Date post: | 30-Jun-2015 |
Category: |
Software |
Upload: | eranda-sooriyabandara |
View: | 182 times |
Download: | 3 times |
Design Time and Runtime Governance with WSO2 Governance Registry
Eranda Sooriyabandara
Senior Software Engineer
About the Presenter
Eranda Sooriyabandara is a member of the Governance Registry team at WSO2
e-mail : [email protected]
About WSO2❏ Global enterprise, founded in 2005
by acknowledged leaders in XML, web services technologies, standards and open source
❏ Provides only open source platform-as-a-service for private, public and hybrid cloud deployments
❏ All WSO2 products are 100% open source and released under the Apache License Version 2.0.
❏ Is an Active Member of OASIS, Cloud Security Alliance, OSGi Alliance, AMQP Working Group, OpenID Foundation and W3C.
❏ Driven by Innovation❏ Launched first open source API
Management solution in 2012❏ Launched App Factory in 2Q
2013❏ Launched Enterprise Store and
first open source Mobile solution in 4Q 2013
Overview❏ SOA Governance❏ SOA Governance Phases
❏ Design Time Governance❏ Runtime Governance
❏ WSO2 Governance Registry❏ Governance Use Cases❏ Demo❏ WSO2 Governance Registry Governance Features❏ Conclusion
SOA Governance
“Ensuring and validating that assets and artifacts within the architecture are acting as expected and maintaining a certain level of quality” - Gartner
SOA Governance
In a nutshell, SOA governance is all about making sure that you're building the right system and ensuring it operates to your expectations.
SOA GovernanceActivities that are often mentioned as being part of SOA governance
❏ Managing the portfolio of SOA artifacts❏ Managing the SOA artifact lifecycle❏ Using policies to restrict behavior❏ Monitoring, analysing and presenting artifact data ❏ Managing how and by whom SOA artifacts are used
SOA Governance PhasesSOA governance can be broken into phases on their point of application
1. Design Time SOA Governance2. Runtime SOA Governance
Design Time SOA Governance
o Design time governance refers to the defining and controlling enterprise services creation.
o It involves creation of enterprise policies used to ensure that enterprise business models are properly funded within the enterprise.
Runtime SOA Governance
o Runtime governance refers to the process of enforcing the adherence to run-time service policies.
o In addition to policy enforcement, this term is often used to include aspects of SOA management as it relates to these policies.
o Also include real-time policy compliance monitoring, auditing and measuring, as well as collecting result statistics.
WSO2 Governance Registry
❏ A Service Oriented Architecture (SOA) integrated registry repository to store, manage and govern service artifacts
❏ Flexible and Extensible❏ Fully open source❏ Supports numerous standards (JMX, SCM, UDDI, WebDAV,
WS-Discovery ,CMIS)❏ Licensed under Apache License Version 2.0
Governance Use Cases
Use Case 1 : Handling Policieso Organizations have their own policies which can be hundred to thousands in numbers.o When developing a service there’s no way of identifying what policies organization
already have and what policies they want to use in the service. (No discovery and reuse)
o If different systems tries to keep the policies with them then when there is an update to that policy system admins have to update them separately. (No centralization)
o When service lifecycle changes then moving policies to different environment need to be done manually. (No automation)
o If a policy moved to a different lifecycle state then there is no way of knowing it for the interested party. (No notification)
o Eg. If lifecycle state changed to Development to QA then quality assurance engineers may not know that there is a new artifact in QA state to test.
Policy Governance using G-Reg
Governance Space for Production
Governance Space for QA
Governance Space for Development
Governance Space
Governance Space
Governance SpaceDev
QA
Promote
Promote Demote
Demote
Prod
Policy Governance using G-RegCreating XACML Policy
Policy Governance using G-RegDistributed PDP Management
Policy Governance using G-RegReverse Lookup
Policy Governance using G-RegGoverning Policies Across Lifecycle States
Policy Governance using G-RegSubscribing to Notification
Use Case 2 : Handling Endpointso Organizations have their own services which can be hundred to thousands in
numbers. Also there can be service which they are using.o When developing a service there’s no way of identifying what services organization
already have and what services they want to use in the service. (No discovery and reuse)
o If different systems tries to keep the service references with them then when there is an update to that service system admins have to update them separately. (No centralization)
o When service lifecycle changes then moving services with all the related artifacts to different environment need to be done manually. (No automation)
o If a service moved to a different lifecycle state then there is no way of knowing it for the interested party. (No notification)
o Eg. If lifecycle state changed to Development to QA then quality assurance engineers may not know that there is a new artifacts in QA state to test.
Endpoints Governance using G-Reg
Governance Space for Production
Governance Space for QA
Governance Space for Development
Governance Space
Governance Space
Governance SpaceDev
QA
Prod
Promote
Promote Demote
Demote
Endpoint Governance using G-RegAdding WSDL
Endpoint Governance using G-RegWSDL View
Endpoint Governance using G-RegService View
Endpoint Governance using G-RegCreating Proxy Service Using the Service Endpoints
Endpoint Governance using G-RegGoverning Service Across Lifecycle States
Endpoint Governance using G-RegGoverning Service Across Lifecycle States
Endpoint Governance using G-RegProduction….
Endpoint Governance using G-RegProduction - Echo Proxy Config = Dev - Echo Proxy Config
G-Reg Governance Features
❏ Built-in SOA artifacts support❏ Support for common types (Services, WSDL, Schema, Policy, APIs, Providers,
Documents, URIs, WADLs, Endpoints, Proxies, Sequences)❏ Validation policies - e.g. WSDL Validation, WS-I Validation, and Schema
Validation❏ Governance Archive (.gar) for uploading artifacts with imports❏ WSDL Tool to import service information from a given WSDL, and WSDL
custom-view❏ WS API for built-in artifacts (CRUD Operation Support)
G-Reg Governance Features (Cont.)
❏ Lifecycle support❏ Built-in service lifecycle❏ Advanced lifecycle management
❏ checklists❏ scripting support❏ transition validation❏ transition UI
❏ Lifecycle Workflow Integration❏ XML editor for editing lifecycle❏ Lifecycle state transition through governance API❏ Approval for lifecycle operations❏ Lifecycle audit
G-Reg Governance Features (Cont.)
❏ Governance registry extensions❏ Configurable Governance Artifacts (RXTs)
❏ Various field support (text, text-area, options, option-text, date)❏ Unbounded field support❏ Tool-tip feature❏ Reg-ex validation support
❏ Lifecycle in RXT Definition❏ API to govern SOA artifacts❏ Pluggable media type handlers for handling custom media types and XML
editor for editing handler❏ WS API for Governance Artifacts (CRUD Operation Support)
G-Reg Governance Features (Cont.)
❏ Miscellaneous❏ Internationalization❏ Worklist notifications❏ Dependency management❏ WS-Discovery support
Conclusion
o SOA governance plays a huge role in an enterprise and helps the industry solve emerging issues. A majority of the SOA industry has adopted, or is in the process of adopting, SOA governance into their systems to maximize productivity and profitability of both SOA designs and SOA production systems.
o SOA governance can be categorized into two major phases: Design Time Governance and Runtime Governance.
o WSO2 Governance Registry can be use in both governance phases and there are numerous OOTB features and extension points to implement a complete governance story.
Questions?
Business Model
More Information !1. http://wso2.com/products/governance-registry/2. http://docs.wso2.
com/display/Governance460/Governing+External+References+Across+Environments
References1. Thomas Erl ... [et al.], SOA governance : governing shared services on-premise
and in the cloud