Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
18. 9.2007 Greetings to the participants of RT reviews on matters of architecture/CTO and SOA EAI Following various delays (vacation, holidays and heavy workload), the following is a joint summary of the two meetings that took place. In this summary, we have tried not to expose the identity of the organizations, while at the same time providing relevant details. Even though these were two separate meetings on different subjects, we decided to summarize them together. This is because, in our opinion, architecture/CTO and SOA EAI are matters that should always be interconnected. The following is a brief summary of the messages that emerged from discussions. It is followed by a more detailed description of comments by the various organizations: •
The definition of the architect/CTO function – there are organizations that have a clear definition of CTO and architect, with the CTO function usually being of longer standing and higher status. Generally speaking, the CTO is responsible for selecting technologies in the organization as a whole (what will be the accepted standard in the organization?), while the architect is responsible for choosing specific technologies for a project (what servers and storage are to be used for a specific project – ERP? Will any use be made of Cluster? and so forth). There are organizations in which the roles of CTO and architect parallel one another, the CTO dealing with infrastructures while the architect handles applications/ software. There are also organizations in which the functions of the CTO or the architect constitute part of the job of the infrastructures manager.
•
The involvement of the CTO/architect in new projects – there are organizations that have a clear, built-in start-up process of new projects with the participation of representatives of the CTO/architect entity. Sometimes, the start-up is accompanied by an Architecture Review (AR) process followed by Design Review (DR) processes. On the other hand, there are organizations in which this process does not exist at all or, alternatively, the participation of the architect/CTO entity is voluntary, which is to say, as needed. Thus it sometimes transpires that an unsuitable technology has been chosen, or that a functionality already existing in the organization has again been developed. In most cases, major projects get full attention, but small projects, or, alternatively, urgent projects do not follow the full track and then, too, problems emerge – when the project is already at the production/ maintenance stage, and when, of course, it is more costly to make corrections. In other words, great significance attaches to the fact that the architect/CTO should be a figure with whom people wish to consult, and by whom they do not feel threatened. An important note: an orderly, structured start-up process of projects undoubtedly delays the project and crates overheads. To be sure, a representative of one of the most efficient organizations (compared to parallel IT organizations in the industry), noted that his organization does not have any structured, heavy process. In the CTO and architect forum, the voices of 1
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
projects managers, who might complain of “red tape” in getting the project approved, are not heard. •
Enforcement – most organizations stated that in any event, there is no painstaking enforcement of the decisions (and standards) of the architect/CTO. The reason for this is that management is in a dilemma between enforcing the standards and recommendations of the architect/CTO entity and supporting the individualism of whoever is handling/ developing the project. This individualism obviously must not be completely stamped out.
•
Written standards – written standards are generally accepted, primarily in organizations which, in principle, outsource their development. Development outside the company is a challenge in all matters pertaining to re-use.
•
Stages in entering into SOA – o The project start-up stage: some organizations have held workshops for business referents and department managers. It is also a good idea to hold an SOA Roadmap Project for constructing a hierarchy of the services in the organization. o Construction of an ESB o Construction of a complementary environment for the ESB – a layer of conversions, monitoring and control, security and so forth. Sometime, a layer of file handling is also included. o Assimilation of a Workflow/BPM system.
•
The most important point (of course …) is commitment on the part of management, with the SOA manger regularly meeting with all project managers and trying to arouse their greatest possible interest in services existing in the pool
A few more points: •
One customer encourages reuse of a code by rewarding developers who use a code that has already been developed.
•
Customers complain of the high costs of the environment complementary products (SOA Governance products, SOA test products and so forth).
•
Customers are developing infrastructure-type Web services, and publishing the list of the entire WS on a portal.
•
A customer noted that use is made of only 10% of the sizing of the ERP system (since it transpired that the sizing was oversized…).
2
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
Table of contents
Communications domain organization Financial domain organization Financial domain organization Public domain organization Public domain organization Communications domain organization Health domain organization Financial domain organization Public domain organization Public domain organization Financial domain organization Communications domain organization
Page 3 4 5 6 8 8 9 9 10 11 11 13
Communications domain organization Organizational structure: software infrastructures manager (the organization has no CTO) Description of project process in this organization: The architect is located in the Billing branch but provides service to the entire division in the domains of EAI and configuration management There is no standard for new projects. Ad hoc decisions are made as to who will form the team. Sometimes there is no one to fill a particular position on the team. Whoever is operating the project decides whom to invite. There is no control of procurement. The advantage: – speedy processing. Why is this organization entering into the SOA EAI domain? It transpires that people working on the same floor are unaware of parallel developments! It is not customary to make the use of existing services or functions compulsory. Management is content to merely publish the information. For example, SMS message sending. The organization discovered that there were 5 different methods for sending an SMS using different SMS sending infrastructures. Sometimes a protocol was developed for accessing the SMS machine. SOA and also EAI reuse Such reuse only recently commenced, although the EAI is highly developed. Services are advertised on the SPS portal. Every project adduces new services. There is no forum, but every so often, services are advertised that
3
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
may attract interest in the various categories of ERP, DW etc. The division also held an internal road show. The definitions of the use of services (via ESB) are: currently, usage is only recorded post factum. In future, the service head will be asked how much he will want to use the service and he will be provided with the service accordingly. Team size 2.5 persons creating integration! All in one team. The team packages and advertises the service. Financial domain organization Organizational structure: there is a CTO function. The functions of the CTO are: to deal with the chief programmer, connectivity, DBA, and to handle the operating systems and quality control. Description of the project process in this organization: The Architecture Review (AR) process – the CTO examines each incoming project and makes a recommendation (is it suited to the general architecture of the organization?). This takes place primarily with new projects entering the organization and not so much with updates/ versions of existing projects. There are central control points – for example – procurement (nothing is purchased without approval). o Stage I – project start-up. This takes place in an orderly manner. The emphasis is on a customary request paper that creates costing. Costing is revised at later stages. o Stage II – AR and DR testing:
Testing of an AR project – an AR team is composed of representatives of infrastructures, including software, communications, hardware, command & control, storage, SOA and DW. A large team consisting of 12 – 15 persons. There are about 18 infrastructure elements. From an architectural point of view - the project manager activates the specific teams –DBA, storage etc. In AR what is most important is control and accompaniment (the intention is to make these “more active”).
DR – design review. The DR team has more to do with applications (half MF half open). It is best that people come willingly to DR, there are objections. The DR teams consist of the project manager, 5 – 6 experts in various fields of development, connectivity and so forth. The significance of DR is in getting to the heart of
4
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
the matter: utilization of services, key routines, production concerns and so forth. o Stage III – Transfer to production. A further test takes place. This is a large organization, with some 300 projects annually (the definition of a “project”: more than one month’s work). Systemic projects: there are 5 to 10 a year Medium size projects: there are 20 to 30 a year The CTO is the chair of the AR committee! In other words, the function of the CTO is structured and forms a part of the set up of every project. SOA EAI In terms of services and SOA, organizations are still at the beginning of the road. They already have thousands of services and there is no control. For example, a table of permissions was set up to determine who has access. In AR things are out of control. The question of who performs what function has not been settled. In DR, things are being discovered (meaning that people are discovering that they have just developed something that already exists elsewhere); but sometimes it is too late… Use is being made of an organizational portal – knowledge management of what is happening in IT. Knowledge is accumulated and entered into a portal. There are knowledge communities in my business too. They started last year. Financial domain organization Organizational structure: - there are two separate functions in the organization – architect and CTO Chief Applications Architect – a new function in the organization that handles primarily software. An additional function is that of CTO, who handles mainly hardware and information security, control in terms of infrastructures, hardware, servers, storage, backup network, and also information security. The function is one of assimilation of technologies. The borderline between the two functions: Infrastructures: server – until delivery to the applications personnel – connection to the network, firmware, operating system, backup, storage. The infrastructures personnel set up DBMS but do not define a schema.
5
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
Despite the clear definition there are matters that are still not resolved. For example, the matter of information security – which is also application related (credit card numbers held in the system) and also infrastructures (breakout from the WEB). Treatment of a new project An example of a project would be an organizational portal (IBM was chosen). The CTO – chooses a technology of servers - what segment of the network – and it is implemented with the architect. At more advanced stages, the CTO is not involved. The product of the CTO in this organization is that of a topological instrument – recommendations for hardware, central storage, with or without virtualization and so forth, and also costs, policy regarding survivability and backup. The architect – handles issues of connectivity - determines how web services will appear. Public domain organization Organizational structure: CTO + infrastructures manager + architect - They endeavour to build infrastructures and to use them for several projects. For example, an infrastructure was constructed with applications of NLB + WEB. And then, each new application is entered into something like it. SAP is currently being addressed. The architect primarily handles performances, information security – authentication authorization (at the same time, there is also a VP information security). Recording of inventory, both application- related and infrastructural – also asset management and the links between them. Mode of handling a new project in this organization: An RFP is prepared. It contains a technology chapter which presents existing infrastructure and constraints, types of operating system servers, NLB configuration, and allocation of resources, backup and so forth. As regards applications – determination of architecture. And then an invitation to tender is published. Bids are issued that pass via the CTO/ infrastructures manager. Technological testing is carried out. Also during development – they are involved in various DR that are made for the project (even code review), and they make comments on the code (which is to say, on the code written by the contractor). DBMS structure is forwarded to them for approval. Following completion of development: – delivery and acceptance tests – in the laboratory of the organization. Tests are conducted as to response times, exceptions and so forth. If unsatisfactory – possible solutions are explored.
6
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
Why go in for SOA? In this organization, the request for SOA came, oddly enough, from management. The architect is currently trying to coordinate expectations. The plan is, at the initial stage, to hire an architect to lead the SOA in the organization. Some perplexity has arisen with regard to interfaces in SAP. Use will be made of XI but also of BizTalk. Comment by another customer on this matter: “It was difficult to interface between XI and WBI” An effort is being made to handle WS in terms of command and control. A table prepared in respect of each WS – identifying the user and so forth, and then it will be applied in the portal. The organization would like to develop infrastructure type WS.
7
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
Public domain organization Organizational structure There is a CTO who does not choose and operate infrastructures, but handles all matters connected with research and development, and is administratively responsible. In other words, the CTO is in charge of all “technological standardization” in the organization (standards of connectivity, RFID and so forth). Mode of handling a project in this organization: Involvement in major projects – each project has a project forum that accompanies it throughout the entire process, from the request stage to realization. What is the demarcation of an application? Connectivity between systems. There are representatives of the infrastructures entity, the project manager, security and, if necessary- also communications representatives. For example: connectivity standard – WSI – the CTO is responsible. Communications domain organization Organizational structure: CTO of IT. The organization has an engineering division and has recently been trying to combine engineering and IT into a unified architecture. For example: at present, there are still two separate command and control environments. In the past, EAI was part of the infrastructures, but today, it is being transferred to the applications domain. The organization has long standing activity of infrastructures design executed by the CTO (the next storage system, the next operating system and so forth). Also, tactical projects: should they be installed on the same computer? Should LINUX or Windows be used? To which network? What storage? Etc. Project process: The organization has a forum that implements general Design Review of a project, but it is too large a forum, and does not admit of constant and detailed involvement. The tendency today is to conduct a design review before it reaches the large forum. They are at the beginning of the process. Infrastructural architecture is separate from application architecture. Infrastructural architecture has a convenient forum. In infrastructural architecture they expect the project managers to define the functional requests to be made of the infrastructures: “We need 100 users implementing A activity”. There is a process conducted by the CTO vis-à-vis the project manager in which he creates a document of infrastructures for the project - manufacturing, 8
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
development and testing environment. The objective is to try and cover operating system DBA, connectivity, TIER and so forth. This is later approved and then the infrastructures CTO is out of the picture. Following approval of the document every domain has to make a detailed design – making a decision as to what patch to use and so forth. For example, following the decision of the infrastructures CTO on Tier 1 storage, the storage man decides which specific LUNs to define. If there are substantive changes – the matter goes back to the CTO infrastructures. In other words, this is high level design of infrastructures. The CTO infrastructures must be familiar with the Cluster and with the IO but not actually below that level (to define LUNS himself). Health domain organization Organizational structure: There is a CTO and he has an architect subordinate to him. The CTO also serves, in practise, as infrastructures manager. The architect deals primarily with issues such as performances, information security – authentication authorization (there is a parallel position of information security VP). The architect tries to carry out recording of application related and infrastructural inventory – “both asset management and the connections between them”. (They have not experimented with anything like nlayers). Handling of projects:
System DBMS Connectivity And, today, also information security
In major projects – meetings with suppliers take place even prior to the invitation to tender - with the CTO and architect and also system and DBA. There are comments – on the basis of the standards documents. The documents are divided into mandatory and not so mandatory. Then, when an application is received, the organization conducts the tests separately – which it is to say: on its own. Financial domain organization Stages of entering into SOA architecture and the various layers: A preliminary process is implemented to begin with: it determines and defines what is meant by service oriented architecture, what organizational change is needed, what activity is needed – proposing models for the development of services.
9
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
Following the preliminary stage, a central BUS is developed – which is supposed to facilitate connectivity between the various systems. It enables different speaking services to be activated including activation of workfloworchestration (which is not commercial). The organization has already developed its own technology for access to MF which applies a security adaptor, a data glossary, operation and also physical connection to the systems. In future, however, they will attempt to switch to WMB of IBM and are currently examining the optimal mode of effecting the transition. Part of the ESB will be a central conversions service, whereby any system that wishes to make a conversion will do so and will handle translations, and insertion of values. Another layer is the repository – documentation of services. A pilot test was run with SAG – centrasite. They tested it: the central library for the documentation of services in the organization. There is also run time governance - SLA control and also security. They purchased amberpoint and have already implemented 2 activities – all external elements approach MF – AMBER makes SLA and priority. And the AMBER is also a proxy that decides who enters into the MF. In other words, it performs information security. An additional technology for information security is IBM’s datapower, a product that knows how to transfer a token between services and also enables use of the LDAP. In future, the AMBER will report on the usage (possible for the purchase of chargeback) and on the SLA to the repository. Another layer in the SOA is monitoring. They purchased BMC products patrol and also control of the business process. All systems are mapped and the subject is connected to an ITIL application. All systems are mapped and entered into CMDB. Future plans – realization of BPM In future, businessmen, using BPM, will outline the business process; and using BPEL, the process will forward instruction for running in. Today they are discussing how this should be done with Organization and Methods. They will locate a business process that needs several activities. And they will determine what to do. In future they will decide which BPM tool – the Modeller process server. Public domain organization A large and decentralized organization that examined SOA as a connectivity solution between sub-organizations. The organization set up teams. A condition for SOA is that the organization proceed to an SOA roadmap project – to go over the processes and to sketch them, and it is very complicated. Correct to the present, they are nevertheless developing some of the services even though they have not yet executed an SO roadmap project. An important point is - information security, and of course, performances are also important.
10
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
Public domain organization Why enter into the SOA EAI domain? An example of the problematic nature of SOA EAI - the organization has 15 currency conversion tables! There is no one organizational entity that integrates them all. There is no repository. How was entry effected, what did they manage to do in the organization? EAI was synchronized with WBI. MF was connected to tandem iseries. An application on Linux: a large critical system is being developed with a subcontractor on Linux. In the opinion of WMB – the suppliers do not have much know-how. Also, a workshop was recently held with Dr. Alex Canaani of IBM – on entrance methodologies – in other words, a workshop on SOA Readiness. The workshop was very good. The workshop is suitable for leading users (referents). Special example There is an example of inventory management for a sub-organization. Instead of development a system in code they did most of the work by means of services that they requested from the system. In other words, this was an example of composite application. Conclusion In the long run, in his opinion, there will be SOA but not a genuine SOA that unifies the entire organization. Financial domain organization Why enter into SOA? Motivation – non-managed interfaces between lots of systems. There is also commercial activity vis-à-vis banks. An insurance market is being opened – in other words, this is a commercial change. What did they do? The organization commenced from EAI of WMB WBI. Infrastructures activity – they set up ESB which is currently in manufacture that is connected to MF SAP Internet UNIX and so forth. Activity of itemfield transformation is very important. For example, translation of values between systems and between organizations. For example, masculine – different encoding, values and so forth. Prior to the project there were lots of conversion tables that are duplicated. At present, the organization has created
11
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
a layer of all conversions that the businesses update with flexible operating methods. In the runtime environment they assimilate amberpoint – both for (partial) security and for run time management - measuring the performance of the service - exceptions to time limits and in future also SLA. This is at an advanced stage - initial services are now being spread. There is a command and control project – a majority of tools – WBI – is the tool above, business transactions. A file transfer project – how are files transferred? Connect-Direct by Sterling. And there is also another product that can provide a management and control envelope - and also protocols connectivity. Another subject – repository – to draw, reuse, measurements, connections and so forth. BPM – this is being tested over ESB. The BPM assimilation activity is complicated because it necessitates involvement of the business. ARIS will also be used for describing BPA processes. The third layer is SOA governance. Personnel handling the domain A WBI integration team consists of three members plus one XI man. There are plans for a manned monitoring (AMBER) position. Also conversions – one by one – of FTP direct connect files. As stated, the team will have altogether five members. There will be one more person - a referent from the infrastructures domain providing server storage etc. Organizational structure The organization defines an SOA project and allocates a budget. This is a most important project on CIO level. There is an organizational steering committee for the SOA headed by the CIO and meeting once every two weeks. The steering committee is demonstrating successes, and showing what others have enjoyed. There is also an organizational architectural team that meets once every two weeks – a general team. At present – processes are being developed for – construction of service, consumption of service, file transfer and so forth. Forms and procedures are being prepared. It is starting at present. There is a list of services. When there is a request for a new service – it is circulated to everyone, to all the organization’s team leaders and also to business referents. There is also a prioritization forum.
12
Moshav Bnei Zion P.O.Box 151, 60910 Israel Tel. 972-9-7444474 Fax. 972-97442444
The SOA manager holds separately monthly meetings with each of the development teams to discuss the services and also any future services and requests from the business. Objections – team leaders objected, for example- to conversion tables. The branches would develop software packages that construct the files that perform the conversion. Ultimately - on the central tool – the previous tasks are carried out but on the central tool. Communications domain organization SOA EAI - is a means and not an end. For several years they have been developing services. The services are localized. For example – AMDOCS is exposing servers in UNIX. The object is to achieve exposure to net or WS. Interfaces have been opened for the purpose There is an integration and interface domain. It handles all interfaces. It is thoroughly familiar with the business. And therefore they are co-opted at every stage of the initiation of new projects (not always…). The organization wishes to develop reusable services. There are many components that numerous systems use. Not everything passes through the BizTalk. Use of business processes of BizTalk is planned. A numbers mobility project is planned using BizTalk. It will be a complicated commercial process.
13