Entries Tagged 'soa' ↓

A little while ago I expressed my dislike for the term WOA on the grounds that it refers to a style of SOA and my feeling that new TLAs just lead to more confusion. Its good to see the ZapThink guys are in full agreement and state their case in their trademark inimitable style.

While the WOA concept does indeed provide deeper insights into how to best implement a Service and create an infrastructural approach for scaling Services, we simply don’t see a need to identify this as a truly separate architectural approach…

ZapThink believes that the term Web-Oriented SOA represents greater clarity than WOA, since it disambiguates the desire to position WOA as an alternative to SOA as well as more accurately positions the concept at a lower level of abstraction than the SOA concept. Going forward, hence, we will prefer the term Web-Oriented SOA over WOA, since it provides greater clarity. And clarity is exactly what companies today need to make SOA a reality.

My emphasis added - hear hear!

But I still have a problem with this terminology. It doesn’t exactly roll off the tongue and the use of “oriented” twice in the same term is really ugly. Moreover, we’re still mixing two levels of abstraction into the same term.

“Web Oriented” is a reference to the style of implementation of the Services which comprise the SOA. So wouldn’t it be better to use the terminology “Web Oriented Services”?

To take it a step further, I think we can do better than “Web Oriented” in categorizing the Service implementation. The two main Service implementation patterns that we have in the current debate are implementations based on Web Services standards (ws-*) and those based on REST. A key differentiator between these implementation styles is that Web Services are based on an “interface description” of the service, whereas REST is based on a “resource” as the key entity that we operate on.

Hence I propose the terminology “Interface-Based Services” to refer to the ws-* Service implementations and “Resource-Based Services” to refer to Services implemented in a RESTful manner.

So at the top of the ontology we have SOA - our architecture comprised of Services as first-order citizens. Those Services may in turn be Interface-Based or Resource-Based in their implementation. Note that an SOA could quite easily comprise a combination of Resource-Based and Interface-Based Services.

I think this nomenclature is clearer…but it won’t catch on because these are not TLAs!

In “Web 2.0 success stories driving WOA and informing SOA”, Dion Hinchcliffe writes about how enterprise SOA can learn from the successes of Web2.0 and WOA^*.

“…since there’s little question that the core ideas behind SOA seem to be the right ones. Rather, it’s been how we’ve gone about designing and implementing SOAs that appears to be at the crux of the issue. As we look at the most successful examples of SOA actually working, we keep being drawn back to the Web itself.”

Along the way Dion points out a couple of differences between the Web and the enterprise which I think are pretty salient and underscore the issue that its not the technology that divides the two hemispheres of the service-oriented world.

“One big issue…is that enterprises are often very much unlike the Web. Many of the aspects that make the Web successful…just don’t exist in the enterprise with it’s wilderness of relational databases, proprietary applications, and silos of every description, despite some success in adding a traditional SOA layer on them.

The article Dion references in the last quote has this great summary graphic:

But in addition to the technical differences between the Web and the Enterprise, I think it is worth mentioning some fundamental cultural differences:

• The participants: When it comes to Web APIs that have been so successful, the conversation is basically between technologists. By-and-large it is technologists that are writing the mashups that demonstrate the success of Web2.0. Conversely with SOA in the enterprise, the conversation is (supposed to be) between technologists and business - and plenty has been written about the lack of success there.
• The success criteria: There are different success criteria for Web2.0 versus enterprise SOA. Very few Web2.0 companies currently make money out of their APIs. Success for Web2.0 is “eyeballs” and VC funding. In the enterprise, SOA success is all about hard ROI.
• The legacy: Most enterprise services must build on legacy applications, whereas Web2.0 applications are mostly greenfields and purpose built for the Web. Legacy applications rarely expose “resources” directly. If you’re lucky, the application exposes API methods which encapsulate an awful lot of business logic around a resource.
• The standards: Also part of the legacy is that WOA is “an emergent set of best practices…not a formal set of standards.” Let’s face it, WS-* are a formal set of standards designed by disparate committees often with competing agendas and ulterior motives. The structure and evolution of these standards has not been optimal for the users.

Fundamentally, I agree that Web2.0 in the enterprise and REST approaches to SOA have a lot of value and can teach us how to do SOA properly. Conversely REST needs to address enterprise concerns more fully. The key is recognizing the commonalities and the differences so that we can hit the sweet spot in between.

* BTW I’m not a big fan of the term WOA to denote “Web Oriented Architecture” or REST-ful approaches to Services. While I understand that distancing REST from WS-* makes good marketing sense, ultimately I think we are all talking about Services - so WOA is really a style of SOA. Jockeying for market position/dominance/discrimination has already got us into such a mess.

In a recent ThoughtWorks podcast, Jim Webber introduced himself as a “MESTian”. This was a new term for me, so I had to investigate. MEST is a message-centric approach to SOA which resonates strongly with my own views on how services ought to be implemented. The MEST approach is a pragmatic approach to SOA to which I think/hope Web Services are evolving naturally. Therefore I agree with Neil Ward-Dutton that we don’t really need to coin a new term (MEST). This is really just Web Services “done properly”.

My views on this are a product of my past experience with MOM-based distributed computing. My earlier description of an ESB is based on a MOM approach and probably differs from the common perception of a “black box” ESB. The MEST approach would be very natural to people with an MQ, Rendezvous or JMS background…which is probably the minority of current SOA practitioners.

About 10 years ago, MOM messages were exchanged between systems using proprietary message representations such as COBOL Copybook or AE-Message formats. Enterprise concerns such as scalability, reliability and fault-tolerance were dealt with using techniques at the messaging level. MOM quality-of-service dealt with guaranteed message delivery and message ordering (in normal cases). Where possible, message endpoints were implemented in a stateless manner to allow for easy failover and load-balancing. This general approach is still valid today…only the message representation has changed.

When XML became more mature and accepted, MOM messages started to be implemented with XML payloads. Even after SOAP became a standard, my experience is that it wasn’t rapidly adopted by the MOM community. Proprietary XML message schemas ruled for a couple of years and SOAP had its initial application in RPC over HTTP implementations. But the great thing about SOAP is that it is a nice generic message envelope that is acceptable by everyone. Put your meta-data into the SOAP header and the payload into the SOAP body. If you didn’t have it, you would have to invent it - and many did. Hence, as a pragmatic approach SOAP was adopted as a generalized envelope over - now - JMS. Add the correct JMS headers and you have SOAP Document Literal Encoding over JMS. Additional standards like WS-Addressing, WS-Security are additional sets of meta-data in the SOAP header with meaning to the endpoints and intermediaries in the message journey. WSDL is simply a way of representing the contract between message producer and consumer. I think this is a relatively natural progression from proprietary MOM to more open mechanisms for message exchange which are compliant with the core Web Services standards.

Contrast this with the original RPC approach to Web Services. SOAP RPC Encoding was the original standard, buried within code generation tools which attempted to hide complexity from the developer. Unfortunately this resulted in Web Services which lacked interoperability and created tight couplings between provider and consumer. Moreover, the attempt to shield developers from the distributed nature of their services and the underlying transports - all very necessary concerns - led to huge problems with meeting the enterprise requirements for services. This is the experience of most Web Services developers and it is no wonder that Web Services have such a bad reputation. Subsequently, Web Services - SOAP in particular - has moved to more inter-operable approaches through WS-I. But a lot of damage has been done, and the continued tendency to ignore the distributed nature of Web Services continues to cause problems in terms of unrealistic expectations.

So I like the MEST approach and find that it resonates well with the “pragmatic” approach to Web Services via the adoption of SOAP and other WS-* standards by the MOM community. I can summarize this “pragmatic” approach as:

• Transport Independence is a myth. Use the transports for their strengths - JMS for reliability and HTTP for ubiquity.
• Understand the distributed nature of Web Services and use the long history of best practices from distributed computing and Message Oriented Middleware (MOM).
• Understand the standards and how they fit together. Most importantly, know where the holes are.
• Use the standards where they make sense. Augment them with your own enterprise standards and best practices where necessary.

The result will be better confidence and ownership of your SOA infrastructure. You will rule the standards and your tool vendors rather than the other way around. As an added bonus, you get asynchronous services as a natural part of your SOA - an area where the WS-* standards struggle right now.

I just read this interesting rant from ZapThink on the importance of loose-coupling between service providers and consumers. It highlights the difference between a Service Oriented Architecture and SOA’s evil twin the “bunch of web services” (JBOWS).

“Lots of things change in an IT or business environment: location and availability of services, versioning of Service implementations and contracts, changes to business processes and policies, new or changing requirements for reporting, visibility, and control, and of course the need for new capabilities to solve emerging business problems or capitalize on new business opportunities. However, if you think that a Service is just an API, then all hell breaks loose when you try to connect a Service Consumer directly to a Service Provider.”

I wrote about this in a previous post…the need to Design for Change is a critical requirement for any organization and is one of the prime reasons behind adopting an SOA approach. Architectural approaches such as “loose coupling” are an important part of design for change. But that is only one dimension of the problem. Design for change also needs to be built into the IT culture. Change processes must be a natural part of your Services development and management lifecycle.

I find a common mistake is that Services are designed for a point purpose at a point in time without regard for how they will change over time. The result is brittle solutions that are expensive and risky to evolve.

The ZapThink article goes on to talk about late binding and the use of a services proxy and WS-Addressing to route service invocations to the appropriate provider. This is somewhat simplistic and I find that the pointed comments about “integration-centric techies” is a bit hyperbolic, especially since the ZapThink SOA Roadmap clearly shows an evolutionary progression starting from “static binding to static services” as the first phase along the ZapThink road to SOA. But everyone is entitled to change their mind, and leaving that aside I agree that strong decoupling of consumers and providers is important for a mature SOA. Some of these concepts have been discussed by others in terms of “Service Virtualization.”

Change is a continuing and important challenge for an SOA and the solution is “in your architecture” rather than something that can be bought off the shelf. Consider these sources of change that we must deal with every day:

• Hardware failure in either our service implementation, or network connectivity - the need to support fault-tolerance or high availability.
• The need to load-balance service invocations across a number of different but redundant providers
• Changes in the underlying applications supporting the service provider - e.g. package version upgrades
• Changes in the location of a service provider - e.g. in a disaster recovery situation, or planned migration from one facility to another.
• Migration of service implementations - e.g. migration from a legacy application to a new platform.
• Functional changes to service provider to support new business requirements
• The need to support multiple service versions to allow phased migration of consumers from one service version to another.
• The need to phase out old services which do not provide sufficient ROI.

The challenge is that all of these changes happen on different timescales. Some changes occur on sub-second timescales (fail-over and load-balancing) while other changes can occur over months (system migrations). There is no single indirection technique that will span all these requirements.

I’ve been busy with customer projects for the last few weeks and hence the lack of postings. In this post I want to touch on some conversations about top-down versus bottom-up approaches to SOA.

This is a pertinent question because there is still a communications gap between the “business” and “IT” in many (especially large) organizations and as a result SOA initiatives are often driven from the IT side of the fence with little support or even understanding from the business.

There is a fundamental “chicken and egg” problem with SOA. It won’t gain support from the business unless a business case can be made…but conversely SOA payoffs are elusive without business support. Faced with this situation, many IT architects who want to develop an SOA approach are forced to try to conjure the egg out of thin air and hope that a chicken will hatch. The danger with this approach is that rather than gain an SOA you may end up with just a bunch of web services.

Two key facilities that an SOA initiative needs are leverage and vantage. Vantage to see where you need to go, and leverage to push the organization in that direction.

SOA is all about providing services to support the processes of the business - typically across organizational silos. There is a need to understand all the processes and their requirements - now and for the future. This visibility needs a vantage point “above the fray”. A point from where you can see the processes in their entirety. Without this vantage point you risk building the wrong services, or building services for the wrong processes or not anticipating future process changes. Moreover this vantage point must be experienced from the point of view
of the business - not just IT. So the question for an SOA initiative is “who in your organization has this vantage?” You may be lucky and have complete visibility from the IT cockpit, but that is rare. In general no one person has this vantage and it generally resides across different roles and people. Hence the need for some governance process to capture that vantage into a SOA plan.

So let’s suppose you have this vantage and want to execute on an SOA initiative. SOA is primarily about sharing - shared services built on shared resources using shared standards. Without sharing you wont get the SOA pay-off. But sharing requires communication and cooperation. Leverage is required to reconcile conflicting priorities in terms of requirements, schedule, funding, and resources. There may be some organizations where all these conflicts can be reconciled within the IT department, but I haven’t seen any yet. Typically resolution is required at an organizational level above the participants - that is the prime purpose of organizational hirearchy. Hence you need the appropriate leverage to get everyone moving down the SOA path.

While the type of issues your SOA initiative will face are fairly general, the specific issues and their resolution will be germane to your organization. This means that the place you will achieve the right level of vantage and leverage will be different for your organization. You might be lucky enough to work in an IT department that has the appropriate leverage and vantage, but that is rare. More likely you will have to go higher up to get these facilities for a successful SOA. This is the essence of the “top-down” approach to SOA.

I guess the “middle-out” approach might be characterised by “figure out how much leverage and vantage you have access to an scope your initiative from there.”