微软《SOA in the Real World》笔记08——第一章

 

微软《SOA in the Real World》笔记08——第一章

 

 

通用的架构功能和SOA抽象模型

我们也可以把这五种通用的架构功能作为观察和理解 SOA抽象模型的一组视角。这5种架构功能可以作为一组透镜，帮助我们观察和更好地理解面对的挑战，包括把已有的IT投资暴露为服务，把服务组合成业务流程和在组织间使用这些流程。

 

暴露Expose

Service Enablement

 

暴露重点关注如何设计和暴露服务。我们最可能开始做的就是能够把 IT投资暴露为Web服务。

随着组织的成熟，我们可能开始增加新的服务，最大可能是作为组织内资源的代理。

实现服务最困难的部分是决定从哪里开始。 Motion is a methodology that provides some guidance for identifying business capabilities that could be exposes as services.

 

在把 IT投资暴露为服务时，用哪些可以参照的最佳实践呢？

• 想得大，但从小处开始
• Show value at every step along the way – not build it and they will come
• 从中间开始， Middle-out – not Top-down or bottom-up
• 注重实效 Be pragmatic
• Vertical-slice – not build it and they will come
• Risk-mitigation
• 迭代， Demonstrate value in rapid iterations – not waterfall
• New approaches to development
• Successful customers “snowball”

 

在把 IT投资暴露为服务时，重新思考架构功能促使我们认真考虑。以下我们会快速地浏览与服务暴露能力有关的每项功能的考虑因素（肯定不是完整的清单）：

 

Messaging and Services

• Determining what to expose and how - Avoid falling into the granularity trap – focus on meeting your business requirements
• Service Operation Contracts
• Message and Data Contracts
• Configuration, behaviors and control
• SLAs
• Governance
• Versioning

 

Workflow and Process

• Coordinator services for distributed, long-running processes
• Tracking services capable of logging specific events within a workflow
• Compensation services

 

Data

• Entity services
• Entity Aggregation services: acts as a single point to access information that may exist in multiple systems. An Entity Aggregation service has the following responsibilities:

Ø         Acts as a unified source of entities.

Ø         Provides a holistic view of an entity.

Ø         Provides a holistic view of the entity model—entities and their relationships with other entities

Ø         Provides location transparency—consumers of the Entity Aggregation layer do not need to know who owns the information.

Ø         Enforces business rules that determine the segments of entities retrieved in a given context.

Ø         Determines the system of record for each data element constituting an entity.

Ø         Enriches the combined data model across systems—the whole being better than the sum of its parts.

Ø         Entity factoring

 

MDM重点关注跨企业或部门边界暴露数据。我们会在第四章详细讨论MDM。

 

User Experience

• Specialized services for supporting user interfaces (caching resources, communications between UI and services, etc). Service wrappers provide coarse-grained interfaces for user app consumption, lightweight mash-ups, etc.

 

Identity and Access

• Identity Management
• Impersonation and Delegation services
• Trusted Subsystem - A trusted subsystem model implies that services are trusted to perform specific tasks, such as processing customer orders.
• Authentication (Kerberos, SSL)
• Role-based access control (RBAC)
• Create/revoke trust relationships

 

Services need to make authorization decisions, such as approving an order submission before performing the business transaction.

The service must know the identity of the end user submitting the order.

Need to flow the identity of the end user is an inherent property of the delegation model, it is not so for the trusted subsystem model and special efforts must be made to include this feature.

To support the notion of trust as defined by the model, the services must at least be able to:

 

1.     Authenticate / verify identity of upstream / downstream services

2.     Decide if the service is a trusted subsystem for specific functions (including propagating identity claims)

3.     Protect the integrity of the data being communicated between trusted subsystem and services.

 

Besides application data, application plumbing data, such as the identity claims of the original user, must also be protected so that no man-in-the-middle can modify the identity information that is in transit.

 

 

Compose

Service Composition

组合把重点放在如何把各种粒度的服务组合进更复杂的流程中。最可能的开始方式是使用服务来暴露现有的 IT投资。服务组合创造了新的、组织其他部门可以使用的新的服务。组合提供了异步服务调用和长时间间隔流程等功能，以及编排自治服务的功能。

 

The recurring architectural capabilities provide us with a set of considerations when composing granular services into complex processes. Let‘s take a quick look at some of the considerations associated with each capability for service composition (this is by no means a complete list):

 

Messaging and Services

• Service interaction patterns
• Exposing orchestrations as services
• Asynchronous service invocation patterns

 

Workflow and Process

• Transactions
• High frequency of change
• Business Rules
• Service Orchestration
• Service Interaction Patterns (SIPs)
• Process Externalization
• Long Running Processes
• Auditing and analytics

 

Data

• Tracking the state of a given workflow instance
• Data transformation (ETL)
• Reliable message processing and storage
• Replication
• Synchronization
• Metadata repository and Management
• Instance reconciliation
• Schema reconciliation
• Document Replication
• Syndication/Aggregation

 

User Experience

• Composite applications (OBAs)
• Human workflows (MOSS)
• Orchestrations initiate human workflows via SharePoint adapter
• Pageflows

 

Identity and Access

• Impersonation and Delegation
• Provisioning
• Identity Repository synchronization
• Approval workflows

 

Consume

User Experience

消费把重点放在其他的服务、应用程序和终端用户如何使用服务和编排好的业务流程（可以暴露为服务）。任何能够与服务进行交互的资源都可以成为“消费者”。组织中的消费者能够以如下几种可能的方式出现：

 

• Lightweight, browser-based applications
• Rich internet applications (RIA) are browser-based applications that can address and cache local and remote resources
• Configurable, portal-based user experiences
• Applications that are installed on the local machine (such as a custom Windows application)
• Corporate business applications with solution-specific extensions (such as Microsoft Office with context-aware activity panes)
• Applications designed for mobile devices
• Services may act as consumers of other services

 

请记住 SOA模型是分形的——服务能够被其他服务使用，以及服务组合能够暴露为新的服务。在最近的几年内，一种新的消费者已经出现，可以使消费者组合起来，以便其他更多的消费者可以使用。这种新的消费类型通常称为“mashup”。Mashup指的是一组服务、网站或者是应用程序，可以把来自多个资源的内容组合到一个新的集成的用户体验中。Mashup使用的内容通常来源于第三方（服务或网站），通过公开的接口或者是API获取。为mashup提供资源的替代方法包括newsfeeds和JSON（Javascript Construct）。

 

The recurring architectural capabilities provide us with a set of considerations for User Experience. Let‘s take a quick look at some of the considerations associated with each capability for User Experience (this is by no means a complete list):

 

Messaging and Services

• Forms-based service consumption
• Web parts
• Service Registry – check in / check out / search
• AJAX, REST

 

Workflow and Process

• Human workflows (MOSS)
• Event brokering (CAB)
• Page flows

 

Data

• Entities (OBA Business Data Catalog)
• Single view of the customer problem
• JSON

 

User Experience

• Composite applications (OBAs)
• Personalization, user profiles
• Portals
• Business
• Intelligence
• Reporting
• Content aggregation
• Declarative UX

 

Identity and Access

• Single Sign-On (password synchronization)
• User identification
• Role-based access (RBAC)
• Directory Services
• Password management
• Privacy (firewalls, encryption)
• Compliance

 

小结

本章提供了一些用于理解SOA的分形特性的有用的类比。服务是SOA的基本构造块，但是服务不一定是Web服务。在理想情况下，服务应该遵循四个设计原则，这些原则描述了一组服务划界、服务依赖性、服务通讯和策略性配置的最佳实践。因为这些原则重点在于服务设计，所以认识到服务不能单独成为一种解决方案架构是非常重要的——微软使用了抽象的参考模型来描述SOA的不同方面。SOA抽象参考模型提供了三个基本概念，帮助大多数组织理解服务在解决方案架构中所扮演的角色：

 

• Expose focuses on how existing IT investments are exposed as a set of broad, standards-based services, enabling these investments to be available to a broader set of consumers. A Service Implementation Architecture describes how services are developed, deployed and managed.

 

• Compose focuses on combining services into applications or cross-functional business processes. A Service Integration Architecture describes a set of capabilities for composing services and other components into larger constructs such as business processes.

 

• Consume focuses on delivering new applications that enable increased productivity and enhanced insight into business performance. A Service Oriented Application Architecture describes how ―composed services‖ are made available for consumption through as business processes, new services or new end-user applications.

 

暴露 / 组合 / 消费抽象参考模型包括5种架构功能： Messaging and Services, Workflow and Processes, Data, User Experience and Identity and Access。Each aspect of the Expose / Compose / Consume abstract reference model encompasses a set of five recurring architectural capabilities:. The five architectural capabilities serves as a set of views to better understand the challenges associated with Exposing existing IT investments as services, Composing the services into business processes and Consuming these processes across the organization. In the Chapter Two we will enter into a more detailed analysis of both Service Orientation and the Messaging and Services architectural capability。