josug2014 openstack 4th birthday party in japan; the way of openstack api dragon

of 33 /33
“the Way of the OpenStack API Dragon” (2014/07/09, Shibuya GMO yours) GMOインターネット株式会社 システム本部 2サービス開発部 オープンコンピューティングチーム 郷古直仁 openstack Open source software to build public and private clouds. OpenStack 4th Birthday party the Way of the OpenStack API Dragon” ~GMOアプリクラウドのAPI公開への道~

Author: naoto-gohko

Post on 23-Aug-2014

766 views

Category:

Internet


2 download

Embed Size (px)

DESCRIPTION

JOSUG2014 OpenStack 4th birthday party in Japan the way of OpenStack API Dragon. we provide OpenStack API on "GMO Apps Cloud" known to be capable of providing efficient social Games.

TRANSCRIPT

  • the Way of the OpenStack API Dragon (2014/07/09, Shibuya GMO yours) GMO 2 openstack! Open source software to build public and private clouds. OpenStack ! 4th Birthday party the Way of the OpenStack API Dragon! ~GMOAPI~
  • the Way of the OpenStack API Dragon Atlanta Summit Chuck Norris US (wikipedia: ) the OpenStack API Dragon !??
  • the Way of the OpenStack API Dragon the Way of the OpenStack API Dragon !??
  • the Way of the OpenStack API Dragon OpenStackAPI Public Network(the Internet) the OpenStack API Dragon :) the Way of the OpenStack API Dragon !??
  • the Way of the OpenStack API Dragon Atlanta summitops Meetup API Endpoint ! Atranta summit ops Meetup http://www.slideshare.net/inouetmko/josug20140619 the OpenStack API Dragon
  • the Way of the OpenStack API Dragon API Endpoint(Layer 7) Examples) ops Meetup - mod_security - nginx - NetScaler etc. the OpenStack API Dragon
  • the Way of the OpenStack API Dragon ! GMOOpenStack Havana ! API Endpoint(Layer 7) - nginx - HAProxy API Endpoint(Layer 7)
  • the Way of the OpenStack API Dragon LT VPSConoHa(Grizzly)
  • the Way of the OpenStack API Dragon GMO OpenStack Hava OpenStack API LT:GMOOpenStack API
  • the Way of the OpenStack API Dragon 1) (web GUI) (nova boot) 2) Wrapper API(RESTful) (OpenStack APIw) 3) OpenStack (HP Cloud) ConoHaOpenStack API?
  • the Way of the OpenStack API Dragon 2) API(RESTful) by ConoHa APIweb GUI OpenStack APIcall ConoHa
  • the Way of the OpenStack API Dragon ConoHa API proxy, OpenStack API ConoHaAPI ! API API (IIS, .Net) API Proxy (httpd, php Framework: fuel php) Grizzly Nova API API Grizzly Quantum API Grizzly Glance API ConoHaAPI DB Grizzly Keystone API OpenStack API
  • the Way of the OpenStack API Dragon OpenStack Havana GMO OpenStack Havana ! OpenStack API web GUI =>> APIOpenStack API Validation check
  • the Way of the OpenStack API Dragon 1) OpenStack API validation proxy for webGUI APIConoHaAPI OpenStack APIValidation check OpenStack =>> API Proxy web GUIAPIAPI (ex: ) => API worker
  • the Way of the OpenStack API Dragon 1) OpenStack Havana API validation proxy for webGUI GMO Apps CloudOpenStack API (httpd, php) API wrapper proxy (httpd, php Framework: fuel php) Havana Nova API API Havana Quantum API Havana Glance API OpenStack API for input validation DB Havana Keystone API OpenStack API Havana Cinder API Havana Ceilometer API =>> OpenStack API
  • the Way of the OpenStack API Dragon 1) OpenStack Havana API validation proxy for API GMO Apps CloudOpenStack API (httpd, php) API wrapper proxy (httpd, php Framework: fuel php) Havana Nova API API Havana Quantum API Havana Glance API OpenStack API for input validation DB Havana Keystone API OpenStack API Havana Cinder API Havana Ceilometer API =>> OpenStack API Endpoint L7:reverse proxy Havana Swift Proxy
  • the Way of the OpenStack API Dragon 1) OpenStack Havana API 2014/07/08beta http://cloud.gmo.jp/docs ! OpenStack API (client API) API: 31
  • the Way of the OpenStack API Dragon 1) OpenStack Havana API
  • the Way of the OpenStack API Dragon 2) API Endpoint Endpoint L7:reverse proxy API Endpoint => TCP 80 or 443 ! ! ! SSL(https): reverse proxy (SSL Termination) ! => https(443 port)
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy Reverse proxy - nginx (ver. 1.6.0) - HAProxy (ver. 1.5.0) :Varnish, apache mod_proxy, etc. ? ! => SSL
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy: nginx nginx (ver. 1.6.0) - lua, mruby(rebuild) - buildL7 ( rpm repositorybuild) ! : requesttemporary dir => Glance image upload, Swiftdata stream (ex: 5GBSwiftupload: nginx5GB )
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy: HAProxy HAProxy (ver. 1.5.0) - ver. 1.5.0SSL - OpenStackLBaaS - - socket to socketnginx temporary file => Glance image upload, Swift ! : config fileinclude -f nginx
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy - nginx (ver. 1.6.0) - keystone: host filter, URI filter(API), SSL Termination, request limit filter (1MB, 3r/s) - nova: host filter, URI filter(API), SSL Termination - neutron: host filter, URI filter(API), SSL Termination - cinder: host filter, URI filter(API), SSL Termination - glance: host filter, URI filter(API: list images), SSL Termination - HAProxy (ver. 1.5.0) - Swift: host filter, URI filter, SSL Termination ! ! ! !
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy: swift HAProxy (ver. 1.5.0) [[email protected] haproxy]# cat haproxy.cfg grep -v '#' global log 127.0.0.1 local0 maxconn 131072 user haproxy group haproxy daemon stats socket /var/run/haproxy.sock mode 600 level admin stats timeout 2m tune.chksize 16384000 tune.bufsize 16384000 ! ! ! ! ! !
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy: swift HAProxy (ver. 1.5.0) defaults log global mode http option log-separate-errors log-format [%pid] [%Ts.%ms] %ac/%fc/%bc/%bq/%sc/%sq/%rc %Tq/%Tw/%Tc/%Tr/ %Tt %tsc %ci:%cp %:%fp %si:%sp %ft %sslc %sslv %{+Q}r %ST %b:%s "%CC" "%hr""%CS" "%hs" req_size=%U resp_size=%B option dontlognull retries 3 option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 option forwardfor !
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy: swift HAProxy (ver. 1.5.0) listen hastats *:10080 mode http maxconn 64 stats enable stats uri /hastats stats realm Haproxy statistics stats auth system:hogehogepass stats refresh 10s ! frontend https_frontend bind *:443 ssl crt /etc/ssl/certs/ast.app-sys.jp/ast.app-sys.jp-haproxy.pem mode http acl is_v1_api url_beg /v1 acl host_s3 hdr(host) -i swift3-r1nd1001.app-sys.jp acl host_swift hdr(host) -i objectstore-r1nd1001.app-sys.jp acl host_ote_s3 hdr(host) -i ote-swift3-r1nd1001.app-sys.jp acl host_ote_swift hdr(host) -i ote-objectstore-r1nd1001.app-sys.jp reqadd X-Forwarded-Proto: https
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy: swift HAProxy (ver. 1.5.0) use_backend swift_proxy_server if is_v1_api use_backend swift_proxy_server if host_s3 use_backend swift_proxy_server if host_swift use_backend repos_server if host_repos default_backend null_server ! backend swift_proxy_server mode http balance leastconn option httpchk HEAD /healthcheck HTTP/1.0 option forwardfor server s1 10.199.199.91:8080 weight 10 check inter 2000 server s2 10.199.199.92:8080 weight 10 check inter 2000 ! backend null_server mode http option httpchk HEAD / HTTP/1.0 option forwardfor server n1 127.0.0.1:18080 check inter 2000
  • the Way of the OpenStack API Dragon 2) API Endpoint: Reverse Proxy: swift HAProxy (ver. 1.5.0) ! !
  • the Way of the OpenStack API Dragon 3) API version, JSON API versionURI filter ! APIrequest/response JSON(Default) => XML => http://developer.openstack.org/api-ref.html XML ! ! ! Format Accept Header Query Extension Default JSON application/json .json Yes XML application/xml .xml No
  • the Way of the OpenStack API Dragon 3) JSON(;) Swift: endpoint parse? ! API Proxy? JSON
  • the Way of the OpenStack API Dragon API the Way of the OpenStack API Dragon - Validation check - L7:Reverse Proxy(Private Cloud) API Endpoint ! the Way of the OpenStack API Dragon ! !
  • the Way of the OpenStack API Dragon API the Way of the OpenStack API Dragon