Welcome!

@CloudExpo Authors: Elizabeth White, John Katrick, Pat Romanski, Liz McMillan, Progress Blog

Related Topics: Microservices Expo, Java IoT, Microsoft Cloud, Containers Expo Blog, Agile Computing, @CloudExpo, Government Cloud

Microservices Expo: Article

SOA and the Cloud: Why Your Cloud Applications Need SOA

Use a services-oriented architecture as the fabric upon which to build your cloud-based applications

Some consider cloud computing to be a cure-all for virtually any type of IT infrastructure. And while the cloud certainly delivers on many of its promises, it will never truly provide all that it's capable of unless it's optimized for integration with other applications and evolution for new requirements. What is the best way to provide this? Use a services-oriented architecture (SOA) as the fabric upon which to build your cloud-based applications. In this article, we'll outline the reasons why an SOA is so important for the cloud, some principles to consider when creating your cloud platform on an SOA.

A marriage made in IT heaven: Cloud and SOA
Cloud promises just about everything a CIO could possibly hope and dream for:  lower IT costs, eradication of daily management tasks, and massively reduced overhead. At this point in its evolution, however, cloud has been so touted and lionized; it's difficult to know how to separate the truth from the hype.

But for those who have had to implement and manage packaged enterprise applications, there are at least some aspects of cloud that are indeed very real, and those involved are eager to take advantage of. Cloud truly can provide a huge positive change in how you run your business, and we know by now that some of the early promises of cloud are indeed being delivered upon. And even though there will always be limitations to what was initially promised, those bulleted lists of what cloud can do for us are, thankfully, mostly true.

What's not as evident though, is the fact that a cloud offering is really just a way of delivering functionality through a service. It's not worth a whole lot if there's not a unified roadmap for how to construct, orchestrate and run all the services your organization relies upon. Without the processes that bring a service to the user, then all you have is some code that's easily accessible. Can the cloud concept still save you time, money and resources? Of course it can, but cloud services and functionality need to be brought together with a unified plan.

Can you guess what that unified plan is? Well, there are a lot of different ways to do it, but the easiest way, and the one that provides the greatest flexibility and most applicable built-in governance is a service-oriented architecture (SOA). There's confusion about the role an SOA plays in a cloud environment, but make no mistake, cloud is not a replacement, nor an incremental improvement of cloud. Rather, SOA acts as a cohesive, flexible infrastructure that enables services to function and integrate. That's partially because, just by its very nature, an SOA is a services-based platform. An application in the cloud can't do much unless it's sitting on top of something that's optimized to recognize and pull together, in an agile way, the various types of components that exist within a service (and even more so when you're combining a variety of services).

Figure 1: A service-oriented architecture at its essence

While the cloud needs SOA, it's important to implement it with adequate services security, governance, adherence to standards, and commitment to flexibility. There are entire operational, developmental, planning, and policy attributes that are crucial to using an SOA for your cloud, and that's what we've built our SOA platform on. Our Integrated SOA Governance solutions provide integration capabilities that enable your enterprise applications to be integrated and communicate with one another.

Okay, so we're a vendor, and we're inclined to think that best results will come in the form of our solution. But we created our SOA governance model mostly because, through years of collective experience and an inordinate amount of research, we recognized that a true SOA environment is the most effective way to unify, govern and manage enterprise apps and to enable your organization to grow in a scalable way without having to re-architect your IT framework. When it comes to cloud, well, there are a lot of different ways to skin this cat, but we think that architecting your enterprise application and services environment with an SOA will ensure that you're truly taking advantage of the cloud.

Putting cloud and SOA together
With the presumption that SOA and the cloud support and extend one another, there's still a great deal of confusion over where an SOA starts and the cloud begins.

Perhaps it's best to think about it in terms of a foundation and the things that sit on top of it. SOA provides a stable foundation, but it's not static. It's inherently flexible; in fact, one of an SOA's greatest attributes is its ability to adapt and integrate to both legacy systems and whatever may change and evolve in your IT landscape. That adaptability allows for any applications and systems to integrate with the basic structure of the platform, and optimizes how applications are accessed and data is transacted. And what platform can produce the best results in this environment? You guessed it - the cloud.

In our view, there really is no point at which an SOA ends and something else "takes over". Rather, we see that an SOA and cloud architecture are complementary, and that to be successful at having an effective architecture, you really need to think about what will optimize your services-based infrastructure. And if you're going to deliver or transact with cloud-based services, it probably makes sense to keep SOA as the foundation for everything, and putting a cloud-based system on top of that. The benefits will be mostly from the interoperability among all the different services that are transacting through the cloud, but are optimized because the SOA allows them to communicate and work with one another seamlessly (this, of course, is subject to your implementation).

Each component in a cloud-based application should be considered a separate Enterprise Service, even if they are not hosted by your IT organization.  To get a cloud-based application working right, and assuring that it will perform as expected over time, one needs a single point of governance over these highly virtualized Enterprise Services throughout the entire service lifecycle.

Starting at the planning stage, creators of a cloud-based application need to develop and track the inventory of cloud services that are available or under construction.  Business analysts, architects and developers need to be able to compare their enterprise SOA roadmap and desired slate of cloud applications with the Enterprise Service inventory, which consists of both cloud-based and traditional Enterprise Services.  Planning governance gives these stakeholders the ability to assign development priority to the cloud services that are most urgently needed, as well as determine the applicability of cloud technology to the problem. For instance, is the application subject to "speed-of-light" concerns?

Figure 2: Stages and elements of a cloud/SOA solution

A development governance solution will provide seamless management of "the cloud" as a development target. Operational governance for cloud services should ensure two important governance factors:  First, that the services themselves implement and enforce relevant policies for data protection, security, and service levels.  Secondly, it should ensure the federation of externally provided cloud services into the enterprise network. This is similar to the way externally provided SaaS services need to be federated for policy and message exchange pattern mediation.

Cloud services are subject to the same governance process as any other enterprise service, and as such need the same levels of policy governance.  For cloud services this includes the ability to define cross-cutting policies during the planning process and validate and enforce these policies through development and operations.

SOA Software product suite allows for easy management of SOA Governance throughout the plan-build-run service lifecycle, anchoring the process with strong policy governance. In planning, SOA Software Portfolio Manager allows planning stakeholders to develop an SOA roadmap, compare it to existing and planned services, and assign priority to selected services.  In development, SOA Software's Repository Manager makes sure that enterprise services confirm to appropriate standards and guidelines, providing powerful change management capabilities.  It also governs the consumption process, facilitating controlled and measurable asset reuse. When services are deployed, SOA Software Service Manager implements and enforces defined policies for security, performance, and reliability to ensure that enterprise services function as intended.  SOA Software Policy Manager works in concert with these products to keep policy definitions, and associated metadata, consistent as the service matures from planning through development and then into operation.

Arriving at Cloud Nirvana
Keep in mind that it's not that SOA provides the glue, or that it fills in any gaps, but rather in the model of a well-constructed enterprise architecture, SOA is both the support net and the building blocks that allow you to truly benefit from the cloud. But if you're trying to boil it down to its essence, it comes down to these points where SOA delivers value and cohesion for your cloud:

  • Governance: what's not often stated about the cloud is the need for thorough and comprehensive governance. Nothing provides that better than a services-based framework that actually requires standards to keep all the disparate applications communicating and transacting with one another.
  • Integration: your apps from yesterday, the ones you have now, and the ones you're going to buy/develop in the coming years will all need to integrate and interact irrespective of complexity. SOA is entirely built on the precept that THAT is its main function - to take processes, no matter where they come from, and make them worth with other processes. If you doubt that, we'll invite you to chat with any of our customers and they can describe how much easier things got once they focused on SOA.
  • Common purpose: applications are meant to be used and users don't care where the app lives, or what it took to bring the functionality to them. They just want it up when they are, and ready to transact business 24/7. The cloud is supposed to provide the house in which that's all done, but it just won't get done unless there's a flexible backbone that enables all of that. Again, that's the job of SOA.

We know that there are dozens of other considerations, some at the business rules level, and some having to do with hardcore code compliance. But ultimately when we need to take a solution back to our company and help them be successful, we'll think about these things and realize that if we can agree on a common purpose for our apps, integrate them, and provide the necessary governance, then we're ready to establish our presence in the cloud and prepared to grow and adapt.

When you get there, when you get to that point where you're running your applications in the cloud and benefiting from substantial cost savings and watching integrated apps play nicely with one another, and the CEO pats you on the back and tells you what a great job you're doing, then you will know that you are, in fact, in cloud nirvana.

More Stories By Roberto Medrano

Roberto Medrano, Executive Vice President at SOA Software, is a recognized executive in the information technology fields of SOA, internet security, governance, and compliance. He has extensive experience with both start-ups and large companies, having been involved at the beginning of four IT industries: EDA, Open Systems, Computer Security and now SOA.

Prior to joining SOA Software, he was CEO of PoliVec, a leader in security policy. Before joining PoliVec, he was one of the top 100 Sr. Executives at Hewlett Packard. At Hewlett-Packard (HP) served as the General Manager of the E-Services and Internet Security Divisions. Medrano has held executive positions at Finjan, Avnet Inc, and Sun Microsystems. Medrano participated in President Clinton’s White House Security Summit and has been an active member on National Cyber Security Summits, and the White House National Strategy to Secure Cyberspace.

Medrano has been selected as one of “The 100 most influential Hispanics in US”, “The 100 most influential Latinos in Silicon Valley” “Top 100 most influential Hispanics in Information Technology” and is co-founder and CEO for Hispanic-Net, a non-profit organization. Medrano holds an MBA from UCLA, a MSEE from MIT, BSEE from USC.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, discussed the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, application p...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
The 22nd International Cloud Expo | 1st DXWorld Expo has announced that its Call for Papers is open. Cloud Expo | DXWorld Expo, to be held June 5-7, 2018, at the Javits Center in New York, NY, brings together Cloud Computing, Digital Transformation, Big Data, Internet of Things, DevOps, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone inn...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and B...
The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery, given the trends that impact both architectures (cloud, microservices, and APIs) and processes (DevOps, agile, and continuous delivery)? This is where continuous testing comes in. D
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DX Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive ov...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
"WineSOFT is a software company making proxy server software, which is widely used in the telecommunication industry or the content delivery networks or e-commerce," explained Jonathan Ahn, COO of WineSOFT, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). According to the survey, a quarter of the respondents have already deployed Docker containers and nearly as many (23 percent) are employing the AWS Lambda serverless computing framework. It’s clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. Tha...
Digital Transformation (DX) is not a "one-size-fits all" strategy. Each organization needs to develop its own unique, long-term DX plan. It must do so by realizing that we now live in a data-driven age, and that technologies such as Cloud Computing, Big Data, the IoT, Cognitive Computing, and Blockchain are only tools. In her general session at 21st Cloud Expo, Rebecca Wanta explained how the strategy must focus on DX and include a commitment from top management to create great IT jobs, monitor ...
"Digital transformation - what we knew about it in the past has been redefined. Automation is going to play such a huge role in that because the culture, the technology, and the business operations are being shifted now," stated Brian Boeggeman, VP of Alliances & Partnerships at Ayehu, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve f...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis tool. It is an extremely lightweight tool that can integrate with pretty much any build process right now," explained Andrew Siegmund, Application Migration Specialist for CAST, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Evatronix will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Evatronix SA offers comprehensive solutions in the design and implementation of electronic systems, in CAD / CAM deployment, and also is a designer and manufacturer of advanced 3D scanners for professional applications.
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that's no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, explored how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He expla...