FOSDEM: How to write a reverse proxy with Go in 25 minutes.

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

take your hands down thank you okay so next up we have Julian Serrano the bus for him thank you much okay so good morning my name is Julien I'm ago developer I woke up continues continuously is a company behind an open-source project named traffic and traffic is an open-source reverse proxy made to Depot micro services with ears what does it mean it means that traffic doesn't need any configuration file traffic just connect to your orchestrate or API and then refresh its configuration dynamically by listening to your orchestra driven by listening to your new container or new service so today for me it makes sense to talk to you out to write a reverse proxy when I start to work on a presentation I usually search for the main word of my talk on Wikipedia because everybody knows that Wikipedia is the real truth and though if we search for reverse proxy on Wikipedia we can find something exists or it was proxies the type of proxy servers that were which waves resources on behalf of a client from one or more servers and then this result and return to the client that they originated from the web server itself so if you highlight the main word of this definition we can tell that a reverse proxy is a proxy server that will return resources from servers to client so in this life cutting session we will need a server we will need a client and we will call the proxy servers that will return resources so the first thing the server I think that today the simple way to have a server is just to launch the calendar so we will use a darker color I prepare a container to show you all the use case so I will run this counter ok thank you and throw naps we will need a client for the client I could have used a browser but I think a browser is not enough to show you all the use case so I will use actual command so let's try to call this server with secure command so I will just use the curl command and they I want to call my sever your HTTP oh oh this is difficult okay here I call my server and then the next step is to build a proxy server so first is we will need an I'm teaming function and we will use the HTTP package and the little insert function and we will listen on the port 8080 and that's all we have a favor I lunch and then let's try now on this server okay we have a page not phone because we need to retune resources so let's try to return resources we need the demo URL we will use the IP of our company sorry okay and I will just end all the error okay and I will use the HTTP utila using a reverse proxy with this demo URL and I will put this into my server let's try now no I need to restart ok let's start and it works thank you do you have any question oh yes I did not leave the 25 minutes sorry we need to did dive but I think this interesting to know that this implementation exists this implementation is maintained by the go team this is improved to for example in the next version the 1.12 the other support of WebSocket so with one point well vision you can toxify some WebSocket server but we need to did I so what is this we have a clients that just send the request to our reverse proxy what wouldn't what we will need its to follow up the request to our server so let's do this so we will remove this thing ok we will use a new under and we will just take the request modify the us with our demo us we need to modify the you are asked to with the demo URL as to we need to change just Kim - ok and we need to remove the request URI on the request because the request URI is filled by the server and a client will reject a request with the request URI so we need to empty it ok and now we will use the default HTTP client - just for web this request I would under the error because we are in live cutting session and if I have errors I want to know what them so here we will just write an internal server error okay and we will just write in the body the error okay and we will return okay I will just in your I restored and then if I try to call my reverse proxy you can see that my demo can receive a request the request okay but I see I have no content because I need to copy the response so we will copy the response just by write the status code so okay and then we will copy just the body of the response we restart and then if we try now we have our content okay now let's write another path I have a demo that jeezum and you can see that this is this is a diesel but the content type is wrong no what about my demo server oh yeah this is a good content type so I made something in fact we need to copy response header - we only copy a status cadenza body so let's copy is a response header - so for this we will just before writing the status code we will loop on the error of the response the Raiders are map of string so we need to have a double loop and we will just set you we will just set this response ok let's restart and try again here I have my content type good next Tuesday's x-forwarded-for what is explorer audit for imaging if I take my client and I just call my demo server so Gmail server would receive a request with a remote address and they buy three this is my IP this is a client IP but if I use the reverse proxy in fact the reverse proxy will cause the demo server so the reverse proxy will receive a remote address with a three but the Gmail server will receive an address with one so I can't know what is the client IP so for this we need x-forwarded-for let's see it in real life so I will try to run curl in the container to have a new IP and if I call directly my demo server you can see that the remote address if with a three now if I try to call my rivers proxy you can see that this is a one so I will set the exfoliat for error so the only thing we have to do for this is just on the request we will set the error x-forwarded-for with the remote address value but in fact so remote arrest is not enough because the remote address container port so we need to split on the port and just keep the ass okay let's try again now if I call my reverse proxy Arvixe forwarded for with the IP with the three okay next use case stream what is stream streaming is when your server start to send the body then flush and them ten more body let's see it in the real case if I use curl to call my demo server I can see that I have the begin of the body then I wait and of the hand okay let's try this on a reverse proxy now okay we wait we wait yeah we have all so why this is because we only flush at the hand of the handler so to and Aziz we need to flush more for this what we can do is just taught a new girl routine that will just loop you loop with a ticker for example ot care of something like ten millisecond and I will just flush I'm really sorry for your hammer okay and I know they're not just some go with unique I will just use a new chance to stop this girl routine well it's a buddy finish the copy okay so just the keys the keys where's the dong and we will return the girl chin and then we will just close this channel here okay now let's try this I will start and I try again okay now we have stream on our reverse proxy next use case trailer you know what is trailer trailer is like a door but that will come in soon so as you may know aiders can be same only before you write the status code and if you want to send something after you need to do this like this so you start to unknowns trailer you will say what you will feel next or during the body and then you weave write your status code you write your body and you can start to set the trailer value what's happening the robbery in fact the body will be in trunk and the trunk is a chunk size then unchecking a chunk unturned then a chunk size chunk on tone and if your chunk size is zero this is a trailer so this will be something like this we have five bites the hello the content the unzila bite and the X trailer value let's see it in a real case so if I called my demo you can see that I have the trailer Here I am on that I will have X trailer and then I feel the extruder with its value let's try this on our reverse proxy it doesn't work because we need to announce our trailer and we need to send the trailer after the body was read because in the client port we need to read the trailer before to rig the body you will only have the keys and then we read the body and we will have the value so we will condense out in our reverse proxy so just before to write the error we will just create the trailer keys slice then we will loop on the trailer in the response and here we only have the key in fact so we will just append the key in the trailer key and then we will announce the trailer by just right error named trailer with the trailer keys value join just by a comma okay let's try with this now as you can see we are among the trailer we have the other trailer with each trailer but we don't have any value so we need to fill the value for this will do something like for the error but after reading the body because we need to fill the trailer and so we will loop on the trailer trailer is a map of size of string too so we need to use the value a double loop on the values okay and we just set our value and this will fill our trailer let's try with this okay next where are you easier next thing HTTP - so your God developer you know that HTTP tune its HTTP no it's wrong in fact HTTP to need knowledge what does it mean it means that if you know that your server can do HTTP - you can do HTTP to for example the G RPC server is just HTTP - and the client is HTTP - you don't need h TPS but if you don't know the simple way to notice it is to use TLS LPM how it works in fact when you will do the TLS LPM you will send the client error with the protocol you support the grant will say I can do HTTP one I can do HTTP - and then the server will just choose which protocol to use and it will return this in the server error in the selected protocol so if we want a reverse proxy to do some HTTP - we need to be in HTTPS let's do this we will just change or listen and serve to be listening soft LS and we will AB set file and key file okay and now if I restored my reverse proxies Inge and in HTTP and I already know that my demo server just can do HTTP so I will just change the scheme here okay so it could be enough but the default client Ingo doesn't say that it support HTTP - you need to configure the transport of your clinic client - just say I can do HTTP - and in order to do this you need to use the HTTP - package and the configure transport function and just give your transport so we will give the default transport as we use the default client and we need to just type it okay and with this I will use HTTP - let's try this if you can see here this is HTTP - oh no bad request why Hey yes I need to do HTTP you know ok and now this is HTTP - now do you know what what use HTTP - and trailer because maybe you think you'd never use trailer or you never use HTTP - but gee RPC use HTTP - and trailer so if you want a rest proxy that can do it GRP see you need to implement HTTP 2 and trail but we we could have fear lots of other things but the times goes and though now this is a real end and you can ask for question thank [Applause] any questions raise your hand please yeah I was wondering about the TLS version you talked about with four liters can you talk a bit more about it and explain it to a something European is really the protocol negotiation so this is really support that will negotiate which protocol you will use after the end check in fact this will appear okay so if there's no more questions run of the bus Virginia [Applause] you

Info

Channel: Traefik Labs

Views: 3,598

Rating: 4.9166665 out of 5

Keywords: docker, kubernetes, microservices, golang, traefik

Id: tWSmUsYLiE4

Channel Id: undefined

Length: 19min 25sec (1165 seconds)

Published: Mon Feb 04 2019