Welcome!

Microservices Expo Authors: Jason Bloomberg, Elizabeth White, Liz McMillan, Pat Romanski, Mehdi Daoudi

Related Topics: Microservices Expo

Microservices Expo: Article

Pragmatic SOA Interoperability

Architecture, not new middleware

A well-planned Web Service interoperability environment begins by clearly defining who your Web Service consumers are now and in the future. There was a time not so long ago when you could count on a fairly homogenous consumer population. This was about the same time that you were happy just to be able to get a Web Service running in the first place and finding a consumer who could actually interact with your Web Service was cause for celebration. Those days have changed however and Web Services interoperability, once a "fancy" addition to your SOA design, is now a key and indispensable requirement in most SOA scenarios.

Today, SOA architects must contend with complex scenarios that assume a variety of Web Service consumers or in many cases are asked to create Web Services that are generic enough to be interoperable with just about any known consumer. If you're serious about implementing SOA in your worldwide enterprise you'll have to forget about the luxury of being able to dictate the configuration of all of your consumers and instead build fully interoperable Web Services. Most robust Internet Web Service APIs, familiar to all of us such as Amazon.com, eBay, or Salesforce.com, have learned this lesson already with very successful results. Those companies know that Web Service interoperability lies in the architecture approach and not in the implementation of new middleware.

What Makes Interoperability So Challenging?

Standards Proliferation and Complexity
The interaction between Web Services and consumers is rooted on a set of standards developed by standards organization committees at OASIS, W3C, and WS-I. These standards such as XML Schema, SOAP, WSDL, and WS-* protocols are intended to provide a technology-agnostic level of abstraction over the service implementation which should theoretically guarantee interoperability. However, it's not the standards themselves, but their implementation by individual Web Service technology vendors that must be interoperable. In a perfect world, every vendor would implement Web Services standards in exactly the same way, which would guarantee interoperability out-of-the-box. As you must know, that's just too good to be true. In the real world, every vendor implements these standards sometimes with just slight variations and other times entirely different versions. In many other cases vendors choose which aspects of a standard to implement, or maybe even choose not to implement a given standard at all. This proliferation and complexity is most obvious when we look at the WS-* protocols.

When this article was written, up to four different WS-Addressing versions were in use. Three versions of the specification are named by their release date: the March 2003 version, the March 2004 version, and the August 2004 version, developed before the specification moved to W3C. The fourth version, 1.0, was completed in May 2006 and developed after the specification went under the W3C umbrella. And if that's not confusing enough, after moving to W3C, the specification split into multiple parts: a core specification and two other specifications that describe bindings for SOAP and WSDL.

There are also different WS-* protocols that address very similar scenarios such as WS-Eventing and WS-Notifications, WS-MessageDelivery and WS-Addressing or WS-Reliability and WS-ReliableMessaging. Committees from OASIS and W3C are working to unify those overlapped protocols into a single set of standards. Vendors can and often implement different versions of the same WS-* protocol or implement one of multiple similar standards such as WS-ReliableMessaging instead of WS-Reliability.

Although the combination of SOAP and WS-* protocols provide a solution for some of the most interesting challenges in distributed computing, the complexity of this approach makes it impractical and nearly impossible to implement in real-world interoperability scenarios. Just a small subset of the over 100 WS-* standards specifications available today have been implemented by vendors. One last, but certainly not least, challenge involved in using SOAP and WS-* protocols is that they can also limit the service availability to clients such as script applications or Web browsers that don't support that generation of SOAP messages.

Best Practice: Use WS-I Profiles
Some WS-* protocols have a WS-I profile available that contains some of the principles and a subset of features of the protocols that should be implemented to guarantee interoperability. Making the services compatible with a WS-I profile (is this one exists) is a standard and globally accepted approach to interoperability. However for some protocols, a WS-I profile isn't available or doesn't address the interoperability requirements.

Best Practice: Implement Multi-Binding Services
To support multiple versions of the same WS-* protocol it's recommended to design the services with multiple bindings per specific versions of the protocol. This approach segments the different types of interactions at the binding level improving aspects like versioning, management, etc. The code in Listings 1 and 2 illustrates a sample Microsoft Windows Communication Foundation (WCF) Service configured to support multiple types of interactions using bindings. Specifically, this service supports secure and reliable interactions as well as basic SOAP interactions using two different bindings.

Best Practice: Exposes SOAP and REST Interfaces
Resource State Transfer (REST) provides a simpler alternative to the use of SOAP and the WS-* protocols for some scenarios. The fact that REST is based on XML messages over HTTP makes it accessible to most of the client technologies on the market including browsers and script languages. Some services can expose both SOAP and REST interfaces and offer a broader set of options to consumers. The example in Listing 3 illustrates that approach using Oracle Application Server.

Aligning Code and Contract
When designing a service you must first consider where to start. Do you create your code first or your contract first? Or do you give them each equal importance by creating them in parallel. However, even if you were extremely diligent in developing perfect synergy between your code and your contract you would still find that the limitations of the basic standards themselves, such as XSD and WSDL, could easily do you in. For example, the XML Schema model presents severe limitations in terms of composability compared with most programming languages data structures. This is often reflected in non-optimal translations between XML Schema structures and programming data structures. Similarly, WSDL 1.0 and 2.0 are both too abstract for describing services that can be interpreted by Web Services frameworks in a consistent way.

There's a lot of debate in the Web Service community around whether to use a contract-first versus a code-first approach to develop Web Services. One of the common arguments in favor of a contract-first approach is that it facilitates interoperability. Whether that's arguably true, the reality is that just a few mortals know WSDL and XSD well enough to design solid service contracts. Given the complexities of both standards developers often end up designing non-optimal WSDLs and XSDs that are translated into poor service implementations. On the other hand, a code-first approach is more familiar to developers but can produce contracts that aren't interoperable.

Best Practice Recommendation
Some of the most successful Web Service implementations have been designed using a hybrid approach that combines the agility of a code-first approach with the flexibility of a XSD/WSDL-first approach. Following these technique developers can leverage their existing skills on a particular development platform to guarantee an optimal service implementation while the WSDL-XSD experts verify that the contract is suited to meeting the interoperability needs. Figure 1 illustrates this approach.

Multi-Transport Services
SOAP, WSDL, and the different WS-* protocols are transport-agnostic specifications. Theoretically it's possible to host the same service using multiple transports such as HTTP, TCP, JMS, etc. Although this feature is supported by some of the Web Services technology frameworks on the market such as Windows Communication Foundation (WCF) or Apache Axis, only HTTP has been adopted widely enough to be considered for interoperability scenarios. Another factor to consider when implementing multi-transport services in real-world scenarios is that certain transports require a specific behavior of the service. For instance, a Web Service that uses JMS as a transport probably implements one-way, long-running, and asynchronous operations. That behavior is fundamentally different from a Web Service that uses HTTP as a transport on which it makes sense to implement atomic operations using different multiple exchange patterns. Hosting the same Web Services using JMS and HTTP makes little or no sense in most of the scenarios.


More Stories By Jesus Rodriguez

Jesus Rodriguez is a co-founder and CEO of KidoZen, an enterprise mobile-first platform as a service redefining the future of enterprise mobile solutions. He is also the co-founder to Tellago, an award-winning professional services firm focused on big enterprise software trends. Under his leadership, KidoZen and Tellago have been recognized as an innovator in the areas of enterprise software and solutions achieving important awards like the Inc 500, Stevie Awards’ American and International Business Awards.

A software scientist by background, Jesus is an internationally recognized speaker and author with contributions that include hundreds of articles and sessions at industry conferences. He serves as an advisor to several software companies such as Microsoft and Oracle, sits at the board of different technology companies. Jesus is a prolific blogger on all subjects related to software technology and entrepreneurship. You can gain valuable insight on business and software technology through his blogs at http://jrodthoughts.com and http://weblogs.asp.net/gsusx .

More Stories By Javier Mariscal

Javier Mariscal is the President and Founder of TwoConnect, Inc, a highly renowned consulting and systems integration company based in Miami, Florida with subsidiary offices in New York City, and San Francisco. After nearly 15 years, Javier is still mostly responsible for guaranteeing that TwoConnect’s innovative integration solutions deliver real and immediate results to its clients. As an author and frequent speaker on SOA and related technologies, Javier constantly reaffirms the need for “practical SOA” which focuses not on pushing a brand or a platform but on delivering immediate business rewards. Under his leadership, TwoConnect has been the first to market with multiple SOA related products and solutions such as the Web Services Enhancements 3.0 Adapter for Microsoft BizTalk Server and the SQL Server Service Broker Enhancements, both currently in production at companies worldwide. In 2006, TwoConnect announced a new line of products and services under its AdapterWorx brand, which has been hugely successful in accelerating its SOA solutions delivered. Following the success of AdapterWorx and a banner year in 2006 in general, Javier was nominated for Entrepreneur of the Year by Hispanic Business Magazine.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
We have already established the importance of APIs in today’s digital world (read about it here). With APIs playing such an important role in keeping us connected, it’s necessary to maintain the API’s performance as well as availability. There are multiple aspects to consider when monitoring APIs, from integration to performance issues, therefore a general monitoring strategy that only accounts for up-time is not ideal.
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that’s no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, will explore how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He wi...
Docker is sweeping across startups and enterprises alike, changing the way we build and ship applications. It's the most prominent and widely known software container platform, and it's particularly useful for eliminating common challenges when collaborating on code (like the "it works on my machine" phenomenon that most devs know all too well). With Docker, you can run and manage apps side-by-side - in isolated containers - resulting in better compute density. It's something that many developer...
These days, change is the only constant. In order to adapt and thrive in an ever-advancing and sometimes chaotic workforce, companies must leverage intelligent tools to streamline operations. While we're only at the dawn of machine intelligence, using a workflow manager will benefit your company in both the short and long term. Think: reduced errors, improved efficiency and more empowered employees-and that's just the start. Here are five other reasons workflow automation is leading a revolution...
We have Continuous Integration and we have Continuous Deployment, but what’s continuous across all of what we do is people. Even when tasks are automated, someone wrote the automation. So, Jayne Groll evangelizes about Continuous Everyone. Jayne is the CEO of the DevOps Institute and the author of Agile Service Management Guide. She talked about Continuous Everyone at the 2016 All Day DevOps conference. She describes it as "about people, culture, and collaboration mapped into your value streams....
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
We define Hybrid IT as a management approach in which organizations create a workload-centric and value-driven integrated technology stack that may include legacy infrastructure, web-scale architectures, private cloud implementations along with public cloud platforms ranging from Infrastructure-as-a-Service to Software-as-a-Service.
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
There are several reasons why businesses migrate their operations to the cloud. Scalability and price are among the most important factors determining this transition. Unlike legacy systems, cloud based businesses can scale on demand. The database and applications in the cloud are not rendered simply from one server located in your headquarters, but is instead distributed across several servers across the world. Such CDNs also bring about greater control in times of uncertainty. A database hack ...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is a building block for rapidly locking down APIs. The four fundamental pillars of API Security - SSL, Identity, Content Validation and deployment architecture - are discussed in detail below.