jiveworld-2010-leveraging_cloud - Jive Developers - Jive Software

cowphysicistInternet and Web Development

Dec 4, 2013 (3 years and 10 months ago)

164 views

JiveWorld 2010: Leveraging
the Cloud

Aaron Johnson, VP Engineering, Jive Software

Chris Bowling, Senior Software Engineer, Jive Software

Oren Teich, Product Guy, Heroku

September 16, 2010

© Jive. Confidential.

Leveraging the Cloud

Introduction

Cloud Defined

Problems with the cloud (and what we’re
doing to solve those problems)

Demos

© Jive. Confidential.

But first, what does “cloud” really
mean?

© Jive. Confidential.

For this session we’re defining the
“cloud” as
services hosted outside the
firewall.

© Jive. Confidential.

This session should have
been called “Bringing all the
amazing goodness from the
consumer web to the Jive
stack so that you can
innovate quickly outside
the
firewall and
deliver inside

the firewall” but Marketing
jinxed that title.

© Jive. Confidential.

Innovating quickly outside the
firewall…

EASY AND FUN!

© Jive. Confidential.

And delivering inside the firewall…

Not so much.

© Jive. Confidential.



You want to build an app that
uses Jive data



Problem #1



IT typically doesn’t like to allow
inbound HTTP requests



If they do allow it, it’s usually
to a block of IP’s, not the
entire internet



Potentially thousands of
applications in the marketplace



Wouldn’t scale to ask IT every
time an app needed access

Problem: Apps accessing Jive data

App X

App Y

App Z

App A

App B

Jive SBS

Corporate Firewall

© Jive. Confidential.



You want to build an app that
uses Jive data



Problem #2



Embedded as an iframe, you
can’t do AJAX into Jive because
of the JavaScript Same Origin
policy

Problem: Apps accessing Jive data

<iframe src=
http://yourapp.com/app
-
canvas
-
view.html

/>



<script>

$.get(’https://jiveinstance.com/rest/rpc/us
er/2008',


function(data) {



$('.result').html(data);

});

</script>

© Jive. Confidential.



As of 4.5, Jive is an OpenSocial
container



App rendering happens inside
of Jive



AJAX HTTP requests proxied
by OpenSocial container



But still left with only being
reactive….

Solution: OpenSocial

Jive SBS

Corporate Firewall

App X

App Y

App Z

App A

App B

App X

App Y

App Z

App A

App B

© Jive. Confidential.



Same problem with the
firewall as mentioned
previously
but outside of a
browser HTTP request



Example: adding activity to
the activity stream, adding a
reminder to the inbox, etc…

Problem: Offline access to Jive

App X

App Y

App Z

App A

App B

Jive SBS

Corporate Firewall

Event

© Jive. Confidential.



In 5.0, apps will have the
ability to:


Push new activities into the
stream


Push new items into your
inbox.



And in the future:


Create content


Add to local storage


Other cool stuff we dream up


Solution: Publish via the Jive Gateway

App X

App Y

App Z

App A

App B

Jive SBS

Corporate Firewall

Event

Jive Gateway

© Jive. Confidential.

Problem: OAuth and

other services



You want to build an OpenSocial
gadget that uses data from
another site (ie: Twitter)



OAuth requires consumer key
and secret for the app and the
container it’s being deployed on


Example:

1.
Request consumer key and
secret from Twitter for Your
Gadget + Google

2.
Deploy gadget to Google

3.
Google can now (assuming
the end user approves it)
access Twitter for that user

Your
Site

Google
Personalized
Homepage

1

2

3

© Jive. Confidential.

Problem: OAuth and

other services



You want to build a Jive App that uses
data from another site (ie: Twitter)



OAuth requires consumer key and secret
for the app and the container it’s being
deployed on


Example:

1.
Request consumer key and secret
from Twitter for Your App + Jive
Customer (x’s the number of
customers that buy your app)

2.
Deploy gadget to each Jive
instance

3.
Jive can now (assuming the end
user approves it) access Twitter for
that user

Your
Site

1

2

3

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

© Jive. Confidential.

Solution: Jive Gateway

OAuth Proxy



App developers get a consumer key and
secret and install them, along with the
app, in the Jive Gateway



OAuth requires consumer key and secret
for the app and the container it’s being
deployed on


Example:

1.
Request consumer key and secret
from Twitter for Your App + Jive
Gateway

2.
Deploy gadget to Jive Gateway

3.
Jive can now (assuming the end
user approves it) access Twitter for
that user through the Jive Gateway

1

2

Jive Gateway

Your
Site

3

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

Jive Customer
#1

© Jive. Confidential.



Big enterprises want:



Security Audits



Ability to grant / deny
access quickly



Access to audit log



Source code analysis



SAS 70 compliance



Much more…

Problem: Security

© Jive. Confidential.



When you submit an app, we’ll do a number of
things to ensure safe delivery and execution of
apps:



Secure Coding Guidelines



Annual security review



Web application scanning



Source code analysis



Traffic Monitoring

Solution: Jive App Security

© Jive. Confidential.


Green Commute App


Heroku

Demos

© Jive. Confidential.


Green Commute leveraging the cloud


Google App Engine


What is it?


Getting started


Build the Green Commute service


Uploading and managing


Further use of the cloud


Storage


OAuth


Gateway


Polling

Green Commute App

© Jive. Confidential.


Quick recap


My stats


Connections


My Company




© Jive. Confidential.

This Demo


Leveraging Google App
Engine


Use Case

Why?


Cross instance compute and
storage


Scalability


Security


Quick to get up and running

© Jive. Confidential.

What is Google App Engine?



Google App Engine
is a cloud technology platform for developing and
hosting web applications in Google
-
managed data centers



Google App Engine
enables you to build web applications on the same
scalable systems that power Google applications

© Jive. Confidential.

Getting up and running with Google App Engine









Download the App Engine Java SDK


Run

./dev_appserver.sh ../demos/guestbook/war


© Jive. Confidential.

Green Commute App


GAE


appengine.xml


Spring


spring
-
context.xml


REST


web.xml


spring
-
context.xml



JDO


jdoconfig.xml

© Jive. Confidential.

Spring

Green Commute App

spring
-
context.xml

© Jive. Confidential.

Green Commute App


JDO

JDO (Java Data Objects)

spring
-
context.xml

jdoconfig.xml

© Jive. Confidential.

Green Commute App

Rest


spring
-
context.xml

© Jive. Confidential.

Green Commute App

End to End

AppCommuteManagerImpl.java

AppGreenCommuteResourceImpl.java

© Jive. Confidential.

Running and Testing


http://localhost/rest/commute/jivesoftwareTest

./dev_appserver.sh ~/jive/greencommute/war/

curl
-
v
-
H "Content
-
Type: application/json"
-
X POST
-
d

'{"bike":10, "bus":15, "car":5, "carpool":0, "train":10, "walk":20}’

"http://localhost/rest/commute/jivesoftwareTest/3"



RUN

POST

GET

© Jive. Confidential.

Upload and manage

./
appcfg.sh

update war

https://appengine.google.com/


© Jive. Confidential.

Green Commute and GAE in Action

© Jive. Confidential.

What else could we do?



Publishing


Check
-
in reminder to inbox


Leaders and company stats to stream


GAE Fetch Service


The URL Fetch service uses Google's network infrastructure for efficiency and
scaling purposes
.


http://gateway.jivesoftware.com/rest/publish/reminder/5



© Jive. Confidential.

Heroku Demo