上周举行?jin)IBM的第二届IMPACT SOA?x)议Q与?x)者超q?000人。在早间的会(x)议中QIBM高管重申q一观点QSOA所带来的主要创新是业务/IT的一致性。他们给Z(jin)一个以业务q程Z?j)的视图Q其中SOA是企业变得灉|的触发器。同Ӟ他们q(sh)l了(jin)IBM?a href="ftp://ftp.software.ibm.com/software/solutions/soa/pdfs/WSW14001-USEN-00_smart_soa_FINAL.pdf">Smart SOA视图Q它是一l以大量客户SOA部vl验为基的SOA原则/成熟度模型。会(x)议期_(d)IBM也请求从业者A(ch)献他们关于SOA的想法。A(ch)献者可通过在线的思想׃n站点—?a >SOA JAMl出他们的想法,该活动已于上?l束。本文对几次在线访谈、第一天和W二天的早间?x)议Q以?qing)新d布会(x)q行?jin)ȝ?/span>
IBM软g集团副总裁 Steve Mills解释?jin)问题的?gu)以及(qing)SOA是如何改变(sh)务的Q?/span>
随着互联|运动于94q拉开序幕Q我们解决了(jin)全球范围内h与应用、h与他Z联的问题。随之出现的是一l关于开放架构的概念Qh们在过3千万个Web服务器之间穿?#8230;…按你的方式去调用服务把事情完成。大U在2004q左叻ISOA开始复苏。但是我们已l做?jin)很长时间的集成。东西是新的Q而且我认Z情是Q业务相关的Q而非技术相关的。调整业务和ITQ把它们l合hQ在业务q程和业务流E环境下使用IT作ؓ(f)一U{换技术,围绕IT中的投资驱动价值显著地增长……SOA是一U强大的思想Q而且是一U利用业务灵zL来节约长期成本、可在短期内实现的架构?/span>
我们已经在垂直方向完成了(jin)自动化(整个20世纪Q我们都在ؓ(f)企业垂直的生产部门用打包的/自行开发的应用Q通过人工来连接系l)(j)Q对?1世纪的方式来_(d)在其中应用是q程的一个内Ҏ(gu)?/strong>。允许运行时动态部|服务?/span>
q种“SOAȀzM(jin)端到端业务过E?#8221;的观Ҏ(gu)围绕?x)议q行的主题。IBM其视ؓ(f)企业执行模式的{变——不是通过点对Ҏ(gu)无集成的方式让各个业务部门管理自qITpȝQ而是让他们将应用暴露成可供更q泛的企业过E(它们常常通过ESBl装而成Q用的资源。同ӞL跨部门业务q程的多个相似实现替换成整个公司都必M用的一个服务的途径。这U围l统一服务——它们受IT中心(j)控制——进行的部门合ƈQIBMUC?#8220;梳理企业”?/span>
IBMq把许多商业公司客户邀(g)请到讲台上,如何实现新的跨各种异构ITpȝ的业务关键过E,讲述cM的案例。一个算不上完全“d关键?#8221;但是很切题的例子是在Harley DavidsonQ译注:(x)世界著名的哈h托品牌)(j)实现的一个系l。它实现?jin)一?a >骑R旅行自助pȝQ它能让你规划一ơ横跨美国的旅行Q预定旅馆,获得GPS位置Q预购ؓ(f)镉K跋涉做准备的Harley Davidson齿轮Q搜索和增加汽a(b)站停靠点{等。Harley CIO Jim Haney解释?/span>
SOA不是在谈技术。它讲的是你如何把那些o(h)你头大的各个片装配在一赗它q涉?qing)如何定义一个创造良好顾客体验的q程?/span>
Jim以旅行地囑ֺ用ؓ(f)例对传统应用设计Ҏ(gu)和新的SOA风格设计Ҏ(gu)q行?jin)比较。传l方法——他们会(x)创徏一个地囑ֺ用,“聚焦单一事务”——地图。客h要的其他服务Q如旅馆预定、搜索沿途有的事g/站点Q会(x)留给其他ITpȝ或单独的应用?/span>
但是使用SOA风格思维模式Q他们?#8220;客户透镜”而不?#8220;IT透镜”q行观察Q关?#8220;规划一ơ摩托驾?#8221;Q而不是事务个体。Jim解释_(d)(x)
q需要文化的改变Q不要只x(chng)pȝ和应用。从开始到l束Q客h如何完成一个过E的Q由按系l和应用L考,转换到按客户完成一个过E所需做的事去思考?/span>
InfoQ对SOA?jng)场副总裁Sandy Carterq行?jin)采访,她谈到IBM的Smart SOA视图/成熟度模型,q就q个范围内他们所看到的企业发表了(jin)意见Q?/span>
Ҏ(gu)Sandy的说法:(x)
- 61%的公司尚在基层面Q在特定部门或业务部门实现SOA
- 30%的处?#8216;扩展的端到端’Q其中已实现?jin)跨部门的过E?/span>Sandyl出?jin)一个IBM自己的例子:(x)“IBM内部?9条不同的供应链。当你将企业梳理后,只有一条供应链是所有h都参与的?#8221;Sandy也提C(jin)一个欧z政府,它有不同的办事处Q都分别实现?jin)他们自q护照处理E序。这个政府实C(jin)一个护照处理服务,q让所有办事处都用那个服务?/span>
- 处于转换阶段的公怸?%Q在q个阶段Q由于能按不断变化的?jng)场需求快速改变现有的q行q程Q因此已l获得了(jin)真正的灵zL。Sandyl出?jin)一家英国保险公司的例子Q他们一直在L改变?sh)们的商业模型?x)不是让你按每月固定h(hun)格缴费,他们惌你按每天的驾驶和N距离~费。IBM开发副总裁 Craig HaymanUC?#8220;现有q{中的企业q程{略变化的热部v”Q它是IBM的BPM套g的特性之一?/span>
- 3%公司能适应业务动态变?/span>。这个模式中的企业可以配|事件处理和兌{略Q可在运行时动态修改现有过E?/span>
- 处于转换阶段的公怸?%Q在q个阶段Q由于能按不断变化的?jng)场需求快速改变现有的q行q程Q因此已l获得了(jin)真正的灵zL。Sandyl出?jin)一家英国保险公司的例子Q他们一直在L改变?sh)们的商业模型?x)不是让你按每月固定h(hun)格缴费,他们惌你按每天的驾驶和N距离~费。IBM开发副总裁 Craig HaymanUC?#8220;现有q{中的企业q程{略变化的热部v”Q它是IBM的BPM套g的特性之一?/span>
不少IBM高管提到IBM今年的重Ҏ(gu)事g+{略q一最后区域。在Impact上,IBM展示?jin)一Ƒ?a >WebSphere Business Events的新产品Q它可以让业务所有h定义模式和过滤器Q结果会(x)ȀzM个新q程?/span>
另一个有的客户案例是Health Care services公司Q它是全第4大健庯划公司。他们的许多业务子集都是由拥有不同ITpȝ的各个组l完成的Q它们是Q资|eligibilityQ、保险查询(benefit inquiryQ、申L(fng)态(claim statusQ等。在向SOA转变的过E中Q他们构Z(jin)企业范围内的资格服务。现在系l中?0个不同应用用一个资格服务。公司的Austin Waldron解释_(d)(x)
转变q不Ҏ(gu)Q这些应用的所有h曄自己做Q何事?#8230;…转变把一部分IT内容从单个应用中U走Q放入到一个集中化的架构组?#8230;…ȝ要确保组l的所有不同部分认同这U面向服务方法,使用它代替他们自己去做是个非常大的{变?/span>
从各个部门到IT中心(j)的服务{变被许多IBM的高称?#8220;梳理企业”。这里,你利用单个应用中不同角落的各U?#8216;能力’Q你必须保对于整个端到端过E有相同的健壮性。Steve MillsU这?#8220;q程集成”Q解释它“l环境带来了(jin)很多压力Q需要补ѝ修正和回滚{特?#8221;。Steve认ؓ(f)q正是IBM与业内其它公司的区别所在?/span>
在两天的?x)议中,IBMq(sh)l了(jin)5个SOA最?jng)_践,它是对超q?000家客户部|和250个案例研I的l验ȝQ?/span>
- 从一开始就联结业务和IT。首先确定业务愿景,然后看IT如何支持它?/span>
- 开发一个服务于未来愿景的架构。不仅仅是满一个过E或一个LOBQ而是可以l历旉考验的东ѝ?/span>
- 技巧、文化、治理?/span>
- 伸羃性和q程集成——你计划如何应对峰|
- 如何保持端到端的q营可视化?
- 开发一个服务于未来愿景的架构。不仅仅是满一个过E或一个LOBQ而是可以l历旉考验的东ѝ?/span>
随着来多的部门被卷入到SOA来,分析师称SOA的开销?008q将加倍。今q的IBM Impact也庆(jin)了(jin)Websphere?0周年、IBM MQ?5周年和CIC?0周年?br />
廖伟?br />
2008-07-21
通过服务发现Q得到可能成为服务的候选者列表。在服务规约阶段Q规范性地描述服务各个斚w的属性,形成作ؓ(f)业务和IT互动的服务契U。在服务实现阶段Q进行服务、组件和服务l装的实现?/p>
在进行面向服务的分析和设计时Q服务发现阶D|取服务有三种Ҏ(gu)Q自向下、自底向上和中间汇聚?br />
黄剑?br />
2008-07-12
An introduction to SOA
Service-oriented architecture (SOA) is an evolution of distributed computing based on the request/reply design paradigm for synchronous and asynchronous applications. An application's business logic or individual functions are modularized and presented as services for consumer/client applications. What's key to these services is their loosely coupled nature; i.e., the service interface is independent of the implementation. Application developers or system integrators can build applications by composing one or more services without knowing the services' underlying implementations. For example, a service can be implemented either in .Net or J2EE, and the application consuming the service can be on a different platform or language.
Service-oriented architectures have the following key characteristics:
· SOA services have self-describing interfaces in platform-independent XML documents. Web Services Description Language (WSDL) is the standard used to describe the services.
· SOA services communicate with messages formally defined via XML Schema (also called XSD). Communication among consumers and providers or services typically happens in heterogeneous environments, with little or no knowledge about the provider. Messages between services can be viewed as key business documents processed in an enterprise.
· SOA services are maintained in the enterprise by a registry that acts as a directory listing. Applications can look up the services in the registry and invoke the service. Universal Description, Definition, and Integration (UDDI) is the standard used for service registry.
· Each SOA service has a quality of service (QoS) associated with it. Some of the key QoS elements are security requirements, such as authentication and authorization, reliable messaging, and policies regarding who can invoke services.
Why SOA?
The reality in IT enterprises is that infrastructure is heterogeneous across operating systems, applications, system software, and application infrastructure. Some existing applications are used to run current business processes, so starting from scratch to build new infrastructure isn't an option. Enterprises should quickly respond to business changes with agility; leverage existing investments in applications and application infrastructure to address newer business requirements; support new channels of interactions with customers, partners, and suppliers; and feature an architecture that supports organic business. SOA with its loosely coupled nature allows enterprises to plug in new services or upgrade existing services in a granular fashion to address the new business requirements, provides the option to make the services consumable across different channels, and exposes the existing enterprise and legacy applications as services, thereby safeguarding existing IT infrastructure investments.
As in Figure 1's example, an enterprise employing SOA could create a supply chain composite application using a set of existing applications that expose the functionality via standard interfaces.
Figure 1. Supply chain application. Click on thumbnail to view full-sized image.
Service architecture
To implement SOA, enterprises need a service architecture, an example of which is shown in Figure 2.
Figure 2. A sample service architecture. Click on thumbnail to view full-sized image.
In Figure 2, several service consumers can invoke services by sending messages. These messages are typically transformed and routed by a service bus to an appropriate service implementation. This service architecture can provide a business rules engine that allows business rules to be incorporated in a service or across services. The service architecture also provides a service management infrastructure that manages services and activities like auditing, billing, and logging. In addition, the architecture offers enterprises the flexibility of having agile business processes, better addresses the regulatory requirements like Sarbanes Oxley (SOX), and changes individual services without affecting other services.
SOA infrastructure
To run and manage SOA applications, enterprises need an SOA infrastructure that is part of the SOA platform. An SOA infrastructure must support all the relevant standards and required runtime containers. A typical SOA infrastructure looks like Figure 3. The following sections discuss the infrastructure's individual pieces.
Figure 3. A typical SOA infrastructure. Click on thumbnail to view full-sized image.
SOAP, WSDL, UDDI
WSDL, UDDI, and SOAP are the fundamental pieces of the SOA infrastructure. WSDL is used to describe the service; UDDI, to register and look up the services; and SOAP, as a transport layer to send messages between service consumer and service provider. While SOAP is the default mechanism for Web services, alternative technologies accomplish other types of bindings for a service. A consumer can search for a service in the UDDI registry, get the WSDL for the service that has the description, and invoke the service using SOAP.
WS-I Basic Profile
WS-I Basic Profile, provided by the Web services Interoperability Organization, is turning into another core piece required for service testing and interoperability. Service providers can use the Basic Profile test suites to test a service's interoperability across different platforms and technologies.
J2EE and .Net
Though the J2EE and .Net platforms are the dominant development platforms for SOA applications, SOA is not by any means limited to these platforms. Platforms such as J2EE not only provide the framework for developers to naturally participate in the SOA, but also, by their inherent nature, bring a mature and proven infrastructure for scalability, reliability, availability, and performance to the SOA world. Newer specifications such as Java API for XML Binding (JAXB), used for mapping XML documents to Java classes, Java API for XML Registry (JAXR), used for interacting with the UDDI registries in a standard manner, and Java API for XML-based Remote Procedure Call (XML-RPC), used for invoking remote services in J2EE 1.4 facilitate the development and deployment of Web services that are portable across standard J2EE containers, while simultaneously interoperating with services across other platforms such as .Net.
Quality of services
Existing mission-critical systems in enterprises address advanced requirements such as security, reliability, and transactions. As enterprises start adopting service architecture as a vehicle for developing and deploying applications, basic Web services specifications like WSDL, SOAP, and UDDI aren't going to fulfill these advanced requirements. As mentioned previously, these requirements are also known as quality of services. Numerous specifications related to QoS are being worked out in standards bodies like the World Wide Web Consortium (W3C) and the Organization for the Advancement of Structured Information Standards (OASIS). Sections below discuss some of the QoS artifacts and related standards.
Security
The Web Services Security specification addresses message security. This specification focuses on credential exchange, message integrity, and message confidentiality. The attractive thing about this specification is it leverages existing security standards, such as Security Assertion Markup Language (SAML), and allows the usage of these standards to secure Web services messages. Web Services Security is an ongoing OASIS effort.
Reliability
In a typical SOA environment, several documents are exchanged between service consumers and service providers. Delivery of messages with characteristics like once-and-only-once delivery, at-most-once delivery, duplicate message elimination, guaranteed message delivery, and acknowledgment become important in mission-critical systems using service architecture. WS-Reliability and WS-ReliableMessaging are two standards that address the issues of reliable messaging. Both these standards are now part of OASIS.
Policy
Service providers sometimes require service consumers to communicate with certain policies. As an example, a service provider may require a Kerberos security token for accessing the service. These requirements are defined as policy assertions. A policy may consist of multiple assertions. WS-Policy standardizes how policies are to be communicated between service consumers and service providers.
Orchestration
As enterprises embark on service architecture, services can be used to integrate silos of data, applications, and components. Integrating applications means that the process requirements, such as asynchronous communication, parallel processing, data transformation, and compensation, must be standardized. BPEL4WS or WSBPEL (Web Services Business Process Execution Language) is an OASIS specification that addresses service orchestration, where business processes are created using a set of discrete services. WSBPEL is now part of OASIS.
Management
As the number of services and business processes exposed as services grow in the enterprise, a management infrastructure that lets the system administrators manage the services running in a heterogeneous environment becomes important. Web Services for Distributed Management (WSDM) will specify that any service implemented according to WSDM will be manageable by a WSDM-compliant management solution.
Other QoS attributes such as coordination between partners and transactions involving multiple services are being addressed in the WS-Coordination and WS-Transaction specifications, respectively, which are OASIS efforts as well.
SOA is not Web services
There seems to be general confusion about the relationship between SOA and Web services. In an April 2003 Gartner report, Yefim V. Natis makes the distinction as follows: "Web services are about technology specifications, whereas SOA is a software design principle. Notably, Web services' WSDL is an SOA-suitable interface definition standard: this is where Web services and SOA fundamentally connect." Fundamentally, SOA is an architectural pattern, while Web services are services implemented using a set of standards; Web services is one of the ways you can implement SOA. The benefit of implementing SOA with Web services is that you achieve a platform-neutral approach to accessing services and better interoperability as more and more vendors support more and more Web services specifications.
Benefits of SOA
While the SOA concept is fundamentally not new, SOA differs from existing distributed technologies in that most vendors accept it and have an application or platform suite that enables SOA. SOA, with a ubiquitous set of standards, brings better reusability of existing assets or investments in the enterprise and lets you create applications that can be built on top of new and existing applications. SOA enables changes to applications while keeping clients or service consumers isolated from evolutionary changes that happen in the service implementation. SOA enables upgrading individual services or services consumers; it is not necessary to completely rewrite an application or keep an existing system that no longer addresses the new business requirements. Finally, SOA provides enterprises better flexibility in building applications and business processes in an agile manner by leveraging existing application infrastructure to compose new services.