Upload
inara
View
40
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Deploying Web Services: Bringing NNEC To The Edge. Presentation to MCC 2006 James Busch Principal Scientist NC3A The Hague. Deploying Web Services: Bringing NNEC to the Edge. Brief Intro to NNEC. Brief Intro to SOA and Web Services. Deployed Web Services Experiment. Conclusions. NNEC?. - PowerPoint PPT Presentation
Citation preview
NATO UNCLASSIFIED19 September 2006
Deploying Web Services: Deploying Web Services: Bringing NNEC Bringing NNEC
To The EdgeTo The Edge
Presentation to MCC 2006Presentation to MCC 2006
James BuschJames BuschPrincipal ScientistPrincipal ScientistNC3A The HagueNC3A The Hague
NATO UNCLASSIFIED 2
Deploying Web Services:Deploying Web Services:Bringing NNEC to the EdgeBringing NNEC to the Edge
Brief Intro to NNEC
Brief Intro to SOA and Web Services
Deployed Web Services Experiment
Conclusions
NATO UNCLASSIFIED 3
NNEC?NNEC?
““It is a global, Web-enabled platform for multiple forms It is a global, Web-enabled platform for multiple forms of collaboration. This platform enables individuals, of collaboration. This platform enables individuals, groups, companies and universities anywhere in the groups, companies and universities anywhere in the world to collaborate - for the purposes of innovation, world to collaborate - for the purposes of innovation, production, education, research, entertainment [and] production, education, research, entertainment [and] war-making - like no creative platform before.”war-making - like no creative platform before.”
New York Times columnist Thomas L. Friedman on IT’s Effect on Globalization, 2006
NATO UNCLASSIFIED 4
NNEC!NNEC!
““Future operations will be more complex and Future operations will be more complex and multidimensional. The planning and execution of multidimensional. The planning and execution of operations will ... [require] truly interoperable forces. operations will ... [require] truly interoperable forces. To support this end, the use of Alliance forces must To support this end, the use of Alliance forces must change from a pattern of de-confliction to one of change from a pattern of de-confliction to one of integration where emerging technologies and concepts, integration where emerging technologies and concepts, like network-enabled capability, are increasingly used.”like network-enabled capability, are increasingly used.”
NATO’s Strategic Commanders, 2004
NATO UNCLASSIFIED 5
NNEC ChallengeNNEC Challenge Information comes from many sources and is Information comes from many sources and is
needed by many different users. It must be:needed by many different users. It must be: Securely Securely SharedShared CommonlyCommonly Understood Understood IntegratedIntegrated and Analyzed and Analyzed
…but how?
?
NATO UNCLASSIFIED 6
NNEC Feasibility StudyNNEC Feasibility StudyAmbitionsAmbitions
Identify types of C2ISR capabilities required to ‘enable’ Identify types of C2ISR capabilities required to ‘enable’ NATO Network Centric OperationsNATO Network Centric Operations Based on agreed Missions, Concepts of Operations, Based on agreed Missions, Concepts of Operations,
involving use of Modular Force Structures such as the NRF involving use of Modular Force Structures such as the NRF (NATO Response Force)(NATO Response Force)
Utilization of Capability Based Planning approach to identify Utilization of Capability Based Planning approach to identify ‘mix’ of National and NATO capabilities ‘mix’ of National and NATO capabilities
Develop a Strategy and Roadmap for realization of a Develop a Strategy and Roadmap for realization of a Networking and Information InfrastructureNetworking and Information Infrastructure (NII) (NII) To ‘enable’ required C2ISR capabilities and to support the To ‘enable’ required C2ISR capabilities and to support the
broader needs of the Alliance.broader needs of the Alliance. Involves networking of national funded, NATO common Involves networking of national funded, NATO common
funded and multi-national funded capabilities funded and multi-national funded capabilities
NATO UNCLASSIFIED 7
Main Technical Components of NIIMain Technical Components of NII
CommunicationsCommunications Information and Integration ServicesInformation and Integration Services Information AssuranceInformation Assurance Service ManagementService Management
NNEC Information
Infrastructure(NII)
CommunicationServices
Ch3
Information andIntegration Services
Ch4
InformationAssurance Services
Ch5
Service Management& Control Services
Ch6
NATO UNCLASSIFIED 8
Information SystemsInformation SystemsRecommendations for the NIIRecommendations for the NII
Service Oriented ArchitectureService Oriented Architecture Loose coupling, dynamic discovery, service orientedLoose coupling, dynamic discovery, service oriented
Open and accepted standardsOpen and accepted standards XML, SOAP, UDDI, WS-Security, etc.XML, SOAP, UDDI, WS-Security, etc.
““Federation of Systems” vice “System of Systems” ConceptFederation of Systems” vice “System of Systems” Concept Autonomous Systems Autonomous Systems Federated ServicesFederated Services
National Centric – no NATO “GIG”National Centric – no NATO “GIG” Flexible level of national participation (CMM concept)Flexible level of national participation (CMM concept)
Incorporation of legacy systemsIncorporation of legacy systems Interface to – as opposed to eliminate – existing capabilityInterface to – as opposed to eliminate – existing capability This includes new “Value Added” services such as REPThis includes new “Value Added” services such as REP
Metadata supported information sharing and exchangeMetadata supported information sharing and exchange XML as common languageXML as common language Development of “ontologies” to support information sharingDevelopment of “ontologies” to support information sharing Usage of NATO XML RegistryUsage of NATO XML Registry
NATO UNCLASSIFIED 9
Deploying Web Services:Deploying Web Services:Bringing NNEC to the EdgeBringing NNEC to the Edge
Brief Intro to NNEC
Brief Intro to SOA and Web Services
Conclusions
Deployed Web Services Experiment
NATO UNCLASSIFIED 10
Service Oriented ArchitectureService Oriented Architecture
Service Oriented Architecture is the future of system development:
“…the single most important theme in modern application development is service oriented architecture…” – Gartner Group
Recommended in NNEC Feasibility Study! Information is provided as a series of “Services” – which can be as granular as you
like A “Consumer” requests information from a “Producer” (Service) and receives a
response with some kind of data
Benefits– Rapidly integrate new and existing systems into the ‘sharing network’ maximize interoperability.
– Utilize ‘open source’ and COTS that support ‘open standards’ minimize cost and reduce/eliminate vendor dependencies.
– Securely share information across various security levels amongst various coalition partners.
– Reduced integration costs and time compared with current approaches and technologies.
Web Services – an instantiation of SOA – holds promise for solving traditional integration problems using commonly available technologies – XML, HTTP, TCP/IP, etc. – and enabling integration with minimal or no changes to underlying (new or existing) systems
NATO UNCLASSIFIED 11
What is Service Oriented Architecture?What is Service Oriented Architecture?
Publish
Data and applications available for use accessible via services. Metadata added to services based on producer’s format.
Service Producer
• Describes content using metadata• Posts metadata in catalogs for discovery• Exposes data and applications as services
Discover
Request/Invoke
• Searches metadata catalogs to find data services
• Analyzes metadata search results found• Pulls selected data based on metadata
understanding
Automated search of data services using metadata. Pulls data of interest. Based on producer registered format and definitions, translates into needed structure.
Service Consumer
Service Enabled Infrastructure
MessagingServices
MonitoringServices
RegistryServices
SecurityServices
TransformationServices
DataServices
NATO UNCLASSIFIED 12
SOA SOA Web Services Web Services
SOASOA is an enterprise is an enterprise architecturearchitecture
Web ServicesWeb Services is an is an implementationimplementation of that architecture… of that architecture… ……following a following a common suite of standards (W3C, OASIS, etc.)common suite of standards (W3C, OASIS, etc.)
XML for dataXML for data SOAP for messagingSOAP for messaging HTTP over TCP for transportHTTP over TCP for transport UDDI for registering servicesUDDI for registering services WSDL for describing servicesWSDL for describing services
Can be used to open a controlled “window” into an existing Can be used to open a controlled “window” into an existing application (aka the Web Service application (aka the Web Service interfaceinterface))
NATO UNCLASSIFIED 13
Web Services – How they workWeb Services – How they work
Registry (Discovery
Service) Security Service
Service (Information
Provider)
Service (Information
Provider)
Service (Information
Provider)
NetworkServices come “on line” (join the network)
Web
Services
Interface
Web Services
Interface
Web S
ervices
Inte
rface
NATO UNCLASSIFIED 14
Deploying Web Services:Deploying Web Services:Bringing NNEC to the EdgeBringing NNEC to the Edge
Brief Intro to NNEC
Brief Intro to SOA and Web Services
Conclusions
Deployed Web Services Experiment
NATO UNCLASSIFIED 15
Web Services Pattern 1:Web Services Pattern 1:Synchronous Request-ResponseSynchronous Request-Response
Consumer makes request from Service and Consumer makes request from Service and waitswaits for for responseresponse
No state (persistence) – Service “forgets” about No state (persistence) – Service “forgets” about Consumer as soon as response is sentConsumer as soon as response is sent
PlusesPluses Simple, most basic modelSimple, most basic model Easy to implement (any web browser can be a client)Easy to implement (any web browser can be a client) Loose coupling between Client and ServiceLoose coupling between Client and Service
MinusesMinuses Client waits on ServiceClient waits on Service Data is only received when asked for (not good for time-Data is only received when asked for (not good for time-
dependent data)dependent data)
NATO UNCLASSIFIED 16
Web Services Pattern 1:Web Services Pattern 1:Synchronous Request-ResponseSynchronous Request-Response
User
Use Case 1: Synchronous User, No Broker
Service
Request Message
Response Message
... (2) User issuesRequest to Service andwaits for Response tobe generated (data is
“pulled”)
(1) Producer Service can onlyrespond to requests (cannot
initiate messaging)...
Useful for:
• Services where the information is not time-dependent (e.g. document repositories)
• Situations where Clients only want data when it asks
• When simplicity is important
• Situations where Client and Service(s) have no knowledge of each other
NATO UNCLASSIFIED 17
Web Services Pattern 2:Web Services Pattern 2: Asynchronous “Push” (aka Publish-Subscribe) Asynchronous “Push” (aka Publish-Subscribe)
Consumer asks Service to send data whenever it is Consumer asks Service to send data whenever it is available (“subscribes” to Service)available (“subscribes” to Service)
Consumer implements a “listener”; Service implements Consumer implements a “listener”; Service implements capability to initiate messages (not just respond)capability to initiate messages (not just respond)
PlusesPluses Data is “pushed” out as soon as it is available, and only when Data is “pushed” out as soon as it is available, and only when
it changesit changes Client doesn’t have to wait on serviceClient doesn’t have to wait on service Less back-and-forth between client and server? Less back-and-forth between client and server? (more on this (more on this
later…)later…) MinusesMinuses
Both Consumer and Service must implement capability Both Consumer and Service must implement capability beyond the basicbeyond the basic
Consumer and Service are forced to “know” about each otherConsumer and Service are forced to “know” about each other
NATO UNCLASSIFIED 18
Web Services Pattern 2:Web Services Pattern 2:Asynchronous “Push”Asynchronous “Push”
User
Use Case 2: Asynchronous User, No Broker
Service
Message
Message
... (3) Userissues Request to
Service and“forgets” about
it...
... (4) Message is sentwhen data ready (can occur
repeatedly) and isreceived and processed by
User
Listener Service
... (2) Userimplements a
“Listener” WebService capable of
receivingmessages...
Push Service
(1) Producer Serviceimplements a “push” servicewhich can initiate message
sending...
Ack
Ack
Useful for:
• Service offering very time-sensitive information (e.g. (near)real-time tracks)
• Client who wants new information as soon as it is available without having to ask for it
• Reducing the number of queries between Client and Service?
NATO UNCLASSIFIED 19
The Overhead of Web ServicesThe Overhead of Web Services
““XML/SOAP Adds So Much Overhead!”XML/SOAP Adds So Much Overhead!”
<?xml version=…><?xml version=…> <SOAP-ENV:Envelope …><SOAP-ENV:Envelope …> <SOAP-ENV:Body…><SOAP-ENV:Body…> <XML Content…><XML Content…> Payload goes here…Payload goes here… </XML Content></XML Content> </SOAP-ENV:Body></SOAP-ENV:Body> </SOAP-ENV:Envelope></SOAP-ENV:Envelope>
The Disadvantage Is:The Disadvantage Is: Lots of overhead from all the tags, headers, white spaceLots of overhead from all the tags, headers, white space
The Benefits Are:The Benefits Are: Structured information via XML (vital for information sharing, Structured information via XML (vital for information sharing,
interoperability)interoperability) SOAP Envelope used for WS-Security, WS-Federation, etc.SOAP Envelope used for WS-Security, WS-Federation, etc.
NATO UNCLASSIFIED 20
The Overhead of Web Services (2)The Overhead of Web Services (2)
XML “Efficiency”XML “Efficiency” Huge advances in last few yearsHuge advances in last few years W3C Efficient XML Interchange Working GroupW3C Efficient XML Interchange Working Group working on working on
standard for efficient XML transmissionstandard for efficient XML transmission Reduce XML documents by factor of 100Reduce XML documents by factor of 100 Maintain all the benefits of XML, mostly lose the Maintain all the benefits of XML, mostly lose the
drawbackdrawback
But…But… Digital Signatures and Encryption remain problematicDigital Signatures and Encryption remain problematic
Add more overhead for securityAdd more overhead for security Don’t compress wellDon’t compress well
XML is still not appropriate for every situationXML is still not appropriate for every situation Very small messagesVery small messages Streaming dataStreaming data
NATO UNCLASSIFIED 21
The Network Effect of Web ServicesThe Network Effect of Web Services
Two factors affect the performance of Web ServicesTwo factors affect the performance of Web Services
ThroughputThroughput: The number of requests handled in a given : The number of requests handled in a given time period by the service (measured on server side)time period by the service (measured on server side)
LatencyLatency: The round-trip time between sending the : The round-trip time between sending the request and receiving a response (throughput + request and receiving a response (throughput + network transit). Impacted by:network transit). Impacted by: Amount of bandwidth available (real and effective)Amount of bandwidth available (real and effective) Message size/compositionMessage size/composition
Additional overhead imposed by HTTPAdditional overhead imposed by HTTP
NATO UNCLASSIFIED 22
Web Services at the “Edge”?Web Services at the “Edge”?
Key component in transformed NATO is “lightweight” Key component in transformed NATO is “lightweight” (tactical) client(tactical) client Mobile userMobile user Deployed CJTFDeployed CJTF
So what are effects on Web Service performance ofSo what are effects on Web Service performance of Reduced network bandwidthReduced network bandwidth Network congestionNetwork congestion Larger/smaller volumes of dataLarger/smaller volumes of data
NATO UNCLASSIFIED 23
EPW1038 at CWID 2006EPW1038 at CWID 2006
Experiment designed to test variety of Web Service Experiment designed to test variety of Web Service calls in a variety of network conditionscalls in a variety of network conditions
Query returning small amounts of data Query returning small amounts of data (small request, (small request, small response)small response)
Query returning large amounts of data Query returning large amounts of data (small request, large (small request, large response)response)
Publish large amounts of data Publish large amounts of data (large request, small (large request, small response)response)
Subscribe to “pushed” track and weather information Subscribe to “pushed” track and weather information (potentially very large amounts of data)(potentially very large amounts of data) Related to RTO-061 experiment described yesterdayRelated to RTO-061 experiment described yesterday
Where are inefficiencies and what (if anything) can be Where are inefficiencies and what (if anything) can be done?done?
NATO UNCLASSIFIED 24
Network 1: Local LANNetwork 1: Local LAN
CWID “Purple” Network
NC3A “Purple” Network
CF
BL
Ne
t
CSSI/IVASFederated Search Svcs
CSSI/IVASData Sources
CSSI/IVAS Client
EIS Core Enterprise Services
• Clients and all Services local to CWID (Norway)
• Network capacity of 100 Mbps
NATO UNCLASSIFIED 25
Network 2: Remote Services via Network 2: Remote Services via CFBLNetCFBLNet
• Clients local to CWID (Norway)
• Services remote at NC3A (Netherlands) accessed via CFBLNet backbone
• Network capacity of +/- 2 Mbps
CWID “Purple” Network
NC3A “Purple” Network
CF
BLN
et
CSSI/IVASFederated Search Svcs
CSSI/IVASData Sources
CSSI/IVAS Client
EIS Core Enterprise Services
NATO UNCLASSIFIED 26
Network 3: Remote Services via UMTSNetwork 3: Remote Services via UMTS
• Clients local to CWID (Norway)
• Services remote at NC3A (Netherlands) accessed via UMTS (mobile phone network)
• Network capacity of 30 - 300 Kbps
CWID “Purple” Network
NC3A “Purple” Network
CSSI/IVASFederated Search Svcs
CSSI/IVASData Sources
CSSI/IVAS Client
EIS Core Enterprise Services
NATO UNCLASSIFIED 27
Network Instrument ObserverNetwork Instrument Observer
NATO UNCLASSIFIED 28
Web Service Simple QueryWeb Service Simple Query
Client
Service
REQUEST
RESPONSE
NATO UNCLASSIFIED 29
Web Services CommunicationsWeb Services Communicationson a Simple Queryon a Simple Query
Client
Service
Initiation
Acknowledgement (1st phase handshake)
Acknowledgement (2nd phase handshake)
REQUEST
Acknowledgment
RESPONSE
Acknowledgment
Termination
Termination Acknowledgement
Fact: Network performance is strongly influenced by the number of packets!
Conclusion: Web Services back-and-forth adds significant traffic in the form of many small packets. Reducing these small messages helps increase efficiency.
NATO UNCLASSIFIED 30
Network Capacity EffectsNetwork Capacity Effectson Web Service performanceon Web Service performance
0
2000
4000
6000
8000
10000
12000
100000 2000 300 80
Bandwidth
Tim
e Query (small)
Query (large)
Publish
Web Services worked well until the worst bandwidth/message size configuration. Performance degradation is not linear but logarithmic; trends for large and small messages are nearly identical.
Conclusion: Until the “pipe” becomes very small (relative to message size) the size of the message has less impact than the number of packets.
NATO UNCLASSIFIED 31
Overhead of HTTP/SOAPOverhead of HTTP/SOAPon a Simple Queryon a Simple Query
Bytes of Server Bytes of Server ResponseResponse
Total Bytes of Total Bytes of “conversation”“conversation”
Percent of Percent of Bytes that are Bytes that are “overhead”“overhead”
Small QuerySmall Query 675675 19201920 65%65%
Large QueryLarge Query 42914291 55365536 25%25%
Web Services (with SOAP and HTTP headers, plus the various small messages in the conversation) can add significant overhead
Conclusion: The impact is much less on larger messages than on small. Configure for larger packet sizes where possible.
NATO UNCLASSIFIED 32
Web Service Publish-SubscribeWeb Service Publish-Subscribe
Client
Service
Initiation
Acknowledgement (1st phase handshake)
Acknowledgement (2nd phase handshake)
REQUEST (“Subscribe”)
Acknowledgment
RESPONSE
Acknowledgment
RESPONSE
Acknowledgment
RESPONSE
Acknowledgment
RESPONSE
Acknowledgment
RESPONSE
Acknowledgment
NATO UNCLASSIFIED 33
Overhead of Multicast (“push”) vs. Overhead of Multicast (“push”) vs. Request-ResponseRequest-Response
Sample Size Sample Size (Bytes) of (Bytes) of Server Server ResponseResponse
Packets in Packets in “conversation”“conversation”
Approx. total Approx. total Bytes in Bytes in “conversation”“conversation”
Percent of Bytes Percent of Bytes that are that are “overhead”“overhead”
SynchronousSynchronous 10001000 99 23002300 56%56%
AsynchronousAsynchronous 10001000 3 (after 3 (after subscribe)subscribe)
15001500 33%33%
When data is “push”ed asynchronously, there are less packets in the conversation – generally an initiation, the message itself, and an acknowledgment from the recipient (client).
Conclusion: “Push” of data asynchronously reduces HTTP/SOAP overhead because there are less messages in the “conversation”.
NATO UNCLASSIFIED 34
Deploying Web Services:Deploying Web Services:Bringing NNEC to the EdgeBringing NNEC to the Edge
Brief Intro to NNEC
Brief Intro to SOA and Web Services
Conclusions
Deployed Web Services Experiment
NATO UNCLASSIFIED 35
ConclusionsConclusions
NNEC FS has suggested an NII architecture featuringNNEC FS has suggested an NII architecture featuring Service Oriented Architecture Service Oriented Architecture (implemented as (implemented as Web ServicesWeb Services where feasible) where feasible)
Loosely coupled, dynamically discoverable systems (services)Loosely coupled, dynamically discoverable systems (services) Extremely valuable interoperability tool in the “enterprise” environment Extremely valuable interoperability tool in the “enterprise” environment
(strategic, operational)(strategic, operational) On-going work already moving in this directionOn-going work already moving in this direction (including operationally)(including operationally)
Tests showed Web Services remained functional at low network Tests showed Web Services remained functional at low network capabilitiescapabilities Except once message volume far exceeded available bandwidthExcept once message volume far exceeded available bandwidth Appropriate for really low bandwidth (highly tactical) settings? Appropriate for really low bandwidth (highly tactical) settings? Still uncertain…Still uncertain…
Number of packets on network had bigger impact than larger request or Number of packets on network had bigger impact than larger request or response messagesresponse messages Minimize the HTTP “conversations” where possibleMinimize the HTTP “conversations” where possible Tweak HTTP settings (e.g. MTU) to enable fewer, larger packetsTweak HTTP settings (e.g. MTU) to enable fewer, larger packets Eliminate superfluous messages (e.g. DNS pings) from network Eliminate superfluous messages (e.g. DNS pings) from network
Multi-cast (i.e. “push”) Web Services have a network performance Multi-cast (i.e. “push”) Web Services have a network performance advantage over request-responseadvantage over request-response Not appropriate for all situationsNot appropriate for all situations
NATO UNCLASSIFIED 36
Questions ?Questions ?
NATO UNCLASSIFIED 37
Contacting NC3AContacting NC3A
NC3A Brussels
Visiting address:
Bâtiment ZAvenue du Bourget 140B-1110 BrusselsTelephone +32 (0)2 7074111Fax +32 (0)2 7078770
Postal address:NATO C3 AgencyBoulevard Leopold IIIB-1110 Brussels - Belgium
NC3A The Hague
Visiting address:
Oude Waalsdorperweg 612597 AK The Hague
Telephone +31 (0)70 3743000Fax +31 (0)70 3743239
Postal address:NATO C3 AgencyP.O. Box 1742501 CD The HagueThe Netherlands