Welcome!

Microservices Expo Authors: Pat Romanski, Liz McMillan, Mamoon Yunus, Elizabeth White, Mehdi Daoudi

Related Topics: Microservices Expo

Microservices Expo: Article

Large Scale B2B via Web Services

Scaling mission-critical Web service for hundreds of partners

Over the past few years Web services have grown from a conceptual draft based on the ideal of cross-platform programmatic interoperability to a formal specification and a vision of grand-scale distributed system architectures. Today we are putting that vision to work and designing systems with service-oriented architectures that are critical to our businesses. Amazon.com has been one of the forerunners in the adoption and promotion of Web services. Consistently striving to remain on the forefront of technology, Amazon has thoroughly embraced Web services - so much so in fact, that you can tie some serious revenue numbers directly to the external use of Amazon's Web services. For the remainder of this article I will outline for you just one of the avenues Amazon has taken to leverage Web services to generate new business.

Most of us are familiar with Amazon.com and have come to notice that other companies offer many of the products sold on Amazon; it isn't uncommon at all to browse direct product offerings from dozens of merchants such as Bombay and Sharper Image on Amazon.com. In fact third-party sellers play a critical role for Amazon in terms of breadth and depth in product offering, but how does the product information of these third-party sellers get there? Also, how are business-critical order, inventory, and price data exchanged reliably and in a timely manner for hundreds of merchants utilizing various platforms and technologies?

The answer: Amazon has developed a highly scalable SOA platform that leverages industry-standard technologies and incorporates the ability to conduct secure transactions, thus effectively allowing third-party sellers to fully control product listings directly on Amazon.com. A true service-oriented architecture allows merchants the ability to put their products in front of millions of Amazon customers; in return Amazon captures a commission on the sale and everyone is happy. The challenge of building a platform to handle hundreds of business partners with millions of transactions took some serious considerations into account.

Knowing that business partners would be utilizing various technologies to programmatically exchange data required not only a standard for the data format but also a security standard for the data transmission as well. By relying on XML schemas to define the structure of the documents to be exchanged (HTTPS as the transport protocol, and SwA [SOAP with Attachments] as the communication protocol), those key transport issues are addressed. Amazon publishes to its third-party sellers the XSD specification to each message Amazon sends and receives. A third-party seller has only to implement the XSD, extract their product data, transform it per the XSD, and post it to Amazon with a SOAP message over HTTPS.

Another design consideration involved the assumption that business partners would have a myriad of system designs that if addressed individually would require custom data definitions, connectors, and message exchange choreography for each partner. This forced the idea that the Amazon platform must be agnostic with regard to partner systems; nothing better lends itself to being agnostic than a service-oriented architecture. In some cases the disparity in partner systems can be so extreme that a system component such as fulfillment, which is critical to business operations, can be owned by a separate company at a different physical location. By encapsulating services in the Amazon interface the partner has significant flexibility in their integration design and can easily incorporate disparate systems.

Because real dollars are impacted with every message exchange, all message exchanges had to be secured and guaranteed. All exchanges utilize HTTPS and require three credentials for validation against an existing account. In order to ensure business-critical documents such as order reports are exchanged successfully an exchange acknowledgement has been incorporated. As displayed in the diagram below, the first operation is a service request for existing document IDs. The return value if null delays for 15 minutes and then requests again. If the return is positive it will contain an array of document IDs. At this point we step into the scope of a document exchange. By calling the getDocument service and passing a document ID, the return result will be the physical document represented by the ID, in this case an order report. Now the document provider (Amazon) knows a request has been made by the requestor (merchant partner) and has responded appropriately by sending the document, but does not know if the document has reached the requestor successfully. The requestor now needs to ensure the successful receipt of the document and perform the final operation of acknowledging to the provider that the document has been received successfully. Subsequently the provider can transfer the document ID from the "outbound" queue to the "sent" queue. In all, this design ensures the state of a document is managed by the requestor who is responsible for follow up operations - in this case fulfillment of the order.

By implementing the system designs in Figure 3, Amazon has been able to successfully integrate product offerings from hundreds of merchants - from small domestic companies to large multinational corporations, Amazon's single platform scales to support them all.

More Stories By Allan Wessels

Allan Wessels has over nine years of diverse experience in software development, from software engineering to project management, with stops at Sony Pictures, Microsoft, and most recently, Amazon.com.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
IT organizations are moving to the cloud in hopes to approve efficiency, increase agility and save money. Migrating workloads might seem like a simple task, but what many businesses don’t realize is that application migration criteria differs across organizations, making it difficult for architects to arrive at an accurate TCO number. In his session at 21st Cloud Expo, Joe Kinsella, CTO of CloudHealth Technologies, will offer a systematic approach to understanding the TCO of a cloud application...
API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong...
The goal of Continuous Testing is to shift testing left to find defects earlier and release software faster. This can be achieved by integrating a set of open source functional and performance testing tools in the early stages of your software delivery lifecycle. There is one process that binds all application delivery stages together into one well-orchestrated machine: Continuous Testing. Continuous Testing is the conveyer belt between the Software Factory and production stages. Artifacts are m...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
Most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes a lot of work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reduction in cost ...
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
We have already established the importance of APIs in today’s digital world (read about it here). With APIs playing such an important role in keeping us connected, it’s necessary to maintain the API’s performance as well as availability. There are multiple aspects to consider when monitoring APIs, from integration to performance issues, therefore a general monitoring strategy that only accounts for up-time is not ideal.
Web services have taken the development world by storm, especially in recent years as they've become more and more widely adopted. There are naturally many reasons for this, but first, let's understand what exactly a web service is. The World Wide Web Consortium (W3C) defines "web of services" as "message-based design frequently found on the Web and in enterprise software". Basically, a web service is a method of sending a message between two devices through a network. In practical terms, this ...
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that’s no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, will explore how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He wi...
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
We have Continuous Integration and we have Continuous Deployment, but what’s continuous across all of what we do is people. Even when tasks are automated, someone wrote the automation. So, Jayne Groll evangelizes about Continuous Everyone. Jayne is the CEO of the DevOps Institute and the author of Agile Service Management Guide. She talked about Continuous Everyone at the 2016 All Day DevOps conference. She describes it as "about people, culture, and collaboration mapped into your value streams....
These days, change is the only constant. In order to adapt and thrive in an ever-advancing and sometimes chaotic workforce, companies must leverage intelligent tools to streamline operations. While we're only at the dawn of machine intelligence, using a workflow manager will benefit your company in both the short and long term. Think: reduced errors, improved efficiency and more empowered employees-and that's just the start. Here are five other reasons workflow automation is leading a revolution...
Docker is sweeping across startups and enterprises alike, changing the way we build and ship applications. It's the most prominent and widely known software container platform, and it's particularly useful for eliminating common challenges when collaborating on code (like the "it works on my machine" phenomenon that most devs know all too well). With Docker, you can run and manage apps side-by-side - in isolated containers - resulting in better compute density. It's something that many developer...
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.