Service-Oriented Architecture

Industry is adopting SOA more and more. CIOs are under tremendous pressure to show the value of SOA to the Business. Business is asking more and more questions about the benefit of SOA. To Business, SOA is too expensive and does not bring enough value to business early enough (long gestation period). So CIOs are asking several questions around SOA to the technology service providers in search of a convincing answer and one question keeps getting repeated ‘Is SOA expensive – if not how and why?’

 

There is no straight answer to this question. One could argue for both sides of the camps and still make conclusion on either way. Let’s see why SOA is considered to be expensive by the people who are not so close to IT. There are several factors why SOA is perceived to be expensive (I would say only ‘to begin with’). But, remember SOA is expensive at the ‘beginning’ as there are few upfront investments required on Software Licenses, Infrastructures, Training etc. The lists below are the key areas of investments:

 

• Service Design: Making a component re-usable is typically 2.5 times more expensive as compared to having a piece of code which wouldn’t be re-used at all having the same functionality. This means when we create a Service we have to ensure that it’s going be re-used at least 3 times in the future.

• Software: Need additional investment in software – ESB would be one of the biggest piece, Repository and Registry (SOA Design and Run time Governance), SOA Testing, Service Management and Monitoring etc.
• Hardware: Additional infrastructure needed for all the above components. Although in the current commoditised hardware market this is not going to be a big dollar number compared to the Service development and Software License investments.
• Training and Enablement: Training IT personnel to enable them for SOA.
• SOA Governance and COE setup: To centrally manage the SOA programme/projects

   

On the other hand, once initial investments (Service, Hardware, Process) are made, it’s all about reusing the investments in a more controlled manner – the Infrastructure, Services, Process, People etc.

 

SOA reduces cost in all the projects within the enterprise throughout all the phases of the SOA SDLC when reuse (of Service) starts happening – Requirements, High Level Design, Low Level Design, Development/Build, Integration, Unit Testing, System Testing etc. The cost savings are in the range of 30% – 80% in individual phases.

 

However, there are few areas where the cost would increase everytime the reuse happens – Documentation, Training, Configuration Management, Programme Management etc. Although, the amount of increase in cost is negligible as compared to the saving achieved due to reuse.

 

After an organisation adopted SOA, reuse of Services increase year on year – e.g. 10-15% first year, 20-25% second year, 30-40% third year and so on – which would have direct impact on cost savings. More and more Service reuse means IT is slowing becoming an ‘assembly’ shop from a traditional ‘development’ shop.

 

On the flip side, one may argue SOA is not expensive even at the beginning. One of the most expensive piece of software is ESB may be considered as not part of SOA investment. Any organisation would need an integration layer irrespective of whether there is SOA or not. So why should I consider ESB as part of SOA investment?

 

Similarly, one must not consider Application Server or equivalent technology as SOA investment. Application Server is commodity these days and foundation of all applications/Services running within the enterprise. What about BPM? SOA does not mandate BPM – BPM can be there with or without SOA. What is left? What about Service Governance and Service Management Tool – these two could be the only pieces of software which are needed for SOA (although SOA does not mandate these, one can still achieve SOA without the tool).

 

The bottom line is - it’s the Architecture team responsibility to manage the perception of SOA within the organisation. All the investments required for an IT Programme is NOT because of SOA. Lets not relate everything happening in IT with the name SOA – then SOA becomes the obvious scapegoat when things does not go the way it should have been or when the cost significantly overshoots. IT has to keep in mind that Business has never been so close to IT. Business has far more visibility of what’s going on in IT as compared to 10-15 years back. I am not suggesting IT to hide on what’s going within IT from rest of the organisation but be cautious in terms of setting the expectations of non IT stakeholders. SOA is just another way of doing architecture which would enable IT to be more agile, flexible and business aligned.

 

SOA is NOT all about the technology. SOA is about making IT more mature while bringing all the ingredients (People, Process, and Architecture) together and making those work in a more predictable (Governance) way which has been missing in IT for years.

 

Posted by Shubhankar Sumar at 04:31 PM | Permalink | Comments (0) | TrackBacks (0)

by Animesh Ghosh

I recently visited CloudExpo London 2009 and had the opportunity to meet up with industry thought leaders, CxOs, architects, marketing gurus from the major players like Google, Amazon, Linux, IBM, Salesforce so on and so forth. This article is a synopsis of point of views (PoVs) from a number of sessions I attended during my visit.

 

So, why Cloud Computing (CC)? There was a general consensus among the people on the typical benefits of Cloud Computing.

• Greater flexibility
• Quicker changes and deployments
• Optimising asset utilisation
• Easing management overhead
• End to end visibility of service delivery
• Reduces Capex and Opex with very fast ROI
• Greater control of infrastructure
• Improved resilience and availability
• Better DR capability

However, nobody seemed to have any specific answer to these questions…

• Are we ready yet?
• If yes, then who do we ask for help – who is the most reliable?
• Who got the skills set to take an enterprise from today to CC world?

 

During the session I asked a speaker from Amazon, so how do you implement your Amazon EC2 (Elastic Computing Cloud)? His straight forward answer in front of everybody was –"It is a bad answer – but we don’t disclose our implementation details." I could not help noticing the expression of annoyance on everybody’s face in that session. You have to take the word of his mouth that they are in the business for ages and maintain the records of more than 600 million credit cards (may be one of them is yours) - implies they are good at Cloud Computing which means they are good at security, scalability, stability, failover so on and so forth. I doubt if they are good at everything, may be some of you are convinced because they are Amazon.

 

My point here not about their capability, it’s about the Trust and Transparency and I think that is the biggest hurdle for Cloud Computing at this moment. So here is my problem as a technology service provider how do I guide my client where to go for Cloud Computing needs, if the underlying implementation details are abstract to me.

 

Gartner research indicates Security and Control are the most prominent issues and to resolve this we need to establish trust and openness. Having said that, I actually found some of the Cloud vendors have realised that point. After a session I had a conversation with a speaker from Salesforce, one of the biggest SAAS providers, and he entirely acknowledged the fundamental issue thwarting the progress of Cloud is trust. The action from their side is that they are taking security team from organisations like Citi, JP Morgan onboard for a visit at there Cloud hosting centre. I think Citi and JP Morgan are at least convinced a bit because they have hosted some of their non critical services in salseforce cloud.

 

Big players are more worried about security where as small players are sceptical about the whole concept of virtual shared environment which is the foundation of Cloud Computing. During one of the session while the speaker was discussing about Disaster Recovery, one of the CxOs was asking,’…if the infrastructure is shared with a big company, during a DR as a small company where do I stand? Will I be given same amount of attention?’ The argument here is that SLAs are there but at the time of DR billion pounds client may get priority over a million pounds client. Again it is a trust issue and the client is asking an SLA for SLAs :-)

 

One of the topic was being discussed widely was –‘The risk of vendor lock in’ Once you host your Services with a particular ‘Cloud’ provider and if you are not careful enough, there is always a chance of lock in. The danger is imminent and some of the organisations learnt lessons when locked-in with only one outsourcing service provider. How about hosting in multiple clouds with different vendors? It is possible only when the implementations are interoperable. If you look inside, some of the Cloud providers are having proprietary implementations behind those wonderfully smooth sailing Clouds. Definitely Linux is coming into the picture here together with IBM and they are making a point – when we are talking about multiple Cloud and inter-cloud communication, interoperability will be the most crucial point to address. I am sure there is a great opportunity for Linux and other open standard based communities to thrive.

 

I have no doubt we have done great progress in virtualisation in both software and hardware. But I still had to ask this question to one of the speakers "is our network infrastructure is ready yet?" One gentleman was shouting, ‘the bandwidth is not enough at Cornwell’, even it is not enough where I live in a place which is very close to London. Can the existing network provider handle the load of Public Cloud? Unfortunately no TELCO was there to take us through about its vision to support Cloud Computing. May be the developed countries are ready but what about the developing countries? There was discussion but no definite answer to my questions. I feel at this point of time Public Cloud may not be achievable from an end user perspective.

 

The feeling I got from the CloudExpo is that Cloud Computing is happening, the technology is available to support and everybody is looking forward to get some help and as technology service provider we have a big role to play. If we say Cloud Computing is the future then we got to take the responsibility to answer the following for early adopter (clients) and make the adoption far smoother.

• Are clouds right for you? I guess, we have to come up with a maturity model like the one we got for SOA/EA
• Which is good and bad cloud?
• Internal, external or hybrid?
• Have you achieved optimal consolidation ratio?
• What to virtualise and when?
  • Server
  • Desktop
  • Storage
  • I/O
  • Application
  • Service

   

  IDC expects Cloud adoption will be amplified by the current financial crisis. Small and medium size organisations that were either scared of SOA or did not like the complexity -‘SOA Reference Architectures with ‘n’ different layers from different vendors’, now can have the full flavour of SOA without having to do it by themselves. This Cloud is nothing but highly virtualised Services in the SOA world.

   

  Global financial crisis is changing business priorities and the IT that supports them, forcing IT to drastically reduce TCO and Opex. I think in this recession ‘Cloud Computing’ – this buzz word is going to draw a lot of attention and enterprise having right skill set & expertise would be able to position and getting into Cloud Computing should make would make good in road to the future business opportunities.

Posted by Guest Author at 02:20 PM | Permalink | Comments (0) | TrackBacks (0)

As I pointed out in an earlier blog http://www.infosysblogs.com/soa/2008/06/sca_java_ee_integration_spec_b.html, composite applications could also be understood as mechanism for enterprise application integration and come in various flavors basically differentiated on the tier at which the integration is taking place. JSR 168 and 286 (portlets and inter-portlet communication), enterprise mashups http://en.wikipedia.org/wiki/Mashup_(web_application_hybrid), etc. are examples of integration happening at the presentation tier. COTS Enterprise Application (ERP, CRM, SCM, etc.) vendors such as SAP, Oracle, IBM, Mircrosoft, etc. came up with ready made composite applications and composite application development suites founded on the sound architectural principles of SOA. These represent integration at the business tier and employ process orchestration and enterprise messaging technologies.

The ready made composite applications work by sitting on top of existing enterprise LOB applications and databases and interfacing with these across interfaces (APIs) designed on SOA principles. SAP xApps http://www.sap.com/industries/oil-gas/pdf/BWP_xEM_29893.pdf  is a good example of this style. SAP xApps application consumes web services exposed by the legacy enterprise applications from diverse business functions and creates composite services (using façade pattern) and assembles the services and the composites into the final xApp composite applications. This leads to reusability of existing legacy business logic as well as rapid time to market of cross functional business process through customization (extension of existing logic through more development) and configuration (setting of externalized properties with context specific values such as authorized user roles, exception handling logic, etc.).

Development of composite application from scratch would involve design of the custom business processes unlike the case of xApps where the process definition is provided out of box. It would also involve exposure of the legacy application functionality and data stores as service components which could become first class citizen in the composite application. For example, in SAP CAF http://www.sap.com/platform/netweaver/cafindex.epx the underlying business services are converted into Callable Objects by wrapping them with SAP CAF-GP libraries. Hence, components from diverse types of back end applications (Knowledge management, Business Intelligence, LOB application, etc.) and implemented using diverse technologies (EJB, .Net, Web services, etc.) can all be brought to the same page – Callable Object. Once we have the configurable Callable Object the SAP CAF –GP platform can use these to assemble a new business process.

The role of Service Orientation http://searchsoa.techtarget.com/news/interview/0,289202,sid26_gci1189356,00.html in the composite applications is very important. The participating components in the assembled composite applications are service components (SCA/SDO are standards in this space) and not necessarily web services. A service component can use any technology for implementation (and not necessarily HTTP, SOAP, etc. as connoted by Web services) the only important thing is the usage of service orientation principle http://www.soaprinciples.com/p3.asp.

We are also observing the emerging of composite application platforms on the Cloud http://cloudcomputing.sys-con.com/node/746658, http://www.cordys.com/cordyscms_com/composite_application_framework.php, http://www.informationweek.com/news/software/development/showArticle.jhtml?articleID=217701723&subSection=News

In my next, we will look at some of the other composite application platforms.

Posted by Sudeep Mallick at 07:59 AM | Permalink | Comments (0) | TrackBacks (0)