Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Design Time and Run Time Governance
1. About the Presenter
Eranda
Sooriyabandara
is
a
member
of
the
Governance
Registry
team
at
WSO2
e-‐mail
:
eranda@wso2.com
2. About
WSO2
❏ Global
enterprise,
founded
in
2005
by
acknowledged
leaders
in
XML,
web
services
technologies,
standards
and
open
source
❏ Provides
only
open
source
plaGorm-‐
as-‐a-‐service
for
private,
public
and
hybrid
cloud
deployments
❏ All
WSO2
products
are
100%
open
source
and
released
under
the
Apache
License
Version
2.0.
❏ Is
an
AcNve
Member
of
OASIS,
Cloud
Security
Alliance,
OSGi
Alliance,
AMQP
Working
Group,
OpenID
FoundaNon
and
W3C.
❏ Driven
by
InnovaNon
❏ Launched first open source API
Management solution in 2012
❏ Launched App Factory in 2Q
2013
❏ Launched Enterprise Store and
first open source Mobile
solution in 4Q 2013
3.
4. Overview
❏ SOA Governance
❏ SOA Governance Phases
❏ Design Time Governance
❏ Runtime Governance
❏ WSO2 Governance Registry
❏ Governance Use Cases
❏ Demo
❏ WSO2 Governance Registry Governance Features
❏ Conclusion
5. SOA Governance
“Ensuring
and
validaNng
that
assets
and
arNfacts
within
the
architecture
are
acNng
as
expected
and
maintaining
a
certain
level
of
quality”
-‐
Gartner
6. SOA Governance
In
a
nutshell,
SOA
governance
is
all
about
making
sure
that
you're
building
the
right
system
and
ensuring
it
operates
to
your
expectaCons.
7. SOA Governance
Activities that are often mentioned as being part of SOA governance
❏ Managing the portfolio of SOA artifacts
❏ Managing the SOA artifact lifecycle
❏ Using policies to restrict behavior
❏ Monitoring, analysing and presenting artifact data
❏ Managing how and by whom SOA artifacts are used
8. SOA Governance Phases
SOA governance can be broken into phases on their point of application
1. Design Time SOA Governance
2. Runtime SOA Governance
9. Design Time SOA Governance
o Design
Nme
governance
refers
to
the
defining
and
controlling
enterprise
services
creaNon.
o It
involves
crea-on
of
enterprise
policies
used
to
ensure
that
enterprise
business
models
are
properly
funded
within
the
enterprise.
10. Runtime SOA Governance
o RunNme
governance
refers
to
the
process
of
enforcing
the
adherence
to
run-‐Nme
service
policies.
o In
addiNon
to
policy
enforcement,
this
term
is
oXen
used
to
include
aspects
of
SOA
management
as
it
relates
to
these
policies.
o Also
include
real-‐Nme
policy
compliance
monitoring,
audi-ng
and
measuring,
as
well
as
collec-ng
result
sta-s-cs.
11. WSO2 Governance Registry
❏ A
Service
Oriented
Architecture
(SOA)
integrated
registry
repository
to
store,
manage
and
govern
service
arNfacts
❏ Flexible
and
Extensible
❏ Fully
open
source
❏ Supports
numerous
standards
(JMX,
SCM,
UDDI,
WebDAV,
WS-‐Discovery
,CMIS)
❏ Licensed
under
Apache
License
Version
2.0
13. Use Case 1 : Handling Policies
o OrganizaNons
have
their
own
policies
which
can
be
hundred
to
thousands
in
numbers.
o When
developing
a
service
there’s
no
way
of
idenNfying
what
policies
organizaNon
already
have
and
what
policies
they
want
to
use
in
the
service.
(No
discovery
and
reuse)
o If
different
systems
tries
to
keep
the
policies
with
them
then
when
there
is
an
update
to
that
policy
system
admins
have
to
update
them
separately.
(No
centralizaNon)
o When
service
lifecycle
changes
then
moving
policies
to
different
environment
need
to
be
done
manually.
(No
automaNon)
o If
a
policy
moved
to
a
different
lifecycle
state
then
there
is
no
way
of
knowing
it
for
the
interested
party.
(No
noNficaNon)
o Eg.
If
lifecycle
state
changed
to
Development
to
QA
then
quality
assurance
engineers
may
not
know
that
there
is
a
new
arNfact
in
QA
state
to
test.
14. Policy Governance using G-Reg
Governance Space for
Production
Governance Space for
QA
Governance Space for
Development
Governance Space
Governance Space
Governance Space
Dev
QA
Promote
Promote Demote
Demote
Prod
20. Use Case 2 : Handling Endpoints
o OrganizaNons
have
their
own
services
which
can
be
hundred
to
thousands
in
numbers.
Also
there
can
be
service
which
they
are
using.
o When
developing
a
service
there’s
no
way
of
idenNfying
what
services
organizaNon
already
have
and
what
services
they
want
to
use
in
the
service.
(No
discovery
and
reuse)
o If
different
systems
tries
to
keep
the
service
references
with
them
then
when
there
is
an
update
to
that
service
system
admins
have
to
update
them
separately.
(No
centralizaNon)
o When
service
lifecycle
changes
then
moving
services
with
all
the
related
arNfacts
to
different
environment
need
to
be
done
manually.
(No
automaNon)
o If
a
service
moved
to
a
different
lifecycle
state
then
there
is
no
way
of
knowing
it
for
the
interested
party.
(No
noNficaNon)
o Eg.
If
lifecycle
state
changed
to
Development
to
QA
then
quality
assurance
engineers
may
not
know
that
there
is
a
new
arNfacts
in
QA
state
to
test.
21. Endpoints Governance using G-Reg
Governance Space
for Production
Governance Space
for QA
Governance Space
for Development
Governance
Space
Governance
Space
Governance
SpaceDev
QA
Prod
Promote
Promote Demote
Demote
31. G-Reg Governance Features
❏ Built-‐in
SOA
arNfacts
support
❏ Support
for
common
types
(Services,
WSDL,
Schema,
Policy,
APIs,
Providers,
Documents,
URIs,
WADLs,
Endpoints,
Proxies,
Sequences)
❏ ValidaNon
policies
-‐
e.g.
WSDL
ValidaNon,
WS-‐I
ValidaNon,
and
Schema
ValidaNon
❏ Governance
Archive
(.gar)
for
uploading
arNfacts
with
imports
❏ WSDL
Tool
to
import
service
informaNon
from
a
given
WSDL,
and
WSDL
custom-‐view
❏ WS
API
for
built-‐in
arNfacts
(CRUD
OperaNon
Support)
32. G-Reg Governance Features (Cont.)
❏ Lifecycle
support
❏ Built-‐in
service
lifecycle
❏ Advanced
lifecycle
management
❏ checklists
❏ scripNng
support
❏ transiNon
validaNon
❏ transiNon
UI
❏ Lifecycle
Workflow
IntegraNon
❏ XML
editor
for
ediNng
lifecycle
❏ Lifecycle
state
transiNon
through
governance
API
❏ Approval
for
lifecycle
operaNons
❏ Lifecycle
audit
33. G-Reg Governance Features (Cont.)
❏ Governance
registry
extensions
❏ Configurable
Governance
ArNfacts
(RXTs)
❏ Various
field
support
(text,
text-‐area,
opNons,
opNon-‐text,
date)
❏ Unbounded
field
support
❏ Tool-‐Np
feature
❏ Reg-‐ex
validaNon
support
❏ Lifecycle
in
RXT
DefiniNon
❏ API
to
govern
SOA
arNfacts
❏ Pluggable
media
type
handlers
for
handling
custom
media
types
and
XML
editor
for
ediNng
handler
❏ WS
API
for
Governance
ArNfacts
(CRUD
OperaNon
Support)
34. G-Reg Governance Features (Cont.)
❏ Miscellaneous
❏ InternaNonalizaNon
❏ Worklist
noNficaNons
❏ Dependency
management
❏ WS-‐Discovery
support
35. Conclusion
o SOA
governance
plays
a
huge
role
in
an
enterprise
and
helps
the
industry
solve
emerging
issues.
A
majority
of
the
SOA
industry
has
adopted,
or
is
in
the
process
of
adopNng,
SOA
governance
into
their
systems
to
maximize
producNvity
and
profitability
of
both
SOA
designs
and
SOA
producNon
systems.
o SOA
governance
can
be
categorized
into
two
major
phases:
Design
Time
Governance
and
RunNme
Governance.
o WSO2
Governance
Registry
can
be
use
in
both
governance
phases
and
there
are
numerous
OOTB
features
and
extension
points
to
implement
a
complete
governance
story.
38. More Information !
1. hgp://wso2.com/products/governance-‐registry/
2. hgp://docs.wso2.com/display/Governance460/Governing+External+References
+Across+Environments
39. References
1. Thomas
Erl
...
[et
al.],
SOA
governance
:
governing
shared
services
on-‐premise
and
in
the
cloud