Articles

Cloud Application Framework: Service-Oriented Architecture 

This article explores the concepts of Service-Oriented Architecture (SOA) and its relevance to the AWS and Azure Well-Architected Frameworks. The article provides an overview of the common layers and services in SOA, including the service, messaging, data, business process, and security layers, as well as popular tools and open source offerings for each layer. The article also discusses the ways in which the AWS and Azure Well-Architected Frameworks facilitate the adoption of SOA, including design principles, best practices, tools and services, and review processes.

Standards Based Application Frameworks

There are several industry standard application architectural styles that provide a set of guidelines and best practices for building distributed software systems that are modular, scalable, and resilient. They help organizations to develop and deploy software more quickly and efficiently by breaking down complex systems into smaller, independent components that can be developed, tested, and deployed independently.

Service-Oriented Architecture (SOA) is an architectural style that enables the creation of distributed, modular, and reusable software systems. In an SOA, software applications are broken down into small, self-contained units of functionality called services. These services can be independently developed, deployed, and consumed by other applications over a network. SOA is based on the concept of loose coupling, which means that services can be changed or replaced without affecting the overall system.

Microservices is an architectural style that builds on the principles of SOA. In a microservices architecture, software applications are composed of many small, independent services that communicate with each other over a network using lightweight protocols such as HTTP or message queues. Each service is responsible for a single, well-defined function and can be developed, deployed, and scaled independently of the others. Microservices architectures are highly scalable and resilient since each service can be replicated or replaced as needed.

Event-Driven Architecture (EDA) is an architectural style that emphasizes the use of events to trigger and communicate between software components. In an EDA, events are generated by various sources such as user actions, system events, or sensors. These events are processed by one or more event handlers, which can trigger additional events or perform other actions. EDA is highly scalable and resilient since events can be processed asynchronously and independently of each other.

Service-Oriented Architecture Layers

As noted above, a SOA application is broken down into several smaller self-contained units of functionality called services. These services can be independently developed, deployed, and consumed by other applications over a network. The common layers or services within a SOA application often include:

• Service Layer: The service layer is the core layer of an SOA architecture. It contains the actual business logic and functionality of the system, which is exposed as a set of services. Each service is responsible for a specific business function and can be independently developed, deployed, and consumed.
• Messaging Layer: The messaging layer provides a standardized way for services to communicate with each other over a network. It defines the communication protocols, message formats, and routing rules for exchanging messages between services.
• Data Layer: The data layer provides a standardized way for services to access and manage data. It includes data repositories, data access services, and other data-related components.
• Business Process Layer: The business process layer provides a way to orchestrate and coordinate the execution of services in a business process. It defines the order and dependencies of services and manages exceptions and error handling.
• Security Layer: The security layer provides a set of security mechanisms to ensure that the system is secure and protected from unauthorized access. It includes authentication, authorization, and encryption services.

These layers work together to provide a flexible and scalable architecture for building distributed software systems. By breaking down a system into smaller, independent services, organizations can develop, deploy, and maintain software more quickly and efficiently. Within each layer, there are several common commercial and Open-Source applications that organizations can leverage to streamline the development of their applications.

Service Layer

• Apache Axis2 is a popular open-source web services framework that supports multiple protocols, including SOAP, REST, and JSON. It provides a comprehensive set of tools and APIs for building and deploying web services in a Service-Oriented Architecture.
• The Spring Framework is a widely used open-source framework for building enterprise Java applications. It includes support for developing web services and provides a set of tools and APIs for building and deploying services in a Service-Oriented Architecture.
• Apache CXF is an open-source web services framework that supports multiple protocols, including SOAP, REST, and JSON. It provides a set of tools and APIs for building and deploying web services in a Service-Oriented Architecture.
• The Microsoft .NET Framework includes support for building and deploying web services using the Windows Communication Foundation (WCF) framework. WCF provides a set of tools and APIs for building and deploying services in a Service-Oriented Architecture.
• JAX-RS is a Java API for building RESTful web services. It provides a set of annotations and APIs for developing and deploying RESTful services in a Service-Oriented Architecture.
• gRPC is an open-source framework for building high-performance, scalable, and interoperable APIs. It supports multiple programming languages and provides a set of tools and APIs for building and deploying services in a Service-Oriented Architecture.

Messaging Layer

• Apache Kafka is a distributed messaging system that provides high-throughput, low-latency messaging between services. It can handle large amounts of data and supports multiple messaging protocols, including HTTP, REST, and MQTT. Kafka is widely used for event-driven architectures and microservices.
• RabbitMQ is an open-source messaging broker that implements the Advanced Message Queuing Protocol (AMQP) and other messaging protocols. It provides a scalable and fault-tolerant messaging system that can handle a large volume of messages and supports message routing and filtering.
• Apache ActiveMQ is an open-source messaging broker that implements the Java Message Service (JMS) and other messaging protocols. It provides a scalable and fault-tolerant messaging system that can handle a large volume of messages and supports message persistence, transactions, and clustering.
• Amazon SQS is a fully managed message queuing service that provides reliable and scalable messaging between services. It supports both standard and FIFO (first-in-first-out) queues and integrates with other AWS services such as Lambda, SNS, and S3.
• Google Cloud Pub/Sub is a fully managed messaging service that provides reliable and scalable messaging between services. It supports both pull and push subscriptions, message filtering and routing, and integrates with other Google Cloud services such as Cloud Functions, Cloud Run, and Cloud Storage.
• Azure Queue Storage is a fully managed message queuing service that provides reliable and scalable messaging between services running in Azure. It allows services to asynchronously communicate with each other by sending messages to a queue. The messages are stored in the queue until they are processed by a recipient service. This decouples the sender and the receiver, allowing them to operate independently and asynchronously.

Data Layer

• Relational databases such as MySQL, PostgreSQL, Oracle, and Microsoft SQL Server are widely used for storing structured data. They provide a consistent and reliable way to store and query data, and support features such as transactions, indexing, and referential integrity.
• NoSQL databases such as MongoDB, Cassandra, and Couchbase are designed for storing unstructured and semi-structured data. They provide high scalability and performance, and support features such as automatic sharding, replication, and flexible schema design.
• Object-relational mappers (ORMs) such as Hibernate, Entity Framework, and Django ORM provide a higher-level abstraction for accessing relational databases. They map database tables to object-oriented models, and provide features such as lazy loading, caching, and query optimization.
• Data warehouses such as Amazon Redshift, Google BigQuery, and Snowflake are designed for storing and analyzing large volumes of data. They provide features such as columnar storage, parallel processing, and integration with business intelligence tools.
• In-memory data stores such as Redis, Memcached, and Hazelcast are designed for storing data in memory rather than on disk. They provide high performance and low latency for data access, and support features such as distributed caching, pub/sub messaging, and data structures.
• Search engines such as Elasticsearch, Solr, and Azure Search are designed for indexing and searching large volumes of text-based data. They provide features such as full-text search, faceting, and relevance ranking.

Business Process Layer

• Apache Airflow is a platform for programmatically authoring, scheduling, and monitoring workflows. It allows users to define workflows as code using Python, and provides a web-based UI for monitoring and troubleshooting.
• Camunda BPM is an open-source platform for business process automation. It allows users to define processes using BPMN 2.0, and provides features such as process modeling, task management, and process monitoring.
• Activiti is an open-source workflow and business process management platform. It provides a Java-based engine for executing BPMN 2.0 processes, and supports features such as task management, process modeling, and process monitoring.
• Drools is a business rule engine that allows users to define and execute complex business rules. It provides a rule language based on Java, and supports features such as decision tables, rule templates, and ruleflow groups.
• Apache NiFi is a data integration platform for automating data flows between systems. It provides a web-based UI for designing and managing data flows, and supports features such as data routing, data transformation, and data enrichment.
• Zeebe is an open-source workflow engine for orchestrating microservices. It allows users to define workflows using BPMN 2.0, and provides features such as process modeling, task management, and process monitoring.

Security Layer

• OpenID Connect is an open standard for authentication and authorization. It allows users to authenticate with a trusted identity provider, and provides a secure way to exchange user information between systems.
• OAuth is an open standard for authorization. It allows users to grant access to their resources on one system to another system, without sharing their credentials.
• JSON Web Tokens (JWT) are a standard for representing claims securely between two parties. They can be used to authenticate and authorize users, and to exchange information between systems.
• Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are protocols for encrypting network communications. They provide a secure way to transmit sensitive data over untrusted networks.
• HashiCorp Vault is a tool for managing secrets and sensitive data. It provides a secure way to store and access secrets, such as passwords, API keys, and certificates.
• Keycloak is an open-source identity and access management tool. It provides features such as single sign-on, user authentication, and authorization policies.

Cloud Architecture + Standards Based Application Frameworks

As a cloud architect, the Standards Based Application frameworks will likely fall outside our domain expertise. While these patterns do not dictate how the underlying infrastructure should be designed or implemented, they are often used to build distributed and scalable applications that can run on various types of infrastructure. SOA is more of an architectural style that is applicable to both applications and infrastructure. In the context of infrastructure, SOA can be used to design reusable infrastructure components or services that can be used by multiple applications or systems.

We’ve covered the AWS and Azure Well-Architected frameworks in the article “Cloud Frameworks – Identifying Similarities and Emphasizing Operational Excellence“. These framework are both designed to help organizations build and operate secure, reliable, efficient, and cost-effective systems in the cloud. While these frameworks do not prescribe a specific software architecture pattern, they provide guidance and best practices that can help organizations adopt Service-Oriented Architecture (SOA), Microservices, and Event-Driven Architecture (EDA) effectively.

Here are some ways in which the AWS and Azure Well-Architected Frameworks facilitate the adoption of these software architecture patterns:

• Design principles: Both frameworks provide design principles that can help organizations build scalable, modular, and loosely coupled systems that are easier to manage and maintain. These principles align with the core tenets of SOA, Microservices, and EDA, and can guide organizations in building systems that adhere to these patterns.
• Best practices: Both frameworks provide best practices for building and deploying systems in the cloud. These best practices cover various aspects of system design and operation, including architecture, security, performance, and cost optimization. By following these best practices, organizations can ensure that their systems are designed to be scalable, reliable, and cost-effective, which is important for SOA, Microservices, and EDA.
• Tools and services: Both AWS and Azure offer a wide range of tools and services that can help organizations build and deploy systems that adhere to these software architecture patterns. For example, AWS offers services like Amazon API Gateway, AWS Lambda, and Amazon SNS that are well-suited for building microservices and event-driven architectures. Azure offers services like Azure Service Bus, Azure Functions, and Azure Event Grid that are similarly well-suited for building these architectures.
• Review process: Both frameworks provide a review process that can help organizations assess the design and operation of their systems against best practices and industry standards. This review process can help organizations identify areas for improvement and ensure that their systems are built to adhere to these software architecture patterns.

The AWS and Azure Well-Architected Frameworks provide guidance, best practices, tools, and review processes that can help organizations adopt Service-Oriented Architecture, Microservices, and Event-Driven Architecture effectively. By following these frameworks, organizations can build systems that are scalable, modular, and easier to manage and maintain, which is essential for success in the cloud.

Conclusion

This article is a guide to Service-Based Architecture and discusses it’s relevance in the context of the AWS and Azure Well-Architected Frameworks. It provides a detailed description of the common layers and services in SOA, as well as popular tools and open source offerings for each layer. The article also discusses the ways in which the AWS and Azure Well-Architected Frameworks support the adoption of these software architecture patterns, including design principles, best practices, tools and services, and review processes.