robert schneider 10 strategies
TRANSCRIPT
1
Founding Sponsors
This Presentation Courtesy of the
International SOA Symposium
October 7-8, 2008 Amsterdam Arena
www.soasymposium.com
Gold Sponsors
Platinum Sponsors
Silver Sponsors
Copyright © SOA Systems Inc. (www.soasystems.com)
10 Strategies for Overcoming the Technological Impact of SOA Governance
SOA Systems Inc.
2
Copyright © SOA Systems Inc. (www.soasystems.com)
About the Book Series
www.soabooks.com
Five titles currently in
development for
release in 2009.
The Prentice Hall Service-Oriented Computing Series
is the top-selling SOA book series in the world.
Copyright © SOA Systems Inc. (www.soasystems.com)
About the SOA Certified
Professional Program
Industry-recognized certification
program for the following
designations:
• Certified SOA Architect
• Certified SOA Analyst
• Certified SOA Consultant
For more information:
• www.soacp.com
• www.soaschool.com
3
Copyright © SOA Systems Inc. (www.soasystems.com)
What are the Most Common
Governance Tools Today?
Most organizations use a hodgepodge of semi-
automated and manual techniques:
• Wikis
• Spreadsheets
• Emails
• Word-of-mouth
• None of the above
Copyright © SOA Systems Inc. (www.soasystems.com)
Why Have these Governance
Tools Been Successful?
Despite these primitive (or non-existent) tools, many organizations would describe them as successful.
Why?
• Small number of deployed Web services
• No overarching SOA vision
• Close-knit teams; limited federation needs
• Re-use and composition aren't a priority (yet)
• A governance-related crisis hasn’t arrived (yet)
4
Copyright © SOA Systems Inc. (www.soasystems.com)
What Happens Without Governance Technology?
Many organizations that fail to employ governancetechnology experience:
• Diminished service reuse
• Service proliferation and de-normalized inventories
• Run-time fire drills
• A perception that the SOA investment wasn’t worth the effort
Avoiding governance automation isn’t an option fororganizations truly implementing SOA.
Copyright © SOA Systems Inc. (www.soasystems.com)
3 Major Governance Lifecycle Phases
From a governance perspective, the service lifecyclecan be divided into three major phases:
• Design-time
• Testing and Quality Assurance
• Run-time
Each phase introduces unique governance processand technology requirements. The chosen governance solution needs to add value in everyphase.
5
Copyright © SOA Systems Inc. (www.soasystems.com)
Design-Time and Governance
During this phase, solid governance technology canhelp with:
• Metadata management
• Service discovery
• Service composition and modeling
• Disseminating organizational policies
Testing & Q/ADesign-time Run-time
Copyright © SOA Systems Inc. (www.soasystems.com)
Testing/QA and Governance
During this phase, solid governance technology canhelp with:
• Service unit validation & composition interaction
• Policy adoption
• Security compliance
• Service performance prediction
Testing & Q/ADesign-time Run-time
6
Copyright © SOA Systems Inc. (www.soasystems.com)
Run-time and Governance
During this phase, solid governance technology canhelp with:
• Service level agreements
• Version control
• Error reporting and management
• Performance monitoring
Testing & Q/ADesign-time Run-time
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 1:
“Include governance
technology as part of your
overall SOA roadmap.”
Testing & Q/ADesign-time Run-time
7
Copyright © SOA Systems Inc. (www.soasystems.com)
“Include governance technology as part of your overall SOA roadmap.”
• Avoid the temptation to wait until you have “enough” services before thinking about governance.
• Delaying often means that you’ll need to incur additional effort, cost, and overhead.
• Retrofitting always takes longer than expected, and siphons off valuable resources.
• These added burdens can jeopardize the entire SOA initiative.
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 2:
“Make sure your
governance platform is
agnostic with regard to
service development
technologies.”
Testing & Q/ADesign-time Run-time
8
Copyright © SOA Systems Inc. (www.soasystems.com)
“Make sure your governance platform is agnostic with regard to service development technologies.”
• At a minimum, services developed in Java and .NET should be supported.
• Avoid the religious wars; avoid painting yourself into a corner.
• If your governance platform only supports one style of development technologies, you’ll end up living with multiple governance software installations.
• When selecting a governance platform, many organizations struggle between selecting an open source solution vs. a proprietary product.
Copyright © SOA Systems Inc. (www.soasystems.com)
“Make sure your governance platform is agnostic with regard to service development technologies.”
Open source benefits:
• Less likely to experience vendor “lock-in”.
• Many enterprises have an “open source only” policy for infrastructure
software.
• Reduced financial outlay means IT organizations are more likely to
implement this kind of governance software.
Proprietary solutions benefits:
• Well-integrated with design, development, and management tools.
• One-stop shopping simplifies things, and yields a better “out of the
box” experience.
• To make things even better, some software vendors have delivered
their solutions as open source.
9
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 3:
“Make sure your
governance platform is able
to support the full range of
service deployment
technologies.”
Testing & Q/ADesign-time Run-time
Copyright © SOA Systems Inc. (www.soasystems.com)
“Make sure your governance platform is able to support the full range of service deployment technologies.”
• Web services are not the only game in town.
• Your platform should be able to recognize and work with a broad range of services, including Web services, Java objects, CORBA, and other service implementations.
• Otherwise, you’ll only be governing a portion of your SOA implementation.
• Partial governance is not much better than no governance at all.
1
0
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 4:
“Recognize the importance
of testing as part of your
overall SOA governance
responsibility.”
Testing & Q/ADesign-time Run-time
Copyright © SOA Systems Inc. (www.soasystems.com)
“Recognize the importance of testing as part of your overall SOA governance responsibility.”
• Integrate your chosen testing software into your overall governance environment.
• Your testing must go beyond individual services to include complex compositions of multiple services.
• Composition testing often requires significant performance-driven regression testing.
• It may be necessary to employ scoping or other monitoring technologies to determine true service interaction.
1
1
Copyright © SOA Systems Inc. (www.soasystems.com)
“Recognize the importance of testing as part of your overall SOA governance responsibility.”
For example, modern SOA testing software can
highlight the impact of contract changes:
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 5:
“Collect important
governance-related metrics
and review them regularly.”
Testing & Q/ADesign-time Run-time
1
2
Copyright © SOA Systems Inc. (www.soasystems.com)
“Collect important governance-related metrics and review them regularly.”
• Modern governance platforms can capture
enormous amounts of statistical data.
• Gathering metrics isn't enough – you need to
take action on them.
• Strive for predictive, pro-active problem solving.
• Try to prevent issues before they occur.
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 6:
“Track activity through
multiple IT resource layers.”
Testing & Q/ADesign-time Run-time
1
3
Copyright © SOA Systems Inc. (www.soasystems.com)
“Track activity through multiple IT resource layers.”
• SOA introduces additional moving parts into the mix.
• With all these potential points-of-failure, it’s natural that issues become more difficult to resolve.
• Users don't care where the problems initiate; they only want them solved (or prevented!)
• In many cases, the problem isn’t with the service but an underlying resource:
– Database
– Application server
– Object
Copyright © SOA Systems Inc. (www.soasystems.com)
“Track activity through multiple IT resource layers.”
For example, governance software can monitor SLA compliance regardless of where the core resources reside:
1
4
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 7:
“Break down the barriers
between repositories and
registries.”
Testing & Q/ADesign-time Run-time
Copyright © SOA Systems Inc. (www.soasystems.com)
“Break down the barriers between repositories and registries.”
There's a great deal of confusion between these twotypes of product.
However:
• Both have a role to play in an effective SOA implementation.
• Both are active in design and run-time processes.
The next slides describe the typical usage patterns foreach product, followed by some convergence predictions.
1
5
Copyright © SOA Systems Inc. (www.soasystems.com)
“Break down the barriers between repositories and registries.”
Service registries answer these design-time questions:
• Where is the service?
• What is its purpose? (generally in brief)
Service registries answer these run-time questions:
• What is the service’s version?
• Where is the service’s contract?
• What policies are in effect for the service?
Copyright © SOA Systems Inc. (www.soasystems.com)
“Break down the barriers between repositories and registries.”
Service repositories answer these design-timequestions:
• What is its purpose? (generally in more detail)• What are the versions (including code) of the service?
Service repositories answer these run-time questions:
• Who’s been using the service?• What kind of responsiveness is the service providing?• What’s gone wrong with the service?
Vendors are actively combining registries and repositories.
1
6
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 8:
“When selecting a
governance technology
product, write a formal
Request For Proposal (RFP).”
Testing & Q/ADesign-time Run-time
Copyright © SOA Systems Inc. (www.soasystems.com)
“When selecting a governance technology product, write a formal Request For Proposal (RFP).”
While potentially daunting, there are proven patterns
that you can leverage when making this important
decision:
• Know what you need; there is no substitute for homework and preparation.
• Try before you buy; pilot projects and proofs-of-concept are great for this.
• Follow the same discipline and processes that you did when selecting a database, application server, or other key infrastructure technology.
1
7
Copyright © SOA Systems Inc. (www.soasystems.com)
“When selecting a governance technology product, write a formal Request For Proposal (RFP).”
• Resist the temptation to employ a boilerplate RFP;
make sure it reflects your organization's needs.
• Alternately, have one written for you.
• If using a consultancy to help design and/or
implement your SOA, try to keep this separate from
the technology vendor.
• To get vendors to take your RFP seriously (and
respond accordingly), focus on quality, not quantity.
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 9:
“Avoid tools that require
code modifications.”
Testing & Q/ADesign-time Run-time
1
8
Copyright © SOA Systems Inc. (www.soasystems.com)
“Avoid tools that require code modifications.”
• Certain products necessitate special headers,
configuration files, or other libraries to make
governance possible.
• This requires complete developer compliance in
order to work.
• These kinds of proprietary extensions can also
seriously damage your chances of being
vendor-agnostic.
Copyright © SOA Systems Inc. (www.soasystems.com)
Strategy 10:
“Make sure that the
governance tool fits into
your existing IT governance
landscape.”
Testing & Q/ADesign-time Run-time
1
9
Copyright © SOA Systems Inc. (www.soasystems.com)
“Make sure that the governance tool fits into your existing IT governance landscape.”
• Popular IT governance tools include Tivoli,
OpenView, Unicenter, and so on.
• Don’t force your IT organization to learn and
maintain completely different toolsets.
• Ideally, your governance tools should cleanly
integrate with other IT management platforms.
• Excessive complexity and training requirements
lessen the chance that governance software will be
used.
Copyright © SOA Systems Inc. (www.soasystems.com)
Q&A
SOA Systems Inc. www.soasystems.com
SOA Training www.soaschool.com
SOA Certification www.soacp.com
SOA Books www.soabooks.com
SOA Magazine www.soamag.com
SOA Patterns www.soapatterns.org
Updates [email protected]
Contact [email protected]