Taming the SOA Chaos Debu Panda Oracle
Many initiatives lack Business/IT collaboration Business - Strategic modeling Requirements, powerpoint, visio model, Export files IT Executable modeling Enter order Sell products Service customers Get paid Update ERP Update GL No visibility into IT? Disconnect between conceptual model and implemented process Not sure how to improve process and reduce costs? Change in business rules and processes Fulfill order Print invoice Requirements not clear? Business is constantly asking for changes No visibility to process execution Change in partners and technology Slide 2
SOA Quiz Context: SMS to 55555 Which of the following is true: A. SOA is no longer a buzz word B. SOA creates chaos C. SOA is the answer to solve all IT chaos D. All of the above A Lucky winner will be appointed as Head of SOA COE Slide 3
Service Oriented Architecture Defined Service Oriented Architecture is an architectural style whose goal is to achieve loose coupling among interacting software agents. A service is a unit of work done by a service provider to achieve desired end results for a service consumer. Dr. Hao He, W3C Web Services Architecture Working Group Slide 4
Characteristics of Service Oriented Architecture Services have platform independent, self describing interfaces (XML) Messages are formally defined Services can be discovered Services have quality of service characteristics defined in policies Services can be provided on any platform Interoperable Composable SOA Loosely Coupled Re-Usable Slide 5
An example SOA solution Operational dashboard SHOPPING PORTAL ESB Order Booking BPEL PROCESS BAM receive Insert Order Order DB Rule Author Rules repository Rules Engine ESB Decision Service SelectMfr invoke receive getcustinfo Manual Review? RapidMfr invoke receive 5-15 min Web Services Interface: XML, SOAP, WSDL, WSIF EJB 3.0 Customer service Approval (Rich Workflow) Product Suppliers Fulfill Order FedEx USPS Notify Cust end Notification Service Slide 6
Key SOA Standards Fusion Effect Richer Experience More Adaptable More Interoperable Portal ERP/ Legacy Apps PKI Dashboards Web Application WS Process Flow Logic Security Reliability Logging Failover Dynamic Routing Custom Apps & Services API Web services MONITORING USER INTERFACE PROCESS ORCHESTRATION SERVICE BUS BUSINESS SERVICES BAM WSRP, JSR-168 BPEL WS-Security XML/XML Schema JMX Struts/JSF XSLT/XQuery WS-Policy, SAML WSDL/WSIF Web Services Mgmt SOAP JCA JMS Slide 7
Broad Adoption of SOA Financial Services High Tech Telecom Government Transportation Travel Retail Order/Payment Processing New Account Provisioning Process Trade Exception Management Order Management Trading Partner Integration Cell Phone Activation VoIP Provisioning DSL Provisioning Medicare Eligibility Determination and Enrollment Satellite Data Exchange Publish and Process Forms Employee On-boarding Fleet and Asset Management Reservations Sales Data Integration Slide 8
Web Service Stack Evolution The Reality Early Apache SOAP XQS is a Vision Developer Centric Limited Tooling Integration Proprietary Web Services Stacks With the buzz word J2EE 1.4 JAX-* WS-Reliability & WS-Security Attachments & Annotations Enterprise Ready Scalable & Performant Uptake consolidation starting Java EE 5 JAX-WS /.Net WS-*, MTOM, UDDI Event Infrastructure Async Web Services Interop Focus Integration Focus Consolidated Tech Stack Metadata Driven Integrated Tooling Enterprise Ready Scalable & Performant Mesh/SCA Slide 9
Complying to Web Services- Interoperability HTTP SOAP HTTP REST JMS SOAP SCA Metadata Model & Service Binding WS- Security SAML WS- Reliable Messaging Agent Auditing Logging JAX-WS Declarative QoS - Web Services Interoperability Infrastructure (WS-*) Attachment (MTOM/SwA) Web Services Metadata WSIF Oracle Containers for Java EE JAX-B Data Binding Web Services Java Programming Model Java EE JAX-R Slide 10
Key Standards: BPEL and Process Orchestration Standard markup language for composing a set of discrete services into an end-to-end process flow 10+ years of R&D from MSFT and IBM Rich Flow Semantics SalesDB start Duplicate Number! Optimized Bindings (not just Web services) Billing Transformation WS-Security A Process is a Service Router end Slide 11
The BPEL Process Manager Enterprise-strength infrastructure for BPM BPA Suite JDeveloper Process Modeler BPEL BPEL Designer Comprehensive and native BPEL implementation Easy-to-use modeling tool Workflow Services BPEL Process Manager Scalable and reliable engine Integrated BPM Services Workflow Decision Service Sensors WSDL Binding Web services Java, JMS File, FTP Dehydration Store (Oracle Database) Flexible binding framework Rich management and monitoring Core BPEL Engine Database Apps Process Console J2EE Application Server (Oracle AS, WebLogic, JBoss, WebSphere) MANAGE Slide 12
Business Process Blueprint Problem Models are only used for documentation and project planning. They become obsolete as soon as they are released. Gap between functional experts and technical experts. Solution - Business Process Blueprint - Shared metadata between BPA suite and SOA suite - Annotation on existing process metadata (NOT import/export) - Link operational models to strategic and conceptual models - Self-Documenting Processes - Self-Auditing Processes Business Analyst Process Outline Automated Activities Human Activities Business Events Business Rules Notifications Key Performance Indicators Application Composer Slide 13
Enterprise Service Bus: Component Architecture Components ESB Console UDDI MDS Security Policies Portlets Enterprise Service Bus SOAP JAX Composite Applications, Portals, BI and BAM Web UI JCA SAP In Memory Java BPEL JMS Mainframe fx BAM B2B Trading Partner Integrated Designer Rich Monitoring Console JCA Adapters Routing Service XPATH Filter Expressions XSL Transformation Metadata Repository/Server Features Content Based Routing Enterprise Messaging - OEMS Native XML and Web Services Multi Transport Fabric Usage Patterns Point to Point Canonical Modeling Store and Forward Request/Response Externalized Services Slide 14
Business Rules Rules de-couple decision services from SOA applications Are declarative not procedural Best practice for SOA applications Agility Transparency Can be generated from GUIs Applications requiring agility Frequently changing (legal) regulations Frequent policy changes to reflect market changes Requirements for high levels of customization Slide 15
Process Models continuous refinement 1. Business Process model Oracle BPA Suite - EPC/BPMN models Business Process Model Business Modeling Logical Design Shared Metadata Physical Design Technical Modeling Oracle JDev - Process Designer (BPEL) 3. Complete Executable Process 2. Process Blueprint (Logical Design) Slide 16
Challenge #1 Capture Real-Time Data Business Apps Business Events, state transitions Business Processes (BPEL) Monitoring activities, states RFID and Sensors Active and Passive Location, Temperature, Moisture, Motion, etc. System Management Performance metrics, alerts, logs Messaging Systems JMS, TIBCO, MQSeries Security Authentication, authorization, audit trail Database Streams Slide 17
Challenge #2 Analyze Processes, Trends, and Context Monitor a Single Process Track each process step Identify failures Process Aggregations Averages, KPIs, SLAs Identify bottlenecks Complex Event Processing Correlate independent events Identify threats & opportunities Context Historical performance Rolling average Past Week Today Past 15 Minutes Slide 18
Challenge #3 Deliver Information to Business Users Real-Time KPIs Thin Browser GUI Role-Based Access Live Display Technology Portal Compatible Embedded Actions Slide 19
A Typical SOA Application Credit Rating start Handle Negative Credit Exception Request Offer Request Offer Receive Offer Receive Offer? Select Lowest Offer end Slide 20
The Security Requirements 1. Limit who can initiate processes 2. Encrypt SSN Credit Rating <SSN> 011-22-4488 </SSN> start Handle Negative Credit Exception Request Offer Request Offer Receive Offer Receive Offer 3. Callback has to go through firewall? end Select Lowest Offer 4. Make sure no other sensitive data is unprotected Slide 21
Managing Web Services Security 2. WS-Security: Authentication & autoencryption of SSN in XML message 1. SAML: Role-based access control start Add Oracle WSM Gateways/Agents Handle Negative Credit Exception Request Offer Request Offer Receive Offer Receive Offer 3. Web services Management: Service virtualization in DMZ? end Select Lowest Offer 4. WS-Policy: System-wide service auditing Slide 22
Web Service Management Decouple your Security and Management Policies from Service Logic Without WSM, policy is hard-coded into each Web Service Result is siloed, inconsistent security and management A change in enterprise standards = rework of every service Higher cost, more fragile, harder to change No unified insight into operations across services Slide 23
Policy Attachment Search for available policies Attach/detach policies to a port Slide 24
Policy Management - Policies Search for policies Port dependency per policy Customize out-of-box policies create like Create new policies Edit policies Generate client policies Export/import policies Policy subject validation Slide 25
Oracle WSM Components BUILD Policies ENFORCE Policies Deployment as Gateway Process or as Embedded Agents MONITOR Policies Policy Gateway Policy Manager Policy Agents Oracle Enterprise Manager Web Services Slide 26
The UDDI - Registry? Provides visibility into services, service providers and related resources across the enterprise Policy Manager Policies SOA Infrastructure Services, BPEL Processes, ESBs SOA Repository XSDs, XSLTs, Etc. Slide 27
Who Uses a UDDI Registry? B2B partner relationships Provisioning/release of services to partners Portal integration to enable discovery Business analysts/it management Definition of service portfolio Visibility into current portfolio Impact analysis Product development Re-use of existing services Design-time access to related artifacts such as policies and schemas Slide 28
Key Benefits Enables service providers to categorize, catalogue and advertise offerings Allows users and consumers to find, access and/or invoke services that meet defined criteria Slide 29
Service Registry - Provides Key SOA Governance Capabilities Those IT managers seeking closer alignment with business goals must combine the ideas of registries, policy and business services to increase the chances of success. Gartner Group Lifecycle management via custom taxonomies Change notification Controlled view and access into services SOA metadata management Quality control through approval process Slide 30
Key Challenges for Administrators Manage and Monitor Complex IT Infrastructure Complex Applications Discovering Topology Maintain SLA Diagnose and fix Issues Slide 31
Mind boggling SOA How do I manage WS-* UDDI BPEL JAXWS SCA ESB RULES Manage SOA Chaos Slide 32
Key Challenges for Administrators Manage and Monitor Complex IT Infrastructure Complex Applications Discovering Topology Maintain SLA Diagnose and fix Issues Slide 33
Patch & Reconfigure Systems & Appilcations Optimize Workload Management Provision Software Integrated Systems & Applications Mgmt. Monitor Systems & Applications Deploy and Secure Applications Ensure High Availability Slide 34
Composite Application Management Solution Solution SOA Runtime Governance Service Level Management Application Performance Management Configuration Management Lifecycle Automation Key Capabilities Auto discovery of process dependency BPEL process monitoring BPEL integration server monitoring Service modeling (including web services) SLA monitoring, real-time reporting Service & System Dashboards End User Monitoring synthetic, real Web Service Monitoring Cross-tier performance Call stack analysis Integration with SQL diagnostics Configuration discovery, compare, search Change history Configuration Policies Change, Clone wizards Deployment Procedures Products SOA Management pack Service Level Mgt Pack SLM Pack AS Diagnostics Pack Other: Plug-ins AS Config Mgt Pack Config Mgt Pack for Non-Oracle AS Provisioning Pack Slide 35
Service Level Management Align IT and business customers on service levels That s what you aim for 1. Real-time view of SLM, enabling you to resolve issues before service level violations 2. SLA based on both, system and end user metrics Slide 36
Lifecycle Automation Cost effectively manage many as one Provisioning Framework Pre-tested software image libraries Automated software image deployment Direct connection to MetaLink Provisioning of bare metal OS Overview Web Cache HTTP Server OC4J Visual ID of Root Cause Failure Patching, Cloning Wizards Intelligent cloning makes adjustments for IP address, host name, etc. Critical Patch Facility (security) OS patching Deployment Procedures Customize EM to company process Automate complex deployments Slide 37
SOA Infrastructure Management BPEL Server LOAD BALANCER App. Server BPEL Process App. Server EM GRID CONTROL BPEL Server App. Server Dehydration Store (Oracle Database) Cluster of Servers
The Oracle SOA Technologies BPA Suite MANAGEMENT Analyst & MONITORING Tools BAM ROUTING & ORCHESTRATION Events Business Monitoring BI Analytics Enterprise Manager GOVERNANCE System Monitoring JDeveloper App Dev Framework BPEL Process Manager DATA Enterprise SERVICES Service Bus & CONNECTIVITY Multi Protocol Adapters Apps Native BPEL DB ODI Bulk Human Workflow XSLT Transform ETL B2B Partners Business Rules Routing SES RFID Web Services Manager Management Security Registry Discovery Policies Metadata Repository Messaging J2EE Application Server Oracle AS, JBoss, WebLogic, WebSphere Slide 39
More information Oracle SOA center http://otn.oracle.com/soa <Insert Picture Here> Slide 40
Shameless Marketing plug <Insert Picture Here> http://manning.com/panda http://debupanda.com Slide 41