Mocca

A SPA UI for Selfcare

Simple overview

              User
                |
                | # HTML/CSS/JS request
                | # API requests
            ____|____
           |         |
           |  Mocca  | # Non-api requests
           |   URP   | # stop here
           |  UARP   |
           |_________|
                |
                | # REST API requests
           _____|____
          |          |
          | Selfcare |
          |__________|

Full overview

                           FOH
                            |
                            |
                       _____|_____
                      |           | # modini.in.telstra.com - Sends traffic to Modini
                      |  Modini   | # mocca.in.telstra.com - Sends traffic to Mocca
                      |    RP     |
                      |___________|
                        |       |
  modini.in.telstra.com |       | mocca.in.telstra.com
                        |       |
                        |       |_________    ____ Other users
                        |                 |  |
                        |     Trust with  |  | Authenticate with PAM
                        |     certificate |  | # Eg ocsadmin.something.telstra.com
                        |     and header  |  | # Eg mocca.something.telstra.com
                        |                 |  |
                        |                ====== F5 - two separate pools
                    ____|____         ____|__|___
                   |         |       |           |
                   | Modini  |       |    URP    |
                   |_________|       |   Mocca   |
                                     |   UARP    | # UARP accesses the Modini database
                                     |___________|
                                          |
                                         === F5 (the same F5 as above)
                                     _____|____
                                    |          |
                                    | Selfcare |
                                    |__________|

The life of a request

User    Modini      Local F5      Unico Reverse Proxy     Unico Authorisation Reverse Proxy     API provider (eg selfcare)

    API
  request
 --------->|
           | Forward to
           |   Mocca
           | with user
           |  header
           |----------->|
                        | Forward to
                        | healthy URP
                        | instance
                        |----------------->|
                                           | Determines it's
                                           | an API request,
                                           | forward to UARP
                                           | with a final
                                           | destination as
                                           | the F5.
                                           | Adds the username
                                           | as a header.
                                           |
                                           |--------------------------->|
                                                                        | Checks the user's
                                                                        | roles/rights/groups
                                                                        | checks whether they
                                                                        | can make the request.
                                                                        | Forwards request to
                                                                        | the final destination.
                                                                        | May modify the
                                                                        | request/response.
                        |<----------------------------------------------|
                        |
                        | Forward to
                        | healthy Selfcare
                        |------------------------------------------------------------------------------->|
                                                                                                         | Process request as normal
                                                                                                         |
                                                                                                        ...

Mocca retro

• SPA made with Backbone.js (et al)
  • A little bit too REST opinionated
  • Considering alternatives (Mithril.js)
  • Not as performant (not always important)
  • Can support IE8
• Used a "fake server" for dev
• Made some reusable and replaceable components
  • Log out code reused by multiple projects
  • Could replace module X for another deployment
• Have a UI boilerplate now, that's reasonably useful
• Could integrate a B/E into the dev env (RMT)
• Lack of real design exercise really really hurt

Mocca retro pt2

• Had automated functional tests, but they fell out of maintenance as too much of the design changed
• IMO, unit tests aren't super useful, even less so for UIs
• Masses of scope creep
• Integrates with UARP for authorisation (for usability, UARP does the real work)
• Proper URL use - bookmarks, history
• Being reliant on Modini was brutal (at times)
• Try and land on consistent naming

Unico Authorisation Reverse Proxy

• Reuses Modini's Authorisation structure
  • Reuses UCDB
  • Modular role and rights source (can implement different providers) 
• Has some "API" functionality to answer queries
• Blocks, allows, modifies (ish) requests
  • Based on path
  • Based on verb
  • Or a combination of both
• Wants a better "deep" health check
• Never ever in original scope

Pros

• Simple
• Low hardware requirements
• "Web 2.0"-y
• Easy reuse of components (URP, UARP)
• Simple to add extra applications
• Simple to deploy and manage
• Development efficacy (fast feedback loop)

Cons

• More reliant on the backend
  • Less options if the b/e can't do what you need
  • Might need to think of different ways to handle problems
• Security: most API's are yes or no, not granular
• Hit some IE8 walls -> inconsistent browser requirements

Reuse

• (UAM)
• Mocca
• DSIMA
• OCS Admin Configuration GUI
• (WGUIM)

Random thoughts

• Create a role management UI that is a standalone reimplementation of the Modini one
• Consider things like Last-Modified headers in APIs
• Try and be more consistent with out "REST" API design -- accept that some interaction are RPCs
• Use HAProxy to add HA in scenarios where an F5 isn't available
  • Top quality load balancer (almost F5 level) and simple to add to the equation
• Use Electron/nw.js to provide an "executable" to sidestep browser requirements
• Coffeescript vs ES6

Random thoughts pt2

• Add a logging API to the URP, to support logging from an SPA front end (eg exceptions, or just general logs)
• Should migrate UAM to URP
• Actually trying to keep deps up to date - worth it
• I like JSON, but not as ideal for others
• Cross-platform deployment is annoying
  • Solaris is more annoying - should script in JS
• Difficult playing second fiddle to the SOAP APIs
  • Consider starting when more b/e design is done (confidently done (ie a bit implemented))
  • Maybe life would've been easier if "we" (Mocca team) did it (we know what "we" want)

Random thoughts pt3

• Dangerous doing dev in a different browser than the target, but hard to do otherwise
• Really useful having fast (almost zero-dt) restarts
• Never felt like it was clear who was meant to "make decisions"
• Jenkins is lame
• Consistent request IDs are so excellent
• Actually, for us, it was ace not being exposed to Puppet
  • Making the Puppet repo more modular (or something) would help in my mind (I used Salt to do the Mocca et al installs, and loved it -- because it was self contained)

Random thoughts pt4

• Some kind of service discovery story would be very worth having (even DNS would be super novel)