Welcome!

Microservices Expo Authors: Liz McMillan, Pat Romanski, Elizabeth White, Mehdi Daoudi, Yeshim Deniz

Related Topics: Microservices Expo

Microservices Expo: Article

SOA World - Approaching SOA Testing

Even testing needs testing

So, does testing change with SOA? You bet it does. Unless you're willing to act now, you may find yourself behind the curve as SOA becomes systemic to all that is enterprise architecture, and we add more complexity to get to an agile and reusable state.

If you're willing to take the risk, the return on your SOA investment will come back three fold...that is, if it is a well-tested SOA. Untested SOA could cost you millions.

Truth be told, testing SOAs is a complex, disturbed computing problem. You have to learn how to isolate, check, and integrate, assuring that things work at the service, persistence, and process layers. The foundation of SOA testing is to select the right tool for the job, having a well-thought-out plan, and spare no expense in testing cycles or else risk that your SOA will lay an egg, and have no creditability.

Organizations are beginning to roll out their first instances of SOA, typically as smaller projects. While many are working fine, some are not living up to expectations due to quality issues that could have been prevented with adequate testing. You need to take these lessons, hard learned by others, and make sure that testing is on your priority list if you're diving into SOA.

How Do You Test Architecture?
The answer is, you don't. Instead you learn how to break the architecture down to its component parts, working from the most primitive to the most sophisticated, testing each component then the integration of the holistic architecture. In other words, you have to divide the architecture up into domains, such as services, security, governance, etc. and test each domain using whatever approach and tools are indicated. If this sounds complex, it is. Indeed, the notion of SOA is loosely coupled complex interdependence and so the approach for testing must follow the same patterns.

Before we can properly approach SOA testing, it's best to first understand the nature of the concept of SOA, and its component parts. There are many other references about the notion of SOA, so I won't dwell on it here. However, it's the foundation of the approaches and techniques you'll employ to test this architecture. SOA, simply put, is best defined thus:

SOA is a strategic framework of technology that allows all interested systems, inside and outside of an organization, to expose and access well-defined services, and information bound to those services, that may be further abstracted to orchestration layers and composite applications for solution development.

The primary benefits of a SOA, and so the objective of a test plan, include:

  • Reuse of services, or the ability to leverage application behavior from application to application without a significant amount of re-coding or integration.
  • Agility, or the ability to change business processes on top of existing services and information flows, quickly, and as needed to support a changing business.
  • Monitoring, or the ability to monitor points of information and points of service, in real-time, to determine the well being of an enterprise or trading community. Moreover, the ability to change processes or adjust processes for the benefit of the organization in real-time.
  • Extend Reach, or the ability to expose certain enterprise processes to other external entities for the purpose of inter-enterprise collaboration or shared processes.
What is unique about a SOA is that it's as much a strategy as a set of technologies, and it's really more of a journey than a destination. Moreover, it's a notion that is dependent on specific technologies or standards, such as Web Services, but really requires many different types of technologies and standards for a complete SOA. All of these must be tested.

Figure 1 represents a model of the SOA components, and how they're interrelated. What's key here is that those creating the test plan have both a macro understanding of how all the components work together as well as how each components exists unto itself and the best approach to testing those components.

You can group the testing domains for SOA into these major categories:

  • Service-Level Testing
  • Security-Level Testing
  • Orchestration-Level Testing
  • Governance-Level Testing
  • Integration-Level Testing
I'm going to focus more on service-level testing, since it's critical to SOA. Moreover, the categories or domains that you choose to test in your architecture may differ due to the specific requirements of your project. Moreover, there are other areas that need attention as well, including quality assurance for the code, performance testing, and auditing.

Service-Level Testing
In the world of SOA, services are the building blocks, and are found at the lowest level of the stack. Services become the base of a SOA, and while some are abstract existing "legacy services," others are new and built for specific purposes. Moving up the stack, we then find composite services, or services made up of other services, and all services abstract up into the business process or orchestration layer, which provides the agile nature of a SOA since you can create and change solutions using a configuration metaphor. It's also noteworthy that, while most of the services tested in SOAs will be Web Service-based, it's still acceptable to build SOAs using services that leverage other enabling technologies such as CORBA, J2EE, and even proprietary approaches.

When testing services, you need to keep the following in mind:
Services are not complete applications or systems and must be tested as such. They are a small part of an application. Nor are they subsystems; they are small parts of subsystems as well. So you need to test them with a high degree of independence, meaning that the services are both able to function properly by themselves, as well as part of a cohesive system. Indeed, services are more analogous to traditional application functions in terms of design, and how they are leveraged to form solutions, fine- or course-grained.

The best approach to testing services is to list the use cases for those services. At that point you can design testing approaches for that service including testing harnesses, or the use of SOA testing tools (discussed later). You also have to consider any services that the service may employ, and so be tested holistically as a single logical service. In some cases you may be testing a service that calls a service, that calls a service where some of the services are developed and managed in house, and some of them exist on remote systems that you don't control. All use cases and configurations must be considered.

Services should be tested with a high degree of autonomy. They should execute without dependencies, if at all possible, and be tested as independent units of code using a single design pattern that fits in other systems that use many design patterns. While all services can't be all things to all containers, it's important to spend time understanding their foreseeable use and make sure those are built into the test cases.

Services should have the appropriate granularity. Don't focus on too fine-grained or too loose-grained. Focus on that correct granularity for the purpose and use of the SOA. Here the issues related to testing are more along the lines of performance than anything else. Too finely grained services have a tendency to bog down due to the communications overhead required when dealing with so many services. Too loosely grained and they don't provide the proper autonomic values to support their reuse. You have to work with the service designer on this one.


More Stories By David Linthicum

Dave Linthicum is Sr. VP at Cloud Technology Partners, and an internationally known cloud computing and SOA expert. He is a sought-after consultant, speaker, and blogger. In his career, Dave has formed or enhanced many of the ideas behind modern distributed computing including EAI, B2B Application Integration, and SOA, approaches and technologies in wide use today. In addition, he is the Editor-in-Chief of SYS-CON's Virtualization Journal.

For the last 10 years, he has focused on the technology and strategies around cloud computing, including working with several cloud computing startups. His industry experience includes tenure as CTO and CEO of several successful software and cloud computing companies, and upper-level management positions in Fortune 500 companies. In addition, he was an associate professor of computer science for eight years, and continues to lecture at major technical colleges and universities, including University of Virginia and Arizona State University. He keynotes at many leading technology conferences, and has several well-read columns and blogs. Linthicum has authored 10 books, including the ground-breaking "Enterprise Application Integration" and "B2B Application Integration." You can reach him at [email protected] Or follow him on Twitter. Or view his profile on LinkedIn.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Microservices Articles
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In their Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, and Mark Lav...
The now mainstream platform changes stemming from the first Internet boom brought many changes but didn’t really change the basic relationship between servers and the applications running on them. In fact, that was sort of the point. In his session at 18th Cloud Expo, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will discuss how today’s workloads require a new model and a new platform for development and execution. The platform must handle a wide range of rec...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
If your cloud deployment is on AWS with predictable workloads, Reserved Instances (RIs) can provide your business substantial savings compared to pay-as-you-go, on-demand services alone. Continuous monitoring of cloud usage and active management of Elastic Compute Cloud (EC2), Relational Database Service (RDS) and ElastiCache through RIs will optimize performance. Learn how you can purchase and apply the right Reserved Instances for optimum utilization and increased ROI.
TCP (Transmission Control Protocol) is a common and reliable transmission protocol on the Internet. TCP was introduced in the 70s by Stanford University for US Defense to establish connectivity between distributed systems to maintain a backup of defense information. At the time, TCP was introduced to communicate amongst a selected set of devices for a smaller dataset over shorter distances. As the Internet evolved, however, the number of applications and users, and the types of data accessed and...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling independent service deployments. In this presentation we'll provide an overview of the tools, patterns and pain points we've seen when implementing contract testing in large development organizations.
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...