Edited transcript of weekly BriefingsDirect[TM] SOA Insights Edition podcast, recorded April 6, 2007.
Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Interarbor Solutions at 603-528-2435.
Dana Gardner: Hello, and welcome to the latest BriefingsDirect SOA Insights Edition, Volume 16, a weekly discussion and dissection of Services Oriented Architecture (SOA)-related news and events with a panel of industry analysts and guests. I'm your host and moderator Dana Gardner, principal analyst at Interarbor Solutions, ZDNet blogger and Redmond Development News Magazine columnist.
Our panel this week, and it is the week of April 2, 2007, consists of Steve Garone, a former IDC group vice president, founder of the AlignIT Group, and an independent IT industry analyst. Welcome, Steve.
Steve Garone: Hi Dana. Great to be here.
Gardner: Also joining us is Joe McKendrick. He is a research consultant, columnist at Database Trends and a blogger at ZDNet and ebizQ. Welcome back, Joe.
Joe McKendrick: Good morning, Dana.
Gardner: Also joining us is Jim Kobielus. Jim is a principal analyst at Current Analysis. Welcome back Jim.
Jim Kobielus: Hey, Dana. Hey, everybody.
Gardner: And, Tony Baer, Tony is a principal at OnStrategies. Hey, Tony!
Tony Baer: Hey, Dana, how are you doing?
Gardner: Great, and joining us as a first-time guest is Todd Biske. Todd is enterprise architect with MomentumSI, an Austin, Texas-based consultancy. Welcome to the show, Todd.
Todd Biske: Thanks, Dana, thanks for letting me join.
Gardner: My pleasure. Because of the big news this week with mergers and acquisitions in the SOA space, we’re going to take that as our top topic. We’re going to look at the announced acquisition of webMethods by Germany’s Software AG. We’re also going to talk about the role of Web 2.0 and SOA and perhaps delve into the notion of using wikis for governance, control, and management of assets and process.
If we have time, we’re going to jump into a discussion about SOA hype. Is SOA over-hyped or under-hyped, and that might take an hour in itself just to get started.
The news this week came as a surprise to me, and I think to many. Germany’s Software AG, a company with database and tools assets, best known for legacy implementations, legacy support -- and perhaps moving more toward modernization and, therefore, SOA -- for about $550 million in cash has announced an agreement to purchase webMethods based in the U.S., in Virginia.
WebMethods itself has recently gone through a series of acquisitions, including, most recently, Infravio. Our regular listeners may recall that we had a vice president from webMethods, Miko Matsumura, on the show just recently. So, let’s go around the table a little bit and get the take. I suppose the big questions are: Is this a big deal or a little deal, and is it a good deal or a bad deal? Let’s start with you, Steve Garone?
Garone: Well, that’s interesting question you just asked. I think it’s a good deal. I'm sure it’s a good deal for webMethods from a financial standpoint and for the folks who are going to profit individually from the acquisition. It’s also a good deal from Software AG's standpoint, given its direction to move more strongly into SOA, which I don’t think -- based on what I’ve seen -- it’s been extremely successful at doing over the last three or four years.
Software AG, if we go back maybe three, four, or five years, went through a series of fairly significant announcements with integration products and database enhancements focused on XML, leading it more toward modernizing into the web services, and eventually SOA, world. My perception is that from a business standpoint it has not been extremely successful at that, particularly in the United States.
So, this move really amounts to an effort to get a lot of customers onboard, customers who are using the webMethods products and suites. As you mentioned, we’ve talked about it on this show before. The governance aspects that resulted from the Infravio acquisition are particularly important for Software AG in terms of acquiring a customer base in the United States.
Gardner: You mentioned the price paid. We should point out the 25 percent premium that is apparently going to be paid by Software AG for webMethods that would be over its publicly traded price before the announcement.
Tony Baer, you had an interesting point in your blog. You’ve mentioned that this price, of roughly $550 million is a third, or significantly less, than the $1.3 billion that webMethods had paid back in 1999 for Active. What’s your take on this? Was this something that was of economic expediency? It seems like it happened fairly quickly after the Infravio acquisition?
Baer: Well, I think that webMethods has been looking for an exit strategy for some time, because basically they're trying to build up their SOA platform story. The fact is that large corporate customers are going to be nervous with a $200 million company. They’re probably a lot more comfortable with a company that’s closer to one billion, if they're looking for a platform play.
In terms of the pricing discrepancies, that just reflects the absurd valuations we had during the dot-com period. That was a very interesting irony. I actually liked the point you raised in your blog, Dana, which is the challenge of integrating German companies with companies of some other regions, especially the U.S. German companies tend to be very deliberate. Take a look at Shai Agassi’s recent departure from SAP. He just didn’t want to wait another couple of years to become CEO or whatever the title is over there.
Gardner: "If" he was going to become CEO.
Baer: Very good point. German companies are very deliberate. I don’t think he had the patience for that. One thing I want to point out is more of a key performance indicator. Software AG had, up until now, a very heavily promoted alliance with Fujitsu. In the area of BPM, Fujitsu would resell Software AG’s service bus and Software AG would resell Fujitsu’s BPM. BPM also happens to be one of the highlights of the webMethods acquisition.
One of the challenges that will be before Software AG, and I think an indicator as to whether they are successfully getting the message out to their customers, is how they handle this transition with BPM. Obviously, having an internal product is going to be a lot more attractive than having to partner for it. In fact, Software AG’s CEO told me that in a quote. So, it will be interesting to see how they handle that.
Gardner: How about you, Jim Kobielus? Do you think that this is a sales and channel opportunity to reach the Asia-Pacific region through the Fujitsu alliance and take what was a complementary fit in terms of North America and European Union presence for these two companies? Is this a technology play for all of the above?
Kobielus: I am not really up on the Fujitsu alliance with Software AG. So, I won’t comment on that. It’s very much a geographic jigsaw puzzle coming together here. Clearly, Software AG is very big in Europe, and not so much in the U.S., in terms of integration in BPM.
It’s pretty clear that from a geographic standpoint it’s very complementary. Actually, it’s more complementary from a product standpoint than many have been there willing to give it credit for. Software AG, as you’ve indicated, Dana, is very strong on legacy modernization of the whole mainframe-based setup products for development, databases, and so forth.
WebMethods is very strong on integration, BPM, and the whole SOA stack registries. There is some redundancy with Software AG’s products, such as the whole Crossvision Suite, but I think that from a technological standpoint webMethods is stronger on BPM, the repository, and all of those SOA components than the company that’s acquiring it.
There definitely are a lot of synergies there. Also, webMethods is a bit more visionary than Software AG on the SOA front and has been for quite a while. In fact, webMethods almost coined the term "Web services" back in the late 1990s, and they had a pre-SOAP implementation or a protocol that presaged or foreshadowed SOAP and the whole WS suite that came along. I think webMethods is still a more dynamic company than Software AG in a variety of ways.
Gardner: Let me just pause you there for a second. So, you’re saying that webMethods is ahead of its time, and Software AG might be behind the times, and so together they are going to be on time?
Kobielus: That's right. Software AG is a little bit stodgy and maybe that has to do with its national background. The whole German-versus-American alliance thing is kind of interesting. So, it’s ironic that a big German and a smaller American company are hooking up right now and trying to make a real go of it on SOA.
Another big German and another American company are divorcing -- DaimlerChrysler, of course. They want to get rid of the German stockholders of DaimlerChrysler, who want to jettison the Chrysler side of it and send it packing its bags back to Detroit. They cited the cultural difference, the Germans did. It didn’t work out.
Gardner: Just as a quick aside, it seems that you can pick up Chrysler for $4.5 billion. That seems like a small change for such a big company. If I had a few more bucks, I might consider it.
Garone: Based on the last Chrysler car I owned, I don’t think it’s a cultural issue.
Gardner: You could sell the bricks in the factory and Chrysler would make that money back.
Kobielus: I was reading in one of the articles in the press that Software AG and webMethods cited a cultural match, and that's why it’s a good synergistic deal for those guys. We’ll wait and see.
Gardner: Just the fact that you bring it up means it’s probably somewhat different, right? Let’s go to Todd Biske. Todd, I really enjoy your blog. I think you have a view of SOA that’s much more pragmatic and practical than some of us tea-leaf readers. You tend to eschew the products and look more to the process and the issue of changing the way people behave. Does this merger and acquisition mean anything to you?
Biske: I always like to follow what's going on. The interesting thing that only time will tell is what you’ve got filling the technology gap. We’ve seen a lot of the recent mergers, even just webMethod acquiring and Infravio for the registry/repository and governance solutions, fill the gap.
Clearly, this isn’t a case of filling a technology gap. It's more about geographic issues. But the question from an end user point of view is, when you combine two medium-sized companies, will you get a new big player or will you just get another medium-sized company, maybe like DaimlerChrysler, and the message just gets kind of watered down for both?
I don’t know whether this acquisition will really make a lot of large enterprises see them in a different light or not, when they’re comparing them against the likes of IBM or Oracle. It certainly creates a potential to do so, and that increased customer base can go a long, long way. We’ll see where we windup with it.
Gardner: Your point is well taken. I see this as kind of a risky activity and I agree that this is one-plus-one-equals-two, or one-plus-one-equals-three. And hopefully now, one plus one plus equals 1.3 or 1.5.
In a sense, the whole SOA notion might be affected by this, because if these companies don’t succeed, and they can’t make a multiplier effect, they can’t show that the whole is greater than sum of the parts. You'd have to ask yourself why two companies that are focusing more and more of their products and processes and approaches on SOA couldn’t pull their companies together.
A failure could happen for a number of reasons. It could be culture, but gee ... SOA has to do with culture. Or it could be geography, and gee ... SOA is supposed to be appealing to multinational companies. And, it could be technology, but gosh ... I hope not, because the SOA technology is suppose to allow for mixing, matching, and elevating to a services level of assets, and data resources, and then to bring the people and process together around that.
Does anyone else share my view that this has a somewhat high level of risk, in that, if doesn’t succeed, it could besmirch SOA in general?
McKendrick: I don’t think it’s going to have a huge impact, at least initially, on either besmirching SOA or advancing SOA. It’s a great metaphor. Have you folks seen the movie, "The Pursuit of Happyness," with Will Smith? I’ve spoken with Software AG on a number of occasions over the past three years. When I look at them, I think of the young Chris Gardner out there trying to sell these bone density scanners to hospitals and doctors. He said in the movie that these scanners are slightly better than X-Rays, but cost three times as much.
That kind of reminds me of Software AG. Software AG has been working very hard over the years to try to sell their products. They had Adabas, EntireX, Tamino, and Bolero. They've been really working hard trying to push these products, which maybe are slightly better than other products in the market out there. I’m not sure if they’re priced three times as high, but they have to work hard, and they just haven't quite risen to that level.
Maybe buying webMethods will give them that final break -- the internship at Dean Witter that Chris Gardner had in the movie. This is their breakthrough into the market.
Also Software AG's focus has always been the legacy market. That's what they have been good at. They bought Sabratec a couple of years ago, which provided very good legacy integration tools for iSeries, AS400 mainframes and that’s always been their focus.
webMethods has played in this integration and legacy market as well. This is a huge, untapped frontier -- the legacy integration side of SOA. There are hundreds of thousands of legacy systems that have yet to be leveraged and exposed. In the long run, there is a lot of potential for Software AG to be well positioned.
Gardner: Well, there are a number of companies that are focusing on legacy. IBM is trying to cover its flank in terms of, "If anybody is going to put the mainframe out of business, it’s going to be us." So, there is certainly a lot of business, and perhaps even more so in Europe and in the type of customers that Software AG has.
I want to throw the question out again. Does anyone want to share my perception that this is a risky merger, given the geography, the culture, and the fact that the SOA is in a sense on trial?
Baer: One thing struck me about both companies, which I think also sort of ups the level of risk. Both companies have been going to their own form of legacy migration. Software AG is obvious, but webMethods is another clear case in point. WebMethods initially was a B2B company, and then it bought Active Software for $1.3 billion, and that was suppose to be webMethods’ future. Unfortunately, they bought an EAI company, just as the EAI market peaked. So, in that post-2000 era, or post-Y2K, where SOA started to emerge, they start to seem a bit of a legacy player.
Over the last five years, they’ve been essentially reinventing themselves from EAI to SOA. If there's any risk here, it’s that maybe webMethods is a company that's a lot more open to change, because it had no choice. It doesn't have the cash cushion of Software AG, but you’re talking about two companies that are trying to undergo transition. That ups the risk factor. On the other hand, it might also up the motivation, as long as Software AG’s cash cushion doesn’t make them both too complacent and, as you say, Dana, the cultural differences don’t get in the way. Those are some very big "ifs."
Garone: I tend to agree with Tony, although I think it has to be put into context of what webMethods has gone through and continues to go through. I don’t think it’s unusual amongst vendors in the EAI space. If you look at the collection of those vendors, webMethods has done a really good job, relatively speaking, and they have a ways to go as they all do.
The platform vendors have had that issue, too. IBM had to move each product toward a more SOA-centric model and has also done a very good job. The point is, I don’t think that’s particularly unusual. There is risk here, culturally and technologically, but I really don’t see this risk as being major enough to influence the adoption of SOA or the SOA space in general.
Gardner: Okay, fair enough.
Kobielus: I find it risky from Software AG’s standpoint. They’re acquiring another vendor whose own customers are not avidly acquiring their new product. What I mean by that is, back in 2002, webMethods had license revenues of about $120 million, and it’s dropped. Last year, it was $84 or $85 million in software license revenues. This doesn’t sound like a healthy software vendor, and, to some degree, it sounds like webMethods' own customers regard them as being a legacy vendor, away from which they’re trying to migrate. That’s just the surface impression I get.
Biske: I don’t think it’s going to impact adoption of SOA or cast that all in a negative light. Interestingly, looking at the other risk to webMethods and to Software AG, how would we’d be perceiving this, if it was in the reverse direction with webMethods acquiring Software AG or even if it was presented as a merger of equals, rather than an acquisition? The fact that you’ve got the German company acquiring the U.S. company, what does that mean for the existing U.S. customers of webMethods, and how are they going to perceive this, because there are some cultural issues that have made it difficult for Software AG to gain ground in the U.S. market.
Garone: That’s an interesting point. I really can’t address the issue of whether this is financially feasible or not, but my first reaction was, "Why isn't this in the other direction?" I perceive webMethods as being better positioned and in a better business position generally than Software AG is.
Gardner: Well, they have certainly shown their interest in expansion, but I don’t think their cash position would have allowed this.
Garone: Right, that’s probably true.
Gardner: So, the desire might have been there, but not the means, right? Now, what about the point about Infravio and the registry/repository? We heard quite a bit from Miko about governance and policy, running an IT organization, and perhaps even a larger take on the whole management of business in general. It was a very visionary discussion we had, and yet Software AG has its own repository.
I frankly don’t know enough about them to put them side by side and pick a winner, but it seems that if Infravio and governance was going to be the tail that wagged the webMethods’ dog, and that this acquisition may show you a little different future for the role of registry and repository. Any thoughts on that issue?
Baer: It depends on who is going to be driving the agenda there. An early indicator is that Software AG has said that they want to keep webMethods’ management in place. That’s kind of interesting, because usually a CEO of an acquired company exits fairly tactfully, if it’s a friendly takeover. We’ll approach the interesting inflection point about 8 to 12 months down the pike, when we see who's really driving the SOA strategy at the combined company. That’s basically going to be the telling point.
Gardner: Okay, thanks, Tony.
Garone: I think that’s correct. The real pessimists out there -- I’m not sure I’m one of them -- would look at this and say there’s no doubt that webMethods is going to drive the SOA strategy. Software AG, in terms of revenue, is highly reliant on Adabas maintenance at this point and it's going to continue that way until it figures out how to leverage what it got via the acquisition of webMethods in the SOA space. I’m not quite sure I’m there, but there are some elements to that that may ring true.
Gardner: Yeah, this smacks of a good sales and channel match-up, and they might run webMethods as a subsidiary for some time. Then there's also this balance-sheet issue, where Software AG has recurring revenue. It’s got an old cash cow to continue to milk, and that gives webMethods an opportunity to be funded and financed -- without the vagaries of a quarterly report to Wall Street -- to pursue the larger brass ring here, which is SOA.
Kobielus: Dana, I’ll make a one last point there. I agree with that with what you just said. Software AG is a cash cow in the same way, for example, SAP is living off the substantial legacy of a very well-entrenched set of products. My first reaction to the webMethods acquisition was how they finally put webMethods out of its misery. When I say misery, how long has it been? WebMethods is about 11 or 12 years old now, and it seems that for most of their history they have been in some financial trouble or shakiness. It’s just been one thing after another, and it’s like they don’t get a break.
Now, they seem to have a corporate parent that has a comfort pillow for them, some money to fund ongoing development, diversification, and so forth. Software AG pulled webMethods out of their misery and has given them a new lease on life.
Gardner: Thanks, Jim. Yeah, maybe then make them the R&D department in a sense, right? Okay, a final word on this issue to Joe McKendrick. Joe, this relates somewhat to our discussions from the past about best-of-breed versus integrated-stack-and-suite. Clearly, these companies think that bigger is better and more is better. Does this change your thinking on the best-of-breed versus integrated-suite issue at all?
McKendrick: Well, as we discussed in a previous podcast, the whole notion of an SOA suite runs counter to the SOA philosophy. SOA is especially about loosely coupling, and it doesn’t matter where the applications or the system resides. SOA should be independent of all that, and the idea of an SOA suite runs counter to that thinking. Nevertheless, we see lot of companies glomming onto each other, a lot of gelling taking place. This Software AG-webMethods merger is an example. Progress Software has been very astute in assembling a collection of companies that deal with different aspects of SOA. They want to compete with Oracles, and we saw that just recently with JBoss.
Gardner: SOA Software?
McKendrick: Yeah, right. SOA Software and JBoss. Their goal, their intention is to compete against these bigger guys, while servicing the smaller business market, of course.
Gardner: More of an ecology approach to how to bulk up.
McKendrick: Yeah, we’re going to see more of these alliances, more of these acquisitions and mergers.
On Web 2.0 and SOA ...
Gardner: Let’s move on to our second topic, which is this notion of Web 2.0 and SOA. Now, Web 2.0, of course, can be defined many ways in the market. Some people look at it as simply a rich Internet application interface approach. Others focus on the collaborative social networking aspects of it. Yet others look at Web 2.0 as simply going from an HTML and text page-driven Web to more of a process and semantic Web.
So, let’s just leave the Web 2.0 definition off the table and look at the issue of any of these new activities, whether it’s social networking or rich Internet application interfaces or whether it’s taking advantage of more semantics and BPEL as a process relating to Web activities instead of just as a publishing medium.
Let’s just say, "All of the above" for defining Web 2.0 and how this relates to SOA. I want to go first to Jim Kobielus, because in some emails this week you had some interesting thoughts. We’ve seen a few companies say, "Let’s leverage Web 2.0." We’ve seen Intel come out and say, "We’re going to corral a number of 'open-source' Web 2.0 functions." We’ve seen Cisco get involved with Web 2.0. We’ve seen BEA just announce an embrace of Web 2.0. Even IBM is tinkering with this, I’m sure.
So, there is something there, but let’s focus on this collaborative aspect and particularly in terms of governance. Annrai O’Toole at Cape Clear mentioned this to me probably about nine months ago that he looked at governance and at Web 2.0 and thought, "Gee, maybe wikis would be a good concept for how people manage their services." They could say, "I think the policy should be this, and I’m going to use it in this way, and you can pick and choose."
It's sort of an open source, open collaboration approach to policy and use of services and their agreements. I suppose provisioning rules would come about. You said, Jim, this is kind of a scary concept, that wikis seem to be anti-governance and that it could be a collaboration with no structure. Tell us a little bit about why you’re concerned?
Kobielus: Well, when I think of governance, like everybody I think of the capital "G," like Government, but governance has a broader concern. You often think about crack-the-whip, controls, and setting controls on how people interact and how policies are created? When I think about wikis, I think of the exact opposite. There are no controls. It’s basically a shared space to which everybody can post, everybody can overwrite, and everybody can erase everybody else’s comments.
Gardner: The wisdom of the crowd, right?
Kobielus: Well, okay, that’s a religious faith. Wiki seems like the wild, wild West. It’s a free-for-all as collaboration. That’s great. It’s definitely got a very valid role in many environments, like open-source initiatives where they are very peer oriented. Everybody is an equal, even-steven, participant. There is a high emphasis on collaboration, design, reciprocity, and all of that. So, when I think about the whole SOA governance space, both design-time governance and run-time governance, I think of wiki as in the design-time governance side, where you have teams of designers or business analysts and IT people sitting around the virtual table, trying to hash out policies.
Gardner: Requirements?
Kobielus: Requirements, policies, data designs, data hierarchies like with their master data management environment. Quite often these are creative processes involving teams of smart people who sit around a virtual table and hash out the overall design approach. Wikis and the whole Web 2.0 repertoire of collaborative tools can be very valuable in this upfront design, modeling, simulation, and shoot-the-breeze aspects that are critically necessary for design time. But runtime SOA governance really depends on clear-cut policies, designs, data definitions, and so forth that have been handed down by the policy gurus, and now are governing ongoing operations without ambiguity.
In that case, you don’t necessarily want any Joe Blow to be able to overwrite the policies and the business rules that are guiding the ongoing monitoring, management control, or security of your SOA.
Gardner: Yes. You said that they needed adult supervision, but I didn’t think that this would be open to anybody. I thought this would be open to the people who have impact, the architects and the line-of-business people perhaps. You're not going to open this up to anybody. There would be a directory and an provisioning, so that only those most close would have access.
Let’s go to the real world. Todd Biske, does it make sense to you? Should we be collaborating among the right people with the right access and privileges in how SOA governance is improved over time?
Biske: I don’t know that you really want a wiki-style collaboration for governance. I tend to agree with Jim that you can’t just open it up to the masses, and even if you look at collaborative environments, whether it’s the large open-source projects, or something like Wikipedia, there's some hierarchy that eventually was put in place, where certain people were allowed to do commits or were designated as senior editors.
So, you always wind up with some form of governance structure around that. The area where I think wikis are going to be important in the SOA space is in the service management lifecycle or service development lifecycle. You got companies that have to move to a service-provider model, whether it’s internally to internal consumers or externally. I have talked a lot about this in my blog.
If we compare that to traditional product management, for a long time it was really just one-way communication. The product marketers went out and said, "Here’s our product. Here are its features. Go and use it." They pushed it out to the market place, and the only response they got back was did people buy the product or not.
Over time, they recognized the need for much more collaboration with their end consumers on how to evolve that product, whether it was the formation of customer advisory boards or even leveraging the Internet and some of the technologies to establish a community around those products. The same thing can apply when adopting SOA.
If I am providing a service out to the rest of the enterprise, I am going to be interested in what the consumers of that have to say. If I am not listening to them, not establishing that bi-directional communication, eventually they are going to go somewhere else or they are going to build it on their own and put that redundancy back into the organization, which is the opposite of what we are trying to achieve.
Gardner: Okay. So social networking has a value here, but you wouldn’t want it necessarily hardwired into the way in which the technology actually operates?
Biske: Exactly.
Gardner: Okay, I can buy that. Does anyone else have any thoughts on this notion of wikis and collaboration as applied to SOA governance?
Garone: I don’t really have a lot to add. The two guys who just talked gave a great view of this particular question, and I agree with virtually all of it. After a while, it becomes something that a few key contributors, people who actually have the power, control, and knowledge, would be part of. I waxed philosophical in my head and asked, "Well, is it then still a wiki or is it in fact a collaborative tool among a set of decision-makers who, through policies themselves, are able to make changes or not?"
Gardner: I think you're right. The key word here is collaboration. I believe that IBM is going to be coming out soon with something called Jazz, which is a collaborative application lifecycle management approach. We are seeing more collaboration across different aspects of the whole development-to-deployment environment and we are looking for the tools to do that. Web 2.0 is perhaps stepping up and saying, "We have some tools that can be used in that way." Perhaps, it's not just a matter of dropping a wiki into the process, but something a bit more tailored to an aspect, but somehow availing all the participants of each others' wisdom in the process.
Kobielus: It’s like an open source project. You have a broad range of contributors, but only a handful of committers who can actually commit changes to the underlying code base. So, you might have a wiki that has potentially 3,000 different contributors, but ultimately there might be a moderator or two whose job it is to periodically weed out the nonsense, and crack the wiki whip to make sure that what’s actually been posted reflects the wisdom of the crowd of 3,000 people and not necessarily the vandalism of the few who decide to just disrupt the process.
Garone: And that’s a governance model in itself.
Gardner: Yeah, that’s right. It’s governance, and it relates back to what we’ve discussed in trying to find analogies in geo-politics for technology governance. You want the best of both. You want a federated approach, where they get grassroots input, but you also need command and control. So, it’s Jefferson and it’s Hamilton, right?
Kobielus: It’s Aaron Burr occasionally too. You’re going to follow the pistols.
Gardner: I heard an interesting analogy the other day. We talked about the chicken and the egg, and somebody said, "What about the rooster?"
Alright, let’s move on. Before we leave with Web 2.0, does anyone else have any inputs about the role of Web 2.0? As I said, it’s a very large subject, and then it evolves into Enterprise 2.0 issues, which have lot to do with software as a service and delivery of service. There is the mash-up notion of creating services and then compositing them, even if not with an application purpose or a process, which is letting people change their interfaces and drag and drop things.
We have seen some information from Google Maps this week that have lent more credence to this. I’ll just throw it out to the crowd, any other beauty tips or predictions for the future about where Web 2.0 and SOA come together or not?
Kobielus: Web 2.0 is really HOA, Human Oriented Architecture. It is pretty much giving human beings the tools to share what’s in their minds, to share their creativity with the big wide world. SOA, Service Oriented Architecture, is about sharing and reusing all matter of resources in a standardized way. HOA, the Web 2.0, is the most critical resource, and the most inexhaustible energy supply is human ingenuity and creativity.
Gardner: That’s like Cosmic 2.0. Woah!
Kobielus: Yeah, I have been known to get cosmic. People who have read my blog realize that I am a total space cadet.
Baer: Jim, I'll give you the award this morning for coining the best buzz words, like "Cracking the wiki whip" and "Human Oriented Architecture."
Gardner: Now, any other thoughts before we leave the Web 2.0 subject area?
McKendrick: This may be just a rumor, but I once heard that there was a company, an enterprise with several architectural teams, and these teams actually met face to face once a year to discuss things. That's just a rumor. I am not sure if it’s true.
Gardner: They had to leave their guns and knives at the door.
McKendrick: Exactly. So, Web 2.0 can only help the situation, help break down some of these walls.
On SOA and the Hype Curve ...
Gardner: Okay, let’s move on to our last subject of the day -- we only have a few more minutes -- but it’s the notion of hype. I just noticed, looking around some of the SOA information that was floating around the Web, we seem to be now in the, past-the-peak of the hype curve on SOA and are apparently, from what they say, approaching the "trough of disillusionment."
I took exception with that. I am not sure we’ve even hyped SOA sufficiently and that we are still ramping up on this one. Does anybody else agree with me that SOA is so large, so long-term, and crosses not into just technology but business in organizing behaviors and even redefining the corporation itself? My point is that we are not hyping SOA enough. Anybody agree or disagree?
Biske: I tend to agree with you that the communication isn’t hitting home and it’s not sinking in. I had a blog I know Joe picked up on at one point that talked about companies that are claiming success with SOA. I pointed out that a lot of these companies are the same ones that claim success with virtually every new technology adoption or business adoption, because their culture is well suited to that. There is still a lot of of companies that just don’t know how to do cultural change. It’s not an easy thing to do.
We hyped SOA a lot from the IT perspective, and a lot of the IT managers certainly may be growing tried of hearing about it, but haven't done anything to actually start that process of cultural change. Is it really adopted by the business side and do they understand what it means and how it can impact our business? If they aren't having those communications, we haven’t really changed anything, and that means they’re still open for that message to continue, and to increase.
Gardner: You are saying that managing change well is a core competency, will be an important aspect of any SOA activity, and perhaps SOA adoption could help companies improve the way that they manage change?
Biske: Absolutely. Back when I was working at an enterprise, I had somebody ask me, "How do I build this service so that it meets the enterprise needs?" And I said, "You don’t. You build it to what you know now, and you understand what your processes are going to need to be to change it in the future? Because it is going to change. Think from a change-first perspective, and how you want to manage that process, rather than stick it out there, not want to have it touch it for 10 years, and have it last forever."
Gardner: Well, not to change this subject, but who else agrees with Todd and me?
Garone: You used an expression earlier, "trough of disillusionment." Those words come easily, because they have been used before. That’s because we go through this cycle every time some disruptive technology comes along. The hype gets really high, and the adoption and the use of the technology lags behind, depending on a variety of factors.
I think the SOA hype is pretty high, but I think that it's difficult to sell to decision-makers due to two factors: 1) the degree to which cultural change needs to take place, and 2) as time has progressed through this decade so far we’ve seen greater caution in IT departments because of shrinking budgets. So, the hype is high, but it needs to be sustained longer with messaging that’s going to be more aligned with business goals, rather than technology.
Gardner: We seem to be in a cheap era when it comes to IT, and ironically it’s coming at a time when the Dow is flirting with a record high, even though it has been a bumpy road in the market for the past couple of months. We are still within a Curt Shilling breaking ball of the record, and companies are enjoying record levels of profit, record growth.
Many of them are sitting on record piles of cash. Capital around the world is still at very cheap level, taxes are at a record low in real terms and are dropping in many countries. If there’s any time to invest in IT for the future, this should be it? And yet we’re not seeing it.
Kobielus: Oh, it’s not inconsistent, Dana, with SOA not succeeding. In fact SOA, the model of SOA practically could be: Do more with less.
Gardner: Yeah, but you've got to spend something to allow for your older systems to be freed up and excise the services. That doesn’t come free.
Biske: One thing you have to be cautious with ... Just as we talked about that things change quickly, a number of businesses got burned in the dot-com boom when stock markets were also very high and revenues were increasing. They increased their IT spending, and then the bottom dropped out of it.
Gardner: But, here it’s 2007. It’s been seven years since this crash.
Baer: But, Dana, probably the major reasons -- and the big difference this time -- is that on the IT side there isn't the same sense of urgency. We don't have this Y2K thing staring us at the face, telling us that we must renovate all those legacy systems that are out there -- either renovate or replace. You don’t have the same drama in the headlines all the time. That’s dropped the sense of urgency.
Combine that with the fact that a lot of organizations felt that they got burned the last time they opened up the purse strings.
That’s probably a large part of the reason why you’re seeing much more deliberate spending. To that extent, it can be a positive force in terms of enforcing some discipline. On the other hand, if you want to do SOA right, do you need to invest upfront to do that planning and architecture? I'm not sure that IT organizations have gotten that message.
Gardner: Perhaps there’s more. We keep going back to the crash, but after the crash, we had a series of corporate scandals and meltdowns that really couldn’t be blamed on hyping IT. They had to do a lot more with malfeasance and neglect. We also had a period where we saw new laws and a different compliance atmosphere.
So it could be that companies are being run more by the accountants -- of, for, and by the accountants -- and therefore the vision around IT is not getting through to them, and the purse strings are not opening up. Is that possible?
Koblielus: You’re pretty much on the mark there. I was talking with one CIO about a year or so ago, after about the first year of Sarbanes-Oxley, and she said that the impact of SOX translates to shutting down IT for about 90 days out of the year, just so that they could just account for their tracks over the previous three quarters.
Gardner: Does anyone else concur that the accountants have run amok, and that the IT guys have very good rationales for spending, but they just can’t get the money?
McKendrick: One effect of the whole compliance scenario was that it gave vendors another hype factor. I'm going to try another buzz word. How about Hype-Oriented Architecture? HOA. Using Jim’s HOA for another purpose.
Kobielus: It’s better to have hype-oriented accounting.
McKendrick: Hype-oriented accounting? I think the whole compliance thing gave a boost to the IT industry in the early 2000s. What do we call this decade anyway, the 2000s?
Gardner: The oughts.
McKendrick: It gave the whole industry a boost at a time when things were kind of down with the IT recession. The whole compliance scenario helped business intelligence and the data-environment vendors who directly addressed the flow of financial information.
Gardner: I’d like to conduct an experiment. I think we should take an accountant out to lunch. Anyone who knows an accountant, take them out to lunch and tell them how great IT is and what SOA can do in terms of long-term efficiency and lower total costs. Bring in some of the other mega trends, such as software as a service, virtualization, and data master management. It behooves us all to educate the accounts on why IT is important, because I think they are suffering from a lack of understanding.
Better yet, take a chief financial officer out to lunch and then take the accountants out to lunch. This is the crowd we need to work on. We keep talking about trying to convince the CEO and the CIO, and I think we need to get right down into the bean counters' frontal lobes on SOA.
Biske: Not to move away from the accountants, but one group I hope will keep the hype going is this newly formed SOA Consortium that OMG is sponsoring. It's an advocacy group, not another standards body coming, into the mix. It would be great to start to see a message come from a collection of end-users that are seeing some success with this, rather than being pushed so strongly by the vendor community.
I think it’s a different type of hype. It is one that will be a bit more pragmatic. Hopefully it will continue the pace, and they’ll achieve the goals that they have set out for themselves. I don’t know if they have any accountants in the consortium, but maybe this will help them bring some in.
Gardner: Well, we'll invite them and try to give them a free membership. They should cotton to that, right?
McKendrick: Often, it’s the stuff going on in the consumer space that begins to leach into the enterprise. Any excitement going on in the consumer space, eventually translates into excitement within the walls of the corporation about a certain technology. We saw that with the PCs and we saw that with the Internet. If anything is going on out there in the consumer space right now, it is Web 2.0, going back to the Web 2.0 discussion.
Gardner: Oh, we know how profitable that is.
McKendrick: It's where the excitement is in the corporation that begins to drive the investment. To paraphrase Wall Street's Gordon Gecko, hype is good.
Gardner: Greed was good in the 1980s -- hype is good in "the oughts."
McKendrick: Because it raises that level of excitement, and that’s why you need to get the attention of the bean counters, the CIOs, and the CEOs, most importantly.
Gardner: Well, here’s the message. Take your hype to your accountants and your CFOs and then make them join the SOA Consortium. I am always tempted at the signoff period of our discussion to take a cue from the Car Talk guys and say, "You’ve wasted another completely good hour," but I am not going to do it
Koblielus: And don't drive like my brother
Gardner: And don’t implement your IT like my brother. We have been joined here once again on our SOA Insights Edition by Steve Garone. Thanks, Steve.
Garone: Thank you Dana. It has been a pleasure.
Gardner: Joe McKendrick.
McKendrick: Thanks, Dana. It is good to be here.
Gardner: Jim Kobielus.
Kobielus: Another pleasurable morning.
Gardner: Tony Baer.
Baer: Another hour not wasted.
Gardner: Our guest -- please come back again Todd; we enjoyed having you -- Todd Biske.
Biske: Thanks, this is a lot of fun. I hope to be back.
Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions. You have been listening to Volume 16 of BriefingsDirect, SOA Insights Edition. Thanks, and come back again next time.
Listen to the podcast here. Produced as a courtesy of Interarbor Solutions: analysis, consulting and rich new-media content production. If any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact Interarbor Solutions at 603-528-2435.
Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 16. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.
Showing posts with label ESB. Show all posts
Showing posts with label ESB. Show all posts
Thursday, June 28, 2007
Thursday, June 14, 2007
Transcript of BriefingsDirect Podcast on Open Source Web Services Stacks and WSO2's Latest ESB
Edited transcript of BriefingsDirect[TM/SM] podcast with Dana Gardner, recorded June 5, 2007.
Listen to the podcast here. Sponsor: WSO2.
Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to a sponsored BriefingsDirect podcast. Today, a discussion about an energized entrant into the open-source Web services stack and Services Oriented Architecture (SOA) infrastructure field.
We’ll be talking to WSO2. They’ve been putting together a talented team with backing from Intel Capital to create a robust, lightweight and purely services- and standards-based stack and infrastructure offerings.
With us today to discuss their approach and philosophy to open-source and Web services support -- as well as a new product from WSO2 in the enterprise service bus (ESB) market -- is Paul Fremantle, vice president of technology at WSO2. Welcome to the show, Paul.
Paul Fremantle: Hi, Dana, nice to meet you.
Gardner: Glad you could be with us. Also joining us, a senior analyst from ZapThink, Ron Schmelzer. Welcome to the show, Ron.
Ron Schmelzer: Thank you for having me, Dana.
Gardner: Ron, you cover the field of SOA very closely. You’ve seen how both the commercial and open-source approaches have been churning over the past months and years. I wonder if we could just start the discussion with a level-set about open source and SOA.
I’ve been impressed with the fact that SOA is creating early-on an environment, in which open-source products are, in a sense, defining feature sets and approaches. In the past, we saw commercial products establish niches and define infrastructure areas that then became areas that open-source products might pursue.
Do you agree with that? Do you think that there is something new and different going on with open source and SOA?
Schmelzer: Well, there’s certainly a role for commercial software vendors, which are obviously having a huge impact on the space. It’s very hard to ignore what IBM, BEA, Microsoft, Oracle, Sun, SAP, and all those guys are doing in the space, as well as legions of smaller vendors and niche-focused vendors who are commercial.
One of the things that makes SOA different from CRM, ERP, or even traditional enterprise-application integration is that SOA is architecture. It’s a style, an approach, or a methodology for building loosely coupled, composable services that meet the needs of the businesses. So it doesn’t really demand a particular technology stack.
As a matter of fact, people can implement SOA using a very wide variety of technologies, which they probably already own. There are a lot of case studies on SOA for legacy and mainframe implementations.
So there is a significant role for open source to play in this market, given that one of the major roles that open source plays in general in IT is as an equalizing or commoditizing force for various technologies that have already made their way, and where people already understand the technology's capabilities or requirements. Open source has, to a certain extent, made that technology a lot more accessible.
Of course, the other part of open source is that it has rapidly accelerated the pace of software development through much more iterative, short-development cycles, [and] some large vendors simply can't keep up with that pace. So there is a certain role for that.
Gardner: SOA, by definition, is inclusive and supports heterogeneity, and those also are foundational notions for open source.
Let’s go to Paul Fremantle. First, give us a little bit of background for those listeners who aren't familiar with WSO2. Give us a quick rundown on the company. You’ve come from a background of standards development and a long heritage at IBM Research and product support. Tell us the story of WSO2.
Fremantle: Certainly. WSO2 was founded in August 2005. The three founders were myself, Sanjiva Weerawarana, and Davanum Srinivas. We’d all worked very much on the Web services stack.
Sanjiva was one of the leads on all the standards on Web services at IBM, and his name is on many of the documents.
I was one of the product development leads at IBM where I integrated the first SOAP support into the WebSphere platform. I built a key component of some of the WebSphere features known as the Web Services Invocation Framework, which was used heavily in the BPEL orchestrator and other parts of the stack, and which had a lot of influence on the SCA and JBI specifications. Also, I led the team that built IBM’s Web Services Gateway, and was one of the key members of the ESB development team there. So we had a very strong background.
The third partner, Davanum Srinivas, was in the CIO's office at Computer Associates and was very involved in Computer Associates' Web services stack. The other thing that tied us all together was that we all had a strong involvement at Apache Foundation.
Gardner: You’ve developed a philosophy of approaching this from a "pure" perspective. That’s to say, you don’t have a legacy to support or preserve. You’ve looked for a clean, simple, lightweight, REST-full approach, supporting AJAX-based Web applications. How did you switch from a commercial and proprietary mentality? And what drove you to this current philosophy that you’re supporting?
Fremantle: One of the things you see again and again in the computer industry is that people get to a point where they layer technologies on top of each other, and then it just gets too heavyweight. The benefits of reusing that old stuff are outweighed by the disadvantages. And the point at which that happens depends on the technology.
We were very involved in open standards and in writing and implementing the specifications, but many of those implementations were layered on top of the Java EE enterprise runtime. We found that there was a whole new middleware based on XML and self-describing messages based on simple HTTP communications that didn’t need the existing EJB/Servlet runtime -- that didn’t need to have all those existing layers.
So our philosophy when founding the company was to look at stuff afresh, and to build things with the simplest, most-lightweight combination possible. We tried to target users' requirements, rather than target an existing code base and legacy solution than we might have if we were working for a large company.
Our motivation was to do exactly what’s needed. There is a little synergy there with most open-source projects. Open-source projects tend to be small, componentized, and to try and solve specific needs. They work best when there is that lightweight aspect to them.
Gardner: Yet, at the same time, you’re being ambitious. You’re integrating widely with your stack, integrating to Microsoft .NET and the Windows Communications Foundation, formerly Indigo, with also full connectivity to the Java EE environment, even back to CICS, SAP, other Web services standards, and IBM WebSphere. It seems like you want to be neutral as well.
Fremantle: Certainly. This comes back to what Ron was just saying, which is that SOA is about working with everyone equally. It’s not about having a proprietary stack. As we talk about an ESB approach, you will see that one of our key tenets is that we’re not layering interoperability at the edges as adapters onto our stack, which is what you see a lot of people doing. We’re building interoperability into the heart of all our code. So naturally we want to have as wide an interoperability as possible.
We also think there is a critical mass here -- that we need to be ambitious. We need to cover not just the Java platform but also the C, Perl, and PHP -- the full gamut of platforms. SOA is not just a Java story. It’s really a cross-platform, cross-technology standard.
Gardner: Many of us are familiar with blogging and we know what can happen in the comments fields when we post things. I want to get this upfront right away. Many times when I blog around open source and SOA and how they relate to one another, there’s inevitably the comment about, "Well, how do you make a living at this? There are an awful lot of resources being devoted to something that is not your intellectual property."
Let’s go right to that and address your business model, and perhaps the role that systems integrators and support will play in how this is driven successfully into the market.
Fremantle: Absolutely. First, we’re a completely open-source company. We do everything under the Apache license. We don’t have any kind of "gotchas," different versions, relicensing and so forth. Our revenue stream is made out of our support to customers, selling support contracts, and providing a highly professional, enterprise-class support for both the Apache open source [Synapse ESB, for example] offerings and our own products.
Secondly, it’s made out of services and training, consultancy training, and custom development.
Finally, we also have partnerships, mostly with other technology companies who embed our technology and also with system integrators and ISVs who then use our technology to build solutions for their customers.
Having worked in a highly commercial proprietary software development shop, we know that support, services, and getting code that works is actually what really counts in the software industry.
Gardner: That’s the long-term play. You look to lose some revenues upfront on licensing, but [rely instead] on what’s going to sustain the company over time. It's that long tail, if you will, of support and maintenance.
Fremantle: Absolutely, and I see the software industry moving in this direction. What you used to see was that companies would put together a kind of magic package, which was intellectual property, plus support, plus training, plus everything. And somehow they’d value all of this at some astronomical figure.
You’d see middleware sales of multimillion dollars. What we’re saying is that the software industry can’t maintain those levels of cost. Better value, open-source software is the way to go. Obviously, open-source companies have to make money, both for our own livelihoods and also because the users of open source need that commercial infrastructure there to make sure this works for them in the long term.
Gardner: Another thing that you are taking advantage of is globalization. You have a distributed company. You’re taking advantage of development resources where they are, rather than where you’d like them to be, and you’re using Apache and open source as the governance over this development process. Tell us quickly a little bit about what that means in terms of efficiency and depth.
Fremantle: Well this is a very interesting story because we're a company that has offices in the U.S., here in Europe where I'm located, and also in Sri Lanka. These locations all actually came out of a growth of open-source developers in Sri Lanka. So in many ways I feel like I’m the outsourced guy because I’m the European offshoot for a bunch of smart developers based in Sri Lanka who are really driving the direction and the quality of this product. It’s not your traditional outsourcing operation at all, it’s very much globalization.
We found that the open-source model that Apache pioneered with open mailing lists, open-source code repositories, and free and open exchange of ideas on the mailing list, have shown us a way of operating a loosely coupled and distributed development team that actually works in practice. That means that I can participate in projects with people based in the U.S. and in Sri Lanka through that structure and process. That works just as effectively as when I used to work with my development team all located in the same office.
Gardner: We’ve mentioned how you are very ambitious in your scope. You’re looking for a full Web services stack. You’re producing an application server. You’re going to be introducing a mashup server. But today we’re going to focus on the ESB product that you’re going to be demonstrating and supporting for real in June.
Let’s go to Ron at ZapThink. Ron, the role and definition of ESB have been points of contention, and yet most folks that are pursuing the support of an SOA activities infrastructure market have some sort of an ESB approach. Why don’t you give us a level-set, if you could, on the state of the ESB market, why it’s essential for SOA development and maturity, and what you think is the proper functionality -- or perhaps your philosophy around ESBs?
Schmelzer: The place to start is that an ESB is actually not specifically necessary for an SOA. However, there are a lot of things that people require of their SOA infrastructure that a lot of vendors, who are pushing ESB products, are selling. The challenge of the market is that you can't really take any two ESB products, as you did J2EE application servers, and compare them to each other and see a very large overlap of functionality.
What you will find is that a lot of the ESB vendors are basically taking the infrastructure technology they had prior to the SOA wave and have applied Web-services technology or perhaps business process composition on top of that to run services, which is what people are looking for.
If I have a service, I need to be able to execute it reliably. I need to be able to secure it, manage it, govern it, and deal with the metadata. That’s what people really need from an SOA infrastructure -- all that capability. How do I reliably run, secure, and manage those services so that the loose coupling that I am looking for actually can exist?
To that extent, the ESB is really a catchphrase or a catchall for a wide variety of SOA infrastructures. If we look at the capabilities of the WSO2 ESB, it’s providing a lot of that SOA infrastructure capability. I don’t know if we’re ever going to get to a point in this industry where there will be a standardization of the ESB term. There are just too many forces in the industry that would basically try to own that term and not really make that happen.
Gardner: Let’s switch over to Paul again. You have described your offerings as middleware for Web services. In a sense, you’re starting from the perspective of this not being in a distributed-object environment, but more in an XML and semantic environment. Tell us what your requirements were as you started approaching this ESB project?
Fremantle: Actually it’s interesting listening to Ron, because what we were aiming to do was exactly what Ron says, which is not focus on what various players call their ESB technology, but instead on the requirements that someone needs for their SOA. Those are exactly the things that Ron talked about: managing your interactions, being able to turn on and off security and reliable messaging, being able to manage the quality of service that the message has as it flows across the network, being able to bridge between some mismatches, and managing connectivity.
For example, maybe I have a lightweight AJAX interface, but I already have a SOAP backend. How can I switch between that REST-like XML or HTTP interface and the SOAP interface? How can I switch between an existing JMS network and a .NET Windows Communication Foundation, SOAP reliable messaging, secure endpoint?
Then, finally, there's some level of transformation that often needs to go on the network, and that’s typically what we would call low-level transformation -- things like version management, switching namespaces on XML messages, or switching some XML formats.
Those are the kind of things that we saw a real need for. We took a kind of a different vision of what an ESB was from many of the vendors. A lot of the other vendors in the marketplace had some existing technology. They either had a JMS engine, and they said, "Okay, we’re going to rebrand our JMS engine as an ESB." They had a traditional message-oriented middleware product. Or in the case of JBI, they say well, "We’ve got a JVM. So, what’s the bus? It’s a JVM."
We took a much broader view to say that the bus is really all of your XML, HTTP, and JMS -- all of your communications -- and it encompasses a variety of clients and servers and different endpoints. So what do you need in that space? You need a very smart and simple mediator that can fit in, without disturbing those existing systems, and add those levels of management, connectivity, and virtualization that I was just talking about. That was really our plan and our approach to this space.
Gardner: What would the message be to developers? You’ve created a developer portal associated with your website for your company. As developers are scratching their heads and trying to determine what they want to do with SOA and how they want to produce services, what is it about your ESB that might be of interest to developers vis-Ã -vis some of the alternatives?
Fremantle: The first thing that’s of interest about our ESB to developers is that it’s very, very quick to get going. It’s the sort of thing that I think developers like. There is a 30MB download. You download it, you unzip it onto your hard drive, and you switch into the bin directory and start it up. You point your Web browser at it and you can start configuring and managing it straightaway.
The second thing is that it can add some instant value, even in a very simple scenario. Some things you can do very quickly. For example, you can interpose it as an HTTP proxy, so you don’t even have to recode any of your clients to start using it.
You can turn tracing on and off selectively. For example, perhaps you have a production environment and 99 percent of the time everything is working fine. But every once in a while you get an error and you need to help figure out what that problem is. You can have the system running, switch on trace, capture traces of the failure case, and then switch it off without having to bring anything down or redirect any messages, and so forth. You can instantly get some monitoring and management capabilities, without having to do much coding.
Finally, you can start to use it to do some of the things that are quite tricky. For example, one of the common cases that customers ask us for comes when they have an old Axis 1.x runtime, or a .NET 2.0 runtime. This runtime doesn’t support the latest WS-ReliableMessaging or WS-Security standards, and they need to enable that to talk to a partner. One of the things you can do very simply with the ESB is switch on those capabilities. So some of those capabilities that have a reputation for being complex are now just checkbox items with the ESB. Those are some things that I think would appeal to developers about this product.
Gardner: Do you expect that the arrival of this code under the Apache license, you’re calling it ESB 1.0, is going to be used by the developers primarily as a test-and-design environment, a learning experience that will then lead to operational use, or do you see this as an operational alternative as well, right from the get-go?
Fremantle: We really see this as an operational environment. Although this is a 1.0 product for us, the core runtime of this has been in development in Apache for about 18 months. We’ve done extensive performance tests on this engine. We're really, really pleased with the performance results.
For example, one of the things we’ve done is load it up with thousands of concurrent connections to simulate the scenario where you have a sudden spike and load that your backend can’t take care of. It doesn’t drop connections, even when you load it with thousands of concurrent TCP connections.
Similarly, we’ve done performance tests of how much overhead this adds to the path. For a standard 1K in, 1K out request-response message, you can add the ESB into that with an extra network hop now, and we add less than a third of a millisecond overhead.
We’ve done tests against one of the market-leader ESB products out there, and we’re twice as fast at doing XSLT processing. So we’ve really done a lot of heavy-duty testing on this. We think it’s up and ready for production use, despite the fact it’s just a 1.0 release.
Gardner: Ron, I suppose these days we’re seeing a lot more multiple ESBs in enterprise and hosting environments. Do you think we’re getting overcrowded now that we have another ESB? There are many other open-source ESBs: IONA/LogicBlaze CXF, MuleSource, and also Apache ServiceMix, and Apache ActiveMQ. For folks out there who are in this operational production environment, how do they start making sense of this?
Schmelzer: Well, I would say "vive la difference." It’s completely unreasonable to expect that an enterprise is ever going to be able to standardize on one technology stack for anything. We wouldn’t need SOA at all, if companies were truly homogenous. The reason why SOA has such appeal is because there’s this continued heterogeneity. Look at all the legacy mainframe technologies that exist. Part of the reason they exist is because they continue to provide value.
The fact that there are so many new technologies in the market, open source and commercial, providing value for runtime for SOA, goes to show that companies are still looking for best of breed. No two companies really have a similar environment, either a runtime execution environment or a distributed environment. Some companies are highly centralized and some companies have divisions distributed all over the world, and in parts of the world where bandwidth and processing power are still factors and budget is a factor.
In those environments we’re going to continue to see heterogeneity. A central organization might be able to invest in one kind of SOA infrastructure technology, but their branches, divisions, and departments may invest in something else. It's the power of SOA to abstract those differences so that they’re not so visible.
If there’s one thing that we can hope for from SOA it's that it really and truly enables that loose coupling, because if we’re going to continuously try to fight this battle of heterogeneity being a problem for IT, I don’t think we’ve really gotten anywhere with SOA.
Gardner: What now of loosely coupling, but across multiple ESBs? Is that going to require some way of federating among those ESBs or would it be an uber-ESB on top of them that you will use? What sort of scenarios do you expect?
Schmelzer: That’s a touchy subject. I believe the middleware-for-middleware approach is fundamentally the wrong approach. We’re seeing some companies saying, "Hey, put our ESB on top of your ESB," or "Let’s get some sort of magic integration middleware that basically integrates ESBs." That’s the old school, tightly coupled approach of managing heterogeneity.
I thought that the promise of Web services and SOA was that we could expose loosely coupled service interfaces, so that the infrastructure that runs those services doesn’t matter. The idea that you would need proprietary integration middleware to integrate other integration middleware is, in an SOA concept, a ludicrous thought. We should be able to architect our services so that the infrastructure matters less than it used to.
That being said, we do need infrastructure to run those services. Everything that WSO2 is doing is facilitating the running, execution, and, of course, management of intra-service communication, where you’re trying to manage some of that heterogeneity. A lot of stuff they were talking about in mediating protocols, and all that, is specifically to isolate services from having to worry about the runtime environment. Trying to overlay a heavy proprietary integration middleware stack on top of what is primarily another integration middleware stack is fueling the problem more than providing a solution.
Fremantle: Can I add something to that?
Gardner: Certainly.
Fremantle: I have to agree with Ron. I don’t think that the answer here is to have multiple proprietary ESBs and then some kind of uber-ESB between them. One of the things we tried to address, both in the Apache open source [Synapse] and in our own product, was making this product something that was really invisible to the rest of the world. You can almost think of our ESB as being a smart network router. You can have multiple versions of these around the network.
One thing we’ve done is to allow the ESB to run off of a set of metadata and configurations that’s remotely managed. It could be in a registry, it could be in an SVN repository, or it could be on a Website or a file system. Multiple brokers can fit in the network and communicate with each other, but they could also communicate with completely different systems.
This comes back to what I was saying earlier. To us, your ESB is the totality of all your different networking and service-oriented systems, whether they’re .NET, Axis 2, WSO2 application servers, or ESB nodes. It’s really about using open standards and open metadata -- things like WSDLs, XML schemas, URLs -- as your foundation of integration, which means that you don’t really end up with this problem of multiple ESBs that don’t communicate. You end up with a single fabric that’s completely based on standards, and you happen to have some useful management endpoints within that fabric.
Gardner: Both you and Ron have mentioned that word "management," and we discussed earlier how you have a lot of ambition in terms of the scope of your development activities. Yet you’re also very interested in partnering, as I understand it, and that would include areas for management, and registry/repository. Can you give us a little bit of your philosophy about how this fabric would work, using both your approach as a fairly robust and complete stack, and also partnering with other componentry?
Fremantle: Absolutely. First, we have built internal registry and repository into the ESB, but it’s our first step in this and what we’ve built in is a pluggable interface that allows us to talk to other registries and repositories out in the network. Because we work off a lot of those standard metadata types, such as Web service policy documents, Web service description language documents, HTTPs, URLs and so forth, we can really work in a very open manner.
At the moment, the kind of interface we use to talk to our remote registry is just an HTTP interface, but there is no reason why, if we get the demand, we wouldn’t write to an UDDI interface. It's just that none of our customers have asked us for that today.
We also see the Web service management and governance space as becoming very important here. At the moment, in the Web service management space there's a bit of a problem, which is that there are two competing standards. There's been some work to merge them, but that hasn’t been completed yet.
So, what we offer in our ESB is some simple, so-called REST-based interfaces to get at management information that customers can utilize in the same SOA manner that they utilized in the other services to help manage and monitor their service interactions.
As the Web services management standards start to tighten up a bit, we certainly expect to partner with other companies who provide WS-Management consoles to allow people to manage their network through our interfaces.
We also offer a very lightweight AJAX-based GUI that comes with the product, and which allows you to monitor, manage, and control your service interactions across the network.
Because all of our code is built on these open standards and open interfaces, once again this a heterogeneous story. This is the beauty of open sources. Although as a company, WSO2 is trying to provide to our customers the most useful components that we see, those components naturally and inherently interoperate with other vendors' software, other open-source projects, and other components.
Gardner: Given this flexible use-it-in-many-ways and enter-the-market-in-many-ways approach, I wonder if we could look a little higher up from a business abstraction point of view. What will systems integrators look to as they pick best of breed, and as they pick a stack, and as they factor how to manage what’s on-site in the organizations they’re working with?
I suspect that you want to be a very good partner to these integrators, as they inject SOA activities into the way that they produce code, services, and applications -- and then also take that into the enterprises that they’re working with.
How do you see this whole systems integrator movement toward SOA shaking out, and how do you make yourselves appealing to them?
Schmelzer: SOA offers an interesting opportunity for systems integrators. They formed a large part of their business, at least in the late 1990s and early part of this decade, doing a lot of the heavy lifting of integration, actually making systems work together, facilitating the systems, implementing enterprise applications, and things like that. SOA gives these folks more of an opportunity to focus on the business than they had before and provide a higher margin of services around business process.
[SOA] allows these system integrators to focus on things like building shared services and business services that reflect the business needs, and focus on governance, policy, and enterprise architecture, which is a missing skill set for most enterprises.
Actually this gives systems integrators a good opportunity to let the opportunity of focusing on the business exceed the opportunity of focusing just on implementation and infrastructure, which is migrating overseas anyway. So there are some unique opportunities here for systems integrators with regard to SOA.
Gardner: How about that, Paul? Throwing more warm bodies at the problem probably wasn’t a good idea to begin with. Now you can’t even get the warm bodies in many cases. The goal should be to work smart not hard, I suppose. How do you take that message to the integrators?
Fremantle: We’ve had a lot of interest from system integrators. We formed some partnerships with some of them, and we’re ongoing with that process. What we found attractive to system integrators is that they now are looking much more for simple, lightweight components that work straight out of the box -- rather than large complex solutions.
Part of that is exactly what Ron’s talking about. These guys haven’t got huge amounts of time, so they need something that they can get on with and be productive with instantly. That’s the first thing.
The second thing that system integrators look for is extensibility and flexibility. One of the things system integrators want to do is to add value over the core products or components that they find. We’ve been very careful with the ESB and also in the Apache projects that we work on to create the right plug points.
It’s very simple to extend our ESB just using simple scripting language. For example, you can use JavaScript, Groovy, and Ruby -- those sorts of languages. If you use Ruby or JavaScript, there are native XML language constructs that are called REXML and E4X that you can use inside your code to do really simple, high-quality XML transformations or manipulations. That’s the first level of integration.
The second level is to jump into Java and actually write Java classes. That can be very productive and a way that you can extend the ESB with custom functions.
Then there's actually a third level of that. You can write your own plug-in to our XML configuration language. So you can effectively take your component and raise it up to be a first-class part of the ESB and its configuration model. That means now there can be a third-party set of add-ons to the ESB that start to add value.
We see those two things as being very attractive to the system integrators. First, ease of use -- get it started quickly -- and second gain the ability to extend it, to add extra value, and to build up a catalog of reusable components that makes their jobs easier.
Gardner: I would think that those same attributes would be of interest to companies that want to position themselves within an ecology or some sort of a supply chain, where they’re creating services that will be consumed among partners. Therefore, those same attributes that would be of interest to a systems integrator would be appealing to those enterprises that are seeking a role other than just creating their own applications and services, but rather to become a center of gravity for a larger business process or ecology.
Fremantle: Absolutely.
Gardner: We’re about out of time. This has been a very interesting discussion. We’ve been talking about the advent of new open-source products and code being orchestrated by WSO2. We’ve been talking with Paul Fremantle, the vice president of technology at WSO2. Thank you for your time, Paul. It was very engaging.
Fremantle: Thank you, Dana. It has been a great conversation and it has been a pleasure talking to you.
Gardner: We’ve also been joined by Ron Schmelzer, a senior analyst at ZapThink. We appreciate your insights, Ron.
Schmelzer: Glad to be here. Thank you for having me.
Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions. You’ve been listening to a sponsored BriefingsDirect podcast on WSO2, open source, SOA, and the arrival of the WSO2 ESB 1.0 product in June 2007. Thanks for joining us.
Listen to the podcast here. Sponsor: WSO2.
Transcript of Dana Gardner’s BriefingsDirect podcast on open source Web services stacks and WSO2's latest ESB. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.
Listen to the podcast here. Sponsor: WSO2.
Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to a sponsored BriefingsDirect podcast. Today, a discussion about an energized entrant into the open-source Web services stack and Services Oriented Architecture (SOA) infrastructure field.
We’ll be talking to WSO2. They’ve been putting together a talented team with backing from Intel Capital to create a robust, lightweight and purely services- and standards-based stack and infrastructure offerings.
With us today to discuss their approach and philosophy to open-source and Web services support -- as well as a new product from WSO2 in the enterprise service bus (ESB) market -- is Paul Fremantle, vice president of technology at WSO2. Welcome to the show, Paul.
Paul Fremantle: Hi, Dana, nice to meet you.
Gardner: Glad you could be with us. Also joining us, a senior analyst from ZapThink, Ron Schmelzer. Welcome to the show, Ron.
Ron Schmelzer: Thank you for having me, Dana.
Gardner: Ron, you cover the field of SOA very closely. You’ve seen how both the commercial and open-source approaches have been churning over the past months and years. I wonder if we could just start the discussion with a level-set about open source and SOA.
I’ve been impressed with the fact that SOA is creating early-on an environment, in which open-source products are, in a sense, defining feature sets and approaches. In the past, we saw commercial products establish niches and define infrastructure areas that then became areas that open-source products might pursue.
Do you agree with that? Do you think that there is something new and different going on with open source and SOA?
Schmelzer: Well, there’s certainly a role for commercial software vendors, which are obviously having a huge impact on the space. It’s very hard to ignore what IBM, BEA, Microsoft, Oracle, Sun, SAP, and all those guys are doing in the space, as well as legions of smaller vendors and niche-focused vendors who are commercial.
One of the things that makes SOA different from CRM, ERP, or even traditional enterprise-application integration is that SOA is architecture. It’s a style, an approach, or a methodology for building loosely coupled, composable services that meet the needs of the businesses. So it doesn’t really demand a particular technology stack.
As a matter of fact, people can implement SOA using a very wide variety of technologies, which they probably already own. There are a lot of case studies on SOA for legacy and mainframe implementations.
So there is a significant role for open source to play in this market, given that one of the major roles that open source plays in general in IT is as an equalizing or commoditizing force for various technologies that have already made their way, and where people already understand the technology's capabilities or requirements. Open source has, to a certain extent, made that technology a lot more accessible.
Of course, the other part of open source is that it has rapidly accelerated the pace of software development through much more iterative, short-development cycles, [and] some large vendors simply can't keep up with that pace. So there is a certain role for that.
Gardner: SOA, by definition, is inclusive and supports heterogeneity, and those also are foundational notions for open source.
Let’s go to Paul Fremantle. First, give us a little bit of background for those listeners who aren't familiar with WSO2. Give us a quick rundown on the company. You’ve come from a background of standards development and a long heritage at IBM Research and product support. Tell us the story of WSO2.
Fremantle: Certainly. WSO2 was founded in August 2005. The three founders were myself, Sanjiva Weerawarana, and Davanum Srinivas. We’d all worked very much on the Web services stack.
Sanjiva was one of the leads on all the standards on Web services at IBM, and his name is on many of the documents.
I was one of the product development leads at IBM where I integrated the first SOAP support into the WebSphere platform. I built a key component of some of the WebSphere features known as the Web Services Invocation Framework, which was used heavily in the BPEL orchestrator and other parts of the stack, and which had a lot of influence on the SCA and JBI specifications. Also, I led the team that built IBM’s Web Services Gateway, and was one of the key members of the ESB development team there. So we had a very strong background.
The third partner, Davanum Srinivas, was in the CIO's office at Computer Associates and was very involved in Computer Associates' Web services stack. The other thing that tied us all together was that we all had a strong involvement at Apache Foundation.
Gardner: You’ve developed a philosophy of approaching this from a "pure" perspective. That’s to say, you don’t have a legacy to support or preserve. You’ve looked for a clean, simple, lightweight, REST-full approach, supporting AJAX-based Web applications. How did you switch from a commercial and proprietary mentality? And what drove you to this current philosophy that you’re supporting?
Fremantle: One of the things you see again and again in the computer industry is that people get to a point where they layer technologies on top of each other, and then it just gets too heavyweight. The benefits of reusing that old stuff are outweighed by the disadvantages. And the point at which that happens depends on the technology.
We were very involved in open standards and in writing and implementing the specifications, but many of those implementations were layered on top of the Java EE enterprise runtime. We found that there was a whole new middleware based on XML and self-describing messages based on simple HTTP communications that didn’t need the existing EJB/Servlet runtime -- that didn’t need to have all those existing layers.
So our philosophy when founding the company was to look at stuff afresh, and to build things with the simplest, most-lightweight combination possible. We tried to target users' requirements, rather than target an existing code base and legacy solution than we might have if we were working for a large company.
Our motivation was to do exactly what’s needed. There is a little synergy there with most open-source projects. Open-source projects tend to be small, componentized, and to try and solve specific needs. They work best when there is that lightweight aspect to them.
Gardner: Yet, at the same time, you’re being ambitious. You’re integrating widely with your stack, integrating to Microsoft .NET and the Windows Communications Foundation, formerly Indigo, with also full connectivity to the Java EE environment, even back to CICS, SAP, other Web services standards, and IBM WebSphere. It seems like you want to be neutral as well.
Fremantle: Certainly. This comes back to what Ron was just saying, which is that SOA is about working with everyone equally. It’s not about having a proprietary stack. As we talk about an ESB approach, you will see that one of our key tenets is that we’re not layering interoperability at the edges as adapters onto our stack, which is what you see a lot of people doing. We’re building interoperability into the heart of all our code. So naturally we want to have as wide an interoperability as possible.
We also think there is a critical mass here -- that we need to be ambitious. We need to cover not just the Java platform but also the C, Perl, and PHP -- the full gamut of platforms. SOA is not just a Java story. It’s really a cross-platform, cross-technology standard.
Gardner: Many of us are familiar with blogging and we know what can happen in the comments fields when we post things. I want to get this upfront right away. Many times when I blog around open source and SOA and how they relate to one another, there’s inevitably the comment about, "Well, how do you make a living at this? There are an awful lot of resources being devoted to something that is not your intellectual property."
Let’s go right to that and address your business model, and perhaps the role that systems integrators and support will play in how this is driven successfully into the market.
Fremantle: Absolutely. First, we’re a completely open-source company. We do everything under the Apache license. We don’t have any kind of "gotchas," different versions, relicensing and so forth. Our revenue stream is made out of our support to customers, selling support contracts, and providing a highly professional, enterprise-class support for both the Apache open source [Synapse ESB, for example] offerings and our own products.
Secondly, it’s made out of services and training, consultancy training, and custom development.
Finally, we also have partnerships, mostly with other technology companies who embed our technology and also with system integrators and ISVs who then use our technology to build solutions for their customers.
Having worked in a highly commercial proprietary software development shop, we know that support, services, and getting code that works is actually what really counts in the software industry.
Gardner: That’s the long-term play. You look to lose some revenues upfront on licensing, but [rely instead] on what’s going to sustain the company over time. It's that long tail, if you will, of support and maintenance.
Fremantle: Absolutely, and I see the software industry moving in this direction. What you used to see was that companies would put together a kind of magic package, which was intellectual property, plus support, plus training, plus everything. And somehow they’d value all of this at some astronomical figure.
You’d see middleware sales of multimillion dollars. What we’re saying is that the software industry can’t maintain those levels of cost. Better value, open-source software is the way to go. Obviously, open-source companies have to make money, both for our own livelihoods and also because the users of open source need that commercial infrastructure there to make sure this works for them in the long term.
Gardner: Another thing that you are taking advantage of is globalization. You have a distributed company. You’re taking advantage of development resources where they are, rather than where you’d like them to be, and you’re using Apache and open source as the governance over this development process. Tell us quickly a little bit about what that means in terms of efficiency and depth.
Fremantle: Well this is a very interesting story because we're a company that has offices in the U.S., here in Europe where I'm located, and also in Sri Lanka. These locations all actually came out of a growth of open-source developers in Sri Lanka. So in many ways I feel like I’m the outsourced guy because I’m the European offshoot for a bunch of smart developers based in Sri Lanka who are really driving the direction and the quality of this product. It’s not your traditional outsourcing operation at all, it’s very much globalization.
We found that the open-source model that Apache pioneered with open mailing lists, open-source code repositories, and free and open exchange of ideas on the mailing list, have shown us a way of operating a loosely coupled and distributed development team that actually works in practice. That means that I can participate in projects with people based in the U.S. and in Sri Lanka through that structure and process. That works just as effectively as when I used to work with my development team all located in the same office.
Gardner: We’ve mentioned how you are very ambitious in your scope. You’re looking for a full Web services stack. You’re producing an application server. You’re going to be introducing a mashup server. But today we’re going to focus on the ESB product that you’re going to be demonstrating and supporting for real in June.
Let’s go to Ron at ZapThink. Ron, the role and definition of ESB have been points of contention, and yet most folks that are pursuing the support of an SOA activities infrastructure market have some sort of an ESB approach. Why don’t you give us a level-set, if you could, on the state of the ESB market, why it’s essential for SOA development and maturity, and what you think is the proper functionality -- or perhaps your philosophy around ESBs?
Schmelzer: The place to start is that an ESB is actually not specifically necessary for an SOA. However, there are a lot of things that people require of their SOA infrastructure that a lot of vendors, who are pushing ESB products, are selling. The challenge of the market is that you can't really take any two ESB products, as you did J2EE application servers, and compare them to each other and see a very large overlap of functionality.
What you will find is that a lot of the ESB vendors are basically taking the infrastructure technology they had prior to the SOA wave and have applied Web-services technology or perhaps business process composition on top of that to run services, which is what people are looking for.
If I have a service, I need to be able to execute it reliably. I need to be able to secure it, manage it, govern it, and deal with the metadata. That’s what people really need from an SOA infrastructure -- all that capability. How do I reliably run, secure, and manage those services so that the loose coupling that I am looking for actually can exist?
To that extent, the ESB is really a catchphrase or a catchall for a wide variety of SOA infrastructures. If we look at the capabilities of the WSO2 ESB, it’s providing a lot of that SOA infrastructure capability. I don’t know if we’re ever going to get to a point in this industry where there will be a standardization of the ESB term. There are just too many forces in the industry that would basically try to own that term and not really make that happen.
Gardner: Let’s switch over to Paul again. You have described your offerings as middleware for Web services. In a sense, you’re starting from the perspective of this not being in a distributed-object environment, but more in an XML and semantic environment. Tell us what your requirements were as you started approaching this ESB project?
Fremantle: Actually it’s interesting listening to Ron, because what we were aiming to do was exactly what Ron says, which is not focus on what various players call their ESB technology, but instead on the requirements that someone needs for their SOA. Those are exactly the things that Ron talked about: managing your interactions, being able to turn on and off security and reliable messaging, being able to manage the quality of service that the message has as it flows across the network, being able to bridge between some mismatches, and managing connectivity.
For example, maybe I have a lightweight AJAX interface, but I already have a SOAP backend. How can I switch between that REST-like XML or HTTP interface and the SOAP interface? How can I switch between an existing JMS network and a .NET Windows Communication Foundation, SOAP reliable messaging, secure endpoint?
Then, finally, there's some level of transformation that often needs to go on the network, and that’s typically what we would call low-level transformation -- things like version management, switching namespaces on XML messages, or switching some XML formats.
Those are the kind of things that we saw a real need for. We took a kind of a different vision of what an ESB was from many of the vendors. A lot of the other vendors in the marketplace had some existing technology. They either had a JMS engine, and they said, "Okay, we’re going to rebrand our JMS engine as an ESB." They had a traditional message-oriented middleware product. Or in the case of JBI, they say well, "We’ve got a JVM. So, what’s the bus? It’s a JVM."
We took a much broader view to say that the bus is really all of your XML, HTTP, and JMS -- all of your communications -- and it encompasses a variety of clients and servers and different endpoints. So what do you need in that space? You need a very smart and simple mediator that can fit in, without disturbing those existing systems, and add those levels of management, connectivity, and virtualization that I was just talking about. That was really our plan and our approach to this space.
Gardner: What would the message be to developers? You’ve created a developer portal associated with your website for your company. As developers are scratching their heads and trying to determine what they want to do with SOA and how they want to produce services, what is it about your ESB that might be of interest to developers vis-Ã -vis some of the alternatives?
Fremantle: The first thing that’s of interest about our ESB to developers is that it’s very, very quick to get going. It’s the sort of thing that I think developers like. There is a 30MB download. You download it, you unzip it onto your hard drive, and you switch into the bin directory and start it up. You point your Web browser at it and you can start configuring and managing it straightaway.
The second thing is that it can add some instant value, even in a very simple scenario. Some things you can do very quickly. For example, you can interpose it as an HTTP proxy, so you don’t even have to recode any of your clients to start using it.
You can turn tracing on and off selectively. For example, perhaps you have a production environment and 99 percent of the time everything is working fine. But every once in a while you get an error and you need to help figure out what that problem is. You can have the system running, switch on trace, capture traces of the failure case, and then switch it off without having to bring anything down or redirect any messages, and so forth. You can instantly get some monitoring and management capabilities, without having to do much coding.
Finally, you can start to use it to do some of the things that are quite tricky. For example, one of the common cases that customers ask us for comes when they have an old Axis 1.x runtime, or a .NET 2.0 runtime. This runtime doesn’t support the latest WS-ReliableMessaging or WS-Security standards, and they need to enable that to talk to a partner. One of the things you can do very simply with the ESB is switch on those capabilities. So some of those capabilities that have a reputation for being complex are now just checkbox items with the ESB. Those are some things that I think would appeal to developers about this product.
Gardner: Do you expect that the arrival of this code under the Apache license, you’re calling it ESB 1.0, is going to be used by the developers primarily as a test-and-design environment, a learning experience that will then lead to operational use, or do you see this as an operational alternative as well, right from the get-go?
Fremantle: We really see this as an operational environment. Although this is a 1.0 product for us, the core runtime of this has been in development in Apache for about 18 months. We’ve done extensive performance tests on this engine. We're really, really pleased with the performance results.
For example, one of the things we’ve done is load it up with thousands of concurrent connections to simulate the scenario where you have a sudden spike and load that your backend can’t take care of. It doesn’t drop connections, even when you load it with thousands of concurrent TCP connections.
Similarly, we’ve done performance tests of how much overhead this adds to the path. For a standard 1K in, 1K out request-response message, you can add the ESB into that with an extra network hop now, and we add less than a third of a millisecond overhead.
We’ve done tests against one of the market-leader ESB products out there, and we’re twice as fast at doing XSLT processing. So we’ve really done a lot of heavy-duty testing on this. We think it’s up and ready for production use, despite the fact it’s just a 1.0 release.
Gardner: Ron, I suppose these days we’re seeing a lot more multiple ESBs in enterprise and hosting environments. Do you think we’re getting overcrowded now that we have another ESB? There are many other open-source ESBs: IONA/LogicBlaze CXF, MuleSource, and also Apache ServiceMix, and Apache ActiveMQ. For folks out there who are in this operational production environment, how do they start making sense of this?
Schmelzer: Well, I would say "vive la difference." It’s completely unreasonable to expect that an enterprise is ever going to be able to standardize on one technology stack for anything. We wouldn’t need SOA at all, if companies were truly homogenous. The reason why SOA has such appeal is because there’s this continued heterogeneity. Look at all the legacy mainframe technologies that exist. Part of the reason they exist is because they continue to provide value.
The fact that there are so many new technologies in the market, open source and commercial, providing value for runtime for SOA, goes to show that companies are still looking for best of breed. No two companies really have a similar environment, either a runtime execution environment or a distributed environment. Some companies are highly centralized and some companies have divisions distributed all over the world, and in parts of the world where bandwidth and processing power are still factors and budget is a factor.
In those environments we’re going to continue to see heterogeneity. A central organization might be able to invest in one kind of SOA infrastructure technology, but their branches, divisions, and departments may invest in something else. It's the power of SOA to abstract those differences so that they’re not so visible.
If there’s one thing that we can hope for from SOA it's that it really and truly enables that loose coupling, because if we’re going to continuously try to fight this battle of heterogeneity being a problem for IT, I don’t think we’ve really gotten anywhere with SOA.
Gardner: What now of loosely coupling, but across multiple ESBs? Is that going to require some way of federating among those ESBs or would it be an uber-ESB on top of them that you will use? What sort of scenarios do you expect?
Schmelzer: That’s a touchy subject. I believe the middleware-for-middleware approach is fundamentally the wrong approach. We’re seeing some companies saying, "Hey, put our ESB on top of your ESB," or "Let’s get some sort of magic integration middleware that basically integrates ESBs." That’s the old school, tightly coupled approach of managing heterogeneity.
I thought that the promise of Web services and SOA was that we could expose loosely coupled service interfaces, so that the infrastructure that runs those services doesn’t matter. The idea that you would need proprietary integration middleware to integrate other integration middleware is, in an SOA concept, a ludicrous thought. We should be able to architect our services so that the infrastructure matters less than it used to.
That being said, we do need infrastructure to run those services. Everything that WSO2 is doing is facilitating the running, execution, and, of course, management of intra-service communication, where you’re trying to manage some of that heterogeneity. A lot of stuff they were talking about in mediating protocols, and all that, is specifically to isolate services from having to worry about the runtime environment. Trying to overlay a heavy proprietary integration middleware stack on top of what is primarily another integration middleware stack is fueling the problem more than providing a solution.
Fremantle: Can I add something to that?
Gardner: Certainly.
Fremantle: I have to agree with Ron. I don’t think that the answer here is to have multiple proprietary ESBs and then some kind of uber-ESB between them. One of the things we tried to address, both in the Apache open source [Synapse] and in our own product, was making this product something that was really invisible to the rest of the world. You can almost think of our ESB as being a smart network router. You can have multiple versions of these around the network.
One thing we’ve done is to allow the ESB to run off of a set of metadata and configurations that’s remotely managed. It could be in a registry, it could be in an SVN repository, or it could be on a Website or a file system. Multiple brokers can fit in the network and communicate with each other, but they could also communicate with completely different systems.
This comes back to what I was saying earlier. To us, your ESB is the totality of all your different networking and service-oriented systems, whether they’re .NET, Axis 2, WSO2 application servers, or ESB nodes. It’s really about using open standards and open metadata -- things like WSDLs, XML schemas, URLs -- as your foundation of integration, which means that you don’t really end up with this problem of multiple ESBs that don’t communicate. You end up with a single fabric that’s completely based on standards, and you happen to have some useful management endpoints within that fabric.
Gardner: Both you and Ron have mentioned that word "management," and we discussed earlier how you have a lot of ambition in terms of the scope of your development activities. Yet you’re also very interested in partnering, as I understand it, and that would include areas for management, and registry/repository. Can you give us a little bit of your philosophy about how this fabric would work, using both your approach as a fairly robust and complete stack, and also partnering with other componentry?
Fremantle: Absolutely. First, we have built internal registry and repository into the ESB, but it’s our first step in this and what we’ve built in is a pluggable interface that allows us to talk to other registries and repositories out in the network. Because we work off a lot of those standard metadata types, such as Web service policy documents, Web service description language documents, HTTPs, URLs and so forth, we can really work in a very open manner.
At the moment, the kind of interface we use to talk to our remote registry is just an HTTP interface, but there is no reason why, if we get the demand, we wouldn’t write to an UDDI interface. It's just that none of our customers have asked us for that today.
We also see the Web service management and governance space as becoming very important here. At the moment, in the Web service management space there's a bit of a problem, which is that there are two competing standards. There's been some work to merge them, but that hasn’t been completed yet.
So, what we offer in our ESB is some simple, so-called REST-based interfaces to get at management information that customers can utilize in the same SOA manner that they utilized in the other services to help manage and monitor their service interactions.
As the Web services management standards start to tighten up a bit, we certainly expect to partner with other companies who provide WS-Management consoles to allow people to manage their network through our interfaces.
We also offer a very lightweight AJAX-based GUI that comes with the product, and which allows you to monitor, manage, and control your service interactions across the network.
Because all of our code is built on these open standards and open interfaces, once again this a heterogeneous story. This is the beauty of open sources. Although as a company, WSO2 is trying to provide to our customers the most useful components that we see, those components naturally and inherently interoperate with other vendors' software, other open-source projects, and other components.
Gardner: Given this flexible use-it-in-many-ways and enter-the-market-in-many-ways approach, I wonder if we could look a little higher up from a business abstraction point of view. What will systems integrators look to as they pick best of breed, and as they pick a stack, and as they factor how to manage what’s on-site in the organizations they’re working with?
I suspect that you want to be a very good partner to these integrators, as they inject SOA activities into the way that they produce code, services, and applications -- and then also take that into the enterprises that they’re working with.
How do you see this whole systems integrator movement toward SOA shaking out, and how do you make yourselves appealing to them?
Schmelzer: SOA offers an interesting opportunity for systems integrators. They formed a large part of their business, at least in the late 1990s and early part of this decade, doing a lot of the heavy lifting of integration, actually making systems work together, facilitating the systems, implementing enterprise applications, and things like that. SOA gives these folks more of an opportunity to focus on the business than they had before and provide a higher margin of services around business process.
[SOA] allows these system integrators to focus on things like building shared services and business services that reflect the business needs, and focus on governance, policy, and enterprise architecture, which is a missing skill set for most enterprises.
Actually this gives systems integrators a good opportunity to let the opportunity of focusing on the business exceed the opportunity of focusing just on implementation and infrastructure, which is migrating overseas anyway. So there are some unique opportunities here for systems integrators with regard to SOA.
Gardner: How about that, Paul? Throwing more warm bodies at the problem probably wasn’t a good idea to begin with. Now you can’t even get the warm bodies in many cases. The goal should be to work smart not hard, I suppose. How do you take that message to the integrators?
Fremantle: We’ve had a lot of interest from system integrators. We formed some partnerships with some of them, and we’re ongoing with that process. What we found attractive to system integrators is that they now are looking much more for simple, lightweight components that work straight out of the box -- rather than large complex solutions.
Part of that is exactly what Ron’s talking about. These guys haven’t got huge amounts of time, so they need something that they can get on with and be productive with instantly. That’s the first thing.
The second thing that system integrators look for is extensibility and flexibility. One of the things system integrators want to do is to add value over the core products or components that they find. We’ve been very careful with the ESB and also in the Apache projects that we work on to create the right plug points.
It’s very simple to extend our ESB just using simple scripting language. For example, you can use JavaScript, Groovy, and Ruby -- those sorts of languages. If you use Ruby or JavaScript, there are native XML language constructs that are called REXML and E4X that you can use inside your code to do really simple, high-quality XML transformations or manipulations. That’s the first level of integration.
The second level is to jump into Java and actually write Java classes. That can be very productive and a way that you can extend the ESB with custom functions.
Then there's actually a third level of that. You can write your own plug-in to our XML configuration language. So you can effectively take your component and raise it up to be a first-class part of the ESB and its configuration model. That means now there can be a third-party set of add-ons to the ESB that start to add value.
We see those two things as being very attractive to the system integrators. First, ease of use -- get it started quickly -- and second gain the ability to extend it, to add extra value, and to build up a catalog of reusable components that makes their jobs easier.
Gardner: I would think that those same attributes would be of interest to companies that want to position themselves within an ecology or some sort of a supply chain, where they’re creating services that will be consumed among partners. Therefore, those same attributes that would be of interest to a systems integrator would be appealing to those enterprises that are seeking a role other than just creating their own applications and services, but rather to become a center of gravity for a larger business process or ecology.
Fremantle: Absolutely.
Gardner: We’re about out of time. This has been a very interesting discussion. We’ve been talking about the advent of new open-source products and code being orchestrated by WSO2. We’ve been talking with Paul Fremantle, the vice president of technology at WSO2. Thank you for your time, Paul. It was very engaging.
Fremantle: Thank you, Dana. It has been a great conversation and it has been a pleasure talking to you.
Gardner: We’ve also been joined by Ron Schmelzer, a senior analyst at ZapThink. We appreciate your insights, Ron.
Schmelzer: Glad to be here. Thank you for having me.
Gardner: This is Dana Gardner, principal analyst at Interarbor Solutions. You’ve been listening to a sponsored BriefingsDirect podcast on WSO2, open source, SOA, and the arrival of the WSO2 ESB 1.0 product in June 2007. Thanks for joining us.
Listen to the podcast here. Sponsor: WSO2.
Transcript of Dana Gardner’s BriefingsDirect podcast on open source Web services stacks and WSO2's latest ESB. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.
Friday, June 08, 2007
BriefingsDirect SOA Insights Analysts on Defining the New Role of 'SOA Architect'
Edited transcript of weekly BriefingsDirect[TM] SOA Insights Edition podcast, recorded March 23, 2007.
Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Interarbor Solutions at 603-528-2435.
Dana Gardner: Hello and welcome to the latest BriefingsDirect SOA Insights Edition, Vol. 15. This is a weekly discussion and dissection of service-oriented architecture (SOA) related news and events with a panel of industry analysts and guests. I'm your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions, ZDNet software strategies blogger and Redmond Developer News Magazine columnist.
Our panel this week consists of Jim Kobielus. He’s a principal analyst at Current Analysis. Welcome to the show, Jim.
Jim Kobielus: Hi, Dana. Hi, everybody.
Gardner: Also joining us from the U.K., Neil Macehiter. He's a research director at Macehiter Ward-Dutton. Welcome, Neil.
Neil Macehiter: Hi, Dana. Hi, everyone.
Gardner: Also joining us today we have Steve Nunn. He's the vice president and COO of The Open Group. Welcome to the show, Steve.
Steve Nunn: Thanks very much, Dana, and good morning, everyone.
Gardner: Also joining us is John Bell, an enterprise architect at Marriott International. Hello, John.
John Bell: Hello.
Gardner: We're going to be discussing the role and concept of what’s becoming defined as the "SOA Architect." This is a different role, as we’re finding out, than the enterprise architect, but certainly seems to be part of an evolution of the role of architect within the enterprise and within IT in general.
We’ve invited a representative from The Open Group, in this case Steve Nunn, to join us, because The Open Group has taken some steps to try to define the role of the SOA architect, has created some certification around that role, and is trying to get in front of this role in terms of what will be required in the marketplace. That is, to try to encourage more people to step up and understand this role and to certify themselves, so that the progress and maturity of SOA practices can continue and not face a human resources crunch.
So, with that, why don’t we hand it off to you, Steve? Why don’t you tell us a little bit more about what The Open Group is doing and why?
Nunn: Thanks, Dana. The Open Group and its members have been working in the architecture space for over a decade now, primarily developing something called The Open Group Architecture Framework (TOGAF), but, as you’ve mentioned, we're running certification programs in two specific areas. One is in relation to TOGAF, but perhaps more relevant to this discussion is our IT Architect Certification (ITAC) program.
I guess that sets a caveat at the outset. The terminology around what type of architect it might be -- IT architect, enterprise architect, SOA architect -- is still very much settling down as a topic of debate in its own right, but our program that I can talk about is the IT Architect Certification Program, which is a broad skills- and experience-based program. It's aimed at creating a vendor-neutral program by which individuals can be certified. It provides them with a transferable qualification in the industry, and it enables employers to know that if they prefer recruiting certified individuals, they would be getting somebody who has been through an accreditation process.
Briefly, the process would be that a resume is compiled, which can be quite extensive, up to 52 pages in some cases.
Gardner: Wow!
Nunn: Yeah and then there’s a peer review by a panel of three certified architects themselves who would probe a little on the resume, ask questions of the candidate, and conclude whether or not that individual meets the conformance requirements.
Gardner: Is this process already up and running, or is it something you're still pulling together in terms of how you want to approach it?
Nunn: No, this is up and running. We launched this in July 2005, and as of today, we have just a shade under 2,000 individuals from all sorts of companies and all over the world who are certified under this program.
Gardner: This is the SOA Architect Certification?
Nunn: This is actually what we call ITAC, the IT Architect Certification.
Gardner: I see.
Nunn: It has several levels and covers various disciplines. The SOA-specific part of it is one that we are still working on. We have various horizontal levels under this program. The conformance requirements for meeting those levels have been agreed upon. There’s an entry level and a higher level. We are working on the highest level right now, but what’s also going on is work on the individual aspects of that certification, of which SOA is one. What we’re quite proud of in this program is the conformance requirements for the overall program, and what we're now focusing on are the conformance requirements for the individual disciplines.
Gardner: Perhaps this is a good time to go around the room, so to speak, and see if we’re in some agreement that an SOA architect is fundamentally different from an enterprise architect and why? Why don’t we start with you Jim Kobielus. Do you see these as significantly different roles?
Kobielus: Not really. You have to be an IT architect to be an SOA architect. It seems to me that an SOA architect, or that discipline, is a subset of the overall enterprise architect. I would like to know precisely what other disciplines or practices that one needs to be certified in to be a SOA architect, versus just an overall enterprise architect, I’m still unclear on that.
Gardner: When we hand it back to you, Steve, one of the helpful concepts for me in understanding this was the notion of the "city planner" or "town planner" role. The analogy is that an SOA architect needs to like a city planner, looking at all the resources and infrastructure and how the entire community comes together, managing constituencies and political relationships, whereas an IT architect might have a smaller role. Can you expand on that a little bit?
Bell: Actually, an enterprise architect from my perspective would have the view of the town planner. When they’re looking at the entire city, they're looking at how the various neighborhoods, how the various business zones, etc., fit into that city. The SOA architect, from my point of view, is really more interested in, "Hey, how does that underlying infrastructure allow different neighborhoods to communicate with each other and exchange messages? How are health services delivered across neighborhoods?"
So, it’s more interested in, "Okay, I’ve got a firehouse. Can the fire truck get to the house before it burns down?" The vision of the SOA architect is more associated with the communications pieces within the community.
Gardner: So, the hierarchy might be that the enterprise architect is in the town planner role, the more holistic, oversight uber-architect role, and then a subset of that is making sure that the communication channels between and among these different facets of resources and functionality are behaving well and conforming to what needs to happen.
Bell: Conforming to the standards so that they’ve got a consistent set of standards for exchanging information, those kinds of things.
Gardner: Okay. Neil Macehiter, what you make of this?
Macehiter: In that that classification of the difference between enterprise architecture and the SOA architect, it sounds to me that the premise is that the SOA architect is focused primarily on the plumbing. From a bottom-up perspective, the challenge that many SOA architects face is more around understanding what the services are that need to be delivered in a business-meaningful way, not just about communication and plumbing. It’s also about understanding the high-level, business-meaningful services.
There is a business strategy, there are business processes and priorities, and there are the services we need at a business level. Then, there's a handoff to what’s currently defined as the SOA architect, who will actually define how those services are deployed in technology terms. So, the distinction is quite blurred. A service-oriented approach is one of the methodologies and the approaches that you can utilize to deliver or to support an enterprise architecture initiative. So, I still find a distinction difficult.
Kobielus: I second what Neil’s saying. I’m uncomfortable with just reducing SOA to the plumbing. In the three-layer stack that I carry in my head, the plumbing level is the enterprise service bus, and then SOA refers to development and reuse practices within the development organization to enable maximum sharing and reuse. Then, there’s the layer above that, which is the applications, services and data -- the business processes.
I’ll put enterprise architecture at that very top layer, concerned with the end-to-end set of resources: app services, data, etc. The SOA architect would be the middle layer of the development and reusing. The layer below that, the enterprise service bus (ESB) or whatever, I call that "IT architect" in the sense that it's the infrastructure architect.
Bell: And to be fair, I didn’t mean to imply that the SOA was limited to the plumbing. My intent was saying that the enterprise architect has a much broader spectrum and scope that they have to deal with than your SOA architect has to deal with. Putting it into that city paradigm, you kind of limit it as to how to describe some of the roles. I try to clarify that by saying it’s not just how they communicate, it’s things like, "Hey, where’s the fire station? Do you have a fire station? Where’s your police station? Where are your schools? Where are all those pieces that are providing services to that community and are they adequate for providing the services to their community?" That’s a subset of what a city planner has to do but it’s still an important city-planning kind of function.
Gardner: John, you’re in the trenches, you’re an enterprise architect in a large global concern. How do you see this hierarchy and is this really the right discussion that we’re having?
Bell: My view is that the enterprise architect is at the top of the hierarchy, and at some place, working with the enterprise architect is an SOA architect, and their focus is on, "What are the services that are being delivered, how am I delivering them? What’s the infrastructure I am using to deliver it? Do I need – using that town model -- a police station? Do I need a fire station? Do I need a school? Do I need a museum? And, if I do, how do I get that service out to the community or to the entire city, not just an individual neighborhood?"
So, from my perspective, using a city planner paradigm, the role of the SOA architect, is identifying what are the services that need to be available to the city and how to deliver those services out to the city.
Gardner: Back to you, Steve Nunn. It seems to me that there needs to be a fair amount of flexibility, enterprise by enterprise, and circumstance by circumstance, as to how this SOA architect role pans out. How much standardization and methodological consistency can we bring to something that, in fact, will probably be dealing with huge variability from organization to organization?
Nunn: Something that we’ve had to address in putting the program together is that there are huge differences. Even taking the frameworks that might be used in implementing an enterprise architecture, there are huge differences among organizations. Some organizations are required to use a certain framework. Our approach is not to specify exactly how enterprise architecture or SOA architecture is done in the certification program, but more about the experience of the individual who's implementing it.
It doesn’t seek to define a particular way of implementing the architecture, but is more about the skills and experience of the individuals who are playing that role inside an organization. They could be part of a team in larger organizations, or could be one person in a much smaller organization who is playing this role. The whole idea of raising the value of the architects of various titles in the organization is what we are seeking to achieve with our efforts in the certification program. It’s about raising the standards of that role, and getting people to understand that it’s a valuable role and, apart from anything else, it should be compensated as such.
Macehiter: Dana, could I chip in with a quick question there?
Gardner: Certainly.
Macehiter: It’s about the approach and the experience, rather than framework, and I agree completely with that. Given that the SOA discipline is currently within the IT architect certification, to what extent do you look at the approach and experience in terms of the interface to the business, business understanding, or collaboration with the business? I think that key elements of the SOA architect role are skill and capability, as well as the more IT-oriented skills and capabilities.
Nunn: Well, that's not so different between SOA and enterprise architecture. I’d say exactly the same about the enterprise architect -- that ability to translate the business need into the systems underlying or delivering the needs of the business. It’s something the enterprise architect absolutely needs to have, and that’s why we think there’s a special set of individuals who play this role. So, there isn’t really a difference in that respect between the SOA architect and the enterprise architect.
Kobielus: I like what you do. Thinking about the whole notion of certification, there are two ways to go about it. One approach that you can easily take -- and this is the way it’s usually perceived -- is when you are certifying a CPA, you’re certifying somebody as a skilled in an established and knowledgeful body of practice, be it law, medicine, whatever. But when there’s no consensus body of practice that everybody agrees upon -- for example SOA, which is still evolving -- a certification in that regard is more like when somebody is applying to college. You’ve got to send in your transcripts, write essays, and you also might have to go and do an interview in the admissions office. They look you over and say, "Oh, this is a smart person. Yeah."
So, they consider the sum total of everything you’ve done and who you are in certifying that. They say, "Yes, you’re good enough to be admitted into this college," and then proceed from there. That’s sounds like what you’re doing. You’re certifying the competency of a particular individual in this general field called a enterprise architect (EA) or a SOA architecture.
Nunn: That’s right, Jim, and it’s not a bad analogy at all. It's about assessing the individual. It’s a relatively young discipline in its own right. One of the things that we look at in a conformance requirement is the role that those individuals have played in the projects that they have been involved in, and whether they had been in a lead role or support role, or a combination of the two, but it certainly is about the individual, rather than the specific approach that they take or any particular body of knowledge.
Macehiter: Just one other quick comment on this, if I may. The other dimension for this, I think, is rather than thinking about the role, thinking about SOA as an approach. Then, thinking about how that approach applies to different types of architect. What I mean by this is that a lot of the emphasis and focus on SOA today has been around application development and integration, when, in fact, there’s a broader perspective that really extends across more traditional IT architecture and other disciplines, for example, a service-oriented approach to infrastructure architecture and the service-oriented approach to the operations and operational management of IT.
So, there are two dimensions that a body such as The Open Group might want to think about. One is the role of a service-oriented architect, and the second is how service orientation impacts other architecture disciplines and other IT functions or operation capabilities. If we don’t do that, we risk driving SOA into a particular stovepipe focused on application development and integration, and aren't thinking about it more broadly as an approach that it is an enabler of whatever the enterprise architects are driving out.
Gardner: Thanks, Neil. I suppose, too, that the role of the SOA architect will shift, as the maturity of SOA principles and methods evolves inside of an organization. They might have to start out a bit more focused on application development and deployment issues, move up toward being mindful of the business issues, and then move up more toward being the communications conduit between the fire house and the police station, for example. Does that make sense?
Macehiter: Absolutely. It’s about gradually extending through the life cycle.
Gardner: One of the reasons we are discussing this is that we’ve seen some warnings from analysts and others saying that we are moving toward SOA, but we really might find ourselves without the people with the background and abilities to move this. So, we’re worried a little bit about a dearth of qualified people, which might, in fact, stifle the progress here for SOA.
Do you see that is the case, Steve Nunn? Do you have any sense of numbers and what the demand is going to be? The second part of the question is, if there aren’t enough people, aren’t these roles going to fall upon the enterprise architect anyway?
Nunn: Dana, what we’re hearing is there aren’t enough enterprise architects to start with. So, I think it’s a given, therefore, that the SOA specialists are in short supply too. We’re hearing from our members that if they spot a good enterprise architect or somebody they think has potential for that, then they try and grab them. They’re pretty few and far between right now in terms of folks with experience.
Obviously, there are other folks that we just talked about with the college analogy who might well be groomed into that role in the future. So, certainly there is a shortage right now. That's what we are hearing from our membership. I don’t have specifics on numbers, but the message we hear is that demand is out-stripping supply right now.
Macehiter: This is not new. We’ve been through this with every major technology advance or discipline advance. You used the word "potential" there. I think there are individuals within organizations that have the potential to fulfill that role. Part of the benefit of this certification approach, providing conformance and definitions of what constitutes the role, is that it will help organizations identify the individuals within that company that have that potential, even if they don’t have the 50-page resume that demonstrates that they have been there and done it, because the key element in a service-oriented approach, and an enterprise architect more broadly, is an understanding of the business.
If you’ve got individuals within the organization that understand how the business works, have been around, and know the right individuals to talk to, that that can be of much benefit in terms of enabling effective EA and SOA, as can be going outside, finding someone from a different vertical market or different industry, and bringing them in because they’ve done six SOA projects elsewhere.
Gardner: Thanks Neil. Let’s take that point back to John Bell. Now, as an enterprise architect with Marriott International, I assume that you’re going to be in the position of having to hire or find SOA architects in this climate of scarcity. Where do you think these people will come from and what kind of backgrounds would you look for?
Bell: I think what we are going to have to do -- fortunately or unfortunately, however you look at it -- is end up training our own people. A lot of it goes back to what was just said about having to have an understanding of the business. You have to know the people in the business. You have to understand what the business of the business is. You have to have a lot of domain knowledge in order to create an effective SOA environment.
Because of that, when you pull somebody from outside, they may understand the technology, but they have to come up and learn the business, which is harder to train than somebody who has a general technology background, but knows the business pretty well, because he has been working in the business. Marriott happens to be a company that retains employees for years and years on end. So, in our IT department we have people who may already have 5, 10, 15 years of experience working directly in the business. And we can’t afford to lose that.
Gardner: Do you find that a developer is a fast-track path to SOA architect or a business analyst, even though it makes great sense to have someone with longevity in your organization? Is there particular type of role that they would have played that seems to conform to this need for SOA process management and evangelism?
Bell: In our experience, we are finding developers, as they move through their technology career path, since they have been developing within the context of the business, if they take that broader view, they understand the basis for the SOA architecture that’s installed in this particular company. They tend to make a good SOA architects with the proper training, and sometimes that training isn’t the technology training; it’s the people training -- teaching them how to conduct interviews, how to talk to people, how to get information from people, particularly in a company like Marriott where the business is not technically oriented.
Kobielus: This is all very good, but it doesn’t address the need that many companies have which is, "Hey, we need to hire people straight out of college who have some background in architecture, and where are we going to find these people and how are they going to get certified?"
Everything I'm hearing says that, an EA or a SOA architect is somebody who has experience and, by definition, somebody right out of college doesn’t have experience. So, is this the kind of thing that we can actually train in school or does somebody have to be in their career for 5, 10, 15 years before they’ve been steeped enough in all of this architectural infrastructural development and integration stuff to the point where they can be certified?
Bell: I’m also an adjunct faculty member at Towson State University, and this is an issue that we’re dealing with at the university level so that the university can provide the skills that the local businesses in the Baltimore area need. So, at the graduate school level, we are looking at what we offer in the way of architecture courses that take architecture from an enterprise or SOA perspective, so that we can enable our students who are finishing graduate school to be more and better prepared as they enter their new job market.
Gardner: These are excellent points. Steve, you and I discussed, when we spoke about some of these issues a month or so ago, that you were also trying to encourage universities to create the curriculum and the definition of these jobs. Can you fill in our listeners a little bit on what you’ve seen?
Nunn: That’s right, Dana. Something The Open Group launched at the end of January this year was the Association of Open Group Enterprise Architects (AOGEA), which really is -- the analogy here is the one somebody used earlier with attorneys or CPAs -- to do for enterprise architects what the Bar Association, for example, would do for attorneys, all joking aside. I think one of the things that we’re trying to do is partner with various types of organization in creating this community and this professional association.
One of those groups is the academic community, so we are putting out feelers to various universities to explore the possibility of getting enterprise architecture on the curriculum. There is one university that we are aware of where there is actually a TOGAF module in some of their courses. Obviously, changing a curriculum is a multi-year project, or multi-year plan. It’s not going to happen overnight, but in the interim, one of the categories of membership for the association is students.
So, those who are on a course of some description inside the university or even working in a job and doing part-time study, can join the association, be part of the community, get the information that’s available there, be on the news groups, maybe take part in the local chapter, or whatever they want to do to start building up some experience.
I had somebody come up to me a couple of weeks ago, after a talk I gave, and said, "This is exactly what I’ve been looking for, because in my organization I’m quite junior and the people above me really aren’t that interested in enterprise architecture, and certainly not SOA, but they won’t listen to me because I’m too junior. So, I need to get some experience or immerse myself in this field. Some kind of virtual community that allows people to do that is going to be a great help to me."
So, that’s one of the thing we’re trying to do. There are various membership categories, and student is just one of those.
Gardner: Now, it does seem that we have a climate of opportunity here. There’s the track for developer to move above that role and embrace more business understanding in domain expertise, and that would be a track. We’re looking at more universities preparing people for these types of roles. We’re probably going to find, again, variety within organizations in terms of business analysts or non-tech people coming into this role, because it requires influencing and consensus building, and so forth.
Usually, in markets, when there’s opportunity and there’s scarcity -- and these are probably well-paying jobs -- we would expect for the supply and demand to even out at some point. For those in the field like yourself, John Bell, am I overly optimistic that this supply and demand is going to mesh, or are we looking at something a bit more serious in terms of the next three to five years where there’s going to be a serious deficit of talent?
Bell: I think that the supply and demand will eventually mesh, but there may be a gap in the next year or two. I don’t know if it will carry out for three to five years.
Gardner: Well, thank you very much. Let’s move on to our next subject of the day.
In March an announcement came from the consortium of large IT vendors including SAP, IBM, Oracle, BEA, and Cisco. They have formed a series of proposed standards, the Service Component Architecture (SCA) specification and the Service Data Objects (SDO) spec. We are not quite at the standards level, but that seems to be the goal, to take this approach through OASIS, which is the organization that’s overseeing the Web services specifications and standards, WSDL, UDDI and SOAP and so forth and all the WS-* specifications.
It seems that the vendors have stepped up and said, "Listen, we need a level of standardization. We are going to do some heavy lifting, create some specifications, and then we are going to hand them off to the standard organization." This strikes me as an important juncture in the maturity and real-world applicability of SOA, and I wanted to test that hypothesis on Jim Kobielus.
Kobielus: Yeah, it’s very important. It’s clear that the SOA paradigm requires ever more high-level abstractions to enable easy development of very complex, orchestrated, end-to-end services. The SCA and SDO specifications – the initiative has been being going on for a couple of years – have come a long way and they’ve got pretty significant support throughout the industry. Microsoft is one of the few important holdouts. It's not only the high-level abstraction for developing competence services, but also, especially, in my area, the SDO, the high-level abstraction for working with heterogeneous data. I see the SDO, in itself, becoming potentially the standard industry framework for what’s called the semantic layer for any data integration.
So, I’m very keen on the potential for SDO, for example, within the business intelligence space, the data warehousing, and the enterprise, information, integration space. The fact that now OASIS will be taking over ongoing development of SDO, puts it on a very important fast track. Hopefully, we’ll get some of the business intelligence (BI) vendors like Business Objects and Cognos behind it. That’s one of my fond hopes.
Gardner: Jim, you’re tracking the data management side on this quite deeply. Do you think that SDO has the potential to become the ODBC/JDBC of SOA in terms of what those things enabled and empowered for distributed architecture?
Kobielus: It’s quite likely, because it’s leveraging the whole WS-* stack and the whole notion of semantic web that’s been kicking around for long time. Tim Berners-Lee keeps this going. It’s really a utopia of interoperability, where the semantic layer is the resource description layer for describing metadata. If you look at the so called semantic web’s specifications like OWL, RDF and a few others, they have not achieved takeoff velocity in the data management world. I can count on one hand the number of the BI or data warehousing vendors that are implementing OWL, for example. The semantic web has not really gotten any traction with standards or specifications where it counts.
With SDO, I still don’t see significant traction yet in the whole BI space, but the fact is that every BI vendor is SOA-focused and enabled and getting ever more so. That’s one of the clear gaps I’ve been seeing in the whole enterprise information integration (EII) side of it all in terms of distributed master data management (MDM). Every vendor, including Business Objects and the others, have their own semantic layer. That’s what Business Objects calls it.
As yet, there is no federated semantic layer specifications, but customers are asking for federation of say, Business Objects, Teradata, Microsoft, Oracle, and I believe that at some point BI and EII will converge around a common set of standards. I’m getting further and deeper into SDO, and it really looks like this is a strong potential framework for them all to work together going forward.
Gardner: A framework for a common and federated metadata approach, is it not?
Kobielus: Yeah, exactly.
Gardner: Now, the politics here struck me as a little bit interesting. Ed Cobb of BEA, who was on the call describing the movement of these specifications to OASIS, said that he hopes that this does for SOA what J2EE did for n-tier in distributed computing, which is to create a climate of growth with application server vendors coming together and ISVs building applications that take advantage of these. That sort of exploded during the mid- and late-1990s into what is now a predominant architecture for enterprise applications, as well as large Web commerce and online commerce types of applications.
Neil Macehiter, what do you make of the politics here? If J2EE did for distributed computing what they hope this does for SOA, why aren't SDO and SCA going into the Java process?
Macehiter: You've hit the nail on the head there. I think there are a couple of issues here. First is, if it went into the Java Community Process (JCP), you’re talking about SOA based on purely Java. As my colleague put it at the time, it’s like a three-legged dog running in a race. If you’ve only got Java, then you’re not really addressing one of the core propositions of SOA -- that it is about heterogeneous interoperability, with services based on multiple languages.
Gardner: What happened to "write once, run anywhere?" Wasn’t that heterogeneity and interoperability?
Macehiter: One programming language, and that’s the distinction. The SCA and the SDO are multi-program, multi-language.
Gardner: So, an abstraction above Java their pointers will make sense?
Macehiter: Yeah. Actually, the second point is that, in part, the creation of SCA and SDO was motivated by the frustration with the J2EE process. Enterprise JavaBeans (EJBs) and things like that never really took off. Some of the lightweight programming frameworks, Spring and Hibernate, were just taking great chunks out of J2EE in terms of deployment.
Then there was a significant amount of discontent among the Java community around the support for Web services, which is clearly one of the key enablers of SOA. Those three things, plus what Microsoft was doing with the Windows Communication Foundation (WCF), and the work they’ve been doing around it, caused the big J2EE players to think, "Well, actually we need to do something different." That was the motivation.
Gardner: I suppose it’s water over the dam at this point, but perhaps if the J2EE and a variety of Java framework specifications had moved into a standards organization like OASIS five years ago or so, the SOA specifications and the Java specifications could find themselves in the same organization. That seems now not to be the case.
On the other hand, if Microsoft has been the holdout in terms of embracing SDO and SCA, and is focusing more on .NET Framework -- but OASIS was a place where Microsoft felt comfortable going when it came to working with folks like IBM on the Web services standards -- do you think that this might move the hearts and minds of Redmond, Washington toward a bit more SOA compatibility and the programmatic approach to SOA, rather than just the interoperability approach?
Macehiter: My gut feeling is "no." And the reason is that Microsoft has collaborated with the likes of IBM, BEA and others, its historical competitors, up to a certain level up the stack. But the level at which SCA and SDO are operating is at the level where Microsoft has a massive investment, and a significant proportion of its business has been driven out of this at the programming model level.
So, I think it would take a lot for Microsoft to move to support SCA and SDO within the composition framework that they have, which is fundamentally around Visual Studio. Whether we are talking about BizTalk or Sharepoint or Office, it’s all around that programming model, which is tied into WCF and Windows Workflow Foundation. So, I just think the battle line is drawn at that level.
Gardner: What we are facing is perhaps an important decision within enterprises and service providers, software-as-a-service (SaaS) providers, and ISVs as to which role you perceive for .NET playing in Microsoft’s tools and process runtimes. Are they a subset of SOA, or are they in fact the master -- and the rest of the SOA componentry is the slave?
That would be one way of looking at it. The other would be that .NET should be just another spoke in the hub of all SOAs. Jim Kobielus, do you think we are going to be facing this sort of a face-off between the role of Microsoft as the hub or the spoke?
Kobielus: I think Microsoft has gotten much more open to being just one spoke. But I wouldn't use the hub vs. spoke analogy here. They’ve become more comfortable with the notion that they’re just one node in a vast mesh on the Internet in terms of Web services and SOA. So I don’t see Microsoft in face-off mode in the SOA world, or where SCA or SDO are concerned. A couple of years ago it might have been different, but it has changed.
Gardner: How about in terms of the role of their communications, their ESB, WCF (the former Indigo) and the role of BizTalk? It seems as if they are happy to be a spoke on one level, but they’d also like to be where business process is coded and logic is instantiated, and therefore become "the place" where SOA is driven, the dashboard from which SOA is driven.
Kobielus: Well, pretty much every BPM vendor wants to be that hub, that business-process hub, and Microsoft is not alone. Companies like TIBCO with ActiveMatrix, are interesting, because basically what it is doing is it is virtualizing the app server or the integration server, so you can run your .NET logic and your J2EE logic, and so forth in different containers on the same platform. That kind of architecture is more where the industry is going. In that case, TIBCO necessarily isn’t trying to be the one and only integration and logic hub out there. It is simply trying to be the hub of all hubs, but one of the hub of many hubs federated to each other.
Gardner: Is it that you don’t agree with Neil then, that if Microsoft is a bit more ecumenical on this, would we expect them to embrace SCA and SDO? Is that what you expect?
Kobielus: It’s a relative thing -- getting ecumenical. They get ecumenical when they are good and ready, like they’re doing right now in the identity space, with this whole notion of user-centric identities. It’s taken them a couple of years of sitting back, watching things like OpenID and Higgins develop. And then finally they make a token offering that says, “Okay, we’ll implement OpenID in the next generation of the Vista Card Space."
And, once again, my sense is they’re going to wait quite a period of time, at least a year, before they make any public pronouncements on the extent to which they are going to work with OASIS on SCA and SDO. It’s just their nature, and they are going to pursue their proprietary approach, as long as it holds out, and as long anybody will implement it.
Macehiter: I’m not suggesting that this a face-off. What I am suggesting really is that it comes down to the point of control that an organization or vendor has. Microsoft does not want to be denigrated to the plumbing, even if that’s interoperable plumbing. The point you raised about TIBCO with ActiveMatrix is that it’s actually using the SCA programming model in order to provide this abstraction.
So, ultimately in that environment who’s controlling it? TIBCO is becoming the master, and it will be the same in an IBM environment. SCA may be under the hood, but ultimately there will be a point of control that IBM wants to wrest for its process server for its development tools, and that’s what Microsoft wants to do. The challenge is that SCA and SDO are trying to do the same thing as Windows Communication Foundation and Microsoft tooling around .NET and SOA.
Gardner: To wrap up, it seems that it's not a face-off, but perhaps there are, as Jim points out, a lot of vendors who would like to be that over uber-dashboard, point of control. Some are BPEL-focused and others are taking different tacks. SCA seems to be playing a role for many of them, and Microsoft would like to play that role as well -- but perhaps thinks that it has an advantage through the way it’s architected up to this point. The market will, I suppose, determine who the ultimate winner is.
Macehiter: I think a lot will depend how quickly the tooling comes out around SCA and SDO, as an alternative to Visual Studio.
Bell: The other piece too is, as Microsoft tends to build those kinds of capabilities in as part of the operating system, other vendors tend to create them as standalone products and infrastructure pieces. If you are a small company, having it built into the operating system is a value to you, but in large, heterogeneous environments that can be costly to you. So, that’s always been used by Microsoft. If you look at CORBA versus COM and DCOM, it’s the same story.
Macehiter: Absolutely.
Gardner: You’ve been listening to yet another BriefingsDirect SOA Insights Edition, Vol. 15, for the week of March 19, 2007. We’ve been joined by Jim Kobielus, principal analyst at Current Analysis. Neil Macehiter, a research director at Macehiter Ward-Dutton. Steve Nunn, the vice president and COO of The Open Group, and John Bell, enterprise architect at Marriott International.
I'm your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions. Thanks everyone, and thanks for listening.
Listen to the podcast here. If any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact Interarbor Solutions at 603-528-2435.
Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 15. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.
Listen to the podcast here. If you'd like to learn more about BriefingsDirect B2B informational podcasts, or to become a sponsor of this or other B2B podcasts, contact Interarbor Solutions at 603-528-2435.
Dana Gardner: Hello and welcome to the latest BriefingsDirect SOA Insights Edition, Vol. 15. This is a weekly discussion and dissection of service-oriented architecture (SOA) related news and events with a panel of industry analysts and guests. I'm your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions, ZDNet software strategies blogger and Redmond Developer News Magazine columnist.
Our panel this week consists of Jim Kobielus. He’s a principal analyst at Current Analysis. Welcome to the show, Jim.
Jim Kobielus: Hi, Dana. Hi, everybody.
Gardner: Also joining us from the U.K., Neil Macehiter. He's a research director at Macehiter Ward-Dutton. Welcome, Neil.
Neil Macehiter: Hi, Dana. Hi, everyone.
Gardner: Also joining us today we have Steve Nunn. He's the vice president and COO of The Open Group. Welcome to the show, Steve.
Steve Nunn: Thanks very much, Dana, and good morning, everyone.
Gardner: Also joining us is John Bell, an enterprise architect at Marriott International. Hello, John.
John Bell: Hello.
Gardner: We're going to be discussing the role and concept of what’s becoming defined as the "SOA Architect." This is a different role, as we’re finding out, than the enterprise architect, but certainly seems to be part of an evolution of the role of architect within the enterprise and within IT in general.
We’ve invited a representative from The Open Group, in this case Steve Nunn, to join us, because The Open Group has taken some steps to try to define the role of the SOA architect, has created some certification around that role, and is trying to get in front of this role in terms of what will be required in the marketplace. That is, to try to encourage more people to step up and understand this role and to certify themselves, so that the progress and maturity of SOA practices can continue and not face a human resources crunch.
So, with that, why don’t we hand it off to you, Steve? Why don’t you tell us a little bit more about what The Open Group is doing and why?
Nunn: Thanks, Dana. The Open Group and its members have been working in the architecture space for over a decade now, primarily developing something called The Open Group Architecture Framework (TOGAF), but, as you’ve mentioned, we're running certification programs in two specific areas. One is in relation to TOGAF, but perhaps more relevant to this discussion is our IT Architect Certification (ITAC) program.
I guess that sets a caveat at the outset. The terminology around what type of architect it might be -- IT architect, enterprise architect, SOA architect -- is still very much settling down as a topic of debate in its own right, but our program that I can talk about is the IT Architect Certification Program, which is a broad skills- and experience-based program. It's aimed at creating a vendor-neutral program by which individuals can be certified. It provides them with a transferable qualification in the industry, and it enables employers to know that if they prefer recruiting certified individuals, they would be getting somebody who has been through an accreditation process.
Briefly, the process would be that a resume is compiled, which can be quite extensive, up to 52 pages in some cases.
Gardner: Wow!
Nunn: Yeah and then there’s a peer review by a panel of three certified architects themselves who would probe a little on the resume, ask questions of the candidate, and conclude whether or not that individual meets the conformance requirements.
Gardner: Is this process already up and running, or is it something you're still pulling together in terms of how you want to approach it?
Nunn: No, this is up and running. We launched this in July 2005, and as of today, we have just a shade under 2,000 individuals from all sorts of companies and all over the world who are certified under this program.
Gardner: This is the SOA Architect Certification?
Nunn: This is actually what we call ITAC, the IT Architect Certification.
Gardner: I see.
Nunn: It has several levels and covers various disciplines. The SOA-specific part of it is one that we are still working on. We have various horizontal levels under this program. The conformance requirements for meeting those levels have been agreed upon. There’s an entry level and a higher level. We are working on the highest level right now, but what’s also going on is work on the individual aspects of that certification, of which SOA is one. What we’re quite proud of in this program is the conformance requirements for the overall program, and what we're now focusing on are the conformance requirements for the individual disciplines.
Gardner: Perhaps this is a good time to go around the room, so to speak, and see if we’re in some agreement that an SOA architect is fundamentally different from an enterprise architect and why? Why don’t we start with you Jim Kobielus. Do you see these as significantly different roles?
Kobielus: Not really. You have to be an IT architect to be an SOA architect. It seems to me that an SOA architect, or that discipline, is a subset of the overall enterprise architect. I would like to know precisely what other disciplines or practices that one needs to be certified in to be a SOA architect, versus just an overall enterprise architect, I’m still unclear on that.
Gardner: When we hand it back to you, Steve, one of the helpful concepts for me in understanding this was the notion of the "city planner" or "town planner" role. The analogy is that an SOA architect needs to like a city planner, looking at all the resources and infrastructure and how the entire community comes together, managing constituencies and political relationships, whereas an IT architect might have a smaller role. Can you expand on that a little bit?
Bell: Actually, an enterprise architect from my perspective would have the view of the town planner. When they’re looking at the entire city, they're looking at how the various neighborhoods, how the various business zones, etc., fit into that city. The SOA architect, from my point of view, is really more interested in, "Hey, how does that underlying infrastructure allow different neighborhoods to communicate with each other and exchange messages? How are health services delivered across neighborhoods?"
So, it’s more interested in, "Okay, I’ve got a firehouse. Can the fire truck get to the house before it burns down?" The vision of the SOA architect is more associated with the communications pieces within the community.
Gardner: So, the hierarchy might be that the enterprise architect is in the town planner role, the more holistic, oversight uber-architect role, and then a subset of that is making sure that the communication channels between and among these different facets of resources and functionality are behaving well and conforming to what needs to happen.
Bell: Conforming to the standards so that they’ve got a consistent set of standards for exchanging information, those kinds of things.
Gardner: Okay. Neil Macehiter, what you make of this?
Macehiter: In that that classification of the difference between enterprise architecture and the SOA architect, it sounds to me that the premise is that the SOA architect is focused primarily on the plumbing. From a bottom-up perspective, the challenge that many SOA architects face is more around understanding what the services are that need to be delivered in a business-meaningful way, not just about communication and plumbing. It’s also about understanding the high-level, business-meaningful services.
There is a business strategy, there are business processes and priorities, and there are the services we need at a business level. Then, there's a handoff to what’s currently defined as the SOA architect, who will actually define how those services are deployed in technology terms. So, the distinction is quite blurred. A service-oriented approach is one of the methodologies and the approaches that you can utilize to deliver or to support an enterprise architecture initiative. So, I still find a distinction difficult.
Kobielus: I second what Neil’s saying. I’m uncomfortable with just reducing SOA to the plumbing. In the three-layer stack that I carry in my head, the plumbing level is the enterprise service bus, and then SOA refers to development and reuse practices within the development organization to enable maximum sharing and reuse. Then, there’s the layer above that, which is the applications, services and data -- the business processes.
I’ll put enterprise architecture at that very top layer, concerned with the end-to-end set of resources: app services, data, etc. The SOA architect would be the middle layer of the development and reusing. The layer below that, the enterprise service bus (ESB) or whatever, I call that "IT architect" in the sense that it's the infrastructure architect.
Bell: And to be fair, I didn’t mean to imply that the SOA was limited to the plumbing. My intent was saying that the enterprise architect has a much broader spectrum and scope that they have to deal with than your SOA architect has to deal with. Putting it into that city paradigm, you kind of limit it as to how to describe some of the roles. I try to clarify that by saying it’s not just how they communicate, it’s things like, "Hey, where’s the fire station? Do you have a fire station? Where’s your police station? Where are your schools? Where are all those pieces that are providing services to that community and are they adequate for providing the services to their community?" That’s a subset of what a city planner has to do but it’s still an important city-planning kind of function.
Gardner: John, you’re in the trenches, you’re an enterprise architect in a large global concern. How do you see this hierarchy and is this really the right discussion that we’re having?
Bell: My view is that the enterprise architect is at the top of the hierarchy, and at some place, working with the enterprise architect is an SOA architect, and their focus is on, "What are the services that are being delivered, how am I delivering them? What’s the infrastructure I am using to deliver it? Do I need – using that town model -- a police station? Do I need a fire station? Do I need a school? Do I need a museum? And, if I do, how do I get that service out to the community or to the entire city, not just an individual neighborhood?"
So, from my perspective, using a city planner paradigm, the role of the SOA architect, is identifying what are the services that need to be available to the city and how to deliver those services out to the city.
Gardner: Back to you, Steve Nunn. It seems to me that there needs to be a fair amount of flexibility, enterprise by enterprise, and circumstance by circumstance, as to how this SOA architect role pans out. How much standardization and methodological consistency can we bring to something that, in fact, will probably be dealing with huge variability from organization to organization?
Nunn: Something that we’ve had to address in putting the program together is that there are huge differences. Even taking the frameworks that might be used in implementing an enterprise architecture, there are huge differences among organizations. Some organizations are required to use a certain framework. Our approach is not to specify exactly how enterprise architecture or SOA architecture is done in the certification program, but more about the experience of the individual who's implementing it.
It doesn’t seek to define a particular way of implementing the architecture, but is more about the skills and experience of the individuals who are playing that role inside an organization. They could be part of a team in larger organizations, or could be one person in a much smaller organization who is playing this role. The whole idea of raising the value of the architects of various titles in the organization is what we are seeking to achieve with our efforts in the certification program. It’s about raising the standards of that role, and getting people to understand that it’s a valuable role and, apart from anything else, it should be compensated as such.
Macehiter: Dana, could I chip in with a quick question there?
Gardner: Certainly.
Macehiter: It’s about the approach and the experience, rather than framework, and I agree completely with that. Given that the SOA discipline is currently within the IT architect certification, to what extent do you look at the approach and experience in terms of the interface to the business, business understanding, or collaboration with the business? I think that key elements of the SOA architect role are skill and capability, as well as the more IT-oriented skills and capabilities.
Nunn: Well, that's not so different between SOA and enterprise architecture. I’d say exactly the same about the enterprise architect -- that ability to translate the business need into the systems underlying or delivering the needs of the business. It’s something the enterprise architect absolutely needs to have, and that’s why we think there’s a special set of individuals who play this role. So, there isn’t really a difference in that respect between the SOA architect and the enterprise architect.
Kobielus: I like what you do. Thinking about the whole notion of certification, there are two ways to go about it. One approach that you can easily take -- and this is the way it’s usually perceived -- is when you are certifying a CPA, you’re certifying somebody as a skilled in an established and knowledgeful body of practice, be it law, medicine, whatever. But when there’s no consensus body of practice that everybody agrees upon -- for example SOA, which is still evolving -- a certification in that regard is more like when somebody is applying to college. You’ve got to send in your transcripts, write essays, and you also might have to go and do an interview in the admissions office. They look you over and say, "Oh, this is a smart person. Yeah."
So, they consider the sum total of everything you’ve done and who you are in certifying that. They say, "Yes, you’re good enough to be admitted into this college," and then proceed from there. That’s sounds like what you’re doing. You’re certifying the competency of a particular individual in this general field called a enterprise architect (EA) or a SOA architecture.
Nunn: That’s right, Jim, and it’s not a bad analogy at all. It's about assessing the individual. It’s a relatively young discipline in its own right. One of the things that we look at in a conformance requirement is the role that those individuals have played in the projects that they have been involved in, and whether they had been in a lead role or support role, or a combination of the two, but it certainly is about the individual, rather than the specific approach that they take or any particular body of knowledge.
Macehiter: Just one other quick comment on this, if I may. The other dimension for this, I think, is rather than thinking about the role, thinking about SOA as an approach. Then, thinking about how that approach applies to different types of architect. What I mean by this is that a lot of the emphasis and focus on SOA today has been around application development and integration, when, in fact, there’s a broader perspective that really extends across more traditional IT architecture and other disciplines, for example, a service-oriented approach to infrastructure architecture and the service-oriented approach to the operations and operational management of IT.
So, there are two dimensions that a body such as The Open Group might want to think about. One is the role of a service-oriented architect, and the second is how service orientation impacts other architecture disciplines and other IT functions or operation capabilities. If we don’t do that, we risk driving SOA into a particular stovepipe focused on application development and integration, and aren't thinking about it more broadly as an approach that it is an enabler of whatever the enterprise architects are driving out.
Gardner: Thanks, Neil. I suppose, too, that the role of the SOA architect will shift, as the maturity of SOA principles and methods evolves inside of an organization. They might have to start out a bit more focused on application development and deployment issues, move up toward being mindful of the business issues, and then move up more toward being the communications conduit between the fire house and the police station, for example. Does that make sense?
Macehiter: Absolutely. It’s about gradually extending through the life cycle.
Gardner: One of the reasons we are discussing this is that we’ve seen some warnings from analysts and others saying that we are moving toward SOA, but we really might find ourselves without the people with the background and abilities to move this. So, we’re worried a little bit about a dearth of qualified people, which might, in fact, stifle the progress here for SOA.
Do you see that is the case, Steve Nunn? Do you have any sense of numbers and what the demand is going to be? The second part of the question is, if there aren’t enough people, aren’t these roles going to fall upon the enterprise architect anyway?
Nunn: Dana, what we’re hearing is there aren’t enough enterprise architects to start with. So, I think it’s a given, therefore, that the SOA specialists are in short supply too. We’re hearing from our members that if they spot a good enterprise architect or somebody they think has potential for that, then they try and grab them. They’re pretty few and far between right now in terms of folks with experience.
Obviously, there are other folks that we just talked about with the college analogy who might well be groomed into that role in the future. So, certainly there is a shortage right now. That's what we are hearing from our membership. I don’t have specifics on numbers, but the message we hear is that demand is out-stripping supply right now.
Macehiter: This is not new. We’ve been through this with every major technology advance or discipline advance. You used the word "potential" there. I think there are individuals within organizations that have the potential to fulfill that role. Part of the benefit of this certification approach, providing conformance and definitions of what constitutes the role, is that it will help organizations identify the individuals within that company that have that potential, even if they don’t have the 50-page resume that demonstrates that they have been there and done it, because the key element in a service-oriented approach, and an enterprise architect more broadly, is an understanding of the business.
If you’ve got individuals within the organization that understand how the business works, have been around, and know the right individuals to talk to, that that can be of much benefit in terms of enabling effective EA and SOA, as can be going outside, finding someone from a different vertical market or different industry, and bringing them in because they’ve done six SOA projects elsewhere.
Gardner: Thanks Neil. Let’s take that point back to John Bell. Now, as an enterprise architect with Marriott International, I assume that you’re going to be in the position of having to hire or find SOA architects in this climate of scarcity. Where do you think these people will come from and what kind of backgrounds would you look for?
Bell: I think what we are going to have to do -- fortunately or unfortunately, however you look at it -- is end up training our own people. A lot of it goes back to what was just said about having to have an understanding of the business. You have to know the people in the business. You have to understand what the business of the business is. You have to have a lot of domain knowledge in order to create an effective SOA environment.
Because of that, when you pull somebody from outside, they may understand the technology, but they have to come up and learn the business, which is harder to train than somebody who has a general technology background, but knows the business pretty well, because he has been working in the business. Marriott happens to be a company that retains employees for years and years on end. So, in our IT department we have people who may already have 5, 10, 15 years of experience working directly in the business. And we can’t afford to lose that.
Gardner: Do you find that a developer is a fast-track path to SOA architect or a business analyst, even though it makes great sense to have someone with longevity in your organization? Is there particular type of role that they would have played that seems to conform to this need for SOA process management and evangelism?
Bell: In our experience, we are finding developers, as they move through their technology career path, since they have been developing within the context of the business, if they take that broader view, they understand the basis for the SOA architecture that’s installed in this particular company. They tend to make a good SOA architects with the proper training, and sometimes that training isn’t the technology training; it’s the people training -- teaching them how to conduct interviews, how to talk to people, how to get information from people, particularly in a company like Marriott where the business is not technically oriented.
Kobielus: This is all very good, but it doesn’t address the need that many companies have which is, "Hey, we need to hire people straight out of college who have some background in architecture, and where are we going to find these people and how are they going to get certified?"
Everything I'm hearing says that, an EA or a SOA architect is somebody who has experience and, by definition, somebody right out of college doesn’t have experience. So, is this the kind of thing that we can actually train in school or does somebody have to be in their career for 5, 10, 15 years before they’ve been steeped enough in all of this architectural infrastructural development and integration stuff to the point where they can be certified?
Bell: I’m also an adjunct faculty member at Towson State University, and this is an issue that we’re dealing with at the university level so that the university can provide the skills that the local businesses in the Baltimore area need. So, at the graduate school level, we are looking at what we offer in the way of architecture courses that take architecture from an enterprise or SOA perspective, so that we can enable our students who are finishing graduate school to be more and better prepared as they enter their new job market.
Gardner: These are excellent points. Steve, you and I discussed, when we spoke about some of these issues a month or so ago, that you were also trying to encourage universities to create the curriculum and the definition of these jobs. Can you fill in our listeners a little bit on what you’ve seen?
Nunn: That’s right, Dana. Something The Open Group launched at the end of January this year was the Association of Open Group Enterprise Architects (AOGEA), which really is -- the analogy here is the one somebody used earlier with attorneys or CPAs -- to do for enterprise architects what the Bar Association, for example, would do for attorneys, all joking aside. I think one of the things that we’re trying to do is partner with various types of organization in creating this community and this professional association.
One of those groups is the academic community, so we are putting out feelers to various universities to explore the possibility of getting enterprise architecture on the curriculum. There is one university that we are aware of where there is actually a TOGAF module in some of their courses. Obviously, changing a curriculum is a multi-year project, or multi-year plan. It’s not going to happen overnight, but in the interim, one of the categories of membership for the association is students.
So, those who are on a course of some description inside the university or even working in a job and doing part-time study, can join the association, be part of the community, get the information that’s available there, be on the news groups, maybe take part in the local chapter, or whatever they want to do to start building up some experience.
I had somebody come up to me a couple of weeks ago, after a talk I gave, and said, "This is exactly what I’ve been looking for, because in my organization I’m quite junior and the people above me really aren’t that interested in enterprise architecture, and certainly not SOA, but they won’t listen to me because I’m too junior. So, I need to get some experience or immerse myself in this field. Some kind of virtual community that allows people to do that is going to be a great help to me."
So, that’s one of the thing we’re trying to do. There are various membership categories, and student is just one of those.
Gardner: Now, it does seem that we have a climate of opportunity here. There’s the track for developer to move above that role and embrace more business understanding in domain expertise, and that would be a track. We’re looking at more universities preparing people for these types of roles. We’re probably going to find, again, variety within organizations in terms of business analysts or non-tech people coming into this role, because it requires influencing and consensus building, and so forth.
Usually, in markets, when there’s opportunity and there’s scarcity -- and these are probably well-paying jobs -- we would expect for the supply and demand to even out at some point. For those in the field like yourself, John Bell, am I overly optimistic that this supply and demand is going to mesh, or are we looking at something a bit more serious in terms of the next three to five years where there’s going to be a serious deficit of talent?
Bell: I think that the supply and demand will eventually mesh, but there may be a gap in the next year or two. I don’t know if it will carry out for three to five years.
Gardner: Well, thank you very much. Let’s move on to our next subject of the day.
In March an announcement came from the consortium of large IT vendors including SAP, IBM, Oracle, BEA, and Cisco. They have formed a series of proposed standards, the Service Component Architecture (SCA) specification and the Service Data Objects (SDO) spec. We are not quite at the standards level, but that seems to be the goal, to take this approach through OASIS, which is the organization that’s overseeing the Web services specifications and standards, WSDL, UDDI and SOAP and so forth and all the WS-* specifications.
It seems that the vendors have stepped up and said, "Listen, we need a level of standardization. We are going to do some heavy lifting, create some specifications, and then we are going to hand them off to the standard organization." This strikes me as an important juncture in the maturity and real-world applicability of SOA, and I wanted to test that hypothesis on Jim Kobielus.
Kobielus: Yeah, it’s very important. It’s clear that the SOA paradigm requires ever more high-level abstractions to enable easy development of very complex, orchestrated, end-to-end services. The SCA and SDO specifications – the initiative has been being going on for a couple of years – have come a long way and they’ve got pretty significant support throughout the industry. Microsoft is one of the few important holdouts. It's not only the high-level abstraction for developing competence services, but also, especially, in my area, the SDO, the high-level abstraction for working with heterogeneous data. I see the SDO, in itself, becoming potentially the standard industry framework for what’s called the semantic layer for any data integration.
So, I’m very keen on the potential for SDO, for example, within the business intelligence space, the data warehousing, and the enterprise, information, integration space. The fact that now OASIS will be taking over ongoing development of SDO, puts it on a very important fast track. Hopefully, we’ll get some of the business intelligence (BI) vendors like Business Objects and Cognos behind it. That’s one of my fond hopes.
Gardner: Jim, you’re tracking the data management side on this quite deeply. Do you think that SDO has the potential to become the ODBC/JDBC of SOA in terms of what those things enabled and empowered for distributed architecture?
Kobielus: It’s quite likely, because it’s leveraging the whole WS-* stack and the whole notion of semantic web that’s been kicking around for long time. Tim Berners-Lee keeps this going. It’s really a utopia of interoperability, where the semantic layer is the resource description layer for describing metadata. If you look at the so called semantic web’s specifications like OWL, RDF and a few others, they have not achieved takeoff velocity in the data management world. I can count on one hand the number of the BI or data warehousing vendors that are implementing OWL, for example. The semantic web has not really gotten any traction with standards or specifications where it counts.
With SDO, I still don’t see significant traction yet in the whole BI space, but the fact is that every BI vendor is SOA-focused and enabled and getting ever more so. That’s one of the clear gaps I’ve been seeing in the whole enterprise information integration (EII) side of it all in terms of distributed master data management (MDM). Every vendor, including Business Objects and the others, have their own semantic layer. That’s what Business Objects calls it.
As yet, there is no federated semantic layer specifications, but customers are asking for federation of say, Business Objects, Teradata, Microsoft, Oracle, and I believe that at some point BI and EII will converge around a common set of standards. I’m getting further and deeper into SDO, and it really looks like this is a strong potential framework for them all to work together going forward.
Gardner: A framework for a common and federated metadata approach, is it not?
Kobielus: Yeah, exactly.
Gardner: Now, the politics here struck me as a little bit interesting. Ed Cobb of BEA, who was on the call describing the movement of these specifications to OASIS, said that he hopes that this does for SOA what J2EE did for n-tier in distributed computing, which is to create a climate of growth with application server vendors coming together and ISVs building applications that take advantage of these. That sort of exploded during the mid- and late-1990s into what is now a predominant architecture for enterprise applications, as well as large Web commerce and online commerce types of applications.
Neil Macehiter, what do you make of the politics here? If J2EE did for distributed computing what they hope this does for SOA, why aren't SDO and SCA going into the Java process?
Macehiter: You've hit the nail on the head there. I think there are a couple of issues here. First is, if it went into the Java Community Process (JCP), you’re talking about SOA based on purely Java. As my colleague put it at the time, it’s like a three-legged dog running in a race. If you’ve only got Java, then you’re not really addressing one of the core propositions of SOA -- that it is about heterogeneous interoperability, with services based on multiple languages.
Gardner: What happened to "write once, run anywhere?" Wasn’t that heterogeneity and interoperability?
Macehiter: One programming language, and that’s the distinction. The SCA and the SDO are multi-program, multi-language.
Gardner: So, an abstraction above Java their pointers will make sense?
Macehiter: Yeah. Actually, the second point is that, in part, the creation of SCA and SDO was motivated by the frustration with the J2EE process. Enterprise JavaBeans (EJBs) and things like that never really took off. Some of the lightweight programming frameworks, Spring and Hibernate, were just taking great chunks out of J2EE in terms of deployment.
Then there was a significant amount of discontent among the Java community around the support for Web services, which is clearly one of the key enablers of SOA. Those three things, plus what Microsoft was doing with the Windows Communication Foundation (WCF), and the work they’ve been doing around it, caused the big J2EE players to think, "Well, actually we need to do something different." That was the motivation.
Gardner: I suppose it’s water over the dam at this point, but perhaps if the J2EE and a variety of Java framework specifications had moved into a standards organization like OASIS five years ago or so, the SOA specifications and the Java specifications could find themselves in the same organization. That seems now not to be the case.
On the other hand, if Microsoft has been the holdout in terms of embracing SDO and SCA, and is focusing more on .NET Framework -- but OASIS was a place where Microsoft felt comfortable going when it came to working with folks like IBM on the Web services standards -- do you think that this might move the hearts and minds of Redmond, Washington toward a bit more SOA compatibility and the programmatic approach to SOA, rather than just the interoperability approach?
Macehiter: My gut feeling is "no." And the reason is that Microsoft has collaborated with the likes of IBM, BEA and others, its historical competitors, up to a certain level up the stack. But the level at which SCA and SDO are operating is at the level where Microsoft has a massive investment, and a significant proportion of its business has been driven out of this at the programming model level.
So, I think it would take a lot for Microsoft to move to support SCA and SDO within the composition framework that they have, which is fundamentally around Visual Studio. Whether we are talking about BizTalk or Sharepoint or Office, it’s all around that programming model, which is tied into WCF and Windows Workflow Foundation. So, I just think the battle line is drawn at that level.
Gardner: What we are facing is perhaps an important decision within enterprises and service providers, software-as-a-service (SaaS) providers, and ISVs as to which role you perceive for .NET playing in Microsoft’s tools and process runtimes. Are they a subset of SOA, or are they in fact the master -- and the rest of the SOA componentry is the slave?
That would be one way of looking at it. The other would be that .NET should be just another spoke in the hub of all SOAs. Jim Kobielus, do you think we are going to be facing this sort of a face-off between the role of Microsoft as the hub or the spoke?
Kobielus: I think Microsoft has gotten much more open to being just one spoke. But I wouldn't use the hub vs. spoke analogy here. They’ve become more comfortable with the notion that they’re just one node in a vast mesh on the Internet in terms of Web services and SOA. So I don’t see Microsoft in face-off mode in the SOA world, or where SCA or SDO are concerned. A couple of years ago it might have been different, but it has changed.
Gardner: How about in terms of the role of their communications, their ESB, WCF (the former Indigo) and the role of BizTalk? It seems as if they are happy to be a spoke on one level, but they’d also like to be where business process is coded and logic is instantiated, and therefore become "the place" where SOA is driven, the dashboard from which SOA is driven.
Kobielus: Well, pretty much every BPM vendor wants to be that hub, that business-process hub, and Microsoft is not alone. Companies like TIBCO with ActiveMatrix, are interesting, because basically what it is doing is it is virtualizing the app server or the integration server, so you can run your .NET logic and your J2EE logic, and so forth in different containers on the same platform. That kind of architecture is more where the industry is going. In that case, TIBCO necessarily isn’t trying to be the one and only integration and logic hub out there. It is simply trying to be the hub of all hubs, but one of the hub of many hubs federated to each other.
Gardner: Is it that you don’t agree with Neil then, that if Microsoft is a bit more ecumenical on this, would we expect them to embrace SCA and SDO? Is that what you expect?
Kobielus: It’s a relative thing -- getting ecumenical. They get ecumenical when they are good and ready, like they’re doing right now in the identity space, with this whole notion of user-centric identities. It’s taken them a couple of years of sitting back, watching things like OpenID and Higgins develop. And then finally they make a token offering that says, “Okay, we’ll implement OpenID in the next generation of the Vista Card Space."
And, once again, my sense is they’re going to wait quite a period of time, at least a year, before they make any public pronouncements on the extent to which they are going to work with OASIS on SCA and SDO. It’s just their nature, and they are going to pursue their proprietary approach, as long as it holds out, and as long anybody will implement it.
Macehiter: I’m not suggesting that this a face-off. What I am suggesting really is that it comes down to the point of control that an organization or vendor has. Microsoft does not want to be denigrated to the plumbing, even if that’s interoperable plumbing. The point you raised about TIBCO with ActiveMatrix is that it’s actually using the SCA programming model in order to provide this abstraction.
So, ultimately in that environment who’s controlling it? TIBCO is becoming the master, and it will be the same in an IBM environment. SCA may be under the hood, but ultimately there will be a point of control that IBM wants to wrest for its process server for its development tools, and that’s what Microsoft wants to do. The challenge is that SCA and SDO are trying to do the same thing as Windows Communication Foundation and Microsoft tooling around .NET and SOA.
Gardner: To wrap up, it seems that it's not a face-off, but perhaps there are, as Jim points out, a lot of vendors who would like to be that over uber-dashboard, point of control. Some are BPEL-focused and others are taking different tacks. SCA seems to be playing a role for many of them, and Microsoft would like to play that role as well -- but perhaps thinks that it has an advantage through the way it’s architected up to this point. The market will, I suppose, determine who the ultimate winner is.
Macehiter: I think a lot will depend how quickly the tooling comes out around SCA and SDO, as an alternative to Visual Studio.
Bell: The other piece too is, as Microsoft tends to build those kinds of capabilities in as part of the operating system, other vendors tend to create them as standalone products and infrastructure pieces. If you are a small company, having it built into the operating system is a value to you, but in large, heterogeneous environments that can be costly to you. So, that’s always been used by Microsoft. If you look at CORBA versus COM and DCOM, it’s the same story.
Macehiter: Absolutely.
Gardner: You’ve been listening to yet another BriefingsDirect SOA Insights Edition, Vol. 15, for the week of March 19, 2007. We’ve been joined by Jim Kobielus, principal analyst at Current Analysis. Neil Macehiter, a research director at Macehiter Ward-Dutton. Steve Nunn, the vice president and COO of The Open Group, and John Bell, enterprise architect at Marriott International.
I'm your host and moderator, Dana Gardner, principal analyst at Interarbor Solutions. Thanks everyone, and thanks for listening.
Listen to the podcast here. If any of our listeners are interested in learning more about BriefingsDirect B2B informational podcasts or to become a sponsor of this or other B2B podcasts, please fill free to contact Interarbor Solutions at 603-528-2435.
Transcript of Dana Gardner’s BriefingsDirect SOA Insights Edition, Vol. 15. Copyright Interarbor Solutions, LLC, 2005-2007. All rights reserved.
Subscribe to:
Posts (Atom)
