The public feedback session on SML will take place on September 12 in Mountain View. All are invited, but there is one of these pesky feedback agreements to sign. You can find the agreement at http://serviceml.org/. Once you’ve signed it, please send email to sml-feedback@external.cisco.com announcing your intention to come to the face to face meeting. Or you can directly email your feedback to that same address.
CMDB overview
This Network World article provides a pretty good overview of what the value of a well-used CMDB is. The statement that CMDBs are “enabled by open interfaces among management systems” is giving us (management system vendors) a bit more credit than we deserve at this point, but there is plenty of work in progress to make this be true (example 1, example 2, example 3).
Comments Off on CMDB overview
Filed under Everything, Standards
Announcing SML
BEA, BMC, Cisco, Dell, EMC, HP, IBM, Intel, Microsoft and Sun just published a new modeling specification called SML (Service Modeling Language). This is the next step in the ongoing drive towards more automation in the management of IT resources. The specification makes this possible by providing a more powerful way (using Schematron) to express system constraints in a machine-readable (and more importantly machine-actionable) way. It also has the advantage (being based on XSD) to align very well with XML document exchange protocols and the Web services infrastructure.
Here is the SML spec on the HP site. Very soon there will be an HTML version of the spec there in addition to the PDF. In addition, the serviceml.org Web site is a basic but vendor-neutral home for the spec.
Those familiar with the QuarterMaster work will see a lot of commonality and know that HP has a lot of experience to contribute in this domain: paper 1, paper 2 and paper 3.
This is an initial draft, not a final specification. The major hole in my mind at this time is the lack of support for versioning. Something to address soon.
There are many good things about this specification, but unfortunately not the name. Just for kicks, here are some better candidates:
- ITSOK (IT Systems Operational Knowledge) “it’s ok”
- ITSON (IT Systems Open Notation) “it’s on”
- ITSUP (IT Systems Upkeep Profile) “it’s up”
Comments Off on Announcing SML
Filed under Everything, SML, Standards, Tech
Going shopping
The Mercury Interactive acquisition is very exciting. Especially since it brings Systinet along, and not the Systinet of a few years ago. The company very smarty got itself out of the “Web services infrastructure” melee and is now the leader in SOA governance. A much better match for OpenView.
On the other hand, this would be scary. I am sure we’ll get to $6 billion in revenue but I am willing to wait a little bit and earn it.
Comments Off on Going shopping
Filed under Business, Everything
There is no control-Z on this thing!
Seen in today’s issue of the RISKS digest:
In the process of upgrading its storage management, PlusNet deleted more than 700GB of its customers’ e-mail and disabled the ability of about half its 140,000 users to send and receive new e-mail. “At the time of making this change the engineer had two management console sessions open one to the backup storage system and one to live storage. These both have the same interface, and until [then] it was impossible to open more than one connection to any part of the storage system at once.” Patches were installed, but the engineer assumed he was working with the backup rather than the live server. Thus, “the command to reconfigure the disk pack and remove all data therein was made to the wrong server.”
It’s for things like this that the RISKS digest should be a required reading for software professionals, especially in enterprise software. Tools make it easier to do useful things, they also make it easier to do very stupid things. Additional automation (that we are working on right now) can help prevent these problems. But it has corner cases too that may open the door to even bigger failures.
I have no idea what vendor console is involved in this specific incident. Could well be HP. Or Veritas. Or Tivoli…
[UPDATE: turns out it was Sun.]
Comments Off on There is no control-Z on this thing!
Filed under Everything, Tech
A look at Web services support at Microsoft
A “high-level overview of Microsoft support for Web services across its product offerings” was recently published at MSDN. At times it sounds a bit like a superficial laundry list of specs (it really doesn’t mean much to say that a product “supports” a spec even though we all often resort to such vague statement). Also, the screen captures are not very informative. But considering the breath of material and the stated goal of providing a high-level overview this is a nice document. And if I imagine myself in the position of trying to write a similar document for HP, my appreciation for the work that went into it rises quickly.
Having all this listed in one place points out one disappointing aspect: the disconnect between Web services usage for “management and devices” and everything else Web services. If you look at the table at the bottom of the MSDN article, there is no checkbox for any management or device Web service technology in the ASMX 2.0, WSE 2.0, WSE 3.0 or WCF columns. These technologies only appear in the guts of the OS. So Vista can interact with devices using WS-Eventing, WS-Discovery and the Web services device profile, but I guess Visual Studio developers are not supposed to want to do anything with these interfaces. Similarly, Windows Server R2 provides access to its manageability information using WS-Management (actually, AFAIK it’s still an older, pre-standard version of WS-Management but we’ll pass on that), WS-Transfer, WS-Enumeration and WS-Eventing but the Visual Studio developers are again on their own to take advantage of this to write applications that take advantage of these capabilities.
This is disappointing because one of the most interesting aspects of using Web services for management is to ease integration between IT management and business applications, a necessary condition in order to make the former more aligned with the later. By using SOAP for both we are getting a bit closer than when one was SNMP and the other was RMI, but we won’t get to the end goal if there is no interoperability above the SOAP layer.
Hopefully this is only a “point in time” problem and we will soon see better support for Web services technologies used in management in the general Web services stack.
The larger question of course is that of the applicability (or lack of applicability) of generic XML transfer mechanisms (like WS-Transfer, WS-Eventing and WS-Enumeration) outside of the resource management domain. That’s a topic for a later post.
Comments Off on A look at Web services support at Microsoft
Filed under Everything, Implementation, Tech
RDF to XML tools for everyone in 2010?
As has been abundantly commented on, a lot of the tool/runtime support for XML development is centered on mapping XML to objects. The assumption being that developers are familiar with OO and not XML and so tools provide value by allowing developers to work in the environment they are most comfortable in. Of course, little by little it becomes obvious that this “help” is not necessarily that helpful and that if the processing of XML document is core to the application then the developer is much better off learning XML concepts and working with them.
The question is, what will happen to the tools once we move beyond XML as the key representation. XML might still very well be around as the serialization (it sure makes transformations easy), but in many domains (IT management for one), we’ll have to go beyond XML for the semantics. Relying on containment and order is a very crude mechanism, and one that can’t be extended very well despite what the X in XML is supposed to stand for. Let’s assume that we move to something like RDF and that by that point most developers are comfortable with XML. Who wants to bet that tools would show up that try to prevent developers from having to learn RDF concepts and instead find twisted ways to process RDF statements as one big XML document, using the likes of XPath, XSLT and XQuery instead of SPARQL?
All the trials and errors around Web services tools in Java (especially) made it very clear how tools can hold you back just as much as they can help you move forward.
Comments Off on RDF to XML tools for everyone in 2010?
Filed under Everything, Implementation, Tech
Looking at AMQP
If you spend a large part of your day reading and writing XML-related specs and artifacts, what do you do in the evening for a change? You read a non-XML spec. That’s what I did tonight, with the newly-released AMQP specification.
The clear aim of AMQP is to open up and commoditize the message queuing middleware space. Some customers in the financial services industry and smaller software vendors are fed up with, respectively, IBM/Tibco fees and IBM/Tibco market dominance. And this is how they plan to bring change. Definitely something to watch. And not just if you’re in banking, many other domains have demanding messaging needs, including IT management. So they have my attention.
I am not a messaging guru, so my comments are not about the core content of the spec (it seems very well thought-through though) but mostly around the interconnection between this spec and the domain I focus on. Basically, how this would fit in the landscape of standards-based management integration for increased automation and flexibility.
So how would this map to WS-Eventing, which is the basis for the eventing part of the ongoing Web services management convergence? To a large extent, they are orthogonal and complementary. WS-Eventing is about creating and managing subscriptions, not how the notifications get delivered. As long as you can create an EPR that indicates that AMQP is the delivery mechanism, WS-Eventing will be ok with that protocol. And conversely, AMQP has limited support for the function of subscribing. The closest thing is the ability, defined by AMQP, for a consumer application to create message queues and then to pass bindings to the server to drive messages into these queues. But in AMQP there is no concept of notifying the publisher application that there is now interest from a consumer for some type of message. So, in the general case, a mapping of a WS-Eventing subscribe call to AMQP would require two steps, one to create the appropriate queue and binding on the server and another (if applicable to the system), to notify (through a mechanism not specified by AMQP) the publisher application that there is interest for a specific type of messages. In some systems the publisher app always sends the same notifications and lets the messaging infrastructure deal with dropping those that no-one cares to get. But in other use case (including some in the management space), the system that plays the role of publisher application is able to vary the amount of notification it sends depending on its configuration. This is not addressed by AMQP.
Another interesting aspect is to look at how something like WS-Topics can be used with AMQP. AMQP does have a built-in “Topic” exchange type just for this. But it specifies that “the routing key used for a topic exchange MUST consist of words delimited by dots. Each word may contain the letters A-Z and a-z and digits 0-9”. This wouldn’t allow a direct mapping from WS-Topics since the topics in WS-Topics are XML elements, therefore their names are of type NCName, which includes the “dot” character.
What I find more puzzling is the claim (not in the spec but in the announcement) that “The AMQProtocol can be used with most of the current messaging and Web Service Specifications such as JMS, SOAP, WS-Security, WS-Transactions, and many more, complimenting (sic) the existing work in the industry.” I can easily see how AMQP can be used with JMS and as I described above it can also be used with the WS specs that manage subscriptions. But I don’t understand how it relates to things like WS-Security and WS-Transaction. AMQP defines a binary protocol that doesn’t conform to the SOAP model, so how does it compose with SOAP-based specifications? This is especially important because AMQP is very light on security. And when it comes to transactionality and reliability it just says that “there are no confirmations in AMQP. Success is silent, and failure is noisy. When applications need explicit tracking of success and failure, they should use transactions.” And leaves it at that.
The AMQP announcement is covered in this eWeek story. BTW, unless he is quoted out of context ZapThink’s Jason Bloomberg seems to miss the point when he compares AMQP with JMS and its “vendor-specific implementations”. The fact that JMS is not a on-the-wire protocol and has therefore vendor-specific implementations is actually the very reason why something like AMQP is needed. AMQP asserts that the protocol can be mapped to JMS and indeed I didn’t see anything in the spec that would prevent this from being true.
I also wonder if it’s for the irony or as a Freudian slip that the topic example they use in the spec happens to be STOCK.USD.IBM.
[UPDATED 2008/10/27: Microsoft announced that they will join the group.]
[UPDATED 2009/3/17: There is some debate around RedHat patents related to AMQP. Kirk is not happy. Matt is not worried. RedHat says it’s pure.]
Filed under Everything, Standards, Tech
Public review of WS-Notification specs
I am a little late in pointing this out but we are half-way through the (hopefully final) public review of the WS-Notification family of specs (WS-BaseNotification, WS-BrokeredNotification and WS-Topics). You have one more week to review the specs and send your comments. Many of the changes in WS-BaseNotification and WS-BrokeredNotification relate to lifecycle management and how these specs relate to WS-ResourceLifetime. There is only one change to WS-Topics but I think it is a pretty major improvement. It cleans up how extension topics appear in a TopicSet document. All the links and information on how to comment are in this announcement.
Comments Off on Public review of WS-Notification specs
Filed under Everything, Standards
Just-in-scope (or just-if-i-care) validation
I started my Christmas wish list early this year. In January I described how I would like a development tool that tests XPath statements not just against instance documents but also against the schema. Since I am planning to be good this year for a change, I might get away with a second item on my wish list, so here it is. It’s the runtime companion of my January design-time request.
Once I have written an application that consumes messages by providing XPath expressions to retrieve the parts I care about, I would like to have the runtime validate that the incoming messages are compatible with the app. But not reject messages that I could process. One approach would be to schema-validate all incoming messages and reject the messages that fail. Assuming that I validated my XPath statements against the schema using the tool from my January wish, this should protect me. But this might also reject messages that I would be able to process. For example, even if the schema does not allow element extensibility at the end of the document, it shouldn’t break my application if the incoming message does contain an extra element at the end, if all I do with the message is retrieve the value of a well-defined foo/bar element. So what I would like is a runtime that is able to compare the incoming message with the schema I used and reject it only if the deviations from the schema are in locations that can possibly be reached by my application through the XPath statements it uses to access the message. Otherwise allow the message to be processed.
Steve, could Alpine do that?
Comments Off on Just-in-scope (or just-if-i-care) validation
Filed under Everything, Implementation, Tech
Security by complexity?
WSRF/CDL/WS-Addressing complexity used as a security barrier? Ouch!
Comments Off on Security by complexity?
Filed under Everything, Security, Standards
WS-Management a DMTF preliminary standard
WS-Management came out of the working group and has been published by the DMTF as a preliminary standard. Read it here.
Comments Off on WS-Management a DMTF preliminary standard
Filed under Everything, Standards
CA joining “Federated CMDB” effort
CA announced today that they are joining BMC, HP, IBM and Fujitsu in the effort announced last week to standardize ways to create a Federated CMDB out of distributed configuration repositories. Welcome!
Since I am pointing to press releases left and right, here is one more.
HP is not only tackling the challenge of supporting ITSM processes in a top-down fashion (like Federated CMDB). We are also attacking it bottom up through some very concrete integrations. Such as the SOAP-based incident exchange interface developed with SAP that is mentioned in this press release.
Comments Off on CA joining “Federated CMDB” effort
Filed under Business, Everything, Standards
Federated CMDB, one more step towards “Google maps for IT”
In July last year I gave a short presentation at the IEEE ICWS 2005 conference in Miami in which I used an analogy with Google Maps (since then assimilated into Google Local) to explain that we needed to do a better job at federating disparate instance model repositories for management. After the conference, I wrote up this blog entry to summarize my message. I got mostly positive feedback on this, with the one caveat that people were confused by the terminology. When I told them to replace “model instance” with “configuration”, things went a lot better. I realized I was guilty of that cardinal sin in our industry, lack of buzzword compliance. So here it is: I should have called the whole thing a Federated CMDB.
Between then and now, a bunch of major players in IT management got together to address this objective. Today we announced (along with our partners BMC, Fujitsu and IBM) a collaboration to produce a specification to federate configuration data repositories. And this time we are fully buzzword-compliant, so the work is described in terms of CMDB and support for ITIL best practices. Lesson learned. And of course you can expect plenty of SOA goodness sprinkled in the spec.
Stay tuned for more specifics on this soon. Before anyone sarcastically points it out, yes, this is the second announcement that we put out in a few weeks that is not backed by publicly available work (the other one is the WS-Management/WSDM convergence roadmap). And it might not even be over quite yet. Clearly, announcements are cheap (actually not so cheap if you see the work they take) compared to doing the real work. But there is real work going on behind this.
[UPDATE: a few days after I wrote this, Google went back to using the “Google maps” name instead of “Google local”.]
Filed under CMDB Federation, CMDBf, Everything, Tech
The other face of WS composition
Dave Orchard is having some fun with the spec names in the convergence roadmap. I think he stumbled onto the second way that Web services specifications are composed. It goes something like this:
- if the specs don’t overlap, compose them by putting their SOAP headers side by side
- if the specs overlap, compose them by concatenating their names
Let’s consider ourselves lucky that others were more imaginative than us, otherwise WSDL might be called WS-NasslScl and BPEL might be called
called WS-XlangWsfl. Some of Dave’s predictions are scary though. I just hope we don’t wake up one day to realize that the foundation
language for Web services is not XML anymore but CamelCase…
Comments Off on The other face of WS composition
Filed under Everything, Standards
Tim Bray feels for me
It’s always nice to get some sympathy. When Tim Bray writes “I can’t help but feel for the H/I/I/M staff who are going to have to do the work”, I think I am included. And even thought the rest of the message is mostly ironic, I don’t think he means this sentence ironically. By “H/I/I/M” he of course means HP, IBM, Intel and Microsoft who recently published a roadmap for convergence of Web service standards for resources, events, and management, on which Tim shares his thoughts.
This kind word of support made me think back for a minute about where we are coming from in this long-winded effort to establish an interoperable way to use Web services for management.
The first instance I am aware of came from HP and WebMethods. It was the OMI work, released back in 2001. The goal was to “provide an easy, open way for systems management vendors and other interested parties to access and manage the resources associated with an integration platform, together with associated business processes.” At the time, putting Web services on simple resources was a bit of a stretch, but using Web services to manage integration platforms and the underlying business processes was already in OpenView’s agenda.
In 2002, a few of us in HP created the Web Services Management Framework (WSMF). It’s not exactly how I would write it today, but it does the job well and reliably. Especially, if you include the note on dynamic attributes and meta information that we published a few months later. This note introduces a generic GET operation qualified by an XPath statement to retrieve a portion of the XML representation of the resource. Hum, where have I seen this lately… It also provides a way to retrieve metadata associated with the entire resource, or to a given operation, attribute or notification. To this day, we integrate with several partners using WSMF.
As a side note, WSMF didn’t suffer from not using WS-Addressing. What we did need that wasn’t available at the time, was a way to subscribe for events and deliver them using Web services. So we wrote WS-Events to do just this. Not being in the messaging business, we didn’t really want to write it and wanted to let the messaging vendors drive it, but at the time there was nothing like WS-Notification or WS-Eventing available. These days, I often hear people use the name WS-Events to mean WS-Eventing, so at least I have the satisfaction to know that by being first we got to pick the more intuitive name. Maybe we should have done the same thing with WSMF and called it WS-Management…
The goal of course was to have industry-wide interoperability so in 2003 we submitted WSMF to the OASIS WSDM technical committee. Along the way, we picked up WS-Addressing, WSRF, WS-Notification (as a way to merge our foundation with that used by the Global Grid Forum) and WS-Manageability (a submission from IBM, CA and TalkingBlocks for the management of Web services, for which WSMF also had a subcomponent called WSMF-WSM). The result is WSDM 1.0, now an OASIS standard.
But the quote from Metropolis provided by Tim (“Nobody cared about the slaves who died laboring to raise the Tower of Babel”) is especially relevant here, not just because non-one cared about the slaves (many people on the planet do a much more painful work for much less reward than the engineers involved in these specifications, so am I not too sorry for us), but because, as in Babel, someone up in the clouds (or rather, up North where the weather is often cloudy) didn’t like the looks of the tower we were building and created incompatible languages, preventing the tower from reaching the heavens.
I am of course referring to the publication of WS-Management. But our goal of industry-wide interoperability hadn’t changed, so off we went again. Along two threads actually (yes, it gets worse before it gets better). Since the submission of WS-Management to the DMTF we’ve been working there on fixing it up. The spec is expected to soon come out of DMTF. And at the same time, as is now well-known, HP, IBM, Intel and Microsoft have been working on a convergence of the two stacks, which is what the roadmap published last week describes.
So, anyway, here is my brief personal history, to this day, of Web services for management. From a very HP-centric viewpoint, one way to look at it is that HP was the very first to create a spec to use Web services for management, then we had to bring IBM on board so we did another iteration, and now we have to bring Microsoft on board so here we go with yet another iteration.
Yes, there is more work to come. Thank you Tim for your support. I, for one, am ok, really. I am actually more worried about the consumers of our specs. The developers of course, including those who spent a lot of time implementing these specs, for example for Apache or for CDDLM. And our partners and customers, who make planning decisions based on the industry landscape. It’s for these people that we wanted to publish this roadmap as soon as possible and make it specific enough that people can extract useful information to plan accordingly. From my perspective at least, they are the reason why it made sense to publish the roadmap even though we are not yet ready to provide the actual specifications being developed. And also to provide Tim with some pinata practice just before Easter.
Tim also ironically notes that some of the vendors participating in the convergence are “supporting the existing to-be-superseded and to-be-amended specs in the interim, and are apparently suggesting, straight-faced, that it might be sane for customers to use them”. From HP’s perspective, we are only listed as planning to eventually support the converged specifications. For the rest, in such a context every situation is unique when determining the smartest way to use available information about the convergence and available specifications. One needs to find the most appropriate way to move forward today (the benefits of applying SOA principles and Web services technologies to management are reachable today and many customers are seizing them) while protecting the investment in the long run. We are working with our customers and partners on this.
All in all though, I am not quite sure what to make of Tim’s message. Calling the roadmap a WS-Pinata clearly illustrate his eagerness to hit it hard. But those hitting a pinata tend to be blindfolded and the pinata also contains candy. I am probably pushing the analogy further than Tim intended but, irony aside, he doesn’t seem to disagree with the value of having the industry standardize on a set of specifications rather than having competing stacks.
Filed under Everything, Standards
WS convergence for the visually oriented
Since the convergence roadmap was introduced last week I have explained it to a few people. I found that a graphical representation of how all the specifications mentioned in the roadmap relate to one another helps a lot. So, in case other people can use it, here is the animated powerpoint description of the proposed converged stack. It has to be shown in slideshow mode so the animations work.
Creating this slide reminded me of the (much nicer) animated slides that Jay Unger from IBM created for the introduction of WSRF. Those who were around at the time will surely remember them. For all the luck they brought to WSRF. Fortunately, I am not superstitious.
[UPDATE on 2007/11/27: the link to the roadmap on hp.com doesn’t work anymore, but you can still find the roadmap on the IBM site. Also, it was brought to my attention that the animations in the powerpoint slide don’t work with powerpoint 2000 (i.e. version 9.0 that is part of Office 2000). I know they work on powerpoint 2003 (version 11.0, part of Office 2003) since it’s what I used to create it. Not sure about powerpoint 2002 (aka version 10.0 that was part of Office XP). Without the animations, this slide doesn’t make much sense.]
Comments Off on WS convergence for the visually oriented
Filed under Everything, Standards
HP/IBM/Intel/Microsoft roadmap
HP, IBM, Intel and Microsoft just released a roadmap to describe how we plan to converge the myriad of Web services specs currently used for resource acces, eventing and management. Basically converging WS-Management and the stack under it with WSDM and the stack under it. This roadmap should make users of these specs feel a lot more at ease. It also is specific enough to give a good indication of the smart way to architect systems today in a way that will align with the reconciled version. Even though we don’t have spec candidates ready to share at this point, we thought it would be valuable to let people know of the direction we are heading towards. The resulting set of specifications will be based on the currently existing WS-Transfer, WS-Eventing and WS-Enumeration. Which, as it happens, are published as member submissions by the W3C today.
Comments Off on HP/IBM/Intel/Microsoft roadmap
Filed under Business, Everything, Standards
Schema-based XPath tool
Most XML editors offer an XPath tool that allows one to test and fine-tune XPath expressions by running them against XML documents. Very helpful but also potentially very deceptive. With such a tool it is very easy to convince oneself that an XPath expression is correct after running it against a few instance documents. And a month later the application behave erratically (in many cases it probably won’t break it will execute the request on the wrong element which is worst) because the XPath expression is ran on a different document and what it returns is not what the programmer had in mind. This is especially likely to occur as people use and abuse shortcuts such as “//” and ignore namespaces.
What we need is an XPath tool that can run not only run the XPath against an instance document but can also run it against a schema. In the later case, the tool would flag any portion of the schema that can possibly correspond to a node in the resulting nodeset. It would force programmers to realize that their //bar can match the /foo/bar that they want to reach but it could also match something that falls under the xsd:any at the end of the schema. And the programmer has to deal with that.
Filed under Everything, Implementation, Tech
The joys of code-generated WSDL
I recently ran into a WSDL which included an operation called “main”. The type of the request message for the operation was of course:
<complexType name=”ArrayOf_xsd_string”>
<complexContent>
<restriction base=”soapenc:Array”>
<attribute ref=”soapenc:arrayType” wsdl:arrayType=”xsd:string[]”/>
</restriction>
</complexContent>
</complexType>
Command line over SOAP. Nice…
Comments Off on The joys of code-generated WSDL
Filed under Everything, Implementation