The terms Web Services and SOA are often used interchangeably, but the reality is that they’re quite different. Let’s begin by describing what SOA isn’t, and we’ll leave that to Joe McKendrick and Dave Linthicum:
So what is Mainframe SOA, and how can you achieve it? The answer is surprisingly simple; Service Oriented Architecture is an architectural methodology for the loose coupling and management of services. The emphasis in SOA is on the “A”. SOA uses loosely coupled, interoperable and composeable services. These services have well-defined interfaces as well as QoS attributes (or policies) on how these interfaces can be used by Service Consumers.
SOA is concerned with manageability, reliability, security and change management. Collectively these terms are known as “Governance”. In order to bring SOA to a mainframe environment, companies must apply Governance to any implementation of Web Services.
It’s essential that your SOA solution considers the following categories. Failure to do so can lead to an ungoverned mess, or “Just a Bunch Of Web Services”
SOAP & XML Capability: SOAP and XML capability (commonly called “web services”) is the foundation of SOA. Many vendors only offer mainframe web services, ignoring the other components of SOA.
Security: security is essential when integrating mainframe applications, especially those dealing with sensitive data. The only viable solution to Web Services security is to use WS-Security, which is the widely accepted standard for securing services.
Policy Management: policy management is the heart of SOA governance. A policy can define how a service can be used, who can use it, what security is required and much, much more. Policy management based on WS-Policy standards is essential.
Registry: the Holy Grail of SOA is reuse. The key to reuse is discovery of services. This is accomplished by publishing services in a Registry. A registry provides for reuse and discovery and is an essential ingredient in SOA governance.
Monitoring, Logging & Audit Controls: effective Governance requires measurement, for without measurement you will be unable to judge whether your services are meeting service level agreements. Monitoring, logging and audit capability are essential building blocks of Governance.
Development Tools: it is impossible to develop services without the use of a comprehensive development tool. The tool needs to be powerful and it must allow management of your SOA. It must be easy to use; there shouldn’t be a steep learning curve requiring extensive training. Finally, it should not consume enormous resources on a developer’s work station (ideally it should be “thin client”).
Support for Architectural Standards: a viable SOA must be adaptable to a wide range of architectural standards, particularly yours. Features such as flexible web service development (bottom-up, top-down or meet-in-the middle), configurable dictionary, customizable access and environments, etc. are all hallmarks of an adaptable SOA. The bottom line is that your solution should fit the way you do things, not the other way around.
Change and Release Management: an often overlooked aspect of service development is the “service lifecycle”. Integrated change and release management is essential to allow you to effectively manage change in your environment. Ideally your SOA solution should integrate into your existing change management procedures, and should provide you with impact analysis when a service is changed.
Workflow Management: orchestration is perhaps the most misunderstood aspect of service development. Some people consider that a 3270 business transaction, because it involves a conversation, requires a proprietary orchestration tool to make it work. In fact, a better approach is to use a tool that is smart enough to understand a “business use case”, and to publish that as an atomic service, without the need for proprietary orchestration to “glue together” the screen transitions. It is services themselves that need to be orchestrated, and that orchestration should be performed using industry standard techniques. The only acceptable technique for orchestration is to compose services using “Business Process Execution Language (BPEL).
More than ten years after the predicted demise of the mainframe, the platform is anything but dead. The bulk of the Fortune 1000 still run the majority of their critical systems on the mainframe, and these companies do so because the mainframe is reliable, scalable and efficient – the average mainframe application offers considerably lower TCO than an equivalent distributed application, and does so at lower risk.
The challenge facing corporate IT departments today is how to leverage exiting investments in mainframe systems and applications by allowing them to be active participants in enterprise wide SOA. Most importantly, the mainframe must participate in SOA without compromising its advantages in performance, reliability or cost effectiveness. To truly leverage the mainframe, it must become a first class participant in an enterprise SOA.
SOLA is the market’s most complete mainframe SOA solution. SOLA is the fastest, most reliable, most efficient and most economical mainframe SOA enablement platform. It is the only mainframe SOA product that’s used in high volume (10,000,000+ transactions per day) mission critical applications by some of the best known firms on the Fortune 500.
There are several vendors in the space that offer mainframe web services coupled with one or more components of mainframe SOA. IBM’s CICS TS v3.x also provides SOAP and XML capability upon which a solution can be built.
Regardless of which option you chose, if you do not buy a complete SOA solution, you will be faced with the daunting task of integrating several components to create a viable mainframe SOA. As mainframe SOA is relatively new, not every category has a matching product.
SOLA is the only product in the space that offers a complete mainframe SOA solution out of the box. SOLA provides proven, quick, efficient and cost effective application integration by publishing legacy applications as Web Services and providing every single component of a viable mainframe SOA.
As important as the essential components of enterprise SOA are, they are a single dimension of a more complex issue. SOLA was designed from the ground up to address the entire spectrum of mainframe SOA issues.
Human Assets: what good is leveraging technology assets if you ignore human assets? SOLA tasks the right people with the right jobs.
Governance: industry experts believe that governance is the single most important issue facing the fledgling SOA community. From diagnosing production outages to managing changes and meeting SLAs, governance is a non negotiable requirement in a viable SOA. A solution has to either be governable by a third party tool or incorporate strong governance capabilities. SOLA does both. With WS-Security, WS-Policy, integrated monitoring, logging and auditing, and many more built in governance features, SOLA provides a comprehensive collection of governance and lifecycle management capabilities. SOLA is also fully governable; its standards based design lends itself to simple and cost effective integration with third party governance solutions.
SOLA can function as a stand-alone solution for mainframe SOA and can be governed by SOA Software’s Integrated SOA Governance Automation Solutions, Workbench and Service Manager, acting as a Certified Governed Service Platform. Certified Governed Service Platform status means that customers can be confident that their platforms won’t compromise the fidelity of the governance systems and structures defined in an enterprise SOA program. The certification process ensures that Governed Service Platforms can implement and enforce governance policies providing reporting data to enable a closed-loop audit process. The Governed Service Platform status ensures that SOLA can be consistently governed along with other enterprise service platforms.
There are other tools available to help you develop your own Mainframe SOA solution. IBM’s CICS TS v3.x provides the foundation (SOAP and XML capability) for mainframe SOA built into CICS. It is very tempting to believe that you can avoid purchasing a product and work with this “free” capability to create your own mainframe SOA.
Free can be the most expensive option:
SOLA is not only cost effective, it pays for itself in short order:
SOLA is proving its worth in production every day in one of the most demanding industries in the world – the financial services industry. At one customer over 200 legacy applications expose hundreds of Web Services using SOLA. Clients estimate that SOLA saved each application $0.5 to $2 million through cost avoidance and direct savings.
SOLA includes a compliant non-validating parser (the SOLA DOM parser). Extensive performance tests were conducted to estimate the impact of parsing XML on a mainframe. The results were as follows:
To test the difference in performance between SOLA and CICS TS 3.2, we wrote a COBOL program containing various data types. The goal of the program was to generate a large XML response to put both products through their paces. When we attempted to import the program using CICS Web services assistant, the import failed because the program contained many unsupported data types. SOLA imported the same program without any issues.
To make the comparison fair, we altered the program to remove the data types that IBM couldn’t handle, then imported the modified program using both Web services assistant and SOLA. This program was similar to the original, but lacked some functionality because of IBM’s limitations.
We ran the program1000 times in both environments:
IBM: 46.1 seconds for 1000 web service invocations, or 0.046 CPU seconds per call.
SOLA: 7.5 seconds for 1000 web service invocations, or 0.007 CPU seconds per call.
RESULT: SOLA was approximately 615% faster than CICS TS v3.2.
Millions of transactions have been processed through SOLA during extensive stability tests. No failures were experienced. SOLA has been in production for five years – no production failures have been experienced. To date, billions of transactions have been processed by SOLA.
SOLA has several significant advantages over competitive products. Taken together these features provide lower cost and greater productivity.
Furthermore, no coding is required to publish Web Services with SOLA. It is simple and easy to use with a minimal learning curve. An integrated test harness allows the developer to test and validate their Web Services with just a few mouse clicks. Finally, SOLA is proven in extensive mission critical production systems today.
SOLA is already helping to achieve the pinnacle of application integration - reuse. Business functions previously isolated in legacy applications are now open for reuse by other applications in new and innovative ways.
Other solutions require extensive middleware (hardware and software). Although the initial cost of these solutions appears economical the ongoing support and management is cost prohibitive.
The SOLA Development Environment uses a J2EE compliant server and requires no workstation software to be implemented. The full features of the development environment are accessible through a browser.
SOLA COMMAREA Analyzer The SOLA COMMAREA Analyzer is used to analyze programs that expose a communications area interface. The analyzer reads a program’s compile listing, parses the COMMAREA and determines how the fields within the COMMAREA are used. It then produces a WSDL file documenting the interface, a test harness and a run-time metadata template. The template can be moved to production using standard change management procedures. The program will be automatically documented in the SOLA directory.
SOLA 3270 Analyzer The SOLA 3270 Analyzer implements an interactive graphical interface. Using this tool, developers execute the application by going through the application’s screens/maps. SOLA automatically records the interactions and aggregates them into a single web service (e.g. a multi-screen update transaction will be published as a single web service). It then produces a WSDL file documenting the interface, a test harness and a run-time metadata template. The template can be moved to production using standard change management procedures. The aggregated transaction is automatically documented in the SOLA directory.
SOLA Outbound Analyzer The SOLA Outbound Analyzer allows developers to import the WSDL representing an external web service and then analyze the operations of that service to create callable methods. The analysis automatically creates COBOL or PL/I copybooks that represent the interface to the operations. This approach allows programmers to execute an external Web Service with a simple “CICS Link” command.
The SOLA UDDI Directory The SOLA UDDI Directory is maintained in DB2. All Web Services created by SOLA are fully documented in the SOLA Directory and are organized by project. Since it is a UDDI directory, it is searchable in a variety of ways.
The SOLA Testing Facilities SOLA automatically creates a test harness for every Web Service created. This is an extremely helpful tool for the Web Service creator (usually a COBOL programmer), as it allows for the testing of new Web Services before deployment.
MRO SOLA can run using standard CICS multiple region operation (MRO). The http/MQ listener runs in a listening region, dispatching the host application programs in application owning regions. SOLA handles the communication of data between the listening and application regions. Although CICS has a limit of 32K that can be passed between the listener and application regions, SOLA can accept requests and deliver responses that exceed this limit.
Error Logging SOLA provides full error logging. Error logging reports are available through a Web reporting tool and are also provided as a Web Service.
Monitoring SOLA monitors every transaction that it handles. Monitor reports are available through a Web reporting tool and are also provided as a Web Service.
Auditing SOLA provides an optional auditing facility, which records both input and output SOAP messages for audited transactions. The facility is extremely useful for problem diagnosis. Auditing is controlled using WS-Policy.
Security SOLA has the most powerful and most versatile security in the industry, using Symmetric and Asymmetric encryption (WS Security, & SAML 2.0 etc.) and by providing mapping between various identities to the mainframe security paradigm (for example, mapping from SAML 2.0, X509, AD/LDAP to mainframe RACF/ACF2/TOP-Secret). Furthermore, the user’s authorization choices range from most basic available on the mainframe such as RACF to XACML PDP residing on or off of the mainframe.
Transport Mechanism SOLA offers http/s and MQ as transports.
Outbound SOAP requests SOLA provides the ability for the programmer to issue an outbound SOAP request to an external system. That SOAP request is transported by http, https (SSL) or MQ to the external system. The requesting program can be running either in CICS or batch.
Configuration SOLA takes advantage of the full scalability and fail-over features of parallel sysplex. SOLA introduces no affinities, allowing the workload manager to run transactions on any system in the sysplex.
Additional standards, such as WSDM and WS-Addressing are planned for future releases.
SOLA is the only mainframe SOA product to offer closed-loop Governance automation. A service is automatically governed from the point of creation because it inherits a security policy. Policy, by means of WS-PolicyAttachment, is associated with the service though all phases of the Software Development Lifecycle. It is not possible to create or run an ungoverned service.
On top of this, SOLA’s built in monitoring, logging and auditing capabilities, as well as its standards based architecture combine to make SOLA fully governable by external governance products like SOA Software’s Policy Manager.