2
• Introduction• Key Challenges to Managing SOA• SOA Governance & Management• Conclusion
Agenda
3
What is a Service Oriented Architecture?
• SOA is all about decomposing applications into Services that can be combined and recomposed into new, flexible business process
• An approach to building and managing distributed computing infrastructures that considers IT resources as Services available and discoverable on a network.
• Enables business processes to be composed of services and exposed as services
Strength of SOA: synchronizing business and IT
Business
Information Technology
4
What is SOA? - An Analogy
Internet:• Standards – html & http so anyone
with a browser can access information
• Integration – hyperlink allow for ease of integration
• Metadata – the Internet is metadata driven. Google creates indexes, plus provides other services like page ranking, identifying related products, etc. You get more than just a list of sites.
SOA:• Standards - WSO, WSDM, UDDI.
These allow an SOA to expose information about services
• Integration – SOAs make integration of components very easy, fast and cheap.
• Metadata – If you stopped with just standards and linkages, the internet would be nearly useless. Google makes the Internet valuable. Likewise, metadata turns simple Web services into SOA.
Let’s take a look at
The Internet, and SOA share 3 critical principles
5
Evolution to SOA
Time
Registry becomes governance, mission critical …
RegistryFederated registries
Run-timecompliance,enforcement …
Web Services
Standardsemerge,evolve …
Dynamic Interoperability
Composite applications. Trust. Metadata-driven interoperability. Dynamic negotiation. Federation.
Adaptive EnterpriseAdaptive Enterprise
Standard-based enablement
Developer-driven, basic web services standards-based interoperability (SOAP, WSDL). Substitute for proprietary API’s. Reuse of discrete legacy applications (Java, C++, etc.) and newly created applications …
Web ServicesWeb Services
Web services reuse & governance
Systematic approach to web services on enterprise level. Adding visibility, compliance, governance, security and manageability …
Business ServicesBusiness Services
The industry is entering the “Business Services” phase
6
SOA Introduces New Challenges
• Many More Roles
• Independent Development
• Multiple Development Tools, Languages, Applications, and Platforms
• Intersects with Variety of Development Concepts and Integration Patterns
• New security and other WS infrastructure requirements
• Interoperability is still an issue
LOB Manager
Architects
Developers Operations
BusinessLogic
Legacy ERP CRM Finance
BusinessLogic
BusinessLogic
BusinessLogic
Business Services
New Business Processes/Apps
SOA
Developers
BusinessAnalyst
Web services platform
7
Ungoverned, Unmanaged SOA
Developers Developers Operations
No ability to guide what services are built, how
they’re built, and no way to ensure interoperability
No systematic way to find and re-use existing services
Develop andDeploy
Composite Applications
BusinessLogic
Legacy ERP CRM Finance
BusinessLogic
BusinessLogic
BusinessLogic
Business Services
Developers
Developers Operations
LOB Manager
Architects
BusinessAnalyst
No checkpoint to control service provisioning in the SOA, and to ensure compliance with design policy and best practices
No ability to manage services and
enact/enforce policy at run-time
No control over changes, or visibility into
dependencies and impact analysis
8
Application and management trends:
THENTHEN…… ……NOWNOW
Management ImportantManagement Important
Single platform, application level, or system level
Management CriticalManagement Critical
Multi Platform, Service level (Security, Control, Lifecycle, QoS)
Loose Business CouplingLoose Business Coupling
No definition beyond functional interface
Interface, semantics, security, transactional, SLA
Tight Business CouplingTight Business Coupling
Individual applications, common technology base
Tight Technology CouplingTight Technology Coupling
Seamless, heterogeneous interoperable environments
Loose Technology CouplingLoose Technology Coupling
9
SOA Management Challenges
Enterprise Management Challenges• Multiple integration points cause
significantly more risk for security and identity theft
• Root cause analysis and business impact are more challenging to do
• Must leverage current management tool investment – but they are insufficient for managing composite applications and virtualization
Service-Oriented Management Challenges
• Policy development and enforcement becomes difficult
• Upholding service level agreements becomes increasingly challenging
• And most importantly, service lifecycles accelerate out of control
SOASOA’’s enable organizations to link loosely coupled s enable organizations to link loosely coupled services together to meet business objectives, butservices together to meet business objectives, but……. .
HP is uniquely positioned to:• address both types of management challenges • manage all components as though they were a single system
10
Critical SOA Adoption Challenges
• Building and Managing SOA / Business Service Model (i.e. Applications)– Ability to Evolve– Ability to Manage
• Selecting and Building the SOA Foundation or Fabric– WS Infrastructure and SOA Application Services– Business Service Lifecycle Management– Required Experience and Support
• Ensuring support for Heterogeneity and Interoperability– Evolve to Service Networks and IT Virtualization
• In short, the need for SOA Governance
11
Business Problem
• Policies• Processes• SOA Model
• Policies• Processes• SOA Model
• SOA Governance– SOA Governance is the set of policies, processes, and an SOA
model to manage loosely-coupled systems (i.e. service delivery infrastructure; business services)
• Ensuring ROI promised with SOA
• Reducing integration costs and complexities
• Driving SOA adoption• Ensuring operational
qualities in production• Satisfying consumers
of services
• Lifecycle management
• Provisioning• Consumption• Versioning• Monitoring• Auditing• Diagnostics
Business Services
SOA Governance
12
Three Steps in SOA Governance
1. Definition of SOA Policies2. Deployment of a SOA Infrastructure that supports
the enforcement and adoption of the policies3. A set of formal processes and procedures that
verify compliance with these policies
“A Business Service Registry and management tools with strong governance capabilities are critical for the foundation of
SOA.”- Burton Group
13
SOA GovernanceAbility To Evolve
• Business Service Model enables evolution – it captures evolving knowledge about distributed system– Taxonomies (Business, technical)– Relationships, versions– Policies (Security, reliability, content routing)– Artifacts (WSDL, XSD…)
• Model shared between roles (Business Expert, Architect, Developer, Admin)
• Model accessible by WS and SOA infrastructure (endpoints)
14
SOA GovernanceAbility To Manage
• Business Service Model enables and requires codification of best practices– Governance
• Definition and enforcement of policies, constrains and rules– Change Management
• Versioning, validation, approval process– Performance Management
• Impact management/What-if analysis– Operational Management
• QoS• SLO/SLA
15
Business Service Registry- System of Record for SOA
Design-time Run-time
Developers
Policy
Web Services
WSDL,XML
BPEL
Business
Composite Applications
BusinessLogic
Legacy
Business Services
ERP CRM Finance
BusinessLogic
BusinessLogic
BusinessLogic
Operations, Systems Management
Management & Security Agents
Policy
Operations
ESM, System Management Console
ESBs & other intermediaries
Achieving the benefits of SOA through a systematic approach to Achieving the benefits of SOA through a systematic approach to SOA governance and Business Service lifecycle managementSOA governance and Business Service lifecycle management
Business Service Registry
EnableEnable PublishPublish DiscoverDiscover ManageManage
16
Business Service Metadata and Policies
Business Service Registry
Taxonomies
Specifications / Capabilities
Service Type• Retail Accounts DB• CMS Document Publish• HR Employee Info• CRM Customer Info
Authentication• HTTP Digest• X.509• Kerberos• XML Sign
Transport• HTTP• JMS• IIOP• SMTP/POP
Service Interfaces• WSDL• XML Schema
Documents• Functional Specification•API reference•Examples
Department• Retail• Securities• Wholesale
Response Time• < 0.1 s• < 0.5 s• < 1 s• < 5 s
Location• New York• London• Singapore
Policies – Capabilities & Constraints
SLA• Availability• Performance
Technical• WS-I• Security
Regulatory• FDA• SarbOx
Corporate• SLA• Governance
• Cost Center• IT
Key Abilities:• Visibility• Reusability• Adaptability• Manageability
Key Drivers:• Governance• Lifecycle
Management
EnableEnable PublishPublish DiscoverDiscover ManageManage
17
SOA GovernanceGovernance Interoperability Processes
Specifications
Policies
Classifications
Business Service
•Governance and Approval Process•Development and Runtime
Real-timeBusiness
Intelligence
Specifications Policies
Composite ApplicationAssembly
Specifications Policies
EnterpriseInformationIntegration
Specifications Policies
Web ServiceManagement
Specifications Policies
Web ServiceSecurity
Specifications Policies
Web ServiceDescriptions
&Policies
Web ServiceDescriptions
&Policies
18
SOA GovernanceAdding Management
Line of Business Manager
Development Architect
Operations Staff
Business Products
IT Resources
Software/ Config Assets
Deploys
Describes
Monitors
Tests
Describes
Develops
Monitors
Changes
EnableEnable PublishPublish DiscoverDiscover ManageManage
19
SOA ManagementQuick Recap of Problem space definition
Lifecycle Management
Products
Custom Tools
Processes
Service Development
Service Architecture
Enterprise Management
Tools/ IDEs
App Packagin
g
Web Service Brokers
Web Service
Containers
Databases
20
SOA ManagementSolution Overview
Lifecycle Management
Services Management
Services Model
Enterprise Management Integration
Products
Custom Tools
Processes
Service Development
Service Architecture
Enterprise Management
Tools/ IDEs
App Packaging
Web Service Brokers
Web Service
Containers
Databases
21
Business Service Lifecycle
• Mapping business processes to SOA Model
• Service design & development
• Compliance with business and IT standards and policies
• SOA infrastructure services
• Classification of Business Services
• Service interfaces, metadata and policies
• Service provisioning
• Certifications & approvals
• Configuration, change mgmt
• Locating and using services
• Design time usage
• Run-time usage
• Standards-based UDDIv3 interface for accessing data
• Federation
• Monitoring and reporting - SLA & QoS metrics
• Policy enforcement
• Message processing
• Change, impact analysis
• Integration -security & identity mgmt
Achieving the benefits of SOA through a systematic approach to SOA governance and Business Service lifecycle managementAchieving the benefits of SOAAchieving the benefits of SOA through a systematic approach to through a systematic approach to SOA governance and Business Service lifecycle managementSOA governance and Business Service lifecycle management
EnableEnable PublishPublish DiscoverDiscover ManageManage
22
Services ManagementResource manageability is Web service enabled
Managed Service
Managed Container
Web Service ContainerWSM Brokerothers
Microsoft IISWebLogic Serverothers
Container Agent
Management Services
Centralized Management
Services
23
Services ManagementInitially applied to Management Of Web Services
• Monitoring– Metric Computation over various time windows– Service Level Objective (SLO) Evaluation for breach or warning levels– Business Content Monitoring and notification
• Security– Transport (HTTP/S, X.509 Client Certificates)– Message (XML Digital Signature, XML Encryption - WS-Security)– Authorization/Authentication (HP OpenView Select Access, Netegrity SiteMinder)
• Auditing– Historical Model Audit– Historical Transaction Audit
• Reporting– Customer based SLA Reporting– Service based SLO Reporting– Transaction Audit Reporting
• Utility– Alert Notification over various protocols (WS Event, Email, SMNP Trap)– Centralized Log Viewing
24
Services ModelManaging the IT Services Life Cycle
ResourceType A
IT ServiceType A
IT ServiceType B
ResourceType A
ResourceType B
ResourceType B
Service Level ObjectivesPolicies Service Level
ObjectivesPolicies
DeclaredGenerated
Relationships
is entitled to
Events EventsResource Model
Resource Model
New IT Service RetireManageCreate
Resource Administrator
Resource Administrator
25
Services ModelManaging the Business Services Life Cycle
Business Service 1
ConfigurationType A
ConfigurationType B
Asset Model
Discovery
Service Level Objectives
Asset Model
Discovery
Service Level Objectives
Service Level Objectives
Replication of outer-most
Configuration SLO
DeclaredDiscovered
Relationships
Policies Policies
declares
depends on
Events Events
Propagated Events
Replication of All Configuration
Events
Business Service 2
Business Service 3
uses is used by
New Business Service ManageActivateCreate
Technical Owner
Technical Owner
Business Owner
Validate Passivate Retire
26
Services ModelEnabling better collaboration between stakeholders
• Discovery• Coordination• Problem Isolation• Business Impact• Organizational
Relationship
Business Managers
IT Development
IT Operations
BusinessService
Config Config
ITService
ITService
Define
IT Operations
Resources
Populate
Business Managers
IT Development
IT Operations
Monitor
Control
SOA Services Model enables
27
Services ModelKept in synch with changing IT environment
• Automation– Life Cycle Discovery maintains
synchronicity between services model and infrastructure.
– Deploy/Upgrade controls the deployment or un-deployment of services while adjusting the service model as such lifecycle changes occur.
– Coordination updates various components within the SOA, such as intermediaries and registries.
• Organizational Relationship– Creates a shared context
among all constituents within the model and its lifecycle.
WS Broker
IT Service Broker
IT Service App Server
WS BrokerWS
ContainerWS
Container
BusinessService
ConfigurationBroker
ConfigurationApp Server
InfrastructureServices Model
Life Cycle Discovery
Deploy/Upgrade
CoordinationUpdates
OrganizationRelationships
SOA Services Model Functionality
28
Services ModelEnables significant Management Use Cases
• Problem Isolation–Problem isolation can be
performed for composite applications supported by a virtualized network.
• Business Impact–Business impact can be
performed even as a layer of abstraction is created between business services and their supporting infrastructure.
• Incorporation of External Configurations
–Policies and metadata generated from tools other than SOA Manager can be imposed and enforced within the Services Model.
WS Broker
IT Service Broker
IT Service App Server
WS BrokerWS
ContainerWS
Container
BusinessService
ConfigurationBroker
ConfigurationApp Server
InfrastructureServices Model
SOA Services Model Functionality
ExternalConfigurations
BusinessImpact
ProblemIsolation
29
Enterprise Management IntegrationModel driven, open standards based, loosely coupled
Open Integration
Resources
Consoles
Designers BusinessService
Config Config
ITService
ITService
HP OV SOA Manager
HP OV Operations/
Service Navigator
HP OV SOA Manager
ResourcesManagement Applications
UDDI
XML
web services
web services
web services
Web Services
•Functionality:– SOA Services Model
defines the integration points to SOA Manager.
– Uses a WSDM-based management channel
•Benefits:– Allows customers to use
any management tools, leveraging open standards
– Creates an adaptable approach to using enterprise management tools as the demands of the business evolve
Enterprise Management Integration Functionality
30
HP OpenView SOA Manager & Business Service Registry - Joint Solution
SOA Manager
Lifecycle Management
Services Management
Services Model
Enterprise Management Integration
Products
Custom Tools
Processes
Service Development
Service Architecture
Enterprise Management
Tools/ IDEs
App Packaging
Web Service Brokers
Web Service
Containers
Databases
Business Service Registry
31
Concluding Remarks
• SOA governance determines what decisions are to be made and who makes those decisions. IT management is the process of making and implementing the decisions.
• SOA brings a lot of benefits but also raises challenging governance and management issues.
• A combination of a business service registry and SOA management creates a solid foundation for governance that stems from lifecycle management to ongoing run-time policy and service monitoring and enforcement.
32