Google Git
Sign in
apache / trafficcontrol / refs/tags/v7.0.1-rc0 / . / experimental / webfront
tree: a4013f541ebbb940434e7807a632a51deddd5710 [path history] [tgz]
  1. simpleserver/
  2. Dockerfile
  3. README.md
  4. rules.json
  5. server.pem
  6. startfakes.sh
  7. webfront.config
  8. webfront.go
experimental/webfront/README.md

A reverse proxy written in go that can front any number of microservices. It uses a rules file to map from requested host/path to microservice host/port/path. Example rule file:

	[
	  {
	    "host": "domain.com",
	    "path": "/login",
	    "forward": "localhost:9004",
	    "secure": false
	  },
	  {
	    "host": "domain.com",
	    "path": "/ds/",
	    "forward": "localhost:8081",
	    "secure": true,
	    "capabilities": {
	        "GET": "read-ds",
	        "POST": "write-ds",
	        "PUT": "write-ds",
	        "PATCH": "write-ds"
	    }
	  },
	  {
	    "host": "domain.com",
	    "path": "/cachegroups/",
	    "forward": "localhost:8082",
	    "secure": true,
	    "capabilities": {
	        "GET": "read-cg",
	        "POST": "write-cg",
	        "PUT": "write-cg",
	        "PATCH": "write-cg"
	    }
	  }
	]

Note: Access “capabilities” are set in the rule file as a workaround, until TO DB tables are ready.

No restart is needed to re-read the rule file and apply; within 60 seconds of a change in the file, it will pick up the new mappings.

  • To run: go run webfront.go webfront.config my-secret secret is used for jwt signing

  • To login: curl -X POST --insecure -Lkvs --header "Content-Type:application/json" https://localhost:9004/login -d'{"username":"foo", "password":"bar"}'

  • To use a token: curl --insecure -H'Authorization: Bearer <token>' -Lkvs https://localhost:8080/ds/