Downloaded 20 times
Uploaded byNachi Ueno
Gohan
The document outlines Gohan, a YAML-based REST API service definition language that supports API definition generation, database mapping, and custom logic through Gohan Script. It includes features like role-based access control, integration with etcd, and benchmarking results for performance with various configurations. Future development plans focus on enhancing performance, supporting additional authentication methods, and code generation.
Gohan
- 1. Nachi Ueno :nati.ueno@gmail.com https://github.com/cloudwan/gohan
- 2. REST API ServiceDefinition Language
- 3. S OpenAPI / Swagger? Gohan Schema Pet Model List Pet Update Pet Delete Pet Pet Controller Pet TableShow Pet Pet Sync (etcd) OpenAPI
- 4. Pet Store example GohanSchema https://github.com/cloudwan/gohan/blob/master/etc/example_schema.yaml Swagger file https://gist.github.com/nati/3ef08372717aaf0ae70e64175dcd4079
- 5.
- 6.
- 7. Gohan Schema JSON Schema+ useful functions Inheritance Schema Relation Policy Custom Logic (extension)
- 8. Gohan Schema: schemas: - … policies: -… extensions: - … - …
- 9. Schema - id: base plural:bases singular: base prefix: /v1.0 type: abstract title: Base Resource description: base resource definition schema: type: object properties: propertiesOrder : JSON Schema
- 10. Properties Order - id:base plural: bases singular: base prefix: /v1.0 type: abstract title: Base Resource description: base resource definition schema: type: object properties: propertiesOrder : Applied in UI (Table, Form )
- 11. Schema inheritance - id:pet plural: pet singular: pet prefix: /v1.0 extends: - base title: Pet description: - id: base plural: bases singular: base prefix: /v1.0 type: abstract title: Base Resource description: base Base id name tenant_id Pet status Pet have id name tenant_id status
- 12. Permission id: description: ID permission: - create title:ID type: string view: - detail name: description: Name permission: - create - update title: Name type: string Allowed only in create action Allowed create and Update
- 13. Relation DB: Foreign keyconstraint UI: Select Form
- 14. RBAC Policy action Create, Read,Update and Delete effect Allow, deny Principal Role name Condition Resource path
- 15. RBAC Policy examples Memberscan only read pets Members can only read their orders
- 16. Property value basedpolicy Member can only create order of which status is ”placed”
- 17. Extension You can havecustom logic in each API. Pros Cons Gohanscript (Ansible inspired) Easy to read and write For non programmers Slow (Still experimental) Javascript (Otto based) Easy to write & quick Too Slow Go Fast and Reliable You need compile
- 18. API pipeline andextension pre_create post_create pre_create_in_transaction post_create_in_transaction Policy_check Input value Validation (json schema) Policy_check Output value Create in DB
- 19.
- 21. Supported functions inGohanscript • Conditional • Variable • Looping • Concurrent execution • Define function • Import • DB CRUD • External HTTP Connection • OpenStack / Contrail API access • Background job / Job Queue • Remote Debugger
- 22. Integration Etcd You can pushREST API event to etcd, so that you can integrate worker such as confd. You can also use Gohan as worker Keystone You can integrate IAM with OpenStack Keystone
- 23. Pet Store Benchmark ClientGohan Mysql Intel(R) Core(TM) i3- 2100 CPU @ 3.10GHz 4Core 8G Bench-rest https://github.com/jeffbski/ bench-rest 100: Concurrent request 10000: Total request Create Pet: 524 req per sec mean: 189ms List Pet: 1123 req per sec mean: 88 sec Benchmark setup Note: disabled JavaScript extension Benchmark Result
- 24. Future work Performance improvement Gocode generation Support more authentication mode OpenID / OAuth SAMLv2.0
- 25. Summary Gohan : YAML-basedREST API Service Definition Language API Definition Generation (including Swagger) DB Table Generation & OR Mapping Support Custom Logic using Gohan Script (Javascript, and Go) Extensible Role-Based Access Control etcd integration