Click here to close now.

Welcome!

@MicroservicesE Blog Authors: Elizabeth White, Lori MacVittie, Liz McMillan, Pat Romanski, XebiaLabs Blog

Related Topics: Agile Computing, @MicroservicesE Blog, IoT User Interface

Agile Computing: Article

SOA: Preparing for Mashups

The best approach is to design and deploy first-generation SOA

It’s important to remember that there is a huge resource being created on the Web these days in terms of both services and content. This includes access to SaaS applications (that are better than their enterprise-bound counterparts), service marketplaces (such as StrikeIron), and even mash-able applications that you can mix and match with other Web 2.0 applications / APIs / services or enterprise applications / services to quickly solve business problems.

However, having such a resource available for the price of a broad-band connection does not mean you'll be able to leverage it properly. Indeed, it's going to take some time before your enterprise is prepared to leverage mashups beyond the browser.

The best approach to SOA / mashup synergy is to design and deploy the first-generation SOA with the mashups in mind. In other words, make your enterprises systems "exposable" to services or applications outside of your firewall, or, "able to consume" the same services or applications. This is harder than it sounds, and chances are your current systems can’t see outside of their own operating systems, if not their firewalls.

Truth-be-told, most SOAs, if built correctly, will have the side benefit of being able to leverage the Web-based services and content as resources for mashups, but you need to design for that capability in order to make your infrastructure most effective. This means cataloging and testing services you don't own, attempting to mashup systems inside and outside of your firewalls, and making sure your security planning considers this notion as well. Many who don't plan for this scenario will be stuck with an enterprise that can't see the new Web. I think those enterprises will have a huge strategic disadvantage in the years to come.

What do you need to do to prepare for mashups? It’s a matter of addressing the following areas: Requirements, Design, Governance, Security, Deployment, and Testing. In essence, these are the core architectural activities that are required to get you to the Promised Land of mashups, and these are in addition to your existing activities when you create a SOA.

Requirements for mashups are needed to understand your own issues that are local to your enterprise. A common mistake many make is to “manage-by-magazine,” and assume that all of the cool stuff that works for other enterprises will be the right fit for yours. Truth be told, notions such as mashups or SOA, in general, have variations in value depending upon the enterprise. Consider both the business drivers and the state of the current architecture. Key questions include: What mashups will be valuable to my enterprise? How much change needs to occur to get me there?

Design for mashups refers to the process of figuring out how the systems should be configured, and how enabling technology and standards are applied to provide the best platform for mashups and the best value for the underlying SOA. Key questions here are: What interfaces will I expose and how? How will I handle scalability? How will I approach both visual and non-visual mashups? How will I leverage services and interfaces delivered over the Web? How will I manage the exposure of my interfaces and services to others on the Web, if needed?

Governance for mashups considers the role of mashups and how they are managed. Given that mashup are made up of services, and may indeed become services themselves, the organization must now manage these services across the entire lifecycle, from inception through analysis, design, construction, testing, deployment and production execution, as with any service or process contained within a SOA. Thus, at each stage, certain rules or policies must be carried out. This means selecting, building, and maintaining a registry, repository, policy enforcement, and governance rules engine that is mashup-aware. Moreover, mashups, albeit quick and dirty in some instances, may need life-cycle management as well.

Security for mashups is critical, considering that you’re looking to leverage interfaces, content, and services you did not create nor do on your own. As such, you could find that your innocent-looking AJAX interface that you mash up with your customer data is actually sending your customer data to some remote server, and thus compromising your customer list and your business. Care must be taken to implement a well-thought-out and systemic security policy and technology layer that will protect the value of your mashup platform. This should mesh with your SOA security, or become an extension to it.

Deployment for mashups means that you’ve selected the proper enabling technology and standards. Clearly, AJAX is popular for interfaces, but is not always a fit for all enterprises. Moreover, how will the technology link to the governance and security plans? What are the key products you’ll leverage to support mashups within your SOA, and how will they be linked to the enabling technology solution already implemented within your SOA?

Testing for mashups means that you consider all sorts of patterns of use and create a test plan to reflect them. Care must be taken to ensure that your SOA and external “mashable” components are able to work and play well together, and that the enabling technology and standards are working up to expectations. The test plan should be linked with design, governance, and security, and you must consider the technology employed as well. In essence, you’re testing a development platform with all of its supporting components.

More Stories By David Linthicum

Dave Linthicum is Sr. VP at Cloud Technology Partners, and an internationally known cloud computing and SOA expert. He is a sought-after consultant, speaker, and blogger. In his career, Dave has formed or enhanced many of the ideas behind modern distributed computing including EAI, B2B Application Integration, and SOA, approaches and technologies in wide use today. In addition, he is the Editor-in-Chief of SYS-CON's Virtualization Journal.

For the last 10 years, he has focused on the technology and strategies around cloud computing, including working with several cloud computing startups. His industry experience includes tenure as CTO and CEO of several successful software and cloud computing companies, and upper-level management positions in Fortune 500 companies. In addition, he was an associate professor of computer science for eight years, and continues to lecture at major technical colleges and universities, including University of Virginia and Arizona State University. He keynotes at many leading technology conferences, and has several well-read columns and blogs. Linthicum has authored 10 books, including the ground-breaking "Enterprise Application Integration" and "B2B Application Integration." You can reach him at [email protected] Or follow him on Twitter. Or view his profile on LinkedIn.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, reviewed the current landscape of...
Manufacturing has widely adopted standardized and automated processes to create designs, build them, and maintain them through their life cycle. However, many modern manufacturing systems go beyond mechanized workflows to introduce empowered workers, flexible collaboration, and rapid iteration. Such behaviors also characterize open source software development and are at the heart of DevOps culture, processes, and tooling.
SYS-CON Events announced today that JFrog, maker of Artifactory, the popular Binary Repository Manager, will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based in California, Israel and France, founded by longtime field-experts, JFrog, creator of Artifactory and Bintray, has provided the market with the first Binary Repository solution and a software distribution social platform.
The cloud has transformed how we think about software quality. Instead of preventing failures, we must focus on automatic recovery from failure. In other words, resilience trumps traditional quality measures. Continuous delivery models further squeeze traditional notions of quality. Remember the venerable project management Iron Triangle? Among time, scope, and cost, you can only fix two or quality will suffer. Only in today's DevOps world, continuous testing, integration, and deployment upend...
Conferences agendas. Event navigation. Specific tasks, like buying a house or getting a car loan. If you've installed an app for any of these things you've installed what's known as a "disposable mobile app" or DMA. Apps designed for a single use-case and with the expectation they'll be "thrown away" like brochures. Deleted until needed again. These apps are necessarily small, agile and highly volatile. Sometimes existing only for a short time - say to support an event like an election, the Wor...
Sharding has become a popular means of achieving scalability in application architectures in which read/write data separation is not only possible, but desirable to achieve new heights of concurrency. The premise is that by splitting up read and write duties, it is possible to get better overall performance at the cost of a slight delay in consistency. That is, it takes a bit of time to replicate changes initiated by a "write" to the read-only master database. It's eventually consistent, and it'...
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
The most often asked question post-DevOps introduction is: “How do I get started?” There’s plenty of information on why DevOps is valid and important, but many managers still struggle with simple basics for how to initiate a DevOps program in their business. They struggle with issues related to current organizational inertia, the lack of experience on Continuous Integration/Delivery, understanding where DevOps will affect revenue and budget, etc. In their session at DevOps Summit, JP Morgenthal...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Data center models are changing. A variety of technical trends and business demands are forcing that change, most of them centered on the explosive growth of applications. That means, in turn, that the requirements for application delivery are changing. Certainly application delivery needs to be agile, not waterfall. It needs to deliver services in hours, not weeks or months. It needs to be more cost efficient. And more than anything else, it needs to be really, dc infra axisreally, super focus...
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at DevOps Summit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Summer is finally here and it’s time for a DevOps summer vacation. From San Francisco to New York City, our top summer conferences list is going to continuously deliver you to the summer destinations of your dreams. These DevOps parties are hitting all the hottest summer trends with Microservices, Agile, Continuous Delivery, DevSecOps, and even Continuous Testing. Move over Kanye. These are the top 5 Summer DevOps Conferences of 2015.
Cloud Migration Management (CMM) refers to the best practices for planning and managing migration of IT systems from a legacy platform to a Cloud Provider through a combination professional services consulting and software tools. A Cloud migration project can be a relatively simple exercise, where applications are migrated ‘as is’, to gain benefits such as elastic capacity and utility pricing, but without making any changes to the application architecture, software development methods or busine...
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction. ...
Many people recognize DevOps as an enormous benefit – faster application deployment, automated toolchains, support of more granular updates, better cooperation across groups. However, less appreciated is the journey enterprise IT groups need to make to achieve this outcome. The plain fact is that established IT processes reflect a very different set of goals: stability, infrequent change, hands-on administration, and alignment with ITIL. So how does an enterprise IT organization implement change...
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations migh...
At DevOps Summit NY there’s been a whole lot of talk about not just DevOps, but containers, IoT, and microservices. Sessions focused not just on the cultural shift needed to grow at scale with a DevOps approach, but also made sure to include the network ”plumbing” needed to ensure success as applications decompose into the microservice architectures enabling rapid growth and support for the Internet of (Every)Things.
Mashape is bringing real-time analytics to microservices with the release of Mashape Analytics. First built internally to analyze the performance of more than 13,000 APIs served by the mashape.com marketplace, this new tool provides developers with robust visibility into their APIs and how they function within microservices. A purpose-built, open analytics platform designed specifically for APIs and microservices architectures, Mashape Analytics also lets developers and DevOps teams understand w...