Re: Traffic Ops Golang Migration Proposal

[Robert Butts]

@jan theoretically yes, we could do the proxy part of this in the gateway.
But that requires more operations work and configuration to set up, and
will likely take more development as well.

The idea behind this is as little ops and config work as possible.

No, this doesn't make moving to the Gateway or alternative Auth harder.
Anywhere they would point to the old TO, they point to the new TO (which is
in fact the same port), without change. The idea is a drop-in replacement,
all clients can continue to make the same requests, without knowing the
underlying service has changed.

If anything, this makes the gateway easier, as once endpoints are moved to
Go, they're independent functions which are trivial to pull out into
microservices if we want.

On Thu, Jul 20, 2017 at 7:56 AM, Jan van Doorn  wrote:

> I'm a little late to this party, sorry
>
>
> Rob, you say: 'Note this does NOT replace or affect the "API Gateway"
> plans, or "JWT Auth" plans. This is a rewrite of strictly the existing
> Traffic Ops application, and can be implemented alongside the "API
> Gateway", or "JWT Auth", or without them.'
>
> Why? Isn't this something we could do in that gateway as well, and doesn't
> this make moving to that harder?
>
> Rgds,
> JvD
>
>
> On Thu, Jul 20, 2017 at 7:52 AM Dewayne Richardson 
> wrote:
>
>> When:   Read · Thu, Jul 20.
>> 
>> [image: Timyo expectation line]
>> @malenfent We plan to re-evaluate postinstall as we move forward as
>> well.  We've noted the feedback about making SSL configuration separate,
>> and over time the extreme pain of Carton will disappear as well, as for
>> "downloadwebdeps" will also disappear because of Jeremy's new TO UI v2.
>> So, really it'll be a small postinstall wrapper that basically sets up the
>> database (with a default admin user) and minimal data setup.
>>
>> On Thu, Jul 20, 2017 at 7:30 AM, Robert Butts 
>> wrote:
>>
>>> @malenfant it sounds like Dewayne and Jeff reached a consensus, so I
>>> think the plan now, unless you object, is to use a single RPM and Service.
>>> Which, I agree with Jeff, it does make a lot of things easier, it also
>>> makes the final Perl app removal much easier, if we're willing to tolerate
>>> the temporary coupling.
>>>
>>> I think that answers most of your questions, right?
>>>
>>> So, if they're in the same RPM and Service, the New TO can use the same
>>> configs, adding the new port to the old config--which won't require
>>> Postinstall if you set it in Ansible.
>>>
>>> The new binary will go in the same `/opt/traffic_ops` dir.
>>>
>>> On Jul 20, 2017 6:38 AM, "Eric Friedrich (efriedri)" 
>>> wrote:
>>>
 Sorry bout the nitpicking...

 Whatever approach we choose for naming, we should use “go” instead of
 “golang”.

 "The language is called Go, not Golang. http://golang.org
  is just the the web site address, not the
 name of the language.” - Rob Pike
 https://twitter.com/rob_pike/status/886054143235719169

 —Eric

 On Jul 20, 2017, at 8:04 AM, Steve Malenfant 
 wrote:

 +1 to move to Golang. Few questions.

 Configuration seems like a none issue for us since we are using
 Ansible, we
 would prefer less postinstall interaction as possible as long as the
 configuration is documented.
 As for the name, do we plan to keep "traffic_ops_golang" in the future?
 Have we thought about using "traffic_ops" for golang and
 "traffic_ops_something" for Perl? It seems like the "Perl TO" should be
 the
 dependency here and should be handled by the RPM at installation. There
 could be confusion about folks not installing "traffic_ops_golang" on
 upgrades since they are doing a "yum update traffic_ops".

 If the dependency is this way, the golang version will need to be
 installed
 and the perl version as well. But you don't need to run any postinstall
 and
 simply need to change golang configuration to change the proxy.

 Talking about postinstall and migrations (SQL), which package would
 contain
 it in the future? The Perl or TO version?

 Is there something preventing re-using the same /opt/traffic_ops
 directory
 for both?

 Steve

 On Wed, Jul 19, 2017 at 5:25 PM, Dewayne Richardson 
 wrote:

 When:   Read · Wed, Jul 19. If Cc: read
 
 [image: Timyo expectation line]
 I had a knee jerk reaction to separate the RPMs because of the potential
 for a "new" approach, but I've now been convinced otherwise based upon
 the
 "Strangler Pattern" where the Perl gets rewritten into Golang overtime
 and
 the TO clients know none the difference.

 +1

Re: Traffic Ops Golang Migration Proposal

[Eric Friedrich (efriedri)]

Sorry bout the nitpicking...

Whatever approach we choose for naming, we should use “go” instead of “golang”.

"The language is called Go, not Golang. http://golang.org 
  is just the the web site address, not the name of 
the language.” - Rob Pike
https://twitter.com/rob_pike/status/886054143235719169

—Eric

On Jul 20, 2017, at 8:04 AM, Steve Malenfant 
> wrote:

+1 to move to Golang. Few questions.

Configuration seems like a none issue for us since we are using Ansible, we
would prefer less postinstall interaction as possible as long as the
configuration is documented.
As for the name, do we plan to keep "traffic_ops_golang" in the future?
Have we thought about using "traffic_ops" for golang and
"traffic_ops_something" for Perl? It seems like the "Perl TO" should be the
dependency here and should be handled by the RPM at installation. There
could be confusion about folks not installing "traffic_ops_golang" on
upgrades since they are doing a "yum update traffic_ops".

If the dependency is this way, the golang version will need to be installed
and the perl version as well. But you don't need to run any postinstall and
simply need to change golang configuration to change the proxy.

Talking about postinstall and migrations (SQL), which package would contain
it in the future? The Perl or TO version?

Is there something preventing re-using the same /opt/traffic_ops directory
for both?

Steve

On Wed, Jul 19, 2017 at 5:25 PM, Dewayne Richardson 
>
wrote:

When:   Read · Wed, Jul 19. If Cc: read

[image: Timyo expectation line]
I had a knee jerk reaction to separate the RPMs because of the potential
for a "new" approach, but I've now been convinced otherwise based upon the
"Strangler Pattern" where the Perl gets rewritten into Golang overtime and
the TO clients know none the difference.

+1

-Dew

On Wed, Jul 19, 2017 at 12:52 PM, Jeff Elsloo 
> wrote:

I see. If that's the case, it's a hard requirement to run the golang
portion from whenever this is introduced onward. As long as we have
discipline around removing migrated routes, that should work okay and
would solve the "two watches" issue Mark mentioned when we discussed
this in person: A man with two watches (old API route, golang route)
does not know what time it is.

I don't think that it makes a lot of sense to have a separate RPM
since the dependency goes the other direction, and users are required
to run the golang component no matter what. We might as well just
build that into the existing RPM build process for traffic_ops.

Do we really need to ask the user for the port to move mojo to?
Obviously we can ask them to provide a port, but we could also just
pick a random, unused high port, and have mojo listen only on the
loopback interface. Maybe that's too "magical"?

Does the golang app run as trafops:trafops and drop privileges after
opening :443?
--
Thanks,
Jeff


On Wed, Jul 19, 2017 at 11:58 AM, Robert Butts 
>
wrote:
This means that the traffic_ops side would have to check to see whether
traffic_ops_golang

Because the traffic_ops_golang package will depend on traffic_ops, not
the
other way around

I was suggesting the other way around - traffic_ops will depend on
traffic_ops_golang. Which means upgrading traffic_ops automatically
installs
traffic_ops_golang, and we don't need to do the check. It'd mean you
couldn't remove `traffic_ops_golang`, but the plan is to remove old
endpoints from old TO anyway. Which is another reason making
traffic_ops_golang a dependency of traffic_ops makes sense: it really
is,
traffic_ops really does require it for the migrated endpoints.

I agree with moving away from manual post-installation scripts, but I
don't
think we can avoid it here, because we need the user to set a new port.


On Wed, Jul 19, 2017 at 11:40 AM, Jeff Elsloo 
>
wrote:

I'm +1 on most of what you suggest, except for doing the takeover in
postinstall in traffic_ops.

While we can do whatever we want with postinstall, I think it's
awkward to have a tool within the traffic_ops package configuring
something under the traffic_ops_golang package, when the latter
package might not be installed. This means that the traffic_ops side
would have to check to see whether traffic_ops_golang is installed
outside of the normal RPM dependencies, adding more platform specific
code to postinstall. I don't see a generic way to implement the
"check" for the golang package within postinstall that will work. We
would have to check for a path that is not likely to exist for most
users, or check for a package. Both approaches require platform
specific code and assumptions.

Because the traffic_ops_golang package will depend on traffic_ops, not

Re: Traffic Ops Golang Migration Proposal

[Steve Malenfant]

+1 to move to Golang. Few questions.

Configuration seems like a none issue for us since we are using Ansible, we
would prefer less postinstall interaction as possible as long as the
configuration is documented.
As for the name, do we plan to keep "traffic_ops_golang" in the future?
Have we thought about using "traffic_ops" for golang and
"traffic_ops_something" for Perl? It seems like the "Perl TO" should be the
dependency here and should be handled by the RPM at installation. There
could be confusion about folks not installing "traffic_ops_golang" on
upgrades since they are doing a "yum update traffic_ops".

If the dependency is this way, the golang version will need to be installed
and the perl version as well. But you don't need to run any postinstall and
simply need to change golang configuration to change the proxy.

Talking about postinstall and migrations (SQL), which package would contain
it in the future? The Perl or TO version?

Is there something preventing re-using the same /opt/traffic_ops directory
for both?

Steve

On Wed, Jul 19, 2017 at 5:25 PM, Dewayne Richardson 
wrote:

> When:   Read · Wed, Jul 19. If Cc: read
> 
> [image: Timyo expectation line]
> I had a knee jerk reaction to separate the RPMs because of the potential
> for a "new" approach, but I've now been convinced otherwise based upon the
> "Strangler Pattern" where the Perl gets rewritten into Golang overtime and
> the TO clients know none the difference.
>
> +1
>
> -Dew
>
> On Wed, Jul 19, 2017 at 12:52 PM, Jeff Elsloo  wrote:
>
>> I see. If that's the case, it's a hard requirement to run the golang
>> portion from whenever this is introduced onward. As long as we have
>> discipline around removing migrated routes, that should work okay and
>> would solve the "two watches" issue Mark mentioned when we discussed
>> this in person: A man with two watches (old API route, golang route)
>> does not know what time it is.
>>
>> I don't think that it makes a lot of sense to have a separate RPM
>> since the dependency goes the other direction, and users are required
>> to run the golang component no matter what. We might as well just
>> build that into the existing RPM build process for traffic_ops.
>>
>> Do we really need to ask the user for the port to move mojo to?
>> Obviously we can ask them to provide a port, but we could also just
>> pick a random, unused high port, and have mojo listen only on the
>> loopback interface. Maybe that's too "magical"?
>>
>> Does the golang app run as trafops:trafops and drop privileges after
>> opening :443?
>> --
>> Thanks,
>> Jeff
>>
>>
>> On Wed, Jul 19, 2017 at 11:58 AM, Robert Butts 
>> wrote:
>> >> This means that the traffic_ops side would have to check to see whether
>> >> traffic_ops_golang
>> >
>> >> Because the traffic_ops_golang package will depend on traffic_ops, not
>> the
>> >> other way around
>> >
>> > I was suggesting the other way around - traffic_ops will depend on
>> > traffic_ops_golang. Which means upgrading traffic_ops automatically
>> installs
>> > traffic_ops_golang, and we don't need to do the check. It'd mean you
>> > couldn't remove `traffic_ops_golang`, but the plan is to remove old
>> > endpoints from old TO anyway. Which is another reason making
>> > traffic_ops_golang a dependency of traffic_ops makes sense: it really
>> is,
>> > traffic_ops really does require it for the migrated endpoints.
>> >
>> > I agree with moving away from manual post-installation scripts, but I
>> don't
>> > think we can avoid it here, because we need the user to set a new port.
>> >
>> >
>> > On Wed, Jul 19, 2017 at 11:40 AM, Jeff Elsloo 
>> wrote:
>> >>
>> >> I'm +1 on most of what you suggest, except for doing the takeover in
>> >> postinstall in traffic_ops.
>> >>
>> >> While we can do whatever we want with postinstall, I think it's
>> >> awkward to have a tool within the traffic_ops package configuring
>> >> something under the traffic_ops_golang package, when the latter
>> >> package might not be installed. This means that the traffic_ops side
>> >> would have to check to see whether traffic_ops_golang is installed
>> >> outside of the normal RPM dependencies, adding more platform specific
>> >> code to postinstall. I don't see a generic way to implement the
>> >> "check" for the golang package within postinstall that will work. We
>> >> would have to check for a path that is not likely to exist for most
>> >> users, or check for a package. Both approaches require platform
>> >> specific code and assumptions.
>> >>
>> >> Because the traffic_ops_golang package will depend on traffic_ops, not
>> >> the other way around, it makes more sense to place the configuration
>> >> piece in the golang package. When the golang package is installed, we
>> >> can "take over" the port in the listen directive of cdn.conf, because
>> >> we know for a fact