Welcome!

Microservices Expo Authors: Derek Weeks, Mehdi Daoudi, Pat Romanski, Liz McMillan, Elizabeth White

Related Topics: Microservices Expo

Microservices Expo: Article

What Level Is Your SOA?

Choose for what you need - and maybe a little better

As I work with corporate America, as well as the government, I'm finding that services-oriented architectures (SOAs) are like snowflakes - no two are alike. I'm also finding that everyone has their own definition of SOA, and I've seen everything from messaging systems to portals called an SOA.

So, who's right? I'm not sure I'm ready to declare somebody's architecture as non-SOA just yet;, however, there are some patterns that are emerging in terms of types of SOAs. I like to refer to these patterns as levels, since they have a tendency to move from the very primitive, or level 0, to the highly sophisticated, or level 5.

First, let me offer my definition of SOA, so we have a foundation of what is both correct and pure (tongue firmly in cheek).

In short, an SOA is a strategic framework of technology that allows all interesting systems, inside and outside of an organization, to expose and access well defined services, that may be furthermore abstracted to orchestration layers and composite applications.

Certainly not the only definition, but it is good enough for our discussion of SOA levels.

  • Level 0 SOAs are SOAs that simply send SOAP messages from system to system.
    There is little notion of true services, but instead they leverage Web services as an information integration mechanism. Hardly an SOA, but certainly a first step.

    It's also important to note that you don't need Web services to create an SOA. This is true for all levels.

  • Level 1 SOAs are SOAs that leverage everything in Level 0 but add the notion of a messaging/queuing system.
    Most ESBs are level 1 SOAs, leveraging a messaging environment that uses service interfaces, but really does not deal with true services (behavior), instead moving information between entities as messages through queues.

    While services are a part of Level 1 SOAs, it's really all about information and not about application behavior. For instance, while you do indeed invoke a service to push a message on queue and retrieve a message off a queue, it really leverages services as a well-defined interface and not accessing application functionality. Sometimes SOA architects may attempt to abstract application behavior using an ESB; if that's the case, you're moving up to level 4 (discussed below). However, doing this is typically much more trouble than it's worth because you're dealing with information- oriented integration technology that is merely attempting to deal with services/behavior? an unnatural act.

  • Level 2 SOAs are SOAs that leverage everything in Level 1, and add the element of transformation and routing.
    This means that the SOA is not only able to move information from source and target systems, leveraging service interfaces, but is also able to transform the data/schemas to account for the differences in application semantics. Moreover, by adding the element of intelligent routing, you're able to route the information based on elements such as source, content, and logical operators in the SOA.

  • Level 3 SOAs are SOAs that leverage everything in Level 2, adding a common directory service.
    The directory provides a point of discovery of processes, services, schemas, and such, allowing all those leveraging the SOA to locate and leverage assets such as services easily. Without directories, the notion of service reuse - the real reason for building an SOA - won't work. Directories are typically standards-based, including UDDI, LDAP, and sometimes more proprietary directories such as Active Directory.

  • Level 4 SOAs are SOAs that leverage everything in Level 3, adding the notion of brokering and managing true services.
    Here is where the brokering of application behavior comes into play. In other words, at this level we are not only about managing information movement, but about the discovery and leveraging of true services.

    At this level we have the ability to broker services between systems, allowing systems to both discover and leverage application behavior as if the functionality was local. This is the real goal of Web services, and the ability to share services not having to worry about platform-specific issues nor where the services are actually running.

    What's important here is that we understand that the value is in the behavior, as well as the information bound to that behavior. This level of SOA is able to provide capabilities for discovery, access, and management. Most SOAs are built with level 4 capabilities in mind, but may work up from the lower levels. If you do that, make sure you are leveraging the right technology and standards that support all levels.

  • Finally, Level 5 SOAs are SOAs that leverage everything in Level 4, adding the notion of orchestration.
    Orchestration is key, providing the architect with the ability to leverage exposed services and information flows, creating in essence a "meta-application" above the existing processes and services to solve business problems."Moreover, level 5 SOAs should support both the notion of persistence and user interactions. Persistence means that there should be some sort of data storage mechanism that's able to service all attached applications and services. The data persistence layer is exposed as a service. User interactions mean that a level 5 SOA needs to provide mechanisms allowing services to interact with users through traditional or rich client portals.

    Indeed, orchestration is really another complete layer on the stack, over and above more traditional application integration approaches we deal with at the lower levels. Thus, orchestration is the science and mechanism of managing the movement of information and the invocation of services in the correct and proper order to support the management and execution of common processes that exist in and between organizations and internal applications. Orchestration provides another layer of easily defined and centrally managed processes that exist on top of existing processes, application services, and data within any set of applications.

    The goal of this type of SOA is to define a mechanism to bind relevant processes that exist between internal and external systems in order to support the flow of information and logic between them, thus maximizing their mutual value. Moreover, we're looking to define a common, agreed-upon process that exists between many organizations and has visibility into any number of integrated systems, as well as being visible to any system that needs to leverage the common process model.

    Summary
    As services, and architectures that support them, become more of an asset within the enterprise, we need to begin to learn how to categorize the patterns of the architectures, thus the SOA levels discussion in this column. This both provides a better understanding of what is a true SOA, and allows us to pick the right level to meet the needs of our business.

  • More Stories By David Linthicum

    Dave Linthicum is Sr. VP at Cloud Technology Partners, and an internationally known cloud computing and SOA expert. He is a sought-after consultant, speaker, and blogger. In his career, Dave has formed or enhanced many of the ideas behind modern distributed computing including EAI, B2B Application Integration, and SOA, approaches and technologies in wide use today. In addition, he is the Editor-in-Chief of SYS-CON's Virtualization Journal.

    For the last 10 years, he has focused on the technology and strategies around cloud computing, including working with several cloud computing startups. His industry experience includes tenure as CTO and CEO of several successful software and cloud computing companies, and upper-level management positions in Fortune 500 companies. In addition, he was an associate professor of computer science for eight years, and continues to lecture at major technical colleges and universities, including University of Virginia and Arizona State University. He keynotes at many leading technology conferences, and has several well-read columns and blogs. Linthicum has authored 10 books, including the ground-breaking "Enterprise Application Integration" and "B2B Application Integration." You can reach him at [email protected] Or follow him on Twitter. Or view his profile on LinkedIn.

    Comments (0)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    @MicroservicesExpo Stories
    We have Continuous Integration and we have Continuous Deployment, but what’s continuous across all of what we do is people. Even when tasks are automated, someone wrote the automation. So, Jayne Groll evangelizes about Continuous Everyone. Jayne is the CEO of the DevOps Institute and the author of Agile Service Management Guide. She talked about Continuous Everyone at the 2016 All Day DevOps conference. She describes it as "about people, culture, and collaboration mapped into your value streams....
    In our first installment of this blog series, we went over the different types of applications migrated to the cloud and the benefits IT organizations hope to achieve by moving applications to the cloud. Unfortunately, IT can’t just press a button or even whip up a few lines of code to move applications to the cloud. Like any strategic move by IT, a cloud migration requires advanced planning.
    Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.
    “Why didn’t testing catch this” must become “How did this make it to testing?” Traditional quality teams are the crutch and excuse keeping organizations from making the necessary investment in people, process, and technology to accelerate test automation. Just like societies that did not build waterways because the labor to keep carrying the water was so cheap, we have created disincentives to automate. In her session at @DevOpsSummit at 20th Cloud Expo, Anne Hungate, President of Daring System...
    As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
    Most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes a lot of work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reduction in cost ...
    @DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
    Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
    Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
    DevOps is good for organizations. According to the soon to be released State of DevOps Report high-performing IT organizations are 2X more likely to exceed profitability, market share, and productivity goals. But how do they do it? How do they use DevOps to drive value and differentiate their companies? We recently sat down with Nicole Forsgren, CEO and Chief Scientist at DORA (DevOps Research and Assessment) and lead investigator for the State of DevOps Report, to discuss the role of measure...
    If you are part of the cloud development community, you certainly know about “serverless computing”, almost a misnomer. Because it implies there are no servers which is untrue. However the servers are hidden from the developers. This model eliminates operational complexity and increases developer productivity. We came from monolithic computing to client-server to services to microservices to serverless model. In other words, our systems have slowly “dissolved” from monolithic to function-by-func...
    While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
    In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
    Many organizations are now looking to DevOps maturity models to gauge their DevOps adoption and compare their maturity to their peers. However, as enterprise organizations rush to adopt DevOps, moving past experimentation to embrace it at scale, they are in danger of falling into the trap that they have fallen into time and time again. Unfortunately, we've seen this movie before, and we know how it ends: badly.
    IT organizations are moving to the cloud in hopes to approve efficiency, increase agility and save money. Migrating workloads might seem like a simple task, but what many businesses don’t realize is that application migration criteria differs across organizations, making it difficult for architects to arrive at an accurate TCO number. In his session at 21st Cloud Expo, Joe Kinsella, CTO of CloudHealth Technologies, will offer a systematic approach to understanding the TCO of a cloud application...
    API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong...
    With Cloud Foundry you can easily deploy and use apps utilizing websocket technology, but not everybody realizes that scaling them out is not that trivial. In his session at 21st Cloud Expo, Roman Swoszowski, CTO and VP, Cloud Foundry Services, at Grape Up, will show you an example of how to deal with this issue. He will demonstrate a cloud-native Spring Boot app running in Cloud Foundry and communicating with clients over websocket protocol that can be easily scaled horizontally and coordinate...
    In his session at 20th Cloud Expo, Chris Carter, CEO of Approyo, discussed the basic set up and solution for an SAP solution in the cloud and what it means to the viability of your company. Chris Carter is CEO of Approyo. He works with business around the globe, to assist them in their journey to the usage of Big Data in the forms of Hadoop (Cloudera and Hortonwork's) and SAP HANA. At Approyo, we support firms who are looking for knowledge to grow through current business process, where even 1%...
    The goal of Continuous Testing is to shift testing left to find defects earlier and release software faster. This can be achieved by integrating a set of open source functional and performance testing tools in the early stages of your software delivery lifecycle. There is one process that binds all application delivery stages together into one well-orchestrated machine: Continuous Testing. Continuous Testing is the conveyer belt between the Software Factory and production stages. Artifacts are m...
    From manual human effort the world is slowly paving its way to a new space where most process are getting replaced with tools and systems to improve efficiency and bring down operational costs. Automation is the next big thing and low code platforms are fueling it in a significant way. The Automation era is here. We are in the fast pace of replacing manual human efforts with machines and processes. In the world of Information Technology too, we are linking disparate systems, softwares and tool...