Professional Documents
Culture Documents
Successful SOA
Deployment for
Your Enterprise
an IT Management eBook
Contents…
Managing a Successful SOA Deployment for Your Enterprise
This content was adapted from Internet.com’s CIO Update Web site. Contributors: Majid Abai,
Mukund Balasubramanian, Theo Beack, Kamran Ozair, and Lionel Carrasco.
2
2 Practical Approaches for Creating an
SOA-Based Organization
4 6
6 The Nine Requirements for a Successful
SOA Deployment
9 12
B
efore thinking about implementing a service- • How should budgets be allocated for development, mainte-
oriented architecture (SOA), we should consider nance, and future modifications of the services?
an approach to the whole concept in general. • How should requirements from various business units be priori-
I’d like to focus on some practical strategic ap- tized for modification and maintenance of services?
proaches to SOA before and after the implementation. • Whose budget should pay for infrastructure and tools utilized
by all business units?
Consider SOA as a • Should there be a centralized
Design Approach team responsible for quality as-
In his book, Service-Oriented surance of all services (especial-
Architecture: Concepts, Tech- ly performance of the services)
nology, and Design (Prentice or should each project team
Hall), Thomas Erl urges orga- perform this task?
2 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
Similarly, and depending on development and mainte- Consider Creating a Strategy Prior to
nance approach chosen, budgeting for such implementa-
Buying the Tools
tion/maintenance would fall either with the business unit or
In many instances, we have seen many projects start by
through central buckets paid by all business units. In some
buying the tool prior to having the requirements docu-
organizations, however, the business unit associated with
mented. SOA is not an exception. However, this approach
the development of the service will pay for the develop-
will be counter-productive to an organization’s long-term
ment, where maintenance is paid by a central budget paid
plans.
by all business units.
It is important for an organization to create a three- to five-
Consider Top-Down Planning and year strategy for transforming itself into an SOA-based
Bottom-Up Implementation organization including executive support, business team
Regardless of the project, I have always been an advocate alignment, identification of the initial project, practical
of starting small, managing problems at a smaller scale, steps, governance procedures, scalability schedule, main-
documenting lessons learned, and then expanding to oth- tenance procedures, etc. — prior to identification and pur-
er projects. The same is true for an SOA implementation: chase of the tools. Identification, evaluation, and purchas-
While keeping a roadmap at hand and keeping an eye on ing of the tools should be one of the steps in the roadmap
the long-term focus of the organization, take a practical and not the first.
(and strategic) project, and implement it using the SOA
approach. In conclusion, I like to emphasize that considering such fac-
tors while creating a strategy for transforming your organi-
After implementation, spend some time identifying, docu- zation to an SOA-based organization will save a lot of mon-
menting, and mitigating problems and risks encountered ey and heart-ache for all involved. It will also allow teams
during this project, and then scale the approach to two or to identify potential pitfalls and create best practices that
more projects. could be used throughout the organization through this
important journey.
3 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
I
n a perfect world, the implementation of SOA in your turned a fault. Why was this? Well, WSS4J, in compliance
organization will help better align IT services with with WS-Security, uses “xmldsig” in the name space — but
those day-to-day business processes in which your the .NET service expected “xmlds.” It’s but one example
colleagues, customers, and partners engage. Yet, in of a small inconsistency with big implications.
order to reap the promise of SOA, the prudent CIO must
wrangle both organizational and technology oriented chal- 2. Assuming Standards Are in Place. This is another
lenges — keeping an eye out for common pitfalls. “gotcha.” Not all open source products comply with Web
Services Interoperability (WS-I), though it is the broadly
In our years tackling SOA engagements for clients, we’ve accepted industry standard. This is problematic because
learned a lot about what to watch for. Here are some of the the basic concept of SOA is built atop a foundation of stan-
most common sticking points: dards compliance. Until the day
comes when true adherence is
1. Overlooking Security Incon- the law of the open source land,
sistencies. To assume vendors’ be on the lookout for clashes.
and developers’ security prod-
ucts will work together is to risk Another example: in one of our
the safety and security of the SOA projects, we used IONA’s
corporate data around which you WS-I-compliant Artix Advanced
are building your SOA. SOA Infrastructure Suite as the
SOA backbone to expose a layer
Case in point: in the course of of business services to be con-
a project integrating Apache’s sumed by other applications in-
WSS4J with Infravio’s SOA gov- cluding the open source Sugar-
ernance stack for a large client, CRM/Jira for bug-tracking. Note
we were asked to enable Web that SugarCRM and Jira both
Services Security (WS-Security) expose their Web services using
for a range of services, from en- Remote Procedure Call encod-
cryption to signature verification. ing. All well and good except
WS-Security, as you may know, is broadly accepted among Artix neither supports nor enforces RPC-encoded servic-
open source developers as a security framework, and es. Designing a method to handle RPC-encoded services
WSS4J is a popular implementation of WS-Security. meant we fell six weeks behind.
We successfully enforced security at the intermediary level Pay close attention to the evolution of SOA specifications
until we routed to a secured .NET service. It turns out the by reading trade journals and talking with peers at other
service expected an encrypted message. While we had organizations also working on SOA implementations. Such
the required certificate, every time we hit the service it re- research will tip you off to potential problem areas.
4 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
5 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
S
OA is an architectural approach that should be a more incremental approach and define services as a by-
looked upon as a journey within an enterprise. product of the different applications they build. When an
Different enterprises embark on the SOA journey enterprise embarks on the SOA journey, there may be many
with different aims. However, the general goals non-believers among the business and IT landscape.
consistently include creating agility, enabling faster time
to market, and encouraging reuse within the enterprise. The initial sets of services also require extra cost and ef-
None of these are easy to achieve and require a set of fort. Hence, it becomes extremely important that the first
guidelines that we will explore implementation involving SOA
in this article. is chosen with care — one that
has a high chance of success
Depending on which article and will help create the mo-
you read or which analyst re- mentum and visibility for the
port you believe, the time for SOA journey.
developing projects using
SOA has arrived. Many enter- 2. Business Agility
prises are already in the pilot One of the key mantras behind
phases of SOA projects while an SOA-based methodology is
others have actually moved that it enables business agility.
implementations into produc- One of the key ingredients of
tion and have services that are how such agility is achieved is
being consumed across the by preparing a business archi-
enterprise. tecture and enabling different
business processes via service
Either way, what I’ve outlined implementations. The tighter
here are the nine essential el- the alignment between the
ements of a successful SOA business architecture and ser-
deployment: vice map, the easier it would
be to keep the two in synch. It will also ensure there is a
1. Careful Choices platform available to absorb the ever-changing business
Different enterprises embark on the SOA journey in dif- requirements and needs, enabling the wider goal of busi-
ferent ways. Some take a holistic view of their business ness agility.
processes and define a service map, whereas others take
6 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
A governance model for SOA should define guidelines • How will fine grain authorization get implemented keeping a
shared application environment in mind?
at the architecture level, initiative level, and operational
level. It encompasses best practices and policies and re-
7 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
8 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
I
magine you recently completed the first successful to ensure that every message is guaranteed to be deliv-
phase of your Enterprise SOA Master Plan. Services ered to the right application … What could potentially be
are distributed throughout the enterprise, linking leg- amiss in this picture?
acy applications with your ERP and CRM applications
and are presented to your business users via a new portal To illustrate let me pose a few questions:
interface.
• How many services are currently deployed within
The users love the ease with which they can access all this the organization?
information and conduct their daily tasks. Now that they • Of these services, how many are currently up and running and
know what is possible, they want more, and you are ready how many are experiencing problems?
to give them what they want. • How well does every service
After all, you have just prov- perform its given task? Are
en that SOA is more than a your end-users waiting lon-
mere buzzword. ger to achieve a given task?
9 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
Approach proaches that don’t work well or which may have failed. By
SOA Governance is a discipline that, in an ideal world, documenting these so-called anti-patterns one is able to
should be established early on in the SOA lifecycle. It is prevent mistakes from being repeated.
never too late to implement good policies, procedures,
and technology to assist with the management of the 3. Use an SOA Repository. Services are by definition re-
freshly implemented SOA project. usable and self-describing, but don’t be deceived by this
oversimplified view.
Consider governance a best practice whereby one trans-
forms lessons learned into sound policies, guidelines, and If services are not properly documented and made acces-
procedures with the aim of establishing a mature SOA sible in a consistent manner, they could become just as
ecosystem. unusable as some of those legacy applications.
Here are five guidelines I consider essential to good Accomplishing such simple tasks as establishing the exact
governance: nature of a service, obtaining the latest service descrip-
tion, or determining the owner of a particular service may
1. Establish an SOA Competency Center. This is a cross- become quite a daunting task if services management in-
functional team of key people that represent different dis- frastructure is not put into place. This is where an SOA re-
ciplines within IT. By establishing such a group you facili- pository can play an important role. It can become the fo-
tate communication between the various groups, ensuring cal point where all services can be documented, searched,
that everyone is represented and that every aspect of the and accessed.
SOA gets proper consideration.
4. Monitor Quality of Service (QoS). Bring predictability
Furthermore this group can be instrumental in establish- to your SOA by implementing service management facili-
ing organizational standards, setting guidelines, and cre- ties. What you need is the capability to maintain end-to-
ating blueprints. This core group can also disseminate end visibility into your services infrastructure via the ability
knowledge to new groups that need to adopt the SOA to define SLAs (service level agreements), measure services
approach. operation and response levels, analyze service usage and
resource utilization patterns, and proactively be alerted of
2. Experience is a good teacher. Blueprints and best potential and imminent service failures.
practices can be very good teaching mechanisms. They
are a tangible way in which everyone involved in the SOA Stability is the hallmark of a mature system and through
implementation can benefit from the work that has been the effective management of your deployed services (and
done before. related infrastructure) you can bring a great measure of
stability to your SOA.
Too many times development teams have to “reinvent the
wheel” in order to solve a particular problem. Identify and 5. Manage the SOA Lifecycle. Create a disciplined and
document those solutions that work well and turn them well-managed SOA lifecycle. In all other areas of IT this
into patterns that can be used repeatedly. kind of discipline is well established and maintained. SOA
should be no different.
By making a particular approach repeatable you are able
to reduce risk, shorten development time, and also de- Implement tools and procedures that will help manage
crease the cost associated with the overall project. Like- the services development, testing, quality control, deploy-
wise, it may be just as important to document those ap- ment and maintenance processes.
10 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
As part of the lifecycle create a services approval process, Acknowledging the complex nature of SOA and taking the
ensuring that services are tested for standards compliance appropriate steps to manage this complexity is a crucial
and services are put through a comprehensive vulnerabil- step toward the successful development, implementation
ity, interoperability, and regression testing process. Imple- and maintenance of an SOA. My advice is to plan for SOA
menting these measures will assist in elevating the overall success. Plan to be hugely successful and in preparation
maturity and robustness of your SOA implementation. consider how you will govern the next generation of busi-
ness applications.
Implementing an SOA entails more than just implementing
a few services or using an ESB (enterprise service bus). SOA
may start out simple, but it inherently introduces complex-
ity into the IT organization. This is mainly due to the nature
of the problems that we are attempting to solve.
11 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
T
he rampant use of web services, and the conse- Sustainable SOA
quent adoption of SOA, makes keeping up with The idea of sustainability isn’t really a new concept but it’s
the rapid changes in technology all the more vital in the process of strategic IT thinking. What it means
critical because these technologies are funda- is that it’s not enough to think about technology in the
mental to the success of a business. context of solving a problem or addressing a need that
you have today. To deliver sustainable value from IT you
SOA’s appeal isn’t difficult to understand. While there is no have to think about how technology will continue to ad-
widely agreed upon definition other than its literal transla- dress your needs going forward.
tion, SOA is an architecture that
relies on service orientation as its Understood this way, SOA is only
fundamental design principle. In viable in the long term when you
an SOA environment indepen- consider the whole lifecycle of
dent services can be accessed services over time as they are
without knowledge of their under- created, changed, and even re-
lying platform implementation. tired. And that’s where sustain-
ability comes in. If you’re not
Adopting SOA is becoming es- thinking ahead to how you will
sential to delivering the business deliver that consistent experi-
agility and IT flexibility required ence you’re not thinking in a sus-
by today’s enterprises. SOA de- tainable way. But the question of
livers a major competitive ad- sustainable SOA is moot without
vantage by increasing organiza- proper governance.
tional agility, allowing companies
to easily assemble and modify
SOA Governance
business processes in response
Companies embarking on the
to market requirements. It also
path to SOA start with a frame-
offers greater flexibility in the
work to guide them through decision-making, accurate
way computer systems can be used to support the busi-
tracking, improved serviceability, and better communica-
ness while lowering implementation costs by increasing
tion. This path is called SOA governance.
reusability.
Essentially, SOA governance is the mechanism to ensure
With SOA, IT assets are aligned to business services in
that the decision making structure is solid, evolution of
a standard, open, and flexible architected fashion. The
business process and technology is encompassed, rela-
promise and goal of SOA is that it can transform the IT as-
tionships between services and parties are managed, and
sets of a business, making it possible to do more with less,
that there is compliance with the laws, policies, standards,
and faster while keeping pace with technology changes.
and procedures under which an organization operates.
12 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.
Managing a Successful SOA Deployment for Your Enterprise
13 Back to Contents Managing a Successful SOA Deployment, an Internet.com IT Management eBook. © 2010, Internet.com, a division of QuinStreet, Inc.