2021-07-26 10:39:47 +02:00
|
|
|
= websocket SOP
|
|
|
|
|
|
|
|
|
|
websocket communication with Fedora apps.
|
|
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
See-also: <<fedmsg-gateway.adoc#>>
|
2021-07-26 10:39:47 +02:00
|
|
|
|
|
|
|
|
== Contact Information
|
|
|
|
|
|
|
|
|
|
Owner::
|
|
|
|
|
Messaging SIG, Fedora Infrastructure Team
|
|
|
|
|
Contact::
|
|
|
|
|
#fedora-apps, #fedora-admin, #fedora-noc
|
|
|
|
|
Servers::
|
|
|
|
|
busgateway01, proxy0*, app0*
|
|
|
|
|
Purpose::
|
|
|
|
|
Expose a websocket server for FI apps to use
|
|
|
|
|
|
|
|
|
|
== Description
|
|
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
_WebSocket_ is a protocol (an extension of HTTP/1.1) by which client web
|
2021-07-26 10:39:47 +02:00
|
|
|
browsers can establish full-duplex socket communications with a server
|
|
|
|
|
--the "real-time web".
|
|
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
In our case, webapps served from _app0*_ and _packages0*_ will include
|
2021-07-26 10:39:47 +02:00
|
|
|
javascript code instructing client browsers to establish a second
|
2021-08-19 14:22:06 +02:00
|
|
|
connection to our _WebSocket_ server. They point browsers to the following
|
2021-07-26 10:39:47 +02:00
|
|
|
addresses:
|
|
|
|
|
|
|
|
|
|
production::
|
|
|
|
|
wss://hub.fedoraproject.org:9939
|
|
|
|
|
staging::
|
|
|
|
|
wss://stg.fedoraproject.org:9939
|
|
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
The websocket server itself is a _fedmsg-hub_ daemon running on
|
|
|
|
|
_busgateway01_. It is configured to enable its websocket server component
|
2021-07-26 10:39:47 +02:00
|
|
|
in the presence of certain configuration values.
|
|
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
_haproxy_ mediates connections to the _fedmsg-hub_ _websocket_ server daemon.
|
|
|
|
|
An _stunnel_ daemon provides SSL support.
|
2021-07-26 10:39:47 +02:00
|
|
|
|
|
|
|
|
== Connection Flow
|
|
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
The connection flow is much the same as in the <<fedmsg-gateway.adoc#>>,
|
2021-07-26 10:39:47 +02:00
|
|
|
but is somewhat more complicated.
|
|
|
|
|
|
|
|
|
|
"Normal" HTTP requests to our app servers traverse the following chain:
|
|
|
|
|
|
|
|
|
|
....
|
|
|
|
|
Client -> apache(proxy01) -> haproxy(proxy01) -> apache(app01)
|
|
|
|
|
....
|
|
|
|
|
|
|
|
|
|
The flow for a websocket requests looks something like this:
|
|
|
|
|
|
|
|
|
|
....
|
|
|
|
|
Client -> stunnel(proxy01) -> haproxy(proxy01) -> fedmsg-hub(busgateway01)
|
|
|
|
|
....
|
|
|
|
|
|
|
|
|
|
stunnel is listening on a public port, negotiates the SSL connection,
|
|
|
|
|
and redirects the connection to haproxy who in turn hands it off to the
|
2021-08-19 14:22:06 +02:00
|
|
|
_fedmsg-hub_ websocket server listening on _busgateway01_.
|
2021-07-26 10:39:47 +02:00
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
At the time of this writing, _haproxy_ does not actually load balance
|
|
|
|
|
zeromq session requests across multiple _busgateway0*_ machines, but there
|
2021-07-26 10:39:47 +02:00
|
|
|
is nothing stopping us from adding them. New hosts can be added in
|
2021-08-19 14:22:06 +02:00
|
|
|
ansible and pressed from _busgateway01_'s template. Add them to the
|
|
|
|
|
_fedmsg-websockets_ listen in _haproxy_'s config and it should Just Work.
|
2021-07-26 10:39:47 +02:00
|
|
|
|
|
|
|
|
== RHIT
|
|
|
|
|
|
2021-08-19 14:22:06 +02:00
|
|
|
We had RHIT open up port 9939 special to _proxy01.iad2_ for this.
|
