Hybride Integration in komplexen Organisationen · API MANAGEMENT (1) INTEGRATED API TOOL CHAIN 7...
Transcript of Hybride Integration in komplexen Organisationen · API MANAGEMENT (1) INTEGRATED API TOOL CHAIN 7...
HYBRIDE INTEGRATIONIN KOMPLEXENORGANISATIONEN
Peter Brückler
Senior IT Architektpeter.brü[email protected]
SOFTWARE ARCHITECTURE DAYWIEN | 6. JUNI 2019
v1.00a
Christoph F. StrnadlVP Global Industry Solutions Architecture
Lead SAG Blockchain Initiative
HYBRID DISTRIBUTED INTEGRATION (1)SETTING THE SCENE
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a2
END-2-END
BUSINESS
PROCESSES
On-Premises
Applications and Data Sources
EDW Mart
MDM
Subsidiaries
Business
Process
Networks
Business Partners
Mobile Apps
Social Networks
“Things”
SaaS/Cloud
Services
HYBRID DISTRIBUTED INTEGRATION (2)«INTEGRATION 4.0» OR THE PAST STILL MATTERS
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a3
EAI SOA (Top-Down) Agile / Lean (Bottom Up) Internet of Things
1995s 2005s 2010s 2015s
Hub-and-Spoke
IT-driven
Service Bus
management-driven
API
developer-driven
IoT Services Platform
business-driven
Adapters, Standards: EDI – B2B
Data: FTP / X.12 / Shared DBs
Functions: RPC / RMI / BABI
Web Services (HTTP/SOAP)
XSD / WSDL
WS-* Standards
IoT / Industry 4.0
Cloud integration
CEP
Microservices
Containers
Service Mesh
RESTful services
HTTP / JS / JSON
Mobile / Social
API Management
NoSQL / GraphQL
RAML / OpenAPI (Swagger),
JSON Schema / Hypermedia (HAL / Siren)
Service Management
Service Mediation / Orchestration
Business Activity Monitoring
Middlewares & Suites: Object & Component (CORBA) /
Message Broker (MoM) / ESBs / BPM / Workflow Engines /
Portals …
HYBRID INTEGRATION (3)HOW ENTERPRISES SEE THEMSELVES
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a4
SWISS FINANCIAL
SERVICES COMPANY
FRENCH AGRICUL-
TURAL MERCHANT
& PROCESSOR
Legacy Custom
ERP
ON-PREMISE
SCM
SaaS
SaaS
SaaS
Custom
SaaS
PUBLIC CLOUD
Custom
PRIVATE CLOUD
HYBRID INTEGRATION (4)CHALLENGES AND APPROACH
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a5
CHALLENGES
avoid point-to-point integration
spaghetti in the Cloud
still need app-specific integration
skills
provide single point of visibility
and governance
iPaaS STATE OF THE MARKET
on-premise centric solutions
existing ESB vendors use
traditional tooling
migrate logic to cloud runtimes
cloud centric solutions
good coverage for SaaS-2-SaaS
connectivity
limited in on-premise integration
hybrid solutions
flexibility to provide tools for both,
on-premises and cloud integration
“self-service” capabilities for cloud
apps
ESB on premise
ESB in CLOUD
Integration PaaS
(iPaaS)
«Cloud Adapter»
MIC
RO
SE
RV
ICE
S
API MANAGEMENT
CONNECTIVITY
Un
ified
Mo
nito
ring
PROFESSIONAL
DEVELOPER
AD-HOC
DEVELOPER
B2B APIsiPaaS CITIZEN
DEVELOPER
PartnersD
EV
OP
S
IoT
&
Inte
llig
en
ce
ThingsCloud Apps MobilePortals
HYBRID INTEGRATION (5)INTEGRATION AND APIS
SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a
Social
Packaged Apps Databases Mainframe Big DataContent
CL
OU
D N
AT
IVE
06. JUNI 20196
API MANAGEMENT (1)INTEGRATED API TOOL CHAIN
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a7
EX
TE
RN
AL
DM
ZIN
TE
RN
AL
EVENT & INTEGTATION BUS
(INTERNAL) API GATEWAY «Mediation»
API
CATALOG
OOB1
MGMT
(EXTERNAL) API GATEWAY «Threat Protection»
API
PORTAL
CLIENT APPLICATIONS
CLIENTDEVELOPER
INTEGRATED API TOOL CHAIN
management connections
API execution connections
LEGEND
SAG component
Other component
1) out of band
API GATEWAY «THREAT PROTECTION»
threat protection
situated in the DMZ
clustering using Terracotta Server Array
API GATEWAY «MEDIATION»
authentication
policy enforcement
mediation layer
situated in internal network
(“GREEN ZONE”)
clustering using Terracotta Server Array
API CATALOG
API Lifecycle management
catalog of APIs and all related assets
management and documentation of APIs
API PORTAL
web-based self-service portal
branding & customization
SOAP & REST APIs
quick & secure access token provision
early discovery & testing of APIs
quick & secure new user onboarding
community support
built-in usage analytics
REVERSE PROXY
PATTERN
API
CONSUMERS
API
PROVIDERS
INTRANET
APPLICATION SYSTEM
Integrate and compose
APIs with
wM UM & IS
Manage the API lifecycle
with CentraSite,
SAG’s API Catalog
Protect and virtualize your
APIs with
wM API Gateway
Engage with developers &
B2B partners through
API Portal
Monitor communications
out of band (OOB) and
holistically with
wM Insight
API MANAGEMENT (2)CUSTOMER EXAMPLE - H/A COMPONENT ARCHITECTURE
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a8
External User
Apps | Platform
Consumer
API-Catalog
(CentraSite)
Publish API & Key
Deploy
API/Application
DMZ Internal LAN | Trusted Zone
API-Developer
& Approval
Lookup API
http/s
Platform
Notification Endpoints
Provider
Pull API
Push APIs
Request Approval
Register Application
API-Portal
Manage API-Portal
http/s
Directory Servicehttp/s
ADC...Application Delivery Controller | Appliance (z.B. NetScaler, Alteon)
EL… ElasticSearch | TC…Terracotta | LB…LoadBalancer
ADC
Applications
& Systems
1…n
ESB
MessagingAPI-Gateway Cluster
API-
GatewayNode #1
API-
GatewayNode #2
API-
GatewayNode #3
EL | T
C
#1
EL | T
C
#2 [
+ #
3]
EL | T
C
#3
Pro
xy
Internet
http/s
Authentication
Policy Enforcement & Mediation
ADC
LB
Threat Protection
Internal
API-Consumer
ADC
LB
Reverse
Invoke
Permanent
Connection
No open
inbound Port
Publish Metrics | Publish API & Key
API-Gateway Cluster
API-
GatewayNode #1
API-
GatewayNode #2
EL | T
C
#1
EL | T
C
#2 +
#3
MICROSERVICES (1)SPEED OF DEPLOYMENT TRUMPS RE-USE (& COSTS)
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a9
DEFINITION
“Microservices are small, autonomous services that work together” Sam Newman
MICROSERVICES ARCHITECTURE
“Loosely coupled service-oriented architecture with bounded contexts” Adrian Cockcroft
“Microservices is a specific flavor of SOA. Due to unique features, it deserves
a name.”
Martin Fowler
“If every service has to be updated at the same time, it’s not loosely coupled”
Adrian Cockcroft
“Focus on building services that make development and deployment easier,
not just tiny services
Chris Richardson
independently deployable
MICROSERVICES (2)SOA VERSUS MICROSERVICES ARCHITECTURE
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a10
SOA MICROSERVICES
FOCUS integration
re-use
orchestration (composition, aggregation,…)
autonomous deployability
scalability
INTEGRATION adapters
ESB
ignored
RE-USE at the level of services
native cross-service orchestration
limited to APIs
data duplications accepted
SCOPEenterprise / cross-application
federated domains
enterprise
application
DRIVERS architects
IT managers, partly business managers as well developers
EXPERIENCE started approx. 2003
mass of integration-centric successes
quite some (large) failures
conceived 2011
few (lighthouse) successes
CROSS-SERVICE
ORCHESTRATION
native M2M/A2A in the ESB
native H2H/H2A via BPMS ignored
COMMUNICATIONS heavy-weight (WSDL)
light-weight (REST)
light-weight (REST)
middle-weight (RAML, Swagger)
MICROSERVICES (3)PLATFORM
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a11
GOAL “Good platforms increase the harmonic balance between speed and safety of change at scale”
MICROSERVICES CONCERNS
SHARED CAPABILITIES LOCAL CAPABILITIES
shared across all teams and across all team members selected & maintained at the team level
Local Testing: bounded context specific logic, NFRs, …
Continuous-Delivery-Pipeline: staged rolling out, managing
VMs & deployment packages, runtime configuration, …
RBAC / Authorization (AuthZ)
Service observability: Logging, Tracing, Monitoring & Alerting
Programming Language and Frameworks
Look & Feel: UI Composition vs. Frontend Monolith
Documentation
Hardware services: baseline OS, system monitoring, etc.
Code management: SCCS
Operation & Management: Monitoring, Deployment-
Technology, Provisioning, Instance management,…
Integration & Consumer-Driven Contract Testing
Data Stores: RDBMS, Riak, Neo4J
Service discovery, orchestration & mediation
Routing & Load Balancing
Security, Identity (AuthN) & Policy Enforcement
Communication Protocols
Don’t confuse the
«Microservices Platform»
with a full «Digital Business
Platform»
PLATFORM MACRO ARCHITECTURE MICRO ARCHITECTURE
CAPABILITIES
INDIVIDUAL
CAPABILITIES
?
MESSAGING
MICROSERVICES (4)DESIGN & CONCEPTUAL LAYERS
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a12
SOFTWARE-
INTENSIVE
SYSTEM
MODULE
LAYER
COHESION
LAYER
(EXTERNAL) CLIENT
LAYER
CONNECTIVITY
LAYER
«monolith»
MODULE
µS µS µSµS
DOMAIN DOMAIN DOMAIN
CLIENT
API GATEWAY
CLIENT
«API GATEWAY»
(external) security
orchestration
routing
µS – Microservice
MQ – message queuing
light-weight MESSAGING
synchronous: REST
asynchronous: MQ
Start with the «Monolith» in mind!
MICROSERVICE
MICROSERVICE
ARCHITECTURAL PATTERNS (1)LIGHTWEIGHT COMMUNICATIONS – OR WHAT?
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a13
API CONSUMER
LAYER
SERVICE
PROVIDER
LAYER
MICROSERVICE
LEGACY B2B & EDI MICROSERVICE
security
API granularity
API routing
MICROSERVICE
API GATEWAY
security
mediation
orchestration
routing
LEGACY B2B & EDI
INTEGRATION
MICROSERVICE
classic EAI / ESB
deploy as microservice
NORTH BOUND
MEDIATION
SOUTH BOUND
INTEGRATION
PROVIDER API
LAYER
PANAMA
CHANNEL
NORTH-EAST
PASSAGE
HOT SOUTH COLD NORTH NAÏVE
MICROSERVICES
MICROSERVICEMICROSERVICE
HYBRID MICROSERVICES ARCHITECTURE
API
logic MS MS
Container
Package2
MS MS
Container(s)
EVENT BUS
Container
wM IS Package
MS MS
Packaged Apps Big Data Legacy SaaS DB
ARCHITECTURAL PATTERNS (2A)FROM «TEXTBOOK» TO «HYBRID»
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a14
INTEGRATION BUS
TEXTBOOK MICROSERVICES ARCHITECTURE
based logic
EVENT BUS
MS MS MS
API (Mini Service Layer)
MS MS MS
Container(s)
Packaged Apps Big Data Legacy SaaS
TRADITIONAL INTEGRATION ARCHITECTURE
Composition & Integration Logic
Packaged Apps Big Data
API
Legacy SaaS
Connectivity
CONSUMERS
P P P PPackages
ARCHITECTURAL PATTERNS (2B)ESB FUNCTIONS IN A «MICROSERVICES» FASHION
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a15
MONOLITHIC (“CLASSIC”) ESB
ConnectorsFlow Services
BPMS B2B FT B2B
PKG Management
Security
Runtime Kernel
4 GB, 4 Cores, 2GB Disk
MICROSERVICE “SLICED” ESB/BPMS
API GATEWAY
MESSAGING
Runtime
Container
Security
API
PKG Management
Flow Connectors
Runtime
Container
Security
API
PKG Management
BPMS Services
Runtime
Container
Security
API
PKG Management
B2B Connectors
DATA PROCESSING
DIGITAL EVENTS
CONTAINERSData- &
Functional
Services
Microservices
AP
Is
AGILE
PROCESS
AP
Is
IOT APPS
DIGITAL APPS
eHealth
Public citizens
Alerts
APIs
Human
Social
Security
Smart
Govmnt
API
Gateway
API
Portal
AP
IsA
PIs
DATA
STORAGE
ARCHITECTURAL PATTERNS (3)DIGITAL ARCHITECTURE FOR 21ST CENTURY
06. JUNI 2019 SAD - Hybride Integration in komplexen Organisationen (CFS/PB) - v1.00a16
STREAMING
ANALYTICS
AP
Is
Event Store
AP
Is
In-Memory Data Fabric
& Transport Layer
AP
Is
DATA SOURCES INTEGRATION
TH
ING
SS
OC
IAL
CL
OU
DIN
TE
RN
AL
PaaS
SaaS
PA
RT
NE
R
ERP
Enterprise
Integration
Cloud
Integration
B2B
Integration
Mobile & IoT
Integration AP
IsA
PIs
API ACCESS CONSUMERS
MAPPED
TO SAG
17 |
Freedom as a Service