I think it's funny that this blog really made it onto the top 10 Google hits for "Alien Abductions". In all fairness I should probably rename it into "Enterprise Development & Other Stuff", but I like it better this way ;)
I am back online after this. Luckily, the nerve responsible for making this "ouch" (I am no doctor...) wasn't really happy about all this and went on strike just long enough to make this a no-pain-whatsoever experience. However, the doctor ordered that I stay at home and don't work and so I really didn't. Instead I finally got through the crazy final sequence of Halo (I am not even close to be as good at this as these guys), worked on my Rallisport driving skills, ruined some expensive cars and otherwise just took a break. Meanwhile, my notebook got a new LCD, keyboard and modem. It also doesn't complain about post-surgery pain in any way.
One more week to go. Then the whole christmas craziness happens and after that Patricia and myself fly over to New York City for New Year's.
LH3003 Oslo-Frankfurt, Departure 1835 scheduled, 1845 actual, arrival ca. 2000-2010. Connection flight to Düsseldorf leaves Frankfurt at 2200, boarding at 2130. Traveling. The more traveling I do, the harder it is to tell whether I like it or hate it. It's probably both. I have definitely understood why five-star hotels exist. If you spend much time traveling, you also spend a lot of time in hotels -- they really become your second home. And "home" is supposed to be comfortable, isn't it? The same applies to things like flying business class or sometimes having a very good (read: expensive) meal at a restaurant. Much of these "luxury" things are for the "upper class" in the eyes of most people who don't travel very frequently. I don't consider myself being part of that "upper class", really. Still, I spend a lot of time traveling and therefore I don't like to be squeezed into an overcrowded "cattle-class" segment on a long-haul flight for the same reasons as many people rather choose the luxury of their own car to go to work instead of an overcrowded city bus. Also, I don't mind going to McDonald's or some other fast food place, but not every day! For the record: I still fly economy on this flight -- it's just 90 minutes. ;)
Second and last day of this stop of the Microsoft EMEA Architect's Tour in Oslo, Norway. Today I am going to talk about Aspect-Oriented Programming, which is fun.
From tomorrow the blog will likely be silent for about a week, because both I and my notebook will have to undergo surgery and we'll both be out-of-service of about a week. I need to get some pretty ugly dental surgery done and the notebook needs to get some pretty ugly electronic surgery done. Patricia and my partners decided that this would be a good time to make sure that I definitely won't work when I shouldn't. I guess I will take it easy for a change and possibly work on my XBox skills if I can. ;)
I updated my copyright notice at the bottom of the blog. The reason for that is that I found my blog to be replicated in full to another website in their design and with their copyright notice, without any backlinks to this blog and without having been asked for permission.
I may offend a few friends over this, but there are friendly rules of conduct which I follow and on which I must insist: Quote liberally, aggregate, combine, analyze, but do not republish large portions of content in unaltered form and don't quote without linking back to the source. Brief legal excursion: There are explicit rules about what's permitted in terms of quoting other's works in just about every copyright law. The German Copyright Act and related international treaties are applicable here. For instance, it's no problem to take this entire posting and quote it elsewhere as-is. It is a problem to simply publicly republish the whole rss-feed content elsewhere. Quoting and commenting is a good thing, plain theft of intellectual property isn't.
Thoughts from integrating with WSDK.
It shouldn't be very surprising that I am currently integrating my web services extensions with the WSDK with the goal of making that available shortly after WSDK ships. However, it's no as easy as I thought it would be, because the extensibility pipeline model that MS layered on top of the SoapExtensions requires a different approach for quite a few things that I've done. I could just leave my things the way they are and have them function side-by-side with the WSDK's pipeline (that works), but I want to take advantage of the pipeline's relative independence of the ASP.NET request/response cage, which I find increasingly limiting. Also, integrating Kerberos into the WSDK's WS-Security framework is a real challenge, because I may have to go all the way down into writing an algorithm wrapper based on the stuff in the System.Security.Cryptography namespace. However -- I really want to get this working and therefore I will ;)
A new terminology set.
While working on this, I have found that a lot of terminology that I am using here is massively confusing: "client", "server", "input", "output", "request", "response", "proxy", "stub", "endpoint", "router" and quite a few more terms are ambiguous and depend on your current point of view and on what you are just building.
I find it more helpful to focus on the message and look at it as something that starts empty, grows and shrinks (and grows and shrinks) as it goes through a unidirectional pipeline of message-part producers and message-part-consumers and whose processing ends when the message is empty again. Request/response is a special case where the message flow originates and ends at the same place. The pipeline elements (producers/consumers) are connected by local ("through the stack") and remote ("over the wire") connectors. A server-side "request handler" as it's currently known is simply a message-part consumer taking stuff from the body and sticking stuff back into the body.
Here's the terminology set I am currently playing around with:
- Message Producer: Acts on information from the system environment or state and possibly adds information to a message.
- Message Consumer: Acts on and removes information from the message and possibly alters the system environment or state.
- Service Acquisition Filter: A message producer that acquires system state to flow information about a service (eg. picks up a COM+ transaction context or the current security principal)
- Service Enlistment Filter: A message consumer that reads and service information from a message and enlists into a service or creates a new service (eg. picks up a TIP URI and creates a service domain or creates a security context from a serialized authentication package)
- Fork: In case message processing cannot proceed without additional information or in case a filter wants to split the message into separate flows, any pipeline can fork off new pipeline instances to request information or flow information to additional destinations. A fork is blocking if it can't proceed in its current state and otherwise non-blocking.
A proxy is a message producer. A stub is a message consumer. A logging sink is a message consumer. A filter that adds timestamp information is a message producer. A filter that reads timestamp information is a message consumer. A client-side authentication extension (sending path) is a service acquisition filter. A server-side authentication extension (receiving path) is a service enlistment filter. The inverse of a "service enlistment filter" is just another "service acquisition filter", which acquires the service state and possibly disassociates the action from the service -- reversely, the same relationship exists.
Anyone still with me?
[Disregard the first two comments showing up below. The comments feature of radio is confused with my blog]
Once System.Diagnostics.StackWalk and "__asm mov [__EBP], ebp;" become useful tools, you realize that you've exhausted an infrastructure's extensibility hooks. Sigh!
 COM was love
This isn't an Enterprise Services crusade. There's a lot of very useful stuff and I am pointing it out. That's all ;)
However, I think I should admit that I did indeed have a very long affair with the entire ES/COM+/MTS/COM family. {Is that a nasty thing to admit?}. The love went away, now we're just good friends.
October 1992. The first time COM got into customer's hands. I got this CD and I was like "man, that's nuts! Way too complicated!". The first shipment came with docs that dealt in very deep and great detail with IUnknown, structured storage and especially IMoniker. I didn't understand the moniker stuff until two years later. What I understood was AddRef()/Release() and QueryInterface(). An implementation of IUnknown became my default-base class for anything in November 1992. Only about 3 months later I understood how "outer IUnknowns" and aggregation worked. A lot of code-rewriting followed ;). It took about a year to realize that not *everything* should be a COM class. And so it went on and on....
And I just realize... there was no 10th birthday party;)
My friend Morten Abrahamsen from Norway, an exceptionally smart software architect with a very practical view on things and a lot of experience building large transactional systems, has written a comment very worth reading here in the blog that deserves to seen not only by the folks who accidentially click the comments link. Morten says: "Interesting how the struggle for singular performance clouds the overview of a flexible architecture that is resilient to change, versioning and implementation details.".
Hey, Greg, what are you doing with that method signature [1] when you're porting that app to another data provider? What if a future revision of that method wants to add that customer to the database asynchronously and does so by stuffing it into a transactional queue, first?
[1] public int AddCustomer(CustInfo custInfo, SqlTransaction trans)
Exactly. You don't need any of COM+ (which is really what to call it) unless you are trying to use the DTC. The rest is all done by the runtime already as you point out. [Sam Gentile's Radio Weblog]
No. Show me a COM+ feature except the non-transactional incarnation of the shared property manager (AppDomain statics may do that), which is exactly or even similarly replicated in the runtime. App-specific roles aren't, object pooling isn't, JIT activation isn't, QC aren't, process model (thread pool, app pool, pause, disable, recycling) isn't, event monitoring isn't, LCE aren't, memory gates aren't, secure RPC isn't, security context isn't and this list isn't complete. It's simply not right, Sam.
John Lam shares his thoughts on Enterprise Services and says that many features of ES are replicated throughout the framework and therefore he sees little need to use ES anymore except for distributed transactions. This was my exact position about a year ago. At the time, I posted a lengthy statement with almost the same arguments to the Microsoft Regional Regional Directors (non-public) mailing list and since then I had a lot of very valuable discussions with a lot of very smart folks who mapped out the differences between what's in the framework and what's in ES and who have helped me to understand that I simply wasn't right with what I was saying.
Let me go over what John highlights:
- Load balancing. Load balancing is a filter for work where the amount of work is either not predictable or can't be handled by a single system. You load balance as close to the "topmost" client as you can, handle parts of the load and reduce the need for load balancing downstream. If you have a website or web-service, you load balance the web-tier. Will you load balance the business logic tier? Possibly, but the load generated by one web-server towards its backend is typically sufficiently predictable to eliminate the need for component load balancing and rather make not-so-dynamic assignments of backend servers to a group of web servers. Component load balancing is only really good for when you can't load-balance the presentation tier (for instance if you have GUI clients) or if you have a huge spread in execution times for a single class (if you allow users to execute ad-hoc database queries).
- ASP.NET as an application host. Hosting your business logic there is good, if you are all stateless. If you need to keep and share expensive-to-acquire application state around (such as large caches) or if you need to guard a set of limited resources that are limited for your entire web-farm, hosting there has limitations. The most important limitation of hosting business logic there is security. In ASP.NET, everything happens within the security context of the external caller (or its delegate ASPNET) and that's a problematic thing. You will want to do certain things with elevated privileges in the context of a service account and LogonUser() isn't really what you want to do in that case.
- Roles. You can make your own user and role types in the .NET framework, but not many people do. You'd have to write your own admin tools, your own infrastructure and you'd have to provide a mapping to OS roles and users for infrastructure access. If you stick with OS roles (SAM or Active Directory groups, in essence) and use the PrincipalPermissionAttribute as a replacement for ES role-based security, you will lose a level of indirection. Instead of defining a role required to access a single method on a single class in a single application right there in that application, you will have to define that in Active Directory and have it replicate throughout your AD structure. There can be very many such roles.
- Object Pool: Object pooling is a good workaround to overcome limitations of OLE DB, but that's just one aspect. It's a generic semaphore for classes. It helps implementing write access to any resource with limited or no concurrency control (the art of handling FileStream.Lock() is often long forgotten), it'll help you pre-initialize and control access to things like 3270 terminal screen-scrapers with very limited permitted concurrent sessions or maybe interfaces to physical devices of which you only have one or four (like a metal-sheet press). Nothing you couldn't do without ES, but ... it's already there and the number of folks who don't want to spend the time implementing all the required infrastructure goo is substantial.
- Transactions: Even with a single resource manager, using ES for transactions is not a bad idea for complex systems. For the simplest case that a component method creates a transaction, does work and commits the transaction, using native database connections are a good thing and the fastest choice. If a component calls another component (which may call other components itself) and the transaction shall span those components, transaction management can easily get out of hand. You will have to pass the database connection and the transaction objects around (in the case of ADO.NET), you will have to negotiate who may commit or abort and you may have to collect votes on the outcome. Also, since components are black-boxes, you will not always know whether a component you want to roll into your transaction doesn't require a second resource manager -- in which case your native database transaction can't be used. (Update: check out Ingo Rammer's comments on the same topic)
Still, I consider John's remarks as very valid for a large number of web-applications. COM+ no longer is the automatic default for hosting business logic as it was when stuff was implemented in ASP and VB6 components instead of ASP.NET. However, ASP.NET hasn't become the automatic default for hosting all things related to a web application, either. Your mileage may vary.
|