Welcome!

Microservices Expo Authors: Jason Bloomberg, Elizabeth White, Liz McMillan, Pat Romanski, Mehdi Daoudi

Related Topics: Microservices Expo

Microservices Expo: Article

SOA World - Approaching SOA Testing

Even testing needs testing

So, does testing change with SOA? You bet it does. Unless you're willing to act now, you may find yourself behind the curve as SOA becomes systemic to all that is enterprise architecture, and we add more complexity to get to an agile and reusable state.

If you're willing to take the risk, the return on your SOA investment will come back three fold...that is, if it is a well-tested SOA. Untested SOA could cost you millions.

Truth be told, testing SOAs is a complex, disturbed computing problem. You have to learn how to isolate, check, and integrate, assuring that things work at the service, persistence, and process layers. The foundation of SOA testing is to select the right tool for the job, having a well-thought-out plan, and spare no expense in testing cycles or else risk that your SOA will lay an egg, and have no creditability.

Organizations are beginning to roll out their first instances of SOA, typically as smaller projects. While many are working fine, some are not living up to expectations due to quality issues that could have been prevented with adequate testing. You need to take these lessons, hard learned by others, and make sure that testing is on your priority list if you're diving into SOA.

How Do You Test Architecture?
The answer is, you don't. Instead you learn how to break the architecture down to its component parts, working from the most primitive to the most sophisticated, testing each component then the integration of the holistic architecture. In other words, you have to divide the architecture up into domains, such as services, security, governance, etc. and test each domain using whatever approach and tools are indicated. If this sounds complex, it is. Indeed, the notion of SOA is loosely coupled complex interdependence and so the approach for testing must follow the same patterns.

Before we can properly approach SOA testing, it's best to first understand the nature of the concept of SOA, and its component parts. There are many other references about the notion of SOA, so I won't dwell on it here. However, it's the foundation of the approaches and techniques you'll employ to test this architecture. SOA, simply put, is best defined thus:

SOA is a strategic framework of technology that allows all interested systems, inside and outside of an organization, to expose and access well-defined services, and information bound to those services, that may be further abstracted to orchestration layers and composite applications for solution development.

The primary benefits of a SOA, and so the objective of a test plan, include:

  • Reuse of services, or the ability to leverage application behavior from application to application without a significant amount of re-coding or integration.
  • Agility, or the ability to change business processes on top of existing services and information flows, quickly, and as needed to support a changing business.
  • Monitoring, or the ability to monitor points of information and points of service, in real-time, to determine the well being of an enterprise or trading community. Moreover, the ability to change processes or adjust processes for the benefit of the organization in real-time.
  • Extend Reach, or the ability to expose certain enterprise processes to other external entities for the purpose of inter-enterprise collaboration or shared processes.
What is unique about a SOA is that it's as much a strategy as a set of technologies, and it's really more of a journey than a destination. Moreover, it's a notion that is dependent on specific technologies or standards, such as Web Services, but really requires many different types of technologies and standards for a complete SOA. All of these must be tested.

Figure 1 represents a model of the SOA components, and how they're interrelated. What's key here is that those creating the test plan have both a macro understanding of how all the components work together as well as how each components exists unto itself and the best approach to testing those components.

You can group the testing domains for SOA into these major categories:

  • Service-Level Testing
  • Security-Level Testing
  • Orchestration-Level Testing
  • Governance-Level Testing
  • Integration-Level Testing
I'm going to focus more on service-level testing, since it's critical to SOA. Moreover, the categories or domains that you choose to test in your architecture may differ due to the specific requirements of your project. Moreover, there are other areas that need attention as well, including quality assurance for the code, performance testing, and auditing.

Service-Level Testing
In the world of SOA, services are the building blocks, and are found at the lowest level of the stack. Services become the base of a SOA, and while some are abstract existing "legacy services," others are new and built for specific purposes. Moving up the stack, we then find composite services, or services made up of other services, and all services abstract up into the business process or orchestration layer, which provides the agile nature of a SOA since you can create and change solutions using a configuration metaphor. It's also noteworthy that, while most of the services tested in SOAs will be Web Service-based, it's still acceptable to build SOAs using services that leverage other enabling technologies such as CORBA, J2EE, and even proprietary approaches.

When testing services, you need to keep the following in mind:
Services are not complete applications or systems and must be tested as such. They are a small part of an application. Nor are they subsystems; they are small parts of subsystems as well. So you need to test them with a high degree of independence, meaning that the services are both able to function properly by themselves, as well as part of a cohesive system. Indeed, services are more analogous to traditional application functions in terms of design, and how they are leveraged to form solutions, fine- or course-grained.

The best approach to testing services is to list the use cases for those services. At that point you can design testing approaches for that service including testing harnesses, or the use of SOA testing tools (discussed later). You also have to consider any services that the service may employ, and so be tested holistically as a single logical service. In some cases you may be testing a service that calls a service, that calls a service where some of the services are developed and managed in house, and some of them exist on remote systems that you don't control. All use cases and configurations must be considered.

Services should be tested with a high degree of autonomy. They should execute without dependencies, if at all possible, and be tested as independent units of code using a single design pattern that fits in other systems that use many design patterns. While all services can't be all things to all containers, it's important to spend time understanding their foreseeable use and make sure those are built into the test cases.

Services should have the appropriate granularity. Don't focus on too fine-grained or too loose-grained. Focus on that correct granularity for the purpose and use of the SOA. Here the issues related to testing are more along the lines of performance than anything else. Too finely grained services have a tendency to bog down due to the communications overhead required when dealing with so many services. Too loosely grained and they don't provide the proper autonomic values to support their reuse. You have to work with the service designer on this one.


More Stories By David Linthicum

Dave Linthicum is Sr. VP at Cloud Technology Partners, and an internationally known cloud computing and SOA expert. He is a sought-after consultant, speaker, and blogger. In his career, Dave has formed or enhanced many of the ideas behind modern distributed computing including EAI, B2B Application Integration, and SOA, approaches and technologies in wide use today. In addition, he is the Editor-in-Chief of SYS-CON's Virtualization Journal.

For the last 10 years, he has focused on the technology and strategies around cloud computing, including working with several cloud computing startups. His industry experience includes tenure as CTO and CEO of several successful software and cloud computing companies, and upper-level management positions in Fortune 500 companies. In addition, he was an associate professor of computer science for eight years, and continues to lecture at major technical colleges and universities, including University of Virginia and Arizona State University. He keynotes at many leading technology conferences, and has several well-read columns and blogs. Linthicum has authored 10 books, including the ground-breaking "Enterprise Application Integration" and "B2B Application Integration." You can reach him at [email protected] Or follow him on Twitter. Or view his profile on LinkedIn.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
We have already established the importance of APIs in today’s digital world (read about it here). With APIs playing such an important role in keeping us connected, it’s necessary to maintain the API’s performance as well as availability. There are multiple aspects to consider when monitoring APIs, from integration to performance issues, therefore a general monitoring strategy that only accounts for up-time is not ideal.
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that’s no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, will explore how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He wi...
Docker is sweeping across startups and enterprises alike, changing the way we build and ship applications. It's the most prominent and widely known software container platform, and it's particularly useful for eliminating common challenges when collaborating on code (like the "it works on my machine" phenomenon that most devs know all too well). With Docker, you can run and manage apps side-by-side - in isolated containers - resulting in better compute density. It's something that many developer...
These days, change is the only constant. In order to adapt and thrive in an ever-advancing and sometimes chaotic workforce, companies must leverage intelligent tools to streamline operations. While we're only at the dawn of machine intelligence, using a workflow manager will benefit your company in both the short and long term. Think: reduced errors, improved efficiency and more empowered employees-and that's just the start. Here are five other reasons workflow automation is leading a revolution...
We have Continuous Integration and we have Continuous Deployment, but what’s continuous across all of what we do is people. Even when tasks are automated, someone wrote the automation. So, Jayne Groll evangelizes about Continuous Everyone. Jayne is the CEO of the DevOps Institute and the author of Agile Service Management Guide. She talked about Continuous Everyone at the 2016 All Day DevOps conference. She describes it as "about people, culture, and collaboration mapped into your value streams....
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
We define Hybrid IT as a management approach in which organizations create a workload-centric and value-driven integrated technology stack that may include legacy infrastructure, web-scale architectures, private cloud implementations along with public cloud platforms ranging from Infrastructure-as-a-Service to Software-as-a-Service.
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
There are several reasons why businesses migrate their operations to the cloud. Scalability and price are among the most important factors determining this transition. Unlike legacy systems, cloud based businesses can scale on demand. The database and applications in the cloud are not rendered simply from one server located in your headquarters, but is instead distributed across several servers across the world. Such CDNs also bring about greater control in times of uncertainty. A database hack ...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is a building block for rapidly locking down APIs. The four fundamental pillars of API Security - SSL, Identity, Content Validation and deployment architecture - are discussed in detail below.