The document outlines Gohan, a YAML-based REST API service definition language that supports API definition generation, database mapping, and custom logic through Gohan Script. It includes features like role-based access control, integration with etcd, and benchmarking results for performance with various configurations. Future development plans focus on enhancing performance, supporting additional authentication methods, and code generation.

1. Nachi Ueno : nati.ueno@gmail.com
https://github.com/cloudwan/gohan

2. REST API Service Definition Language

3. S
OpenAPI / Swagger ?
Gohan Schema
Pet Model
List Pet
Update Pet
Delete Pet
Pet Controller
Pet TableShow Pet
Pet Sync (etcd)
OpenAPI

4. Pet Store example
Gohan Schema
https://github.com/cloudwan/gohan/blob/master/etc/example_schema.yaml
Swagger file
https://gist.github.com/nati/3ef08372717aaf0ae70e64175dcd4079

5. WebUI

6. CLI

7. Gohan Schema
JSON Schema + useful functions
Inheritance
Schema Relation
Policy
Custom Logic (extension)

8. Gohan Schema:
schemas:
- …
policies:
- …
extensions:
- …
- …

9. Schema
- id: base
plural: bases
singular: base
prefix: /v1.0
type: abstract
title: Base Resource
description: base resource definition
schema:
type: object
properties:
propertiesOrder :
JSON
Schema

10. Properties Order
- id: base
plural: bases
singular: base
prefix: /v1.0
type: abstract
title: Base Resource
description: base resource definition
schema:
type: object
properties:
propertiesOrder : Applied in UI
(Table, Form )

11. Schema inheritance
- id: pet
plural: pet
singular: pet
prefix: /v1.0
extends:
- base
title: Pet
description:
- id: base
plural: bases
singular: base
prefix: /v1.0
type: abstract
title: Base Resource
description: base
Base
id
name
tenant_id
Pet
status
Pet have
id
name
tenant_id
status

12. Permission
id:
description: ID
permission:
- create
title: ID
type: string
view:
- detail
name:
description: Name
permission:
- create
- update
title: Name
type: string
Allowed only in create
action
Allowed create and
Update

13. Relation
DB: Foreign key constraint
UI: Select Form

14. RBAC Policy
action
Create, Read, Update and
Delete
effect
Allow, deny
Principal
Role name
Condition
Resource
path

15. RBAC Policy examples
Members can only read pets
Members can only read their orders

16. Property value based policy
Member can only create
order of which status is
”placed”

17. Extension
You can have custom logic in each API.
Pros Cons
Gohanscript
(Ansible inspired)
Easy to read and write
For non programmers
Slow
(Still experimental)
Javascript
(Otto based)
Easy to write & quick Too Slow
Go Fast and Reliable You need compile

18. API pipeline and extension
pre_create
post_create
pre_create_in_transaction
post_create_in_transaction
Policy_check
Input value
Validation
(json
schema)
Policy_check
Output value
Create in DB

19. Gohanscript example

21. Supported functions in Gohanscript
• Conditional
• Variable
• Looping
• Concurrent execution
• Define function
• Import
• DB CRUD
• External HTTP Connection
• OpenStack / Contrail API access
• Background job / Job Queue
• Remote Debugger

22. Integration
Etcd
You can push REST API event to etcd, so that you can
integrate worker such as confd.
You can also use Gohan as worker
Keystone
You can integrate IAM with OpenStack Keystone

23. Pet Store Benchmark
Client Gohan Mysql
Intel(R) Core(TM) i3-
2100 CPU @ 3.10GHz
4Core 8G
Bench-rest
https://github.com/jeffbski/
bench-rest
100: Concurrent request
10000: Total request
Create Pet:
524 req per sec
mean: 189ms
List Pet:
1123 req per sec
mean: 88 sec
Benchmark setup
Note: disabled JavaScript extension
Benchmark Result

24. Future work
Performance improvement
Go code generation
Support more authentication mode
OpenID / OAuth
SAMLv2.0

25. Summary
Gohan : YAML-based REST API Service Definition Language
API Definition Generation (including Swagger)
DB Table Generation & OR Mapping
Support Custom Logic using Gohan Script (Javascript, and Go)
Extensible Role-Based Access Control
etcd integration