REST API Service Definition Language
S
OpenAPI / Swagger ?Gohan Schema
Pet Model
List Pet
Update Pet
Delete Pet
Pet Controller
Pet TableShow Pet
Pet Sync (etcd)
OpenAPI
Pet Store exampleGohan Schemahttps://github.com/cloudwan/gohan/blob/master/etc/example_schema.yaml
Swagger filehttps://gist.github.com/nati/3ef08372717aaf0ae70e64175dcd4079
WebUI
CLI
Gohan SchemaJSON Schema + useful functions
Inheritance
Schema Relation
Policy
Custom Logic (extension)
Gohan Schema: schemas: - …policies: - …extensions: - …- …
Schema- id: base plural: bases singular: base prefix: /v1.0 type: abstract title: Base Resource description: base resource definition schema: type: object properties: propertiesOrder :
JSON Schema
Properties Order- id: base plural: bases singular: base prefix: /v1.0 type: abstract title: Base Resource description: base resource definition schema: type: object properties: propertiesOrder : Applied in UI
(Table, Form )
Schema inheritance- id: pet plural: pet singular: pet prefix: /v1.0 extends: - base title: Pet description:
- id: base plural: bases singular: base prefix: /v1.0 type: abstract title: Base Resource description: baseBase
id name tenant_id
Pet status
Pet have id nametenant_id status
Permission id:
description: ID permission: - create title: ID type: string view: - detail
name: description: Name permission: - create - update title: Name type: string
Allowed only in create action
Allowed create and Update
Relation
DB: Foreign key constraint
UI: Select Form
RBAC Policy
action
Create, Read, Update and Delete
effect
Allow, deny
Principal Role name
Condition
Resource path
RBAC Policy examples
Members can only read pets
Members can only read their orders
Property value based policy
Member can only create order of which status is ”placed”
ExtensionYou can have custom logic in each API.
Pros Cons
Gohanscript (Ansible inspired)
Easy to read and writeFor non programmers
Slow (Still experimental)
Javascript(Otto based)
Easy to write & quick Too Slow
Go Fast and Reliable You need compile
API pipeline and extensionpre_create
post_create
pre_create_in_transaction
post_create_in_transaction
Policy_checkInput value
Validation(json
schema)
Policy_check Output value
Create in DB
Gohanscript example
Supported functions in Gohanscript• Conditional• Variable• Looping
• Concurrent execution
• Define function• Import• DB CRUD• External HTTP Connection• OpenStack / Contrail API access• Background job / Job Queue• Remote Debugger
Integration
EtcdYou can push REST API event to etcd, so that you can integrate worker such as confd. You can also use Gohan as worker
KeystoneYou can integrate IAM with OpenStack Keystone
Pet Store Benchmark
Client Gohan Mysql
Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz 4Core 8G
Bench-resthttps://github.com/jeffbski/bench-rest
100: Concurrent request10000: Total request
Create Pet: 524 req per sec mean: 189ms
List Pet: 1123 req per sec mean: 88 sec
Benchmark setup
Note: disabled JavaScript extension
Benchmark Result
Future workPerformance improvement
Go code generation
Support more authentication modeOpenID / OAuthSAMLv2.0
SummaryGohan : YAML-based REST API Service Definition Language
API Definition Generation (including Swagger)
DB Table Generation & OR Mapping
Support Custom Logic using Gohan Script (Javascript, and Go)
Extensible Role-Based Access Control
etcd integration