Managing Individual Services is Not Enough Real business value is associated with complete, end-to-end transactions  Order management  Claims processing  Sales lead qualification  On-line reservations Common Issues...  No overall view into transaction status  Minimal business visibility  Slow end-to-end response times  Transactions "disappear" Business Impact  Internal fire drills and finger pointing  Unhappy customers  Lost revenue Process Engine Service Bus End-to-End Technical Challenges  Transactions flow through both service and non-service based components  Services  Applications  ESBs  Process Engines  Databases  Variety of architectures  Synchronous and asynchronous messaging  Long running transactions – hours, days, ... © 2008 AmberPoint, Inc. 18 Business Transaction Management Monitoring Performance, Availability & Service Level Agreements Transaction Performance & Availability Service Level Violations Consumer SLA’s Historical Reporting  Enforces agreements in real time  Enables preventative and corrective actions  Not just reporting violations after its too late Business Groups  Platinum, Gold, etc.  Accounting, Shipping, etc. Process Engine Service Bus End-to-End
  10. 10. 10 © 2008 AmberPoint, Inc. Business Transaction Management Business Instrumentation 19 Consumer SLA’s Business Groups Business Instrumentation  Track business value flowing through the system  Track revenue, total orders, etc.  Can customize instrumentation and dashboards © 2008 AmberPoint, Inc. 20 Business Transaction Management Real-time Detection of Exceptions  Handles Technical and Business Exceptions  Stalled transactions, missing steps, error messages  Incorrect data values, boundry conditions, etc.  User-defined Exception Policies  What to look for – leverage message content  Action to take – notify, intervene, etc Rejected Order Alert
  11. 11. 11 © 2008 AmberPoint, Inc. 21 Agenda  SOA Topologies  SOA Runtime Governance Practices  Discover  Manage Service Quality  Manage Business Transactions  Prepare for greater scale  Validate changes © 2008 AmberPoint, Inc. Runtime Policy Enforcement: Service Virtualization Abstracts service changes and versions behind a published „façade‟ (a „virtual‟ service) Enables endpoint routing, load-balancing, failover, transformations etc. •Sees simpler interface •Service changes don’t show through. Before After Virtual Svc (PEP) •Load balance •Route •Transform •Version Service A Service B OrderLookup ChangeDate ChangeQty ScheduleShip ChangePrior LookupETA Service A Service B OrderLookup ChangeDate ChangeQty ScheduleShip ChangePrior LookupETA
  12. 12. 12 © 2008 AmberPoint, Inc.  Policies with a “where clause”  Automatically applies policies based on dynamic attributes and message content.  All production services  All services in Accounting application  All services deployed in WebLogic containers  User-defined attributes for services, containers & policies  Assignments are reevaluated as attributes change Automatic Policy Provisioning s1 s5 s4 s2 s6 s3 where “Accounting” Security Encryption all services One-at-a-Time Approach where deployed on .NET app servers Logging Profile Based Approach s1 p1 s2 s3 s100 p1 p1 p50 100 svcs x 50 policies 5,000 policy points Load-Bal Weighted  Can manage system on “autopilot” where policies are automatically assigned as appropriate.  Eliminates production mistakes by reducing manual steps. © 2008 AmberPoint, Inc. 24 Agenda  SOA Topologies  SOA Runtime Governance Practices  Discover  Manage Service Quality  Manage Business Transactions  Prepare for greater scale  Validate changes
  13. 13. 13 © 2008 AmberPoint, Inc. 25 “Approved” 25 Business System Validation Distributed Components and Reuse Puts Business Systems at Risk  Impact of any changes ripple throughout the system  Real impact of planned changes is hard to predict  Impact of unplanned or unannounced changes can be devastating  Yet, most SOA environments find it impossible to setup and replicate all dependent systems for testing elsewhere  And, new use and reuse creates blind spots in preproduction procedures Design Development QA Development Staging Production Process Engine Service Bus Need to Validate Integrity of the Entire System Before Installing Changes © 2008 AmberPoint, Inc. 2626 Validate Impact on Dependent Systems Development Staging Production Process Engine Service Bus The “Preflight Check” for SOA Systems : Security Policies Functioning Unexpected Deviation for B2B Partner Usage : WS-I Compliant : Capacity Adequate Validation Checklist  Acceptance testing of pending changes to SOA environment  New Versions of Services  Policy Changes  Bug Fixes  Infrastructure Patches, etc.  Uses knowledge of dependencies and observed interactions  Simulates services that can’t be replicated in pre-production environments  External services  Fee-based services  Gives Staging and Operations a final check before deploying changes
  14. 14. 14 27 Q&A Paul Butterworth pbutterworth@amberpoint.com www.amberpoint.com 510.663.6300

×