Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The following governance concepts are described below.

Table of Contents
maxLevel3
typeflat

SOA Governance

In modern enterprises, Service-Oriented Architecture (SOA) should properly "steer" its enterprise IT system. This process is called "SOA Governance". Governance is derived from the Latin term for steering. It is hard to find a concrete definition for SOA Governance, as the term heavily depends on a multitude of factors. People tend to define SOA Governance differently.

...

Runtime governance comes into play, soon after the service is deployed. It monitors operational aspects of a service (service performance bottle necks, who is accessing more, etc.). Unlike design-time governance, most runtime governance functions are automated. Reports generated in this phase are important feedback, for the next service design and development iteration.

For more information on SOA Governance, see Registry Life-cycles and Forrester's Major SOA Requirements.

...

Registries and Repositories

To enable SOA governance, software industry responded with two different categories of tools:

...

  • Record information on services
  • Search for an existing service for reuse
  • Discover associations and dependencies of a service
  • Enforce policies throughout the service lifecycle
  • User access control
  • Automatic version control
  • An SDK for registry-repository extensibility

...

Assets

...

WSO2 Governance Registry stores governance metadata and information on governance related entities. Registry resources storing this information and/or metadata are known as assets. With Service metadata, you can import most of the information which is separately stored in the WEB in to the Governance Registry, and manage them as Governance Registry Resources.

In WSO2 G-Reg, you can add common Service information through standard Service metadata formats like WSDL (Web Services Description Language) files, Policy files and schema files. You have to give the location of your WSDL, Policy or Schema file from local file system or as a URL. Governance Registry imports those information in to the Registry as resources. All the special resources will have their own Media Type, which will be useful for you to handle them conveniently.

All service assets are stored in the governance directory, based on the metadata type you import. For an example:

  • WSDLs are stored in /_system/governance/wsdls/ directory.
  • Policies are stored in /_system/governance/policies/ directory.
  • Schemas are stored in /governance/schemas/ directory.

WSO2 Governance Registry facilitates two types of assets: in-built and custom. For more information on these assets, see Adding Assets.

Asset is a representation of any physical or digital entity that belong to an organization, which needs to be governed. In WSO2 Governance Registry, a set of predefined attributes compose an asset.

WSO2 Governance Registry provides an XML-based semantic structure called RXT (Registry Extension Types), to define the structure of a given asset type. There are two RXT categories as follows:

  • Content RXTs : These are used to represent and maintain assets that have file content as their main attribute. (E.g. WSDLs, WADLs, Swagger files etc.). 
  • Generic RXTs: These are used to represent assets that are a combination of different types of attributes. (E.g. representation of SOAP services, REST APIs, Project, Enterprise Applications etc.)

WSO2 Governance Registry provides out of the box access to WSDL, WADL, Swagger, WS-Policy and XSD Schema Content RXTs, and SOAP service, REST service Generic RXTs, via WOS2 G-Reg Publisher. Also, you can define your own RXTs as required, and make them available for operations facilitated by the WSO2 G-Reg Publisher and Store interfaces.

 For more information on these assets, see Adding Assets.

...

Resources and Collections

In the Registry level, an asset is transformed into one or more Resources, to store it in the configured database. Resource is a concept defined in the Registry.

Resources and Collections (analogous to files and folders on a file-system), are stored in the Repository of WSO2 Governance Registry. A Collection is modeled as a special type of Resource, inside which, you can represent other Resources and Collections. The Resources-layer of the WSO2 Governance Registry provides functionalities such as conducting validations on the storing process, storing associations among Resources, and catering management of the properties of Resources. Resource validations are done through Registry Handlers associated with a particular Resource media type. For more information on this, see Handler Sample and Managing Properties.

...

Categorizing assets

There are two broad categories of artifacts found in the WSO2 Governance Registry as follows. 

  • Resources:  A resource is any artifact from WSDL files to XML, Word/Excel documents, JPEG Images, etc. Every resource in the WSO2 Governance Registry becomes a center for social activity.

  • Collections: A collection is a group of resources that falls under a logical entity, and are stored within WSO2 Governance Registry. 

...

Publishing assets 

The WSO2 Governance Registry allows you to add services through its Web-based user interface. User can choose either to enter service details manually  or to import service information using a WSDL url. For more information see Governance Artifact Configurations.

It is also possible to validate a resource's compliance with standards such as WSDL, XSD and Web Services Interoperability (WS-I). Validation capabilities help improve the quality of resources. Validation tools are also an important aspect of policy enforcement, where you can enforce resources validation at specific points of a resource life cycle. See also Managing Properties.

...

Discovering assets 

The WSO2 Governance Registry offers configurations options such as tags, comments, properties, ratings and descriptions for a resource. It is important to plan the use of these configurations, to allow them help in discovering services and enabling correct SOA Governance.

Resources for service discovering tremendously help in service reuse. In fact, it is one of the major functions of a registry-repository product. The WSO2 Governance Registry provides enhanced search capabilities to facilitate search based on tags and other advanced criteria. See also Resources. 

...

Asset lifecycle management

Typically many resources in your Registry, such as service descriptions, should progress through a series of "lifecycle stages". For instance, a service may start off as "created", then after quality assurance has confirmed that the service works as expected should be moved to "tested" stage. Upon testing, the service can then move to a "deployed" stage at which point it is released to production. Eventually, the service will be taken down or replaced with another as it moves to a "deprecated" state. Furthermore, registry allows users to define a checklist for stage transitions.

The WSO2 Governance Registry makes using and managing state-based lifecycle easy. Out of the box, the Registry comes with a default lifecycle that implements the state transitions explained earlier. You can define your own custom lifecycles with conditional state transitions, in order to match you/your organization's very specific requirements. See also Lifecycles.

SOA governance

SOA governance is a set of processes, responsibilities and tools that reinforces good behavior and help avoid bad behaviors. or more information on SOA governance, see Service-Oriented Architecture (SOA) Governance.

...

Policy management

The WSO2 Governance Registry offers user authentication and authorization capabilities over all resources stored in the Registry. Easily configurable role based user management allows define, "who can accessing what?" within the Registry. Furthermore, the Registry provides activity logs that shows user activities over resources. You can apply filters on the top of activity logs to extract customized data to suite your information needs. See also Managing Role Permissions.

...

Impact analysis

The Registry supports configuring of dependencies and associations for resources. It automatically detects certain dependencies when you publish a resource. For example, a WSDL might use an external XSD that can be automatically detected and imported to the Registry. In addition to dependencies, the Registry provide a way to configure associations among resources. You are free to specify the type of association such as "contains" or "uses" during association configuration. These associations help figure out the possible relationships that may exist among resources and also in analyzing the impact on changing a resource. See also Managing Dependencies and Associations.

...

API management

Subscriptions management

Notifications

Reporting

Monitoring

Interoperability

Services (SOAP or REST) in WSO2 G-Reg are implemented as configurable governance artifacts (RXT files)which you create using the G-Reg Publisher. Usually, in WSO2 APIM service publication is done using the APIM Publisher Web interface. Instead, you can integrate WSO2 APIM with WSO2 G-Reg, to directly publish APIs to APIM Publisher using the services deployed in the WSO2 Governance Registry. For more information on API management, see Integrating with an External WSO2 API Manager.

 

...

Subscriptions and notifications

The notifications feature can be used to generate notifications for events that occur as a result of performing operations. To receive notifications, create a subscription to a particular event along with a specified notification method (e-mail alert or G-Reg Publisher/Store notification). For more information on subscriptions and notifications, see Adding Subscription Notifications in Publisher and Store.

...

Extensibility 

The WSO2 Governance Registry provides three extension points that provide a flexible, plug-in approach to link resources and to allow users you to encode their your own governance rules and policies. These include:

  • "Handlers" - To Handlers: To implement custom behaviors to be applied to resources.
  • "Filters": - To intercept standard behaviors to make room for custom behaviors; Filters determine which Handlers are to be engaged on a resource.
  • "Aspects": - To associate custom behaviors with resources; Aspects differ form handlers, in that handlers are automatically applied to a resource, whereas, aspects are needed to be invoked manually through user action (for example, by clicking a button in the user interface). 

There are the three key Registry features that exist at the top of the Repository. You can use these to provide your own customization on top of the base product. Handlers are plug-able components that contain the custom processing logic for handling resources. Handler implementations provide alternative behavior for basic resource-related operations, by overwriting one or more methods in the Handler class.

 Each Handler is associated with a Filter. Filters provide the criteria to engage with Handlers. The WSO2 Governance Registry always evaluates the associated Filter before invoking a Handler. If the Filter evaluates to true, it invokes its associated Handler.

Similar to Handlers, Aspects are used to associate custom behaviors with Resources. The difference between Aspects and Handlers is that, you automatically apply Handlers to a resource, whereas, you need to invoke Aspects manually through a user action (e.g. by clicking a button on the UI).

Additionally, with the enhanced WSO2 Governance Registry API, you can embed the Registry in a runtime system (for example, in e.g. in the Enterprise Service Bus), and support automated run-time governance. See For more information, see also Extensions.