SOA Fundamentals

watermelonroachdaleInternet και Εφαρμογές Web

30 Ιουλ 2012 (πριν από 5 χρόνια και 1 μήνα)

311 εμφανίσεις

®


SOA Fundamentals
(2)

面向服务的业务流程管理


2010
年教育部
-
䥂M
精品课程

Agenda


SOA Governance


RUP Modeling


SOA scenarios


Management and security


References



SOA governance defined


Governance comes from the root word “govern”


Governance is the structure of relationships and
processes to
direct
and
control
the
SOA components
in
order to achieve the goal of the enterprises


The governance model defines:




What has to be done




How is it done




Who has the authority to do it




How is it measured


SOA governance challenges


No clear ownership for common services


Infrastructure is owned by IT, while clients and back
-
end systems are
owned by lines of business


Tends to result in a proliferation of variations of “common services”
dedicated to specific channels


Need for SOA governance


The SOA characteristics of loose coupling, reuse and
extensibility are the basis for providing an agile business
environment


This agility can only be attained when each LOB maintains
its services entities and can be assured that other LOBs are
doing the same with their services


This assurance can only be realized through SOA
governance


More on SOA governance


Aligns business and IT strategies and creates the communication paths
between them




A business
-
driven approach to making better IT decisions




Less time wasted due to poorly
-
managed conflicts


Institutes efficient and effective decision
-
making with clearlydefined roles
and responsibilities


Provides a framework for measuring the effectiveness of SOA


Planned checkpoints in the SOA project life cycle




Conformance checkpoints
deal with design, direction, decisions and funding, for
example
:


• Service ownership, service realization, security regulations




Vitality checkpoints
help ensure the architecture stays current


• Service impact, funding, reuse, training


SOA governance compared with IT governance


IT governance covers all aspects of IT, such as:




Data governance




IT security




IT resources are used responsibly


SOA governance is an extension of IT governance and addresses
aspects of the “service life cycle,” including:




Service registration




Service ownership




Service publishing and discovery




Service versioning




Deployment of services and composite applications




Security for services


SOA
-
driven transformation requires SOA governance


Service
-
orientation is not easy to achieve, and requires significant
organizational change




New roles and responsibilities




New business partners




New skills


SOA adoption requires significant commitment




Structural and process change require executive level support




IT investment is needed for application restructuring




The most rapid economic returns comes from systems integration activities rather
than new systems development


Without governance there is anarchy




With governance you control the rate and direction of change




Without governance no one controls anything


Service domain definition and ownership


Classify services into logical domains and assign owners to each
domain, to simplify the management and implementation of an SOA




Business Service Domains


services that provide business value
such as request for information, and contain business logic




Infrastructure Service Domains


services that provide indirect
business value and do not contain business logic (for example,
authenticate user)


Domain owners monitor, define, and authorize changes to existing
services and decide when a new service in their domain is required


IT and business alignment with SOA governance

Roles and responsibilities in SOA governance


Who “owns” common services? How are they funded?


How is service reuse enforced?




A service directory is only part of the issue, reuse is also a cultural and
procedural issue


Who resolves different requirements for service behavior between
applications or business units?


Who owns, enforces and maintains service design, naming, development
and technology standards?


Who manages versioning and co
-
existence of services?


Who publishes services? Who manages the taxonomy and categorization
of services?


Who authorizes access to services?


Who assures the quality of the service?




The overall response time




The overall testing when composition is used


Governance aspects


Service versioning




As a service consumer, how do you identify which version of a service you want
to use? As a service provider, how do you identify which version of a service is
being requested?


Service dependency management




How do you synchronize changes between process models (BPEL), component
models (UML), data models (SQL), and service models (WSDL)?


Service ownership




How do you determine who owns which services? How do you align service and
business ownership in your organization?


Service testing




If SOA uses intermediaries to insulate service consumers from changes to
service implementations, how do service consumers know when to re
-
test?


Service security




How can security protocols be made interoperable across service domains?


IBM SOA governance life cycle

Governance in the IBM SOA Foundation

Motivation for a service registry and repository


As the number of services in SOA infrastructures increases, it
becomes increasingly important to have a system of services







A business service registry and repository manages the service
metadata, enabling selection, invocation, management,
governance, and reuse of services leading to a successful SOA



Business service registry overview


A business service registry and repository is an enterprisewide
service metadata repository that securely registers services and
relevant information, enabling SOA life cycle and governance by:




Publication of service endpoint capabilities




Management of service metadata




Finding and subscribing to the services




Service
-
level agreement (SLA) and policy management and
registration of contracts


Agenda


SOA Governance


RUP Modeling


SOA scenarios


Management and security


References



The need for modeling and types of models


Focused on solving key challenges



Integration through SOA



Core system renewal



Process transformation



Operational insight, risk and
compliance



Data governance and
standardization


Key Benefits



Reduces the time for process, use
case analysis



Accelerates stakeholder approval



Supports most of the data
requirements



Compresses time compared to
custom
-
built projects


UML 2.0 Profile for Software Services


Is a profile for UML 2.0 which allows for the modeling of service
-
oriented solutions


Has been implemented in IBM Rational Software Architect


Aim to provide a common language for describing services


Has profiles consisting mainly of
stereotypes


A stereotype defines which UML class (meta
-
class) it is
associated with, properties of that class, and constraints on how
stereotyped elements may be associated with other elements


Use the stereotypes in the UML 2.0 Software Services profile to
model services


Service Model Contents: UML 2 Profile for Services


Concepts supported by the UML 2 Profile for Software
Services


Service development using RUP/SOMA


Rational Unified Process for service
-
oriented modeling and architecture
(RUP for SOMA)


Provide technologies to enable the effective communication of the
design




UML 2 notation




Make the models widely available


Transformation authoring




Tools to build transformations from model
-
to
-
model based on architectural
decisions




Tools to transform models
-
to
-
code


Create and enforce rules which support the architecture




Process guidance




Visually compare model changes




Link requirements to design


What is RUP for SOMA?


Service
-
oriented modeling and architecture (SOMA) is the IBM
SOA method




Delegates “business
-
as
-
usual” tasks to an underlying method such as Rational
Unified Process (RUP), a customer
-
specific method, or a combination of both


RUP/SOMA is an
integrated, commercially available version of
SOMA that relies on RUP
for business
-
as
-
usual tasks


SOMA includes support for the identification, specification, and
realization of:




Services




The service components implementing them




The process flows that choreograph services into composite applications


All customers have access to RUP/SOMA through an IBM Rational
Method Composer license


Model types and usage

Key phases of RUP for SOMA

Approaches to service identification


Domain Decomposition (Top
-
down)




Focuses on the business




Starts with models representing business processes




Business process are made up of business tasks, from which services can be
identified



Existing Asset Analysis (Bottom
-
up)




Examination of deployed applications to find candidates for reuse


Goal
-
Service Modeling




Identify goals and sub
-
goals




Identify candidate services from sub
-
goals




Identify existing assets that match the functionality required by the new
business goals


Example of roles, tasks and products used in RUP for SOMA

Using IBM WebSphere Business Modeler


WebSphere Business Modeler provides a flexible and
visual process modeling environment


Integration with Rational Software Architect


You can load a WebSphere Business Modeler project business
model as a UML 2.0 model file


You can then use model
-
driven development to extend,
implement, and realize the artifacts that the generated UML 2.0
model defines


Imported process models can be decomposed, compared with
the business goals defined in RUP, and then converted to a
model of services


What is a service model?


The service model is a key
work product used to
document the results of a
service modeling exercise


Various decisions are made
and models created during:




Identification of services




Specification of services




Realization of services


The service model
documents the decisions
made in this process, and
captures the design aspects
and models that will be
used in implementing the
creation and assembly of
services


Components of a service model

SOA model example: Analyze existing functions

SOA model example: Initial service specification


The activity
Service Identification
introduces a number of
techniques for identifying the services and operations on
services which are required to support a solution


This example is a form of legacy renewal, the transformation of
existing functionality to a services model


The first aspect is to develop the set of
Service
Specifications
that will provide the contracts for the services
implementing the required functions


SOA model example: Service design


In this step, you make the transition from the set of candidate
services that were identified earlier into the detailed design of
the services you intend to build


SOA model example: Message design


Captures the actual messages exchanged between the
operations described on the service specifications


SOA model example: Service realization


From the Service design model you can use tools to transform
the model into code. The code being generated can be an EJB
implementation for deployment in a J2EE environment


SOA model example: EJB implementation

Agenda


SOA Governance


RUP Modeling


SOA scenarios


Management and security


References



The SOA Scenarios


The SOA scenarios can be used as a reference architecture
implementation (starting point) to accelerate the SOA
architecture and implementation of your customer scenario.


Creating and Reusing Services


The Reuse scenario involves exposing as a service:


The functionality of an existing application


New business logic


It addresses business needs to:


Outsource without impacting existing applications


Turn proprietary systems into marketable business assets


Leverage an existing IT investment


Consolidate redundant systems


Create new services from scratch


Business requirement




Create a service that represents new business function




Expose standards
-
based service to third
-
party consumers


Solution




Create a service implementation based on open standards




Deploy the service to a reliable, scalable, and secure application
server


Optional




Publish the Web service metadata in WebSphere Service Registry
and Repository


Create new services: Realization


Products




Rational Application
Developer




WebSphere
Application Server
Network Deployment


Optional products




WebSphere Service
Registry and Repository


Consume external services solution pattern

Consume external services


Business requirement



Outsource non
-
key business function to third
-
party providers



Open standards are required to promote flexibility


Solution



Create an open standards based service consumer



Host the service consumer on a reliable, scalable, and secure
application server


Consume external services: Realization


Products



Rational Application
Developer



WebSphere Application
Server Network
Deployment


Implementation details



Generate the Web service
proxy from the WSDL
supplied by the third
-
party
service provider using
Rational Application
Developer



Implement the consumer
and deploy it on
WebSphere Application
Server ND


Internal connectivity based on open standards solution pattern



The Connectivity scenario integrates
service providers and consumers,
allowing for the reuse of services across
multiple channels.

It addresses business needs to:

-
Isolate modernization and conversion
of backend systems from applications

-
Speed up new application development
and integration

-
Manage traffic among services
consistently, with minimal redundancy

-
Change service implementations and
add service consumers

-
Strengthen governance of services



Enterprise service bus (ESB)
functionality is key in the
implementation of this scenario

-
An ESB gateway can be used with third
party service providers


Internal connectivity Realization


Products




WebSphere Integration
Developer




WebSphere ESB



Optional products




WebSphere Service
Registry and Repository


Implementation details




Services communicate
using standards based
interfaces




ESB provides protocol
and message
transformation and
routing


Agenda


SOA Governance


RUP Modeling


SOA scenarios


Management and security


References



SOA management objectives


Ensure service availability




Enforce policies and mediate services


Monitor response times




Collect key performance metrics


Prevent problems




Monitor and adjust resources


Identify and fix problems




Trace transactions and diagnose problems


SOA applications are composite applications


An SOA application is composed from services: Application components
with published interface definitions


These services require transactions to cross multiple host platforms in
order to complete their functions


Managing SOA is part of composite application management


The challenges of application management


Business processes are built on composite applications


Composite applications are difficult to design, build, test, and manage for high
performance and availability


Traditional management processes and tools only provide a resource
-
centric (silo)
view of performance


A composite Web application involving J2EE, integration middleware, and
legacy systems


SOA challenges in application life cycle

SOA management challenge: Abstraction level


SOA management requires dealing with increased levels of
abstraction


IBM SOA management products

The ITCAM solution portfolio

ITCAM for SOA


Monitor, manage and
control the IT service layer:




Web Service
management views in the
Tivoli Enterprise Portal




Mediation Services
(start/stop, audit and
logging)




Analysis of historical
Web services data
(content and context)




Visualization of
WebSphere Platform
Messaging framework


ITCAM for RTT: Transaction management capabilities


Proactively recognize performance problems at the user level




Monitor end user response time




Continually verify that transactions are available and performing by comparing them
against a response time threshold




Alert you when performance at the user is degraded


Quickly isolate problems




Visualize entire transaction, end
-
to
-
end, as it crosses the nterprise




Automatically pinpoint source of bottlenecks


Prove transaction service level delivered at the user




Consistently test services and measure their response




Report results against committed service levels


SOA security: Part of SOA governance

Security considerations overview


SOA introduces additional challenges for security due to its very nature:




Cross
-
enterprise inter
-
operation


• How can security context be shared across organizational boundaries?




Focuses on federated inter
-
operability


• For example, where do you store shared security state within a


distributed network?




Involves human and automated service invocations


• How do components authenticate and apply access control to each


other and to human operators?




Affects and spans all architectural layers


• Enterprise, application, services, network and transport layers


You need to extend the traditional security models, taking into
consideration SOA requirements


SOA


unique security challenges


SOA involves an encapsulation of business aligned services



The intent is to provide a layer of abstraction between the service
view of an architecture (service interfaces) and the implementation
of those services


Web services security (WSS) standards address these
challenges

WS
-
Security


WS
-
Security specification provides message
-
level security


Advantage over transport
-
level security is that it provides endto
-
end
message level security


References


http://www.ibm.com/developerworks/bpm


Business Process Management: Modeling through Monitoring Using WebSphere
V6.0.2 Products, August 2007


Designing SOA Solutions with the IBM SOA Foundation,SOA590 /
RA911 ,December, 2006


Anthony Catts,Joseph St. Clair. Business Process Management Enabled by SOA.
ibm.com/redbooks,2009


Anthony Catts, Joseph St. Clair. Business Process Management Enabled by SOA.
ibm.com/redbooks,2009


Getting Started with SOA
-
WS007


SOA590 Designing SOA Solutions using IBM SOA Foundation


Using IBM WebSphere Business Modeler, Monitor and Process for BPM


Assessment Assets for Service Oriented Architecture
-
SW707


http://gocom.cc/


http://www.redbooks.ibm.com/cgi
-
bin/searchsite.cgi?query=BPM&SearchOrder=1&SearchFuzzy=