Upload
steven-cooper
View
98
Download
0
Embed Size (px)
Citation preview
@developersteve #APIDaysAU
OpenRestyBuilding APIs for scale with
@developersteve #APIDaysAU
@developersteve #APIDaysAU
Steven CooperSniip CTODevelopersteve.com
As Chief Technology Officer for Sniip Steven is working closely to help scale the platform and creating new innovative ways for consumers to pay. With Sniip’s frictionless and easy to use application he is working with government agencies, councils and utility companies to implement the technology.
@developersteve #APIDaysAU
About USSniip is a disruptive force in the payment space
It is the first of its kind in Australia as it is a mobile payment application built not around a bank or payment brand, but rather, around the consumer.
About SniipWhere it started
@developersteve #APIDaysAU
SCAN CHECKOUT
How it WorksThe easy way to pay
PIN
@developersteve #APIDaysAU
Other “solutions”Such advanced technology
@developersteve #APIDaysAU
@developersteve #APIDaysAU
Our Legacy StackIt has to start somewhere
@developersteve #APIDaysAU
@developersteve #APIDaysAU
<3 AWS
@developersteve #APIDaysAU
Laravel API’sPhp framework
@developersteve #APIDaysAU
PHP is a frameworkhttp://phpthewrongway.com
@developersteve #APIDaysAU
Mysql SchemaMysql architecture
@developersteve #APIDaysAU
Our StrategyRebuilding for scale, elasticity and futureproofing
UX/UICreate a user
experience that futureproofs the UX
FunctionalityBuilding relevant functionality that allows for scale
Developer Portal
API’s and Documentation built
for internal and external
User EngagementEnsuring we build how users want to use our platform
@developersteve #APIDaysAU
@developersteve #APIDaysAU
The StackOpenresty
@developersteve #APIDaysAU
OpenRestyA fusion between Nginx and Lua
@developersteve #APIDaysAU
OpenResty Market ShareUsed by nearly half a million websites
https://wappalyzer.com/categories/web-servers
@developersteve #APIDaysAU
Powering TumblrUsed by high traffic sites
https://news.netcraft.com/archives/2016/09/19/september-2016-web-server-survey.html
@developersteve #APIDaysAU
OpenResty Libshttps://devstev.es/orlibs
@developersteve #APIDaysAU
OpenResty Machine Learninghttp://torch.ch/
@developersteve #APIDaysAU
<3 NginxNginx is awesome
@developersteve #APIDaysAU
Lua is back … againCant beat a classic
@developersteve #APIDaysAU
Corona SDKCross platform mobile
@developersteve #APIDaysAU
Let’s EncryptAutomatically renewable SSL
@developersteve #APIDaysAU
Auto renew SSLhttps://devstev.es/autossl
@developersteve #APIDaysAU
Auto renew SSLhttps://devstev.es/autossl2
@developersteve #APIDaysAU
PCI DSS 3.2Payment Card Industry Data Security Standard
@developersteve #APIDaysAU
Implement TLSA more secure connection
TLS 1.0
TLS 1.1
TLS 1.2
@developersteve #APIDaysAU
@developersteve #APIDaysAU
ConfigurationSetting up the
@developersteve #APIDaysAU
Installing OpenRestyopenresty.org
@developersteve #APIDaysAU
Openresty NginxConfig nginx.conf
./configure --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid
@developersteve #APIDaysAU
Openresty Libraries https://devstev.es/orlibs
--with-luajit --with-pcre-jit --with-debug --with-http_auth_request_module --with-http_geoip_module --with-http_gzip_static_module --with-http_ssl_module --with-ipv6 --with-http_v2_module --with-http_postgres_module
@developersteve #APIDaysAU
Make… Install…
@developersteve #APIDaysAU
@developersteve #APIDaysAU
Nginx.conf LoadbalanceNginx as per normal
@developersteve #APIDaysAU
Nginx.conf BasicNginx as per normal
worker_processes auto;
error_log logs/error.log;
events { worker_connections 1024;}
http { server {
}}
@developersteve #APIDaysAU
Nginx.conf SSL/TLSNginx as per normal
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";ssl_ecdh_curve secp384r1; ssl_session_timeout 1d;ssl_session_cache shared:SSL:10m;ssl_session_tickets off;ssl_stapling on;ssl_stapling_verify on;listen 443 ssl http2;listen [::]:443 ssl http2;ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem;ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem;add_header X-Frame-Options DENY;add_header X-Content-Type-Options nosniff;add_header X-XSS-Protection "1; mode=block";
@developersteve #APIDaysAU
@developersteve #APIDaysAU
Nginx.conf additionalsNginx setup
http {init_by_lua ’ json = require "cjson";';
}
@developersteve #APIDaysAU
Nginx.conf RoutesRouting like a boss
location / { content_by_lua_file ”./hello.lua";
}
@developersteve #APIDaysAU
Calling in Lua helloworl.lua
local cjson = require("cjson")
ngx.status = ngx.HTTP_OKngx.header.content_type = "application/json; charset=utf-8”ngx.say(cjson.encode({ hello = "world" }))return ngx.exit(ngx.HTTP_OK)
@developersteve #APIDaysAU
Run OpenResty Run Fingers crossed
nginx -p `pwd`/ -c nginx.conf
@developersteve #APIDaysAU
Nginx.conf RoutesRouting like a boss
location / { content_by_lua_file ”./hello.lua";
}
location ~/status { content_by_lua_file ”./status.lua";
}
@developersteve #APIDaysAU
Calling in Lua Return a status
local cjson = require("cjson")
ngx.status = ngx.HTTP_OKngx.header.content_type = "application/json; charset=utf-8”ngx.say(cjson.encode({ status = true }))return ngx.exit(ngx.HTTP_OK)
@developersteve #APIDaysAU
@developersteve #APIDaysAU
Template Engine Lua https://devstev.es/luatemp
@developersteve #APIDaysAU
OpenResty Snippets https://devstev.es/luasnip
@developersteve #APIDaysAU
Load TestingI feel the need for speed
@developersteve #APIDaysAU
@developersteve #APIDaysAU
@developersteve #APIDaysAU
BlitzIOhttps://blitz.io
@developersteve #APIDaysAU
Legacy
@developersteve #APIDaysAU
OpenResty
@developersteve #APIDaysAU
Response TimesLeft is legacy – Right is new
OpenRestyLegacy
@developersteve #APIDaysAU
Hit RateLeft is legacy – Right is new
OpenRestyLegacy
@developersteve #APIDaysAU
@developersteve #APIDaysAU
ReadingRecommended
@developersteve #APIDaysAU
Designing robust API’shttps://devstev.es/api1
@developersteve #APIDaysAU
What is OpenRestyhttps://devstev.es/api2
@developersteve #APIDaysAU
Moltin OpenRestyhttps://devstev.es/api3
@developersteve #APIDaysAU
Thanks
Questions? Comments?
@developersteve #APIDaysAU
8-Bit Open Source
@developersteve #APIDaysAU
Drop Microphone
Walk off stage