Added the infra SOPs ported to asciidoc.
This commit is contained in:
Adam Saleh
parent
8a7f111a12
commit
a0301e30f1
148 changed files with 18575 additions and 17 deletions
70
modules/sysadmin_guide/pages/fedmsg-websocket.adoc
Normal file
70
modules/sysadmin_guide/pages/fedmsg-websocket.adoc
Normal file
|
|
@ -0,0 +1,70 @@
|
|||
= websocket SOP
|
||||
|
||||
websocket communication with Fedora apps.
|
||||
|
||||
see-also: `fedmsg-gateway.txt`
|
||||
|
||||
== Contact Information
|
||||
|
||||
Owner::
|
||||
Messaging SIG, Fedora Infrastructure Team
|
||||
Contact::
|
||||
#fedora-apps, #fedora-admin, #fedora-noc
|
||||
Servers::
|
||||
busgateway01, proxy0*, app0*
|
||||
Purpose::
|
||||
Expose a websocket server for FI apps to use
|
||||
|
||||
== Description
|
||||
|
||||
WebSocket is a protocol (an extension of HTTP/1.1) by which client web
|
||||
browsers can establish full-duplex socket communications with a server
|
||||
--the "real-time web".
|
||||
|
||||
In our case, webapps served from app0* and packages0* will include
|
||||
javascript code instructing client browsers to establish a second
|
||||
connection to our WebSocket server. They point browsers to the following
|
||||
addresses:
|
||||
|
||||
production::
|
||||
wss://hub.fedoraproject.org:9939
|
||||
staging::
|
||||
wss://stg.fedoraproject.org:9939
|
||||
|
||||
The websocket server itself is a fedmsg-hub daemon running on
|
||||
busgateway01. It is configured to enable its websocket server component
|
||||
in the presence of certain configuration values.
|
||||
|
||||
haproxy mediates connections to the fedmsg-hub websocket server daemon.
|
||||
An stunnel daemon provides SSL support.
|
||||
|
||||
== Connection Flow
|
||||
|
||||
The connection flow is much the same as in the fedmsg-gateway.txt SOP,
|
||||
but is somewhat more complicated.
|
||||
|
||||
"Normal" HTTP requests to our app servers traverse the following chain:
|
||||
|
||||
....
|
||||
Client -> apache(proxy01) -> haproxy(proxy01) -> apache(app01)
|
||||
....
|
||||
|
||||
The flow for a websocket requests looks something like this:
|
||||
|
||||
....
|
||||
Client -> stunnel(proxy01) -> haproxy(proxy01) -> fedmsg-hub(busgateway01)
|
||||
....
|
||||
|
||||
stunnel is listening on a public port, negotiates the SSL connection,
|
||||
and redirects the connection to haproxy who in turn hands it off to the
|
||||
fedmsg-hub websocket server listening on busgateway01.
|
||||
|
||||
At the time of this writing, haproxy does not actually load balance
|
||||
zeromq session requests across multiple busgateway0* machines, but there
|
||||
is nothing stopping us from adding them. New hosts can be added in
|
||||
ansible and pressed from busgateway01's template. Add them to the
|
||||
fedmsg-websockets listen in haproxy's config and it should Just Work.
|
||||
|
||||
== RHIT
|
||||
|
||||
We had RHIT open up port 9939 special to proxy01.phx2 for this.
|
||||
Loading…
Add table
Add a link
Reference in a new issue