Responses on REST

Here is a roundup of some responses to my REST discussion with David Ing. Mostly, I’m passing them along with minimal comment so I figured I’d group them into one post.

David started by leaving me a comment, but decided instead to post the comments on his blog. His big worry seems to be how well REST as CRUD will interop with REST as protocol. but in general I’m not sure that’s a big worry. Bill de Hora’s example below about WebDAV transactions activities seems to demonstrate at least some RESTifarians are cool with a protocol view of the world.

Erik Johnson (who’s blog I mistakenly purged from my reader at some point, so needless to say I’ve resubscribed) writes that “real-world experience shows you rarely POST exactly what you GET” and that “even with the flawed cast of characters you see a lot of whining about…the pieces are there to build good systems that also make great constituents in anyone’s SOA.” I agree 100%. He goes on to agree with me agreeing with Tim for people “not to limit their comprehension of REST around entities accessed via GET and PUT”. Generally speaking, I agree with people when they agree with me, and this is no exception. Erik also has a REST post that predated my dustup with David^[It’s a very polite dustup, characterized mostly by agreement rather than disagreement. Which makes it, as dustups go, very boring.] where he reaches some interesting conclusions about designing REST style systems.

Bill de Hora weighs in, pointing out that “value exchange != transaction”. Given that I never suggested they were equal, I’m not sure what his point is (other than to be snarky). He also points to Subversion’s use of WebDAV as an example of…well, I’m not sure since it seems to prove my point that a simple CRUD style approach doesn’t cut it for many scenarios. According to the page Bill linked to:

“Subversion commits are modeled using the “activity” concept from DeltaV. An activity can be viewed as a transaction for a set of resources.” [emphasis mine]

While I’m sure this sounds snarky as well, I really don’t get what Bill is getting at here. It sounds like he took my disparaging of CRUD as a disparagement of REST, which is NOT how it was intended. This kind of layering of higher-level protocol concepts (like WebDAV’s activity) is exactly what I was thinking of when I wrote “I can spurn CRUD and still embrace REST”.

And though not a direct comment on my post, Omri Gazitt writes about REST vs. SOAP and the support for both in the next version of WCF. His main point is that “It seems like we’ll continue to live in a world where multiple integration paradigms and protocol choices exist for applications”. Of course, since he’s with the WCF product group, regardless of your integration paradigm or protocol choice, WCF is the way to build it (at least on Windows). We’ll have to wait a while to see if WCF is really “future-proof”, but the ability to add significant changes in a .5 release is a fairly good sign.

Follow My Breadcrumbs

I hope to post my thoughts on protocol state next week. In the meantime, you can check out Isolation Support for Service-based Applications as well as Consistency for Web Services Applications. The papers (from the same authors) deal with the C and I of ACID, but in service scenarios where ACID transactions aren’t feasible. Both papers have dramatically impacted my thinking in this space.

This Isn’t The Droid I’m Looking For

Since David Ing responded to my REST/CRUD/CRAP entry on his blog, I guess that means I respond to his response here, right?

Actually, this is going to be very short^[Wow, this post wasn’t that short at all. Can you imagine how long this would have been if I had mostly disagreed with David?] because I mostly agree with what David wrote. For example:

If we say stuff like ‘REST shall/must replace all foolish WS-* SOAP systems (insert Nelson-style HaHa here)’ then we are just repeating the same lessons as before – One size won’t fit all and there is no One Ring to Bind Them illusion in REST as well. If you have something complex that fits the WS-* style then maybe REST isn’t the droid you are looking for.

Of course, this begs the question “what is complex?” David described complex as “long running transaction updating multiple distributed stores”. Personally, I’d replace “stores” with “systems” and I hate term “long running transaction” so I would have written “long running operation” or “business process”, but grammatical nitpicking aside that certainly seems like a fair description. Certainly, most of the scenarios I’m looking at in my day job could be described as being long running and updating multiple systems. David says later that he thinks “a lot of apps don’t need to be modeled that way”, but I’m not aware of the alternatives so I’ll let him expand on this on his own blog. I’ll try to get to writing about my thoughts around protocol state next week.

I did disagree with this one point:

We may say REST is really about a protocol state and not CRUD, but unless the rest of the world gravitates to that view then I’m afraid it just won’t be. If, say, through some ongoing groundswell of common usage, people start modelling entities as dereferenceable URI’s and using POST to do Create and Updates, then REST will be about CRUD by default. This is all very unacademic and unjust, but thems the breaks peachy. The lesson from SOAP is not to fight it by trying to re-educate the masses after they get a perception in their head.

I think it doesn’t really matter how the rest of the world gravitates, it only matters how you as the the service provider choose to expose your service. If you’re doing something simple like ATOM publishing, you can probably get away with REST as CRUD. (Would that be hi or lo REST?) If you’re doing something more complex, either in terms of being long running or needing multiple updates in one atomic operation like Tim’s airline example, you’ll probably need to gravitate towards REST as protocol state. But can’t the two models can co-exist nicely, even in the same app? No re-education required.

Update: – From Fielding’s Dissertation: “REST relies instead on the author choosing a resource identifier that best fits the nature of the concept being identified”. My point exactly.

REST is neither CRUD nor CRAP

In the wake of my praise for CRUD is CRAP, David Ingasked “how do you reconcile something like REST (astoria etc) with being CRUD-adverse? Is there a happy place where the two can go for coffee?” Sure there is: I hear Tim Ewald’s XML Nation serves great coffee and the scones are pretty good. ^[Actually, I have no idea if Tim even likes coffee or scones. FYI, DevHawk Nation would not feature great coffee or pretty good scones. We would, however, have Arrogant Bastard Ale on tap.]

Seriously, the key observation that Tim recently made is that REST != CRUD. Sure, it can be used that way and for simple scenarios it works fine. (I’ll define “simple scenarios” in a second.) But I don’t believe CRUD style REST works in the large. Tim said you can’t build with just CRUD because it’s “to simplistic to be useful”. I’ll go even more fundamental, using REST for CRUD means having giving up transactions entirely. I’ve already accepted that building loosely coupled services means giving up distributed transactions. But the idea of giving up transactions entirely is just crazy talk.

So when I said “simple scenarios” above, I meant “scenarios that don’t need transactions”. (I take it as a given that RESTifarians aren’t hot for WS-AtomicTransaction.) ATOM Publishing is a simple scenario because the web resource authoring scenario doesn’t need transactions to protect updates to multiple resources at a time. If it did, I don’t believe the REST as CRUD approach they use would work.

As you might guess then, I’m not a fan of Astoria. I believe the sweet spot for so called “data services” will be read only (because they don’t need transactions, natch). I’m sure there are some read/write scenarios Astoria will be useful for, but I think they will be limited – at least within the enterprise.

If REST != CRUD, then what is it? Let’s go back to Tim’s post:

Every communication protocol has a state machine. For some protocols they are very simple, for others they are more complex. When you implement a protocol via RPC, you build methods that modify the state of the communication. That state is maintained as a black box at the endpoint. Because the protocol state is hidden, it is easy to get things wrong. For instance, you might call Process before calling Init. People have been looking for ways to avoid these problems by annotating interface type information for a long time, but I’m not aware of any mainstream solutions. The fact that the state of the protocol is encapsulated behind method invocations that modify that state in non-obvious ways also makes versioning interesting.

The essence of REST is to make the states of the protocol explicit and addressable by URIs. The current state of the protocol state machine is represented by the URI you just operated on and the state representation you retrieved. You change state by operating on the URI of the state you’re moving to, making that your new state. A state’s representation includes the links (arcs in the graph) to the other states that you can move to from the current state. This is exactly how browser based apps work, and there is no reason that your app’s protocol can’t work that way too. (The ATOM Publishing protocol is the canonical example, though its easy to think that its about entities, not a state machine.)

While I disagree with Tim’s disagreement of ATOM (i.e. I believe APP is about entities, but it works because it doesn’t need transactions), I agree 100% that REST is about protocol state. Tim lays this very clear in his airline reservation sample. Thus, I can spurn CRUD and still embrace REST if I want to.

Further, Tim’s points on the opaque nature of RPC style interactions (which web services appear to have fallen into despite the best of intentions) are spot on. If you’re doing simple request/response services, the protocol state is trivial, so that works fine. However, in the scenarios I face, long running services are the norm and managing the protocol state is critical. I’ve got some ideas on how to do that, but that’s a future blog post.

Making My Mark at TechEd

One of the things that’s different about being in MSIT is that it’s cut my travel dramatically. Basically, the only travel I’ve done since taking this job was Thomas Erl’s SOA Workshop last September. So it came as a bit of a surprise when I got tapped to present at TechEd (at fairly close to the last minute).

The last year I ran the architecture track, all track owners were asked to include either a globalization or MSIT session in our track. Since then, MSIT has expanded it’s role at TechEd dramatically, with 14 breakouts, 20 chalk talks and our own Technical Learning Center.

I’m doing a two chalk talks on my MSIT project, Rome. I mentioned the project back when I switched jobs, but we’ve never talked about the project by name before. We haven’t accomplished quite as much as I’d hoped since then, but we’ve progressed to the point that we can talk publicly about what we’re doing. Now that we’ve begun to open the kimono a bit, you should see more on Rome, Not only from me but also my teammates who blog: Dale, Rick and Dottie.

So if you’re going to TechEd, make sure you stop by the MSIT Technical Learning Center and say hi. Unlike my last two trips to TechEd, I have very limited responsibilities this time – basically just show up on time and talk about what I do all day, twice – so that leaves plenty of time to attend sessions, chat up attendees and ride roller coasters. Hope to see you there.

ROME: Service Oriented Infrastructure for the Enterprise
Like most enterprises, Microsoft IT is adopting a service oriented approach for the development of their internal systems. However, in order to avoid projects building similar service infrastructures on a per application basis, MSIT realizes the need for a common service oriented infrastructure to build these systems upon. Inside MSIT, the Rome project is tasked with designing, building and maintaining the infrastructure for these services. Come chat with Harry Pierson, lead architect of the Rome project, and discuss the challenges of building a large-scale service infrastructure inside a large enterprise like Microsoft.

  • MST02-TLC Monday (June 4th) 1:15-2:30pm
  • MST14-TLC Thursday (June 7th) 1-2:15pm