The increasing need for SOA runtime governance

Category: Architecture, SOA, Azure

With the advent of broad and deep cloud technology offerings from some of the biggest software names of our time, the average organization are now adopting the use of SaaS based products, PaaS offerings, IaaS, or a combination thereof. Somewhere in this mix there are web services being built, used and consumed in an ever increasing service based world.

While the rapidly evolving ecosystem of vendor offerings has tried to make it very quick and easy to leverage some of this awesome cloud capability, the aspect of managing these cloud services has been a little lagging or maybe better described as ‘simple’. In particular, the aspect of operational monitoring, reporting, access management (centralized) and security enforcement (also centralized). In my opinion, runtime focused SOA governance tools are going to be a necessity in this age of commodity services and hence these tools will have to evolve to smartly manage services regardless of who built them (custom or OTS services), where they are hosted, or who owns them.

Being a Microsoft enthusiast, I’m a bit disappointed about the lack of direction in this area from Seattle. This is evident by having no position in the Gartner Magic Quadrant for SOA Governance Technologies  (read the Gartner page for details).

I can’t help but think Microsoft have something in the pipeline (because everyone else already has a product in the market). They certainly have all the foundation technologies you would need. Windows server 2012, WCF, SQL (Azure), StreamInsight, etc. But alas there is no product… yet.

The partner ecosystem have a few offerings, and I recently took a quick look into Nevatech’s Sentinet product. This particular product offers Design and Runtime SOA governance support, but the product sways heavily towards Runtime which seems common in today’s newer SOA product offerings. Sentinet looks nicely lightweight, supports many varied deployment architectures including Azure, can be used with any technology stack, but natively supports WCF meaning you can do cool things like exposing a netTCP endpoint to a basicHttp consumer. Try doing that Java SOA Governance tool. ;-)

My increasing interest in SOA governance tools has lead me to wonder about the potential ways that one could implement these runtime features. It seems (after a little research) that a common thread amongst them is the implementation of the Service Virtualization pattern. Although obvious in hindsight, this pattern lays the foundation for a fantastic abstraction where a centralized service management layer could work its magic. The Sentinet product is a great example of an implementation of this pattern, and moving forward SOA governance technologies will be very important as we start to, on a day to day basis, commission, decommission or migrate services internally and externally of our corporate domains.

Now I’m really looking forward to creating a poor man’s SOA runtime governance tool, potentially using Microsoft UDDI (Gartner did acknowledge this), WCF, and some Metro (I mean Windows 8 ) UI admin tool. Hmmmm, should that be HTML-JavaScript or C#-XAML for the UI.