This is a talk I gave on patterns and antipatterns of SOA, based on my understandings and practices and inspired by Ron Jacobs famous webcast by the same name.

1. Patterns and anti-patterns of SOA Presented by: Mohamed R. Samy Technical Architect, MVP

2. What is Architecture anyway? The software architecture of a program or computing system is the structure or structures of the system, which comprise software components, the externally visible properties of those components, and the relationships between them. The term also refers to documentation of a system's software architecture. Reference: Wikipedia What is an architectural style? Introduction

3. Architectural Styles

4. What is an architectures’ goal? So what is SOA? A style of architecture that emphasizes standards based integration. Is it the best way? Is success guaranteed? Introduction contd.

5. Standards based integration Friction free interaction/Integration Communication between system components The Goal of SOA

6. Should loose coupling be everywhere? Implicit behaviour vs. Explicit behaviour Services as an interface to business processes. (That is how we should think about a service when we design it) The Hype

7. Boundaries are explicit Services are autonomous Services share contract and policy not class Service compatibility is determined by policy The four Tenets of SOA

8. Borders are Explicit

9. 2 Tier (VB4-5-6) vs 3-Tier Com+ (Client in Egypt, Service in Mexico) In the architecture you have to know where the boundaries are. Practical Example: Egypt/ Libyan Border vs. Cairo/ Alex Their system vs Our system (A boundary) Lessons learned: Authentication, Authorization Communication overhead TENET I :Boundaries are Explicit

10. Services are Autonomous

11. Able to choose Self Governing Self sufficient Fax /Telephone between ministries When the computer is down, I can still get my license (Send it later by the mail) TENET II: Services are Autonomous

12. Services Share Schema and Contract not Class

13. XML not objects, specially not platform specific objects e.g. datasets We need to agree on 2 things: The protocol The policy Just what is required for the service to perform it’s function (Just enough validation) TENET III:Services Share Contract and Policy not Class

14. IT department Policy like language of the system (Arabic – Russian – English) Policy like http/XML/SSL ports The requirements for the way the conversation is to be held E.g. WS- standards (Message encryption, which parts are encrypted, what algorithm we will use to encrypt) TENET IV: Service Compatibility is determined by Policy

15. To understand the patterns we must take a look at the most common anti-patterns Patterns/Antipatterns of SOA

16. Customer. ADD/Update/ Delete Why not? Is updating the address just an update or is it a business process? CRUDY interface

17. CustomersList.MoveNext Who holds the list? Who controls the memory? Enumeration

18. 1.CustomerObject.Setflagfordelete 2.CustomerObject. Delete Objects should not be left in an inconsistent state between message exchanges. However, this is dangerous but not wrong. Chatty Interface

19. The perfect interface for all services: XmlDocument PerformOperation(XmlDocument input) Why not? Implicit behavior versus explicit behavior. You need to know what you send specifically and be generic about what you receive (Just enough validation.) Loosey Goosey

20. To avoid this anti pattern ask 3 questions: 1.What does the service do? 2. What data does it need to do it? 3. What data does the service return? Loosey Goosey contd.

21. A flag called “zeft”, “mido” , “soso” A house of cards Why implicit behavior is bad

22. What if the service schema changes? What happens to the connected systems? Versioning contracts in .NET1.1 vs .NET2.0 [OptionalField VersionAdded = 2] Nickname Why is that important? Just Enough Validation

23. The patterns Patterns and Anti Patterns- Part2

24. Patterns Document Processor Idempotent Message Reservation Some important SOA patterns

25. An architectural approach to creating systems built from autonomous services Integration as a fore-thought rather than an after-thought A service is a program you interact with via message exchanges Services are built to last Availability and stability are critical A system is a set of deployed services cooperating in a given task Systems are built to change Adapt to new services after deployment SOA

26. How do you create a simple to use, well defined an interface? Pattern1: Document Processor

27. Changing your drivers license, Giza Authority for Traffic Real world examples

28. 1. Start with a process 2. Compose a workflow 3. Start Defining your message contracts, before your objects and entities(try to be atomic- avoid chatty interface) 4.Define operations Where to start

29. 5. Group your operations into services Tips: 1. Do not use platform specific types e.g. datasets. 2. Decouple Internal vs. External objects 3. Use TDD so you know you are thinking about the service consumer, now you know how it feels. Where to start contd.

30. Context You are building a web service Problem How do you create a simple to use, well defined an interface? Forces Your interface should Encourage document centric thinking Define a clear semantic in the contract Promote loose coupling through encapsulation of the implementation Be easy to consume from any platform (WS-I base profile) Represent a business process as a complete unit of work Pattern1: Document Processor

31. Solution: Document Processor public FindCustomerByCountryResponse FindCustomersByCountry( FindCustomerByCountryRequest request) { // Do something.... } -Encourage document centric thinking by defining a schema (XSD) for request and response messages in your project -Generate objects from your schema to simplify development -Remember this is a boundary so don’t leak internals

32. Do not leak internal abstractions

33. Generate Data transfer objects

34. Transition at the boundary

35. Benefits Consumers think about sending and receiving business documents which are naturally more granular The boundary of the system involves conversion from internal structures to external documents The implementation details of the system are encapsulated The service is more consumable from other platforms and can evolve more easily Liabilities Performance will suffer with transfers of data from internal to external structures Resulting context

36. Should I use the same schema for multiple services or should each service have its own schema? Opinion: Give each service its own schema Sharing schema makes it difficult to evolve each service independently and introduces unnecessary churn for service consumers Design Question

37. How do I handle duplicate messages received at my service? Pattern2: Idempotent Message

38. Context You are developing a web service for your SOA You heard that messages should be idempotent Problem How do you insure that messages are idempotent? Forces You cannot expect anything more from the sender than what the contract defines for your service You are working with a transactional database system with frequent updates Indempotent messages

39. Sender tags message with a request ID Your contract can specify that this is required Your contract cannot insist that the ID is unique across time The ID tags a unit of work which will be done only once Receiver must check to see if the unit of work has already been done before doing it Then what? Solution

40. Option1: return a cached response Option2: Process the message again. Option3: Throw an exception Solution Options

41. You will have to cache responses for some period of time – how long? What if the current value is different than the cached value? What if the response was an error? What if the sender sends duplicate IDs for different units of work? Option1: Return a cached response

42. Great for reads, what about writes? Should we withdraw $1000 from a checking account twice? Option2: Process the message again

43. Did the sender get the original response? How does he get the original response if you are sending him and exception? Option 3: Throw and exception

44. UOW ID can be a part of the request schema Implies duplicate handling is part of the business process UOW ID can be a custom SOAP header Implies duplicate handling is part of the message processing infrastructure Create a schema for the SOAP header Having a URI for immediate sender can be helpful to detect reentrancy Data changes should be traceable to a UOW ID Your cached responses may need to reflect what the response was at the time when the request was received Solutions

45. Benefits Your service autonomy is increased by not having to rely on consumer to do the right thing You won’t fool yourself into thinking that reliable messaging will solve this problem Liabilities Your service will consume potentially large amounts of durable storage caching responses Your service will take a performance hit for cache management Pattern3: Indempotent message

46. How do you maintain data consistency across a long running process? Pattern3: Reservation Pattern

47. Context You are building a service oriented application You have a complex business process that you want to expose to your customers with a web service Problem How do you maintain data consistency across a long running process? Forces You cannot share a distributed transaction The business process requires several messages to complete The message exchange process could take anywhere from seconds to hours Reservation pattern

48. Reservation pattern illustrated Reserve part: 49389 Qty: 200 Reservation ID: 14432 Expires: 2004-09-15 02:43:53Z Confirm reservation: 14432 PO #49839 Reservation: 14432 Receipt: 29389 PO #49839

49. Know the concepts before you write the code SOA is not web services SOA is about standards based integration and friction free interaction between systems SOA is not a silver bullet Summary

50. Web services WCF Biztalk ESB SOA Technologies

51. www.arcast.tv (Webcasts) www.geekswithblogs.net/Mohamed (Cool tech blog) www.msdn.com/Architecture www.thevstsguy.com (under construction) www.msdn.microsoft.com/practices (P&P) References:

52. Email: m_raafat_samy@hotmail.com Facebook @msamy Contacts

53. Questions?