UCLA ESB Platform https://spaces. ais. ucla UCLA ESB Platform https://spaces.ais.ucla.edu/display/esb Dec 03, 2014 Herman D’Costa, Middleware Architect (ESB), Information Management Services, ITServices

Enterprise Application Usecases at a high level Standards based campus information flow routing (multi-protocol, multi-security) Non-intrusive data integrations & transformations Service delivery Reliable Messaging

Technology Goals & Roadmap (2012/2013) Short Term Provide an integration platform for UCPath application interfaces between UCLA and partners, Oracle, UCOP, UCM. ESB platform to mediate all UCPath batch & real time interfaces. Provide a scalable integration platform for existing UCLA applications across campus departments (Financial Services, IAMUCLA, BruinBill, MyUCLA, etc.) Provide standards based security services around authentication, authorization and audit. Provide robust platform management & monitoring capability Medium Term Consulting services to help campus teams design & deploy information services & integration solutions using the platform. Add more standard security services driven by campus application needs. Long Term Provide SOA Governance capabilities Provide BPM capabilities Provide Webservice API capabilities

Application Tenant State Environment Production Staging / QA Dev / Test Pipeline Applications ServiceManagerv1.0 (ESB) ServiceManagerv2.0-alpha (ESB) BruinBill (SA) KeyEntryService (FS) MyUCLA / IWE (SA) UCPATH – IDM (IAMUCLA) FAUValidationService (FS) UCPATH – FAUValidationService (FS) UCPATH – TIER1 (SOA)

Logical Architecture

Servers Information Show information on ESB wiki

v1.0 Deployment (Non-Fabric)

Overview of Fabric & FMC Demo of QA environment FMC

ServiceManager (ESM) current features ServiceManager is a adapter integration layer that provides security, management & monitoring and eventual SOA Governance. SSL Termination Application Routing based on Request URI Client Identification based on 2-way-ssl Audit of webservice requests Access Control at application, service and operation levels Routing & Access Control configurations can be dynamically updated without downtime Foundation for basic & advanced security modes

Monitoring Tools JON – Network monitoring with tight integration and upgrade support for Fuse suite Splunk – Logs monitoring Nagios / Icinga – Network monitoring generic Appdynamics – Application Performance monitoring

Overview of JON Demo of QA environment JON

JON Monitoring Alerts Host (VM/Server/Machine) Availability Fuse Container Availability AMQ Broker Availability Webservice (CXF) Availability Host Usage (cpu, memory, disk) a) When metric reaches <absolute value>, warning alert b) When metric reaches <absolute value>, critical alert Fuse Container memory check a) When metric reaches 80%, warning alert b) When metric reaches 90%, critical alert Specific exception in log MQ queue size crosses a threshold

JON Monitoring – other benefits Access-controlled delegation MQ Operations Events