One of many ideas in our upcoming e-book Structure as Code is the power for architects to design automated governance checks for vital architectural considerations, creating quick suggestions loops when issues go awry. This concept isn’t new—Neal and his coauthors Rebecca Parsons and Patrick Kua espoused this concept again in 2017 within the first version of Constructing Evolutionary Architectures, and plenty of of our purchasers adopted these practices with nice success. Nevertheless, our most bold targets have been largely thwarted by a standard downside in fashionable architectures: brittleness. Fortuitously, the appearance of the Mannequin Context Protocol (MCP) and agentic AI have largely solved this downside for enterprise architects.
Health Features
Constructing Evolutionary Architectures defines the idea of an architectural health perform: any mechanism that gives an goal integrity examine for architectural traits. Architects can consider health features type of like unit checks, however for architectural considerations.
Whereas many health features run like unit checks to check construction (utilizing instruments like ArchUnit, NetArchTest, PyTestArch, arch-go, and so forth), architects can write health features to validate all kinds of vital checks…like duties usually reserved for relational databases.
Health features and referential integrity
Contemplate the structure illustrated in Determine 1.
In Determine 1, the staff has determined to separate the info into two databases for higher scalability and availability. Nevertheless, the widespread drawback of that strategy lies with the truth that the staff can not depend on the database to implement referential integrity. On this scenario, every ticket will need to have a corresponding buyer to mannequin this workflow appropriately.
Whereas many groups appear to assume that referential integrity is barely potential inside a relational database, we separate the governance exercise (information integrity) from the implementation (the relational database) and notice we are able to create our personal examine utilizing an architectural health perform, as proven in Determine 2.
In Determine 2, the architect has created a small health perform that displays the queue between buyer and ticket. When the queue depth drops to zero (which means that the system isn’t processing any messages), the health perform creates a set of buyer keys from the buyer service and a set of buyer overseas keys from the ticket service and asserts that all the ticket overseas keys are contained throughout the set of buyer keys.
Why not simply question the databases straight from the health perform? Abstracting them as units permits flexibility—querying throughout databases on a continuing foundation introduces overhead which will have destructive unintended effects. Abstracting the health perform examine from the mechanics of how the info is saved to an summary information construction has at the least a few benefits. First, utilizing units permits architects to cache nonvolatile information (like buyer keys), avoiding fixed querying of the database. Many options exist for write-through caches within the uncommon occasion we do add a buyer. Second, utilizing units of keys abstracts us from precise information objects. Knowledge engineers want artificial keys to utilizing area information; the identical is true for architects. Whereas the database schema would possibly change over time, the staff will all the time want the connection between prospects and tickets, which this health perform validates in an summary approach.
Who executes this code? As this downside is typical in distributed architectures similar to microservices, the widespread place to execute this governance code is throughout the service mesh of the microservices structure. Service mesh is a common sample for dealing with operational considerations in microservices, similar to logging, monitoring, naming, service discovery, and different nondomain considerations. In mature microservices ecosystems, the service mesh additionally acts as a governance mesh, making use of health features and different guidelines at runtime.
It is a widespread approach that architects on the utility degree can validate information integrity, and we’ve applied these kinds of health features on a whole bunch of tasks. Nevertheless, the specificity of the implementation particulars makes it tough to develop the scope of these kinds of health features to the enterprise architect degree as a result of they embody too many implementation particulars about how the venture works.
Brittleness for metadomains
One of many key classes from domain-driven design was the concept of protecting implementation particulars as tightly sure as potential, utilizing anticorruption layers to stop integration factors from understanding too many particulars. Architects have embraced this philosophy in architectures like microservices.
But we see the identical downside right here on the metalevel, the place enterprise architects wish to broadly management considerations like information integrity but are hampered by the space and specificity of the governance requirement. Distance refers back to the scope of the exercise. Whereas utility and integration architects have a slender scope of accountability, enterprise architects by their nature sit on the enterprise degree. Thus, for an enterprise architect to implement governance similar to referential integrity requires them to know too many particular particulars about how the staff has applied the venture.
Certainly one of our greatest international purchasers has a task inside their enterprise structure group known as evolutionary architect, whose job is to establish international governance considerations, and we’ve got different purchasers who’ve tried to implement this degree of holistic governance with their enterprise architects. Nevertheless, the brittleness defeats these efforts: As quickly because the staff wants to alter an implementation element, the health perform breaks. Regardless that we regularly sofa health features as “unit checks for structure,” in actuality, they break a lot much less usually than unit checks. (How usually do modifications have an effect on some basic architectural concern versus a change to the area?) Nevertheless, by exposing implementation particulars exterior the venture to enterprise architects, these health features do break sufficient to restrict their worth.
We’ve tried a wide range of anticorruption layers for metaconcerns, however generative AI and MCP have offered the most effective answer thus far.
MCP and Agentic Governance
MCP defines a common integration layer for brokers to question and devour capabilities inside a selected metascope. For instance, groups can arrange an MCP server on the utility or integration structure degree to reveal instruments and information sources to AI brokers. This offers the right anticorruption layer for enterprise architects to state the intent of governance with out counting on implementation particulars.
This permits groups to implement the kind of governance that the strategically minded enterprise architects need however create a degree of indirection for the small print. For instance, see the up to date referential integrity examine illustrated in Determine 3.
In Determine 3, the enterprise architect points the final request to validate referential integrity to the MCP server for the venture. It in flip exposes health features by way of instruments (or information sources similar to log information) to hold out the request.
By creating an anticorruption layer between the venture particulars and enterprise architect, we are able to use MCP to deal with implementation particulars in order that when the venture evolves sooner or later, it doesn’t break the governance due to brittleness, as proven in Determine 4.
In Determine 4, the enterprise architect concern (validate referential integrity) hasn’t modified, however the venture particulars have. The staff added one other service for consultants, who work on tickets, which means we now must validate integrity throughout three databases. The staff modifications the inner MCP instrument that implements the health perform, and the enterprise architect request stays the identical.
This permits enterprise architects to successfully state governance intent with out diving into implementation particulars, eradicating the brittleness of far-reaching health features and enabling way more proactive holistic governance by architects in any respect ranges.
Defining the Intersections of Structure
In Structure as Code, we focus on 9 totally different intersections with software program structure and different components of the software program growth ecosystem (information representing one among them), all expressed as architectural health features (the “code” a part of structure as code). In defining the intersection of structure and enterprise architect, we are able to use MCP and brokers to state intent holistically, deferring the precise particulars to particular person tasks and ecosystems. This solves one of many nagging issues for enterprise architects who need to construct extra automated suggestions loops inside their methods.
MCP is sort of ideally suited to this goal, designed to reveal instruments, information sources, and immediate libraries to exterior contexts exterior a selected venture area. This permits enterprise architects to holistically outline broad intent and depart it to groups to implement (and evolve) their options.
X as code (the place X will be all kinds of issues) sometimes arises when the software program growth ecosystem reaches a sure degree of maturity and automation. Groups tried for years to make infrastructure as code work, nevertheless it didn’t till instruments similar to Puppet and Chef got here alongside that would allow that functionality. The identical is true with different “as code” initiatives (safety, coverage, and so forth): The ecosystem wants to offer instruments and frameworks to permit it to work. Now, with the mixture of highly effective health perform libraries for all kinds of platforms and ecosystem improvements similar to MCP and agentic AI, structure itself has sufficient assist to affix the “as code” communities.
Be taught extra about how AI is reshaping enterprise structure on the Software program Structure Superstream on December 9. Be part of host Neal Ford and a lineup of consultants together with Metro Financial institution’s Anjali Jain and Philip O’Shaughnessy, Vercel’s Dom Sipowicz, Intel’s Brian Rogers, Microsoft’s Ron Abellera, and Equal Consultants’ Lewis Crawford to listen to hard-won insights about constructing adaptive, AI-ready architectures that assist steady innovation, guarantee governance and safety, and align seamlessly with enterprise targets.
O’Reilly members can register right here. Not a member? Join a 10-day free trial earlier than the occasion to attend—and discover all the opposite assets on O’Reilly.
