SOA Governance: 5 Common Mistakes And How To Avoid Them PDF Free Download

2y ago

37 Views

1 Downloads

524.92 KB

37 Pages

Report/dmca

Download PDF

Transcription

the open source choice for SOA infrastructureSOA Governance: 5 common mistakesand how to avoid them

What is SOA Governance?SOA Governance refers to processes that ensure that servicesand applications are developed so that they are aligned with:– Best practices– Business Requirements– Laws– SLAsGovernance spans people, policies, processes and toolsAll contents Copyright 2008, MuleSource Inc.4

Benefits of SOA GovernanceImproved adherence to best practices, requirements, and lawsIncreased service and application reuseLower application maintenance costsDecrease time to marketAbility to make informed decisions about whatservices/applications/artifacts can be reusedAll contents Copyright 2008, MuleSource Inc.5

What is a Repository?Storage of artifacts– Mule configurations, Applications, WSDL, WS-Policy, etcDependency ManagementLifecycle managementEnforce artifact policiesValue:– Gain visibility into other applications & services which can be reused– Collaborate on services or applications– Make applications, schemas, WSDLs, etc available for easy reuse– Ensure that artifacts meet governance requirements

What is a Registry?System of RecordView runtime information such as– Which services are running– SLA informationTrack dependencies from an artifact all the way down to aparticular node. i.e. Machine X is actually using this WSDLTrack service lifecycles:– Which services can I use?Enforce runtime policies:– All endpoints must be SSL encrypted– Services must be WS-I compliantAll contents Copyright 2008, MuleSource Inc.8

What is SOA ManagementProvisioning– Add new nodes or clusters– Roll out new versions of applications– Push from development to productionBusiness activity monitoringAll contents Copyright 2008, MuleSource Inc.10

What are the biggest challenges you have faced in deployinggovernance solution?1. Too expensive2. I find existing tools to be too heavy-weight or difficult to use3. Existing tools require too many changes to my organization or processes4. I require significant customization, and I don’t want to use proprietarysolutions5. Don’t have time to implement a “big-bang” approach to governance6. I haven’t looked into SOA governance

the open source choice for SOA infrastructure5 Common Mistakes

GovernanceGoal – encourage desirable use of ITAll stakeholders have necessary input in decision process(executives, IT staff, customers, etc)Coordination of projectsMetricsChange ManagementSpending, Incentive systemsException ManagementAll contents Copyright 2008, MuleSource Inc.15

Decentralizing common artifactsScattered artifacts translate to:– Time wasted searching for service interfaces and schemas– No central authority for the published service interface/schema– Discourages the discovery and reuse of services/schemas/applications* Some of these were taken from Service Oriented Architecture, by Thomas ErlAll contents Copyright 2008, MuleSource Inc.18

A centralized authorityCreating a centralized repository/registry allows others to–Reuse your artifacts–Utilize an authority for what services, schemas, and applications areavailableAllows tracking of not just what is available, but the state of itsavailability–i.e. What services are available which are in production?Often, the usage of a registry/repository must be required or itmay not be used and no benefits will be realizedAll contents Copyright 2008, MuleSource Inc.19

Problems with reinventing the wheelIncreased application development timeServices aren’t as robustIncreased maintenance due to service and applicationproliferationAll contents Copyright 2008, MuleSource Inc.21

How to stop the reinvention cycleEnsure you’re sharing requirements and collaborating onservices and requirementsWatch for new services and applications across anorganizationReuse applications, services, and artifacts whenever possibleUse a centralized repository/registry to store informationAll contents Copyright 2008, MuleSource Inc.22

Hoping for best practicesDevelopers will not automatically align themselvesDevelopers may not know best practicesNet negative results– Badly written and/or buggy code– Inconsistent security, or even worse, no security– Non interoperable servicesAll contents Copyright 2008, MuleSource Inc.24

What are some best practices?Best practices can be enforced anywhere from the build(Maven/Ant) to the Registry (Galaxy) to the process/peoplelevel.Build time:– Checkstyle– PMDDesign Time:– Check for backward compatibility– WS-I Basic Profile Compliance– Require DocumentationRun Time– Security Requirements– WS-I Basic Profile ComplianceAll contents Copyright 2008, MuleSource Inc.25

Consequences of consumptionWhat changes can I make to my service or schema withoutaffecting others?– Will you break somebody else’s service?– Is anyone even using your service?– Has your service, unbeknownst to anyone, become a critical part of thecompany’s infrastructure?What features are others using?What features do people want?All contents Copyright 2008, MuleSource Inc.27

Tracking ConsumersDependency Management– What other artifacts directly depend on the ones I’ve published?– What artifacts do my artifacts apply on?Galaxy can track which artifacts important other ones inWSDLs, Schemas, and WS-Policy filesUse Maven and a Maven repository tool to track build timedependenciesAll contents Copyright 2008, MuleSource Inc.28

Common Application Deployment ProblemsMany application deployment strategies are ad-hoc, not welldocumented, and only understood by one personThey involve error prone manual processes– Developer actions should be automated as much as possibleRolling back to a previous version is often is impossibleOften confusion about exactly what version oflibraries/configurations is in productionAll contents Copyright 2008, MuleSource Inc.30

Application management with a Reg/RepSolution: Use a centralizedplace for software/serverupdatesPull applications,configurations, etc directlyfrom the repositoryResults in– Improved manageability– Smoother deployments– Easier upgrades/rollback– Ability to track which versions ofan application are in useAll contents Copyright 2008, MuleSource Inc.31

the open source choice for SOA infrastructureMule GalaxyOpen Source SOA Governance

Galaxy ArchitectureWeb InterfaceExtensibleQuery &IndexinglanguageGovernanceFrameworkAtomPub HTTP tingMuleWS FrameworksetcArtifact Storage and Metadata RepositoryAll contents Copyright 2008, MuleSource Inc.33

Why Galaxy?Open Source– Download, get started now!– Extend it to support your own custom needs– Your feedback will be incorporated into the productWorks with web services and non web services– Store any artifact inside the repository– Extend the repository to support your own artifactsExtensible query languageDependency and Lifecycle managementRecord of changes inside repositoryTight integration with MuleAll contents Copyright 2008, MuleSource Inc.34

Where does Galaxy Fit?GalaxyRegistry/RepositoryYour ApplicationPublish via Maven/AntStore Artifacts Application Jars OSGi Bundles Mule configurations WSDL for web service Shared schemas Reusable applications &configurationsCollaboration throughcomments and visibilityMule ClusterBoot from GalaxyManage Artifact &Service LifecycleTake appropriateactions during lifecycle,such as initiating QARESTful AtomPubHTTP APIAll contents Copyright 2008, MuleSource Inc.35

the open source choice for SOA infrastructureGalaxy DemoOpen Source SOA Governance