Monday, 24 March 2008

What is Software Architecture?

« ROA vs SOA: The Uniform Interface | Main | Tilkov on Doubts About REST »
In reacting to my recent blog discussing the Uniform Interface as used in ROA via its reliance on REST, Roy Fielding posted a blog On software architecture. In it, Fielding states his opinion that people "don’t understand the differences between software architecture and implementation, let alone between architectural styles and software architecture." I'm not sure if that was directed at me specifically or not (I suspect it was), but I think it's unreasonable to introduce nuanced abstractions and then complain if people don't adopt them. Like any term of art, the meaning of "software architecture" is open to debate and individuals can propose their definitions and the community of practitioners will socialize what they find useful. But since the point was raised, I'm going to chime in and ask the question "what is software architecture" and I'm going to sketch my own answer. I don't see much value in abstractions above this, as there is too much vagueness at the this level alone.

My job title has "software architect" in it, so I do think I'm entitled to an opinion on what such terms mean. In an enterprise, an architect spends his time deciding what aspects of software and system design should be standardized across the organization and what things should be left to the judgment of individual implementations. Our goal, like that of anyone else in the business, is to deliver value to the company as efficiently as possible. When we decide to standardize, we have to spell out what is and isn't allowed, and we need to defend the value proposition associated with making rules over tolerating divergent solutions. I view an architecture as a set of principles, where a principle is a function that maps the space of designs into a binary space of "yes/encouraged/allowed/true/conformant/good" vs "no/discouraged/rejected/false/nonconformant/bad". When I use or hear discussion of architectural "constraints", I think in terms of such functions.

A business considers an architecture to be "good" if it leads to lower IT costs over time, balancing well between actually shipping working solution with a shorter-is-better look at development time. Since this is evaluated "over time" you have to include maintainability, adaptability, and so on. What makes an architecture "good" is dynamically changing: it depends on the habits and knowledge of the individuals in the organization, and it depends on the extent to which consensus has emerged. These things aren't perfectly knowable, and architectural leadership is as much about communicating and guiding as it is about deciding. I think my concepts here of software architecture align a lot with those of Martin Fowler, as described in his essay Who Needs an Architect?.

There is a classic debate between academics and applied practitioners as to the value of standalone theory. I'm an unapologetic applied practitioner. When we introduce nuances like the difference bewteen "architectural style" and "software architecture", I ask "who are you trying to communicate to?" When most people don't understand the distinction I wonder whose fault Dr. Fielding thinks that is and what we should do about it. At a minimum, I think it's fair to ask "why introduce a second level of abstraction?" Can't I reformulate a REST equivalent as a set of architectural principles in the sense I give above and take any proposed concrete design and say which, if any, of those principles it violates? Isn't the real problem here that we named the abstraction without having a few concrete architectures to justify it?

The use of language as a means to develop common understanding is an important step in the evolution of software architecture. Common understanding hopefully leads to communication about common experiences, and this in turn leads to consensus on what is or isn't a best practice worth standardizing upon. When I adopt language, I do so with this end in mind. I tried to sidestep the double abstraction by writing about ROA and not really about REST other than how it's used within ROA. I did this because over the past year or so, there has been an ongoing discussion influenced by Sam Ruby's book RESTful Web Services. Part of my job is to critically examine all sides of archictural trends. I, along with my fellow architects, need to guide my company on how and when to adopt architectural principles. In order to do that, I need a name for the set of practices we should consider adopting. All I can say is that continued confusion over terminology and concepts is not a good selling point for REST or ROA or whatever I should call the thing we could adopt is.

I note the Roy appears to lump me in as an "SOA advocate". I suppose it looks that way, but I'd like to make it clear that this is "for now" only. Again, what's "best" is a influenced heavily by human factors such as understanding, consensus, industry support, and so on. I'm no SOAP fanboy: there's a whole lot to dislike about SOAP and the lack of simpler solutions for SOA wastes endless sums of money across the IT industry. In my view the race is on to see if SOAP can simplify before some particular REST approach matures enough to displace it. I would not be surprised at all if specs like WADL or WSDL 2.0 help move a RESTful web services approach forward. But lots of REST advocates seem to have a philosophical opposition to these and my message to them is unambiguous: within the enterprise, REST won't matter without these. If nothing changes REST will continue be used to solve the problems of web communities. Solutions like Atom where a critical mass of people with a common problem collaborate on standards and tools will be the only arena where REST impacts. Inside the enterprise where programmers toil one or two at a time under deadlines to integrate the backends of systems in environments where politics exist, SOAP will be what people like me conclude we need to use. Again, I said "if nothing changes". I hope it will, and when it does you'll read about it here. Dr. Fielding reads this as "criticisms of [his] work". That's a glass half-empty view. A gap is an opportunity to improve, and closing this one would make it more useful in the space I happen to work in. That space is a big one, but it's not the only one. I wouldn't be discussing REST at all if it didn't solve some problem well. Please note that my Atom feed for this blog works great and is joyously RESTful.

Finally, I'd like to point out that Dr. Fielding essentially restated my main point when he says "REST constraints do not constrain Web architecture — they constrain RESTful architectures (including those found within the Web architecture) that voluntarily wish to be so constrained." It seems really odd to recognize the value of a set of voluntary constraints without immediately asking how to declare that you have volunteered, so that interacting parties can rely upon it. This of course, is exactly what a contract is. It would be nicer still, and downright useful, if there was an objective way to test that a site that declared itself to have some particular RESTful architecture actually did. In other words, its also useful to audit compliance to the contract.

Technorati Tags:

Posted by spout at 12:56 AM in the internet, web, web 2.0 and beyond
Responses (4)

 

[Trackback URL for this entry]

Comment: Alex Miller at Wed, 26 Mar 1:38 PM

I think this rings pretty true to me regarding architecture. I agree with the idea that it defines a set of principles that allows you to make design decisions. One axis is consistent/inconsistent (maybe more polite than good/bad :).

Another axis I find equally important is hard/easy. Architectures make choices (hopefully explicitly) about what kinds of changes are hard or easy.

Certainly, different styles of SOA/web services/REST make tradeoffs on how messages and operations can evolve and that's an important thing to understand.

Comment: btaylor at Sun, 30 Mar 1:40 PM

Stu: thanks for the thoughtful response.

You said: "Sure, it is easy to imply that theory is useless in practice and downplay academia. But, I would think the more appropriate response would be to understand what the academics have come up with, and THEN explain why their theory is incomplete or wrong, rather than doing so out of confusion." I think this is a pretty good summary of what I'm attempting to do with this series of blogs, except that I'm trying to communicate to other people in industry who are trying to solve the problems within their enterprises.

Regarding REST vs SOAP outside the firewall, I pretty much agree. I've said several times that REST seems to solve problems well where communities converge to create rich standards and tooling around those standards. Atom is a perfect example.

Finally, I *DO* understand the "architectural style" terminology. I just don't find it that useful and think I summed up why best with my question: "Isn't the real problem here that we named the abstraction without having a few concrete architectures to justify it?". The difference between the GoF patterns and REST is that the "factory" or "decorator" patterns describe things whose existence is plentiful. These abstractions name the common elements of concrete instances that occur often. The problem with creating the abstractions first is that they may not describe the reality practitioners need described.

Regarding LDAP - LDAP could be used for a lot more besides its mainstay of security data organization, but isn't for exactly the reason of not having good metadata. RDBMS are often used in places where hierarchical read-mostly data should make LDAP a good technical choice. This is because DDL and data dictionaries make databases much easier to work with. In other words because of data format contracts.

Finally, regarding SOAP in the enterprise: WS-I has improved interoperability greatly. The days of needing a uniform stack are behind us. Maybe that was true 6 years ago, but it's certainly not true now.

Contracts are not just about code generation. They are a technical artifact of design that support gap analysis, change detection and communication, and, as you note, testing and QA. Without contracts, you lack all of this. I can't really mock out an interface unless it declares what its contract is.

Comment: Stu at Thu, 10 Apr 11:02 AM

Hi,

I'd like to continue this more , and I'll keep coming back from time to time, time permitting.

For now...

The difference between the GoF patterns and REST is that the "factory" or "decorator" patterns describe things whose existence is plentiful.


I've never once seen a "factory" or "decorator" that fits *exactly* what GoF's examples said, but it fit them "more or less".

Similarly with the Web -- it fits REST *more or less*. And, the web's existence is plentiful.

This is the need for architectural styles -- we can't have a reasonable conversation about the pros & cons of the Web's architecture vs. a general purpose Client/Server or Event-Based architecture like Web Services without devolving into nit-picking over specifics, or a debate about the utility of these abstractions. It's meta-arguing.

WS-I has improved interoperability greatly. The days of needing a uniform stack are behind us. Maybe that was true 6 years ago, but it's certainly not true now.


Really? How is WS-I Attachments Profile treating you?

I worked at a major WS-I vendor for almost 4 years, and:

a) the vast majority of customers do not run in WS-I mode, as it often disables features that they want from the leading edge,

b) integration with anything beyond plain SOAP 1.1 is often a low-level, socket sniffing affair, especially when dealing with XML DSig and Encryption, WS-Security (particularly with digests), SAML, or SPNEGO/Kerberos. Many places revert to HTTP/S for this reason.

c) Not everyone supports all XSD constructs, so if you take a "contract first" approach to XSD, you need to be very careful to understand the data binding toolkits being used, restricting, in practice, the use of XML into an "in-order, non-extensible markup languge".

For example, substitution groups are poorly supported everywhere. The XSD Unique Particle Attribution rule makes planned extensibility almost Kafkaesque.

WS-I was considering profiling XSD for this reason. Egads! Wouldn't you think a data system is the foundation on which all rests, and we can't even *use* half the features of it? I realize the new XSD 2 work will fix some of this.

c) when you get that far, great, but it's just as coupled as CORBA was -- what was the benefit again?

So, my point of why architectural styles are necessary, and needed, is that there's something that very clearly is used often in practice -- The Web -- and many enterprise architects can't see the utility of its style, or recognize it as something worthy of imitation.

It's not the only style, by any means, and won't be -- but it has many of the properties that people claim they want when they ask for "agility".

Comment: bwtaylor at Sat, 12 Apr 3:48 PM

Hi Stu... I welcome ongoing conversations.

Regarding WS-I Attachments, I should be more specific: I'm talking about the WS-I Basic Profile. I don't think highly of file attachments of any kind. Interchange formats for data should be XML, not some opaque binary blob. If you need binaries, use a content management system.

To your points:
a) That many people don't currently use WS-I compliant web services means 1) it's relatively new 2) platform independence doesn't matter as much as people claim. When interoperability matters to you, you can use get it via WS-I.

b) I'm not defending the sprawl of WS-*. SOAP over HTTPS is just fine for most things. As time goes on a few standards out of WS-* will win and most will die. That's the sign of a HEALTHY technological community.

c) XML Schema is sometimes too heavy of a solution for some problems. But these scenarios are overstated, and this is a problem with XML, not with SOAP. Limitations with XSD affect RESTful web services that use it too. If XSD is a problem, the solution is to use well supported features.

I certainly agree architectural patterns serve a purpose, but I don't agree that we should start defining particular patterns until there are lots of implementations that exhibit it in fundamentally different ways. Patterns should FOLLOW practice.

Your comment:

(not displayed)
 
 
 

Live Comment Preview:

 
« March »
SunMonTueWedThuFriSat
      1
2345678
9101112131415
16171819202122
23242526272829
3031