Using a service registry that doesn’t suck part I: UDDI is dead
This is the first of a series of posts on which I am hoping to detail some of the most common SOA governance scenarios in the real world, their challenges and the approach we’ve taken to address them in SO-Aware. This series does not intend to be a marketing pitch about SO-Aware. Instead, I would like to use this to foment an honest dialog between SOA governance technologists.
For the starting post I decided to focus on the aspect that was once considered the keystone of SOA governance: service discovery
In a real SOA enterprise infrastructure with hundreds of services, it is safe to assume that service endpoints are going to constantly be subjected to changes in areas such as location (URL), policy (security, etc) or contract (WSDL, operations). As SOA developers, we would like to make our applications as resilient to those changes as possible so that they don’t impose any constraints in the natural evolution of our SOA. A common practice to accomplish that is to have client application to resolve service metadata such as endpoints or policies against a service repository like is illustrated in the following figure:
The screwed-up traditional solution: The UDDI way
In order to address these challenges, the big SOA vendors (read Microsoft, Oracle, IBM etc) created a standard that with the purpose of modeling service metadata information that could be used to enable service discovery capabilities. The standard was baptized as Universal Data Discovery and Integration (UDDI) and, unfortunately, it became the cornerstone of SOA governance products such as SOA Software or Systinet.
Despite the several attempts to leverage it as part of SOA governance platforms, UDDI has proven to be an incredibly ineffective mechanism to enable service publishing and discovery. If you’ve ever used a UDDI registry, this shouldn’t come as a surprise.
For instance, the following SOAP message is required to discover a service endpoint using UDDI.
7: <find_service businessKey="Key1"
12: <findQualifier />
13: <findQualifier />
15: <name ="" />
16: <name ="" />
18: <keyedReference tModelKey="tModelKey1"
20: keyValue="tModelKey1Value" />
21: <keyedReference tModelKey="tModelKey2"
23: keyValue="tModelKey2Value" />
And the response is even more confusing:
7: <serviceList generic="2.0"
12: <serviceInfo serviceKey="ServiceKey1"
14: <name ="CRMSOAPService" />
15: <name ="" />
What makes this process ridiculously hard is the complexity of the UDDI API and the model. Just think about what it will take for a client written in a dynamic language like Ruby(aka doesn’t do SOAP very well) to interact with a UDDI repository.
Bottom line, the SOA models created with UDDI are incredibly complex to implement and use and, quite often, end up becoming another bottleneck in your SOA.
A better solution: The SO-Aware way
When we were building SO-Aware, we decided to avoid the complexities of UDDI and instead enable a way simpler mechanism to facilitate the discovery and query of services. We achieved that by implementing a 100% RESTful API based on the OData standard that allows querying the entire service registry using plain HTTP GETs.
In this model, discovering a new service is just a matter of executing an HTTP GET like the following:
GET /SOAware/ServiceRepository.svc/Services('Service Name')
The response is an AtomPub payload with the service details:
1: <feed xml:base=" http://<WebHost>/ServiceRepository"
3: <title type="text">Services</title>
4: <id> http://<WebHost>/ServiceRepository /Services</id>
6: <link rel="self" title="Services" href="Services" />
8: <id> http://<WebHost>/ServiceRepository /Services(‘id’')</id>
9: <title type="text">CRMSOAPService</title>
10: <content type="application/xml">
12: <d:Id m:type="Edm.Guid">Service ID</d:Id>
14: <d:Description>This is a SOAP
15: endpoint that abstracts a CRM system</d:Description>
Compare this approach with the complexity of the UDDI based model and draw your own conclusions. Basically, this model makes abstracts the interaction with the service registry as simple AtomPub HTTP GETs and POSTs messages. Given that the entire model is based on AtomPub, users can subscribe their favorite Atom reader so feeds that describe the relevant service events such as creation, updates, etc.