Welcome!

Microservices Expo Authors: Liz McMillan, Ed Witkovic, Pat Romanski, Elizabeth White, Stackify Blog

Related Topics: Microservices Expo

Microservices Expo: Article

Mission Critical Web Services

Mission Critical Web Services

Web services are a great vision to talk about. as evidenced by the increasing number of companies declaring themselves the leader in the Web services market. Hype aside, just as with XML, sooner or later we'll all realize there's no Web services market per se but only ways to apply Web services as part of B2B machine-to-machine integration, enterprise portals, knowledge management, marketplaces, self-service forms, and so on. In other words, what we need to focus on is how to use Web services to solve specific technical problems rather than getting excited about new and more dynamic "plumbing."

Returning to the vision part, it's easy to be almost overwhelmed by the many technologies that need to be in place to make the full vision of Web services a reality. The good news is that not all of these specifications and standards need to be in place to get started. But first, let's look at the technology landscape today and how it affects the delivery of the vision of Web services.

Technology Landscape
Interface Standards/Vertical
Business Objects

As we know, SOAP can be deployed following a more messaging-oriented paradigm or a more remote procedure call (RPC) paradigm. There are others also, but let's focus on these two.

If we use SOAP for RPC, we don't need vertical standards per se as we're just calling methods on remote objects. What worries me a bit is that we see many wizards and tutorials that can easily transform Java objects or COM objects to a Web service, which in itself leads to RPC-type Web services to execute a particular transaction. Because we're calling a method and its associated parameters, I still consider RPC-type calls as tighter coupling.

This is great news if I just want to integrate the Web services of one or two business partners. It becomes more problematic if what we're interested in is transparent information exchange across an entire value chain, where we need to have agreements on messaging structures rather than just APIs.

On the side of vertical business objects, thanks to the work of the numerous industry consortia, we already have a pretty good set of business objects available and we're starting to see the adoption of some of these.

Web Services Security and SSO
What's the most annoying thing in dealing with Internet e-business services? Did you think "having to log into each system (over and over again)"? Right!

The magic word is single-sign-on. It's a core part of the Web services vision to be able to integrate and aggregate services provided by numerous geographically and logically dispersed providers.

Without standards to provide means for services to exchange users' authentication information, large-scale deployment of dynamically aggregated services won't happen.

The good news is that we have a few very promising initiatives going on. One is the OASIS Security Assertions Markup Language; the other is Passport, driven by Microsoft.

Distributed Transactions
Gone are the days when ACID was everything we had to worry about (and I don't mean kids doing drugs in discos). Atomicity, Consistency, Isolation, Durability were everything we needed to ensure well behaved transactions in our systems.

It became more complex as we started to distribute our systems. All distributed databases and other such systems today support "two-phase commits" to deal with the increased complexity of transactions in distributed environments. In this scenario, all participating processing nodes have to either commit or rollback a particular transaction.

The Internet, however, is the most distributed and complex system we can imagine. Two-phase commits alone are not suitable to address the complexity of Internet-scale transactions. In the Internet realm we typically deal with multiple entities (customers, suppliers, and business partners) that use loosely coupled Web services to execute a particular transaction. This overall transaction in turn consists of smaller transactions that are wired by some implicitly or explicitly defined workflow. Should an individual transaction fail, we may not be able to roll it back so we have to introduce a compensating transaction to regain system integrity.

While the standards and vendor community is working hard to address this problem, no broadly accepted standards exist. Examples of interesting efforts in this arena include the OASIS Business Transaction Protocol.

Business Processes
"Workflow goes Internet." While in the past we could be content with describing the workflow within the confines of our corporate boundaries, today we have to deal with complex interactions between a number of parties involved in our extended enterprise (including customers, suppliers, and business partners).

Emerging specifications will help us find a common, reusable, and hopefully interchangeable format for describing these processes. The most promising initiatives include the OASIS/UN-CEFACT ebXML suite, Rosetta Net, Biztalk, BPMI, and WSFL, just to name a few.

In this category of emerging technologies, the difficulty isn't finding novel ways of addressing the problem, but rather coming up with a broadly agreed upon way of doing it.

On a smaller scale, we'll need business process management as well. Web services help us to break up applications into discrete components. Once that has happened, something has to integrate them back together. This will be either some glue-code or - even better - some externalized business rules driven by the business process engines.

Reliable Protocols
We want our systems and our Web services to be reliable. The problem is, while we know that SOAP doesn't care about the transport protocol used to get a SOAP message from A to B, we also know that we'll use HTTP, especially between companies.

Unfortunately, while HTTP is known for being ubiquitous, it isn't known for being reliable. Two approaches can be used to fix this. You can build code around these protocols - which is what most designers have to do today - or you can make the protocol more reliable, which is what the guys at IBM are suggesting with their "Reliable HTTP" - httpr.

Payment Services
Software as a service? This is unlikely to work without an associated plan for charging for it. (Larger software companies seem to prefer this model to the old-fashioned buy-and-own.) Certainly a recurring revenue-stream seems to be valuable, and it will be much harder to do a "backup" copy for a service-based software package.

As we talk about payment services, however, we need to distinguish carefully between paying for software and the use of it (as described above), or whether we're talking about a business service (like a credit card check) that we pay for (whereas the Web service is more the means than anything else). I'm not yet convinced we can treat them in the same way (but I'm always willing to listen).

Web Services Adoption
So are we doomed? Will we have to wait for all these things to be defined and standardized? Not really!

Informational Web Services
These kinds of services are the best examples for using Web services without having anything else in place. Not mission critical in nature, these services offer stock quotes, weather reports, traffic reports, and so on. In this case I am not really concerned with anything else but getting to information (and showing off "the power of dynamic Web services").

These services lend themselves nicely to RPC-type SOAP calls where we want instant gratification. I believe all the services on the well-known Xmethods site follow this paradigm without exception (which isn't surprising).

Web Services as Next Generation APIs
This should be the most straightforward thing to do (especially for applications that aren't tied to a heavy user interface component). Is there an existing SDK to your product? If yes, then all you need to do is wrap the EJP, JSP, COM, or whatever components you use into a collection of Web services and suddenly your product is Web services- enabled and Internet-ready.

Extending the Reach
This is where it gets really exciting with respect to Web services in the short term. In the past I could have a few online forms as part of my extranet and people would use them to order goods, check on availability or delivery, and so forth.

What limited the reach of these applications was that, for one, all of the user interface was hardwired. Many intranets have set guidelines for colors, fonts, and other style-related attributes. With Web services you can integrate a service and have complete control over the visual appearance, providing seamless integration.

Secondly, interfaces weren't explicitly described. This made it hard to programmatically call an old-style Web service without having to dig into the HTML code to figure out what the parameters were (not talk about valid types, error-handling, etc.).

With such Web services, it's also easier to extend the reach beyond the browser to cell phones, PDAs, and all the other great devices that are still looking for the "killer application."

Small to Medium Enterprises
With Web services, a smaller enterprise can now do what it previously would have required costly EDI infrastructure for. Now it can finally afford electronic data interchange and participation in larger markets (we just need to wait for the right tools to hit the market). The OASIS/UN-CEFACT was designed with this category of users in mind and it's also architected to use Web services from a transport perspective.

Dynamic Trading Networks
In the short term we'll see some vendors providing platforms to develop, publish, locate, integrate, and charge for Web services. Since none of the standards I described are in place, these vendors will have to make up for some shortcomings by "proprietary" approaches.

This is a part of the vision of dynamic Web services where we see most disconnect between current practice and future promise. The problem with this vision is that, while exciting and promising, it does have to overcome many existing hurdles of today's business and technical everyday practices.

A company's data structures (read schemas) contain a lot of information about how they do business (often, information they want to share with just a handful of business partners). The same holds true for business processes or other aspects of a company.

Maybe that's why the adoption rate of public service and schema registries is so slow (and I am not talking about quantities of objects stored, but rather the way people use them and for what purpose). Unless you're really interested in the vision of dynamic discovery of business services, you're more likely to just publish your Web service descriptions, schemas, and other interchange relevant components to your known business partners, and that's all you need to do..

Trust
Trust has been at the heart of business since the dawn of time. The "new economy" requires a company to trust an unknown, almost anonymous entity to deliver goods or (Web) services that are critical for its business. That's a lot to ask for, which is probably one of the reasons why, according to the various assessments, private and more controlled e-marketplaces are more pervasive than open and "public" ones.

Summary
We can see Web services beginning to emerge as a means to solve business problems. Once we've covered distributed transactions, single sign-on, business process management, and so forth, we can talk about the new world order. Until then, and even then, Web services - just like any other technology - will change the way we do business, but often not as fast as we i-technology visionaries would like.

More Stories By Norbert Mikula

Norbert Mikula has more than 10 years of experience in building and
delivering Internet and e-business technologies. He serves as
vice-chairman of the board of directors of OASIS and is industry
editor of Web Services Journal. Norbert is recognized internationally
as an expert in Internet and e-business technologies and speaks
regularly at industry events.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
"Opsani helps the enterprise adopt containers, help them move their infrastructure into this modern world of DevOps, accelerate the delivery of new features into production, and really get them going on the container path," explained Ross Schibler, CEO of Opsani, and Peter Nickolov, CTO of Opsani, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The purpose of this article is draw attention to key SaaS services that are commonly overlooked during contact signing that are essential to ensuring they meet the expectations and requirements of the organization and provide guidance and recommendations for process and controls necessary for achieving quality SaaS contractual agreements.
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
The “Digital Era” is forcing us to engage with new methods to build, operate and maintain applications. This transformation also implies an evolution to more and more intelligent applications to better engage with the customers, while creating significant market differentiators. In both cases, the cloud has become a key enabler to embrace this digital revolution. So, moving to the cloud is no longer the question; the new questions are HOW and WHEN. To make this equation even more complex, most ...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Docker is sweeping across startups and enterprises alike, changing the way we build and ship applications. It's the most prominent and widely known software container platform, and it's particularly useful for eliminating common challenges when collaborating on code (like the "it works on my machine" phenomenon that most devs know all too well). With Docker, you can run and manage apps side-by-side - in isolated containers - resulting in better compute density. It's something that many developer...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
"We're developing a software that is based on the cloud environment and we are providing those services to corporations and the general public," explained Seungmin Kim, CEO/CTO of SM Systems Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
We all know that end users experience the internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your customers' relationship to your business. Whether you’re decomposing an SOA monolith, or developing a new application cloud natively, it’s not a question of using microservices - not doing so will be a path to eventual ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Archi...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
We all know that end users experience the internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your customers' relationship to your business. Whether you’re decomposing an SOA monolith, or developing a new application cloud natively, it’s not a question of using microservices - not doing so will be a path to eventual ...
We all know that end users experience the Internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your customers' relationship to your business. Whether you’re decomposing an SOA monolith, or developing a new application cloud natively, it’s not a question of using microservices – not doing so will be a path to eventual b...
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery, given the trends that impact both architectures (cloud, microservices, and APIs) and processes (DevOps, agile, and continuous delivery)? This is where continuous testing comes in. D
JetBlue Airways uses virtual environments to reduce software development costs, centralize performance testing, and create a climate for continuous integration and real-time monitoring of mobile applications. The next BriefingsDirect Voice of the Customer performance engineering case study discussion examines how JetBlue Airways in New York uses virtual environments to reduce software development costs, centralize performance testing, and create a climate for continuous integration and real-tim...
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, discussed how by using ne...