Sunday, December 03, 2006

Transcript of BriefingsDirect Podcast on Open Source SOA and Celtix Enterprise

Edited transcript of BriefingsDirect[TM] podcast with Dana Gardner, recorded Nov. 17, 2006.

Podcast sponsor: IONA Technologies.

Listen to the podcast here.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you're listening to BriefingsDirect. Today, a sponsored podcast discussion about the intersection of Services Oriented Architecture (SOA) and open source software.

This is a very big deal these days. We’ve got a lot of action going on within a variety of open source projects and foundations, and a variety of different aspects of SOA being developed and designed with commercial and open source input. To help us weed through this are two executives from IONA Technologies. I’d like to welcome Oisin Hurley, a distinguished engineer with IONA. He’s also an Eclipse SOA Tools Platform Project lead and a contributor to the Services Component Architecture (SCA) initiative. Welcome to the show, Oisin.

Oisin Hurley: Thanks, Dana.

Gardner: Also joining us is Debbie Moynihan. She is director of open source programs for IONA Technologies. Welcome, Debbie.

Debbie Moynihan: Thank you, Dana.

Gardner: As we mentioned, there seems to be a confusing set of directions for SOA these days. If I’m a CIO in a corporation and I’m thinking about bringing SOA principles and methodologies into play, I also need technologies. I need to have tools, I need to have runtimes, I need to have governance. I’m wondering, “Wow, should I go with one or two large vendors? Should I lock into one specific approach? Or should I take advantage of a best-of-breed approach, where I might use components and approaches from a variety of vendors?”

I’m also going to be scratching my head, now that I am learning more about these open-source alternatives. So, first I’d like to go to Oisin. Can you help us weed out a little bit of why all these different alternatives are cropping up now, and how do you see open source and SOA coming together over the next two or three years?

Hurley: Well, Dana SOA is a very important architectural movement in our industry at the moment, and it requires couple of things to become even more successful. It requires innovation, and it requires infrastructure on which it can live. If you look at open source it’s possibly the greatest source in innovation that’s happening right now.

In community-developed open source people are putting together answers to a lot of the problems that people are seeing within SOA. Of course, community-developed open source is there already. It’s not just a new thing. And when you look to the infrastructure side of it, you’ll see that Apache Software Foundation [products] have been out there and deployed for many years.

Gardner: Something does seem to be different with SOA is that in the past we’ve seen open source crop up around technologies that had already been fairly mature in the commercial sense. For example, there was the web server, with the Netscape offering years ago. And then there was the Microsoft IIS offering, and then we had Apache [HTTP Web Server] come in as a sort of runner up -- but then dominate the marketplace.

We saw a similar effect with Linux; we had UNIX and Windows as platforms for some years -- and with a great degree of maturity -- before Linux caught on and moved forward. But it’s different now with SOA; we’re seeing open-source benefits principles and business models applied to SOA from the very beginning, even before there’s maturation. Why do you think that’s different and what does that portend for SOA?

Hurley: The thing that’s driving a lot of the community-developed open source within SOA are requirements from CIOs and from commercial vendors, as well as the requirements that have come from the more traditional kind of community approaches. And again, it’s all of those getting together -- rapid innovation to solve the issues -- and thus SOA is presenting to organizations the vision of a distributed SOA infrastructure, for example.

Gardner: What is it about open source that is different now? Has this become the de facto best way to produce innovation?

Hurley: There are three things that we usually see our customers looking for. They want to generate greater ROI. They want to be able to streamline and modernize their IT environments. And they basically want to lower the total cost of their IT operations. Community-developed open source is all about good code, and its all about innovation at that lower cost point.

Gardner: Let’s move over to Debbie. Your role with IONA is driving the strategic product management and product marketing activities around IONA’s open source lines of business. Why has IONA moved to open source? Tell us a little bit about the evolution of your enterprise service bus (ESB) product. How is that going from Artix to its newer iteration? And tell us a little bit about the open source direction as well.

Moynihan: Sure, but before I go into our open-source philosophy, I want to talk a little bit about our SOA philosophy. They really go hand in hand. SOA, even though it’s a very popular term, really has been around for quite some time, particularly in financial services and manufacturing.

If you look back at some of the early deployments in services-oriented architecture, you’ll see that many of them are built on CORBA. As you know about IONA’s history, we’re very interested and have been very involved in a lot of those early implementations with CORBA. Some of the same things that people were looking to do early on still are true today: Looking to do loosely coupled implementations, highly distributed, and with a high focus on industry standards.

But what we’ve seen over time, as you look at the technologies for SOA, there are really the three phases with any technology: innovation, standardization, and commoditization. Open source is really the way that we’ve seen software development evolving toward that commoditization piece.

One thing that we’ve seen, and particularly with SOA, is that the window has been compressed between those three phases. The commoditization is happening faster and faster. And so we made a proactive decision about 18 months ago to open source some of our SOA technology. We initially involved our CORBA product portfolio. We introduced our Artix portfolio, and then quickly made the decision to open source part of that technology -- and we initiated the Celtix open-source ESB project.

The new iteration of that is actually broader and expanded to incorporate multiple open-source projects. The goal is to help solve some of the barriers that people are seeing today in incorporating open source into SOA -- bringing together multiple projects and integrating them, and also having the same enterprise support that they would like for all the software that they’re using in their infrastructure.

A key part of our strategy is to continue to focus on standards, continue to allow people to get the best of ways to integrate in a distributed way, but also to use open source when they can. As we were talking about earlier, we believe there is a lot of innovation and faster innovation -- and it’s very high quality -- when you use open source software.

Gardner: Oisin, maybe you can help me with this. When I look at open source and SOA coming together, I wonder whether the open-source benefits are primarily for the vendors of SOA components, or are they predominantly for enterprises and perhaps large organizations like telecommunications carriers to make a SOA stack on their own using these components.

Do you think that the types of activities that IONA is involved with -- CXF and some others, and working with Apache -- are these efforts going to be something that is going to be used primarily by other vendors or by the enterprises, and to what degree? How is this going to manifest itself in the market?

Hurley: What our customers require from us, and what we kind of aspire to, is a distributor approach to SOA. It’s the right approach, rather than taking on a stack or developing something like a hub-and-spoke architecture. Really it’s all about what the right shift for the problem at hand and for the people that are solving the problem. So, whether it’s an organization that’s doing its own internal IT, or an organization that works and does IT for yet other organizations -- it’s all about trying to solve the problem. It’s about being able to go in and address this on a piecemeal basis to make a start, to be able to incrementally adopt more elements, and to have an adaptable skill.

Gardner: Tell us a little bit about some specific projects, so people can follow these. What are the ones that you think are most important right now that will make an impact in how SOA evolves, and how people actually use it in the field?

Hurley: Okay, well, there are a number of open-source projects that IONA is involved in that play right into this area. We have the CXF project at Apache, which is a community-developed, from-scratch, open-source ESB runtime.

There is the SOA Tools Project at Eclipse Foundation, which is there to bring together and address all of the issues that SOA developers will discover on their way to producing SOA for their employers and others. And, there are some other projects like Tuscany, which is a community-developed open-source implementation of SCA specification, again at Apache.

There are other major ones as well that address all the elements of a distributed SOA infrastructure, such as Qpid and Yoko, which are both Apache projects, and other projects that you may know of already that are being sold as products such as Mule and ServiceMix.

Gardner: As organizations examine these projects and try to evaluate them in terms of risk -- that is, they say, “Is this something I want to put into production? Is this something I want to test with?” What do you think needs to happen in terms of a maturation or acceptance before an enterprise or global Fortune 2000 organization will come up and say, “Yeah, I’m going to go in this [open source] direction, I’m going to make a bet on this?”

How will we know when these projects are ready for prime time?

Hurley: These projects are getting a lot of take-up right now. So, we have different types of customers that are adopting these projects at different rates. Because of the way that community-developed open-source software is made available, it’s very, very straightforward for an organization to go in and say, “We’re going to work with this. We’re going to try a project. We’re going to see how that project works out, and then if that is successful then we can move on.”

One of the advantages of developing software in an open community is that those organizations have the freedom to add their particular innovative requirements and actually commit code to those actual projects to help bring it along toward the goal that they want.

Gardner: Debbie, how about you? What about the future? Where are we going to go with these open-source projects? Tell us a little bit about how IONA views this from a business model? How is it that the open-source SOA approach and the commercial approach hand off from one to another or relate or make you guys a leader?

Moynihan: I think what customers are looking for in a SOA, as we’ve been talking about, is a distributed approach. They’re looking to reduce their cost, first in any new investments that they make, and then their over-all fixed and operating costs as they move forward.

And so, it gives them that ability to get even more reuse out of their existing implementations. If you look at IONA’s strategy, we are very focused on offering an architecture that allows people to be able to adopt SOA in an incremental way. We’re also offering the ability to leverage the true benefits of open source to be able to use community-developed software whenever possible. And to offer not just a single project, but to integrate the projects together in a cohesive offering.

People can really tie together the older standards that they have in place with these newer SOA standards like SCA. They can tie in the widely deployed open-source projects they might already be using -- like Tomcat, for example. And they also get new [open source] innovation and then wrap it around that.

One thing that has been missing, but you’re starting to see it evolve, is enterprise support backing it all up ... the expertise. When people come and talk with us or we go and talk with them, and we talk about IONA’s open source strategy – they really like that we’re a middleware company and not an open-source company.

Well, we didn’t start as an open source company; we started as a middleware company. We started as an integration company, and now we can really offer this combination of, “You can use open source. You can get started. It’s a great way to dip your toe in the water and start enabling services across your enterprise." But then, as you grow and you scale your SOA infrastructure, you may need to scale up. You may need some new requirements that are not available on open source today.

From that perspective, we have these complimentary offerings, like the Artix product family, which can interoperate directly with the open source offerings that we support. So really we provide everything that you need for a distributed SOA infrastructure, and we allow you to use open source only, or a combination when you need some of these other requirements. And, most importantly, to leverage what you already have in place today.

Gardner: And this is one of the goals of open source -- to have standardization. And that standardization would influence not only how enterprises use you, but also other vendors. So it’s the development of an ecology for the community. Tell us a little bit about how IONA fits into an ecology of SOA providers?

Moynihan: I would say in two ways. One is that we are absolutely focused on standards. All the offerings that we participate in, and the things that we develop within our company -- whether it’s community-developed or company-developed -- we’re very focused on standards. This is one way where we integrate and interoperate with an ecosystem.

The other is through the collaborative nature of partnering, both with open-source projects, like with BEA and IBM, for example on the Tuscany/SCA project, and also from a commercial-product perspective. For our company-developed offerings we have partnerships in place, for example, with AmberPoint, where we actually do proactive integrations with specific technology components to create an ecosystem.

Gardner: I guess systems integrators also play a big role in this. They will, in many respects, be picking and choosing -- anointing, if you will -- the SOA winners or leaders. It’s in their best interests to have the best technology available. What do you think systems integrators are thinking when it comes to open-source SOA, and do they fall into your ecology as well?

Moynihan: I definitely think that they are a key part of the ecosystem. A lot of users will want to work with system integrators as they adopt these technologies. They are looking for a lot of the same things that the end customers would be looking for. They would be looking to adopt open-source projects and open-source products that are able to integrate with existing standards and new standards. These are innovative SOA approaches like SCA. They are looking for a lot of the same things, and can also bring a lot of value because with open source there is a lot of integration. System integrators are going to be a key part of the overall ecosystem.

Gardner: When I speak to end users in large organizations, one of the things that seems to be attractive for them when it comes to SOA is a notion of risk reduction. They view this as a way of reducing their risk of not being able to extend and recover their past investments in legacy systems, for example.

They view this as a reduction in risk in terms of flexibility, agility, and moving quickly to create applications: Composite applications and process-oriented and event-driven applications and services. They also view this as risk reduction when it comes to being able to move quickly into new technologies.

So, they’re “future proofing” -- if you will -- being able to manage what comes down in the future, things that they might not be able to fully anticipate. So, given this nature of risk reduction that’s inherent with SOA, what do you bring to the table in terms of lock-in risk reduction?

That’s something that people have feared for some time, getting locked into one or even a small number of vendors. It seems to me that the open-source SOA approach reduces risk from both the overall SOA perspective as well as the issue of lock-in. Oisin, how do you see that?

Hurley: Well, you’re pretty much spot-on in your statements there, Dana. If an organization wants to reduce risk and increase their level of control on an ongoing basis, community-developed open source is exactly what they need. Because there is a great focus on standards and the code is available. That gives them more control because there is a wide community -- both among the actual open-source developers themselves and organizations that provide products dedicated to supporting the software that’s been developed by the those communities. So this is regaining control for the customer.

Gardner: Now, we also hear that SOA is not just technology. It's not just code. It’s really a mentality. It’s a conceptual framework, a methodology set. How do we cross this benefit matrix between what we can bring to the table from an open-source perspective and also get what needs to be a fairly disciplined approach, when it comes to these methodologies and conceptual frameworks?

One would almost think that they are at odds, that open source can be a little bit chaotic, and yet methodologies need to be disciplined and have a bit more of a control-and-command approach. How do you go to your customers and explain to them how you can have an open-source approach to something that needs to be so methodologically precise?

Hurley: Well, for somebody like me, who’s involved in open source communities, the one thing they are not is chaotic. They tend to be the most strictly controlled and strictly behaved groups of people.

They’re very, very thorough -- extremely thorough, because the people who are in there love the subject matter. They love the code. They are always concerned about it.

If you go and if you look at an Eclipse project or you look at an Apache project, you would see very cohesive behavior. The discipline is there within those communities -- and I will say it’s a meritocracy. They self-police.

To get back to your question, though, the important thing to bring across to the customer is that the job of actually putting together SOA is, as you say, technology independent. It’s on a higher level. It’s about how you offer functionality to the business. So, if you are in IT operations, how do you put together functionality that the business will use for its own customers? You bring to them good technology [and] guidance on how to produce services.

Gardner: Looking now at the road map, you have had some announcements recently. Can you lay out for us how your two or three trajectories for this go. Commercially, via open source, and also via "commercial open source." Give us a roadmap for IONA’s approach to SOA infrastructure.

Moynihan: What we recently launched was really expanding our existing approach to distributed SOA infrastructure, where we did have products in the market already, which were company-developed products. What we recently announced were community-developed products under the umbrella offering Celtix Enterprise, which really is an open-source offering that ties together multiple open source projects in a cohesive way.

Users can take that and use it to get started today on implementing a distributed SOA infrastructure. If they choose, they can have the benefit of support from IONA. You called it “commercial open source.” I would say it’s vendor-supported open source, because it is an open-source license, and you can go to our site and you can download the code and use it today. If and when you choose to get support, then you would come back to IONA, and we would work with you to determine what the right level of support would be for you.

So, I would really say that it is an open-source offering backed both by our expertise in bringing the community-developed projects together, and then the integration, as well as providing an "easier to consume" offering. We also offer more documentation, tutorials, demos, and things like that, to make it easier to get going with open-source SOA. For those who are looking for enterprise support, we also offer that. But I would say that’s an additional offering that we came up with.

So, we have this open source offering, and it's actually a family of offerings where we have Celtix Enterprise as an open-source ESB. We have Celtix Advanced Messaging, an open-source message broker, which is an implementation of the new Advanced Message Queueing Protocol (AMQP), the new open standard for sending messages.

Then, we also have Celtix Advanced Service Engine, which is based on the Apache incubator CXF project, which is for creating services and service-enabling your overall infrastructure. Complementary to that, for those who want it, we also offer enterprise consulting and training support.

The road map going forward would be that we will continue to evolve a collection of offerings, both company-developed like our Artix portfolio, which today meets a lot of requirements around distributed SOA Infrastructure – as well as a lot of requirements that are not available in open source today -- as complementary to our open-source portfolio.

We want to offer our customers the benefits of open source, but also offer them additional capabilities so they can scale and get beyond what’s available in open source. We can provide all the additional capabilities they need with our full product portfolio. I think what IONA brings to that roadmap is all of our expertise in being able to continue to add capabilities to our open-source offerings, because, as you know, a lot of people are predicting that by 2010 upward of 80 percent of companies will be using a combination of closed and open source code.

Gardner: We’ve certainly seen a precedent for that in platforms, and it will increase when we move up the stack, I am quite sure. Now, open source SOA provides a lot of choice. It provides risk reduction. It provides an ecology play -- pretty much what a lot of companies, developers, and architects have been asking for.

In general, it sounds like the way they want to go. Can we give them, in the meantime, some sense of what’s to come in the future? Oisin, you are close to some of these projects. Do you think that we will get to a point where open source will have an impact up and down the entire stack? I guess that would include business applications themselves. Or, do you think open source really is more appropriate on the infrastructure level? How do you see open source, in general, moving into the future, and what relevance and impact will that have for SOA?

Hurley: I strongly believe that the community-developed open source in SOA is going to have an impact not just on the infrastructure, but, as you say, from top to bottom. Right now, what you see is an awful lot of projects addressing SOA infrastructure-related issues, and it’s very natural to have several different projects addressing different aspects of those particular problems.

As time goes on, it’s going to be natural too that both of these projects will grow together and start addressing similar issues and perhaps merge. We have seen that happen with CXF and Celtix, and I predict this will be an ongoing thing. It’s a natural way to do it. And that’s from the infrastructure point of view.

Above and beyond that, there is a lot more that can involved with SOA. There’s the ESB part of this, and there is repository, governance, and policy adoption, and such things. You can see where it will be of great value to companies to have a cohesive structure that brings all of these pieces together.

This is something that we are aiming for in the SOA tools project as well. We are addressing different types of SOA developers, from the guys who are developing Java codes to implement services, all the way up to the guys who are using Business Process Modeling Notation (BPMN) to draw pictures effectively to illustrate their business processes.

Gardner: You hinted at consolidation in these projects. Do you think that there will be a more standardized or perhaps integrated approach? How do you view the effective consolidation in this open source SOA maturation environment?

Hurley: As I previously mentioned, there are a lot of problems that are being addressed in different aspects of SOA. Where two different aspects of SOA may be somewhat similar, it’s quite normal to have different projects addressing those pieces. It’s also quite normal for them to grow together to provide another picture, another single approach to addressing those two aspects.

I don’t think that means that everything will all come together into one, single consolidation. There will always be a level of diversity there, because there will always be communities. There will always be people who want to develop things differently. That will actually drive the evolution of the quality, and will drive the innovation within SOA.

Gardner: We are about out of time. I think from our listener’s perspective, there is a lot to consider around these open-source approaches. What really is attractive to me is this notion of risk reduction and of choice. It will be unlike some previous technology revolutions and evolutions, if you will, where you were really locked-in to a monolithic and tightly structured environment that, once you were in, you were in for the long haul, and it was very difficult to extract yourself.

When you look at a component-based SOA model with open-source involved, it seems like your choices don’t just end once you have made the choice on infrastructure. You can go in and move about, make choices, back up, if you will, and go sideways, so to speak. That to me is probably what makes this more different than just about any other major infrastructure development over the past 15 or 20 years.

We’ve had object-oriented approaches and component-based approaches, but they were often within fairly rigid environments. We’ll go to you, Debbie, for the final word. Do you see that as well -- that we have more choice, not just at the beginning of our journey into an infrastructure approval process, but really throughout the process?

Moynihan: I absolutely do see that, and we’ve always been all about offering an incremental approach. I think with open source and SOA together that will be true going forward.

People will have choices, and it's not about making some huge decisions for a big hub that’s going to be in the center of everything, but rather smaller choices in a lot of different places, because of the evolution of standards, and because of this rapid innovation that’s happening at the community level, which, as Oisin mentioned, is pretty rigorous. It might seem chaotic from the outside, but it’s actually quite rigorous. And in the community-development approach there are also many vendors, which gives you choice as well. It’s not just a single vendor.

Gardner: Thanks very much. I am sure this is a set of the issues we are going to tracking closely over the coming years. I want to thank you both for helping us understand this at an important juncture, where SOA and open source are increasingly joined at the hip.

Joining us to discuss this sponsored BriefingsDirect podcast have been Oisin Hurley, a distinguished engineer at IONA Technologies, and also Debbie Moynihan, director of open source programs at IONA. Thank you all for listening. This is Dana Gardner, principal analyst at Interarbor Solutions.

Listen to the podcast here.

Podcast sponsor: IONA Technologies, Inc.

Transcript of Dana Gardner’s BriefingsDirect podcast on open source and SOA. Copyright Interarbor Solutions, LLC, 2005-2006. All rights reserved.