Amberpoint - Center
advertisement
Gaining Control of Your SOA Willie Kirkpatrick VP EMEA AmberPoint Long Time Microsoft SOA Partner Joint development, licensing, and distribution Wide support of Microsoft’s SOA stack Visual Studio .NET variations BizTalk Visual Studio System Center Ops Mgr Native C# implementation of AmberPoint Version of AmberPoint bundled with Visual Studio Unive Insurance Company – Netherlands Business Problem Site 1 Site 2 HTML Services HTML Services Business Services Business Services 74 Services 177 Endpoints The Netherlands changed to an “open enrollment” model Competitive market required direct customer access to information and enrollment Targeted Health Insurance System first Technical Approach Exposing internal processes & applications for internet use by customers Microsoft “Stack” Legacy Services Legacy Services Visual Studio .NET SharePoint Systems Center Ops Manager Transformed Mainframe Applications Redundant sites for High Availability Unive Insurance Company – Netherlands Technical Problem Complex, distributed transactions (“SOA”) made it hard to manage running applications Difficult to: Diagnose issues Ensure high availability Meet QOS requirements Solution: AmberPoint Business Results With on-line, immediate cross checks and data validation, over 60% of new applications processed directly into mainframe apps Results “If we hadn’t started using AmberPoint, we would have stopped using SOA.” – Bob Alberts, Project Director Vital Forsikring Largest Life & Pensions company in Norway Business Problem Increasingly competitive market driving need to reduce costs and increase agility. Portal Files Technical Approach BizTalk BizTalk 30+ Services 60+ Endpoints Business Services Business Services Migration from Mainframe to SOA overtime Microsoft “Stack” .NET 2.0 BizTalk Server 2006 Systems Center Ops Manager Windows 2003 64bit Benefits Lower mean time to repair Ability to provide reliable, secure selfservice application, including a pensions portal for smaller organizations Keys to Successful Runtime Governance of SOA Applications Visibility – Knowing What’s Out There and What’s Going On… Control – Putting Policies into Action… Ensuring Integrity – Ensuring Changes Don’t Impact the Whole Application Environment… Handle the entire infrastructure Do it all automatically Reduces risks and costs Automation is the single most important thing that makes SOA scaleable SOA Governance Design Time Gov. Runtime Gov. Dev & QA Tools Lifecycle Management Approval Processes Service Registry Policy Requirements Service Level Mgmt Transaction Monitoring Auditing / Logging Security Policy Enforcement SOA Infrastructure App Servers Enterprise Service Bus Appliances Legacy Systems Process Management Databases Closed Loop SOA Governance Intended Design Design Time Gov. Runtime Gov. Dev & QA Tools Lifecycle Management Approval Processes Service Registry Policy Requirements Service Level Mgmt Transaction Monitoring Auditing / Logging Security Policy Enforcement SOA Infrastructure App Servers Enterprise Service Bus Appliances Legacy Systems Process Management Databases Running Reality ? ? Closed Loop SOA Governance Intended Design Design Time Gov. Runtime Gov. Visual Studio Team System Repository SOA Infrastructure .NET / Windows Communication Foundation BizTalk SharePoint SQL Server Etc. Running Reality ? ? Closed Loop SOA Governance Intended Design Design Time Gov. Runtime Gov. Running Reality ? SOA Infrastructure ? Automatic End-to-End Discovery Dynamic Discovery of your SOA environment… Dependencies Services & Consumers Transaction Flow Runtime Policies & Metadata …across Heterogeneous Infrastructure Containers Messaging Repositories ESBs Appliances Home-grown Databases Registries / Repositories Service Registries Design Information Running Environment No application, message or header modifications Automatically feeds Design Time Governance Ensures Complete Accounting of Your SOA Environment AmberPoint SOA Explorer Real-time view of overall environment and status Table View Quick filters to rapidly isolate areas of interest Graphical View Transaction flow Recent additions Problem areas Specific application groups “Rogue” services Filters Take action Drill Down Place under management Apply missing policies Drill down into detail Sortable, printable, exportable information End-to-End Transaction Monitoring & Diagnosis From Clients, through Infrastructure, Applications, and Endpoints Drill into Transaction Content & Context Performance Business Transactions and Process Flow - Exception context - Response times Follows transactions through SOA and non-SOA components: eCommerce System ESB‘s Java and .NET Applications Databases Order Detects problems with business flows: Credit Check Warehouse Order Management Shipping Partner Performance issues Missing or stalled steps Failures Real-time Monitoring of Business Transactions Probe applications for inconsistencies Expected Delivery Disconnect Alert Check transaction progress and correctness Does not need to be synchronous or see every step Service Level Management SLA enforcement for transactions, groups, users, and services Transaction-level SLA’s User-level SLA’s Historical Reporting Multiple Objectives per Agreement Service Level Violations Enforces agreements based on business criteria “Gold” users, Accounting systems at the end of quarter, etc. Flexible calendars, scheduled downtimes, fixed and sliding time windows Preventative and corrective actions Take Preventative / Mitigating Action A Throttling Example Performance 3 against objectives 1 Service Level Agreement Service Level Objective (SLO) For Platinum customers: • Ave. Response time per hour < 6 sec • Warning threshold <= 4 sec - Action: Throttle non-Platinum users 2 Usage segmented – e.g. by Platinum, Gold, Silver Gold Take Preventative / Mitigating Action A Throttling Example Performance 3 against objectives 1 Service Level Agreement 5 Service Level Objective (SLO) For Platinum customers: • Ave. Response time per hour < 6 sec • Warning threshold <= 4 sec - Action: Throttle non-Platinum users 2 Usage segmented – e.g. by Platinum, Gold, Silver Stabilized response times Gold Automatically triggers throttling before 4 compliance failure Throttling Policy Closed Loop SOA Governance Intended Design Design Time Gov. Approved Services Intended reuse QOS requirements Policy requirements Runtime Gov. Discovered Services & Dependencies Transaction Monitoring Performance metrics Policy enforcement Security Throttling Version transparency Users Authorized Unauthorized attempts Policy additions Discovered policies Operational additions Running Reality ? ? Policy-based Approach to Runtime Governance Enforced across the infrastructure Pre-built library of most commonly used runtime policies Instrumentation Version management Service level agreements Exception handling Content-based Policies Authentication – certificates, credentials, SAML, etc Authorization Censorship Credential Mapping Crypto – Signatures & Encryption User-extensible Throttling Quality of Service Performance Availability Throughput Failover Load balancing Validation Automated Policy Provisioning Select policy Policy enforcement across the infrastructure Configure Service Metadata Set policy criteria Combing AmberPoint + BizTalk creates a SOA Grid with a clean separation of responsibilities Managed Endpoints MEP MEP MEP MEP MEP Virtual Service Provider MEP MEP VSP Microsoft BizTalk VSP MEP MEP MEP MEP VSP Controls Service-to-Service Interactions Controls Serviceto-Endpoint Interactions MEP Resource Management • Discovery / Registration • End-to-end Visibility • Measurement • Message Distribution/Utilization • Availability • Access Control VSP Orchestration Protocol Mediation Message Routing Content Transformation VSP MEP MEP MEP Runtime Governance of Virtual Service Providers Balanced Service Provider Qualities: • Scalability • Performance • Capacity VSP LB MEP MEP MEP VSP VT v1 MEP v2 VSP LB FO MEP MEP vn Benefits: • Agile • Controlled Access • Deprecation Benefits: • Highly Available • Fault Tolerant Secure Service Provider Qualities: • Security • Integrity • Confidentiality VSP Qualities: • Version Transparency • Flexibility MEP Qualities: • Reliability • Availability MEP Benefits: • Balanced • Distributed • Manageable Evolving Service Provider MEP Resilient Service Provider MEP MEP MEP Benefits: • Tamper Resistant • Private • Controlled Access AmberPoint SOA Runtime Governance Mark Munro Senior Sales Engineering Northern Europe - AmberPoint In an ESB Scenario Service-Oriented Infrastructure Enterprise Service Bus Native Orchestration Native ESB Core Engine CIM Standard Service Consumer SOAP Transformation Routing Exception Management B2B Gateway Provisioning Framework Service Registry Service Management Legend: CIM Consumer Integration Module SIM Service Integration Module Security Supported Service Provider Adaptation Adaptation Supported Service Consumer SOAP SIM Standard Service Provider MedicAlert Health Care Services Personal health records for 4,000,000 world-wide members. Key Requirements: • Consumer Client (GUPTA on USB Key) ChillKat (String Encryption) Public Internet • IP*Works! (SOAP) Firewall MS NLB (VIP) XWall eHealthKey Send or Custom Actions Chosen Solution: AmberPoint Agent (.NET) AmberPoint IIS Windows 2003 Ensure high QoS requirements for access to MedicAlert services – critical health implications Ensure ‘last-mile’ security for sensitive & private patient information LDAP Visibility into service usage and performance bottlenecks Monitor impact of security & management policies on their SOA Version transparency – different eHealthKey versions Desktop Applications (future) MS NLB (VIP) MS NLB (VIP) AmberPoint Agent (.NET) AmberPoint Agent (.NET) Web Service (.NET) Web Service (.NET) IIS IIS Windows 2003 BizTalk Windows 2003 Microsoft .NET and BizTalk Orchestration & Mediation Results: • “Can usually have a running prototype assembled faster than the marketing guys can write up their requirements.” – Jorge Mercado, CTO Closed Loop SOA Governance Intended Design Design Time Gov. Approved Services Intended reuse QOS requirements Policy requirements Runtime Gov. Discovered Services & Dependencies Transaction Monitoring Performance metrics Policy enforcement Security Throttling Version transparency Users Authorized Unauthorized attempts Policy additions Discovered policies Operational additions Running Reality ? ?
