Shulou(Shulou.com)05/31 Report--

This article mainly introduces how to use Reproxy, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.

Reproxy is a simple and powerful edge HTTP (S) server and reverse proxy tool that supports multiple providers, such as Docker or files, and so on. These providers are responsible for providing the tool with basic information about the request server, URL address, target URL, and health check URL, and can be distributed as a single binary or Docker container.

Function introduction

Automatic SSL termination based on Let's Encrypt

Support for user-provided SSL certificates

Simple but flexible agency rules

Static command line agent rule provider

File-based dynamic proxy rule provider

Docker provider with auto-discovery

Support for multiple (virtual) hosts

Optional traffic compression

User-defined limits and timeouts

Single binary file release

Docker Container publish

Built-in static asset server

Management server with routing information

Tool installation source code installation

The majority of researchers can visit the Releases page of the project to select and obtain the corresponding version of Reproxy.

Docker installation

The Docker container version of Reproxy can be obtained on Docker Hub by running the following command:

Docker pull umputun/reproxy

Or

Docker pull ghcr.io/umputun/reproxy provider

We can provide proxy rules to tools through a variety of providers, which currently support file, Docker, and static rules. Each provider can define multiple routing rules for proxy requests and static (assets), and users can set up multiple providers at the same time.

Static rule

This is the simplest provider that can define all the rules that need to be mapped directly in the command line tool, and it also supports the definition of multiple rules. Where each rule needs to separate elements with 3 or 4 commas, including server, source URL, destination address, and [ping-url]:

*, ^ / api/ (. *), https://api.example.com/$1example.com,/foo/bar,https://api.example.com/zzz,https://api.example.com/ping file rules reproxy-- file.enabled-- file.name=config.yml

Here is an example of the config.yml file:

Default: # the same as * (catch-all) server-{route: "^ / api/svc1/ (. *)", dest: "http://127.0.0.1:8080/blah2/$1"}-{route:" / api/svc3/xyz ", dest:" http://127.0.0.3:8080/blah4/xyz", "ping": "http://127.0.0.3:8080/ping"," } srv.example.com:-{route: "^ / api/svc2/ (. *)", dest: "http://127.0.0.2:8080/blah3/$1/abc"}

This is a dynamic provider, and all file modifications can be deployed automatically.

Docker rule

The Docker provider supports fully automated discovery without additional configuration, and the tags that support modification include:

Reproxy.serverreproxy.routereproxy.destreproxy.portreproxy.pingreproxy.enabled tools use SSL support

The SSL mode (default) can be set to auto, static, or none. If set to auto, SSL certificates are automatically issued for all discovered servers, and users can modify the configuration by setting the-- ssl.fqdn value.

Ping and health testing

Reproxy provides two nodes for this feature:

/ ping: check the enabled and running status of Reproxy; / health: return 200 OK status code to check the health of the server; manage API

This is optional and can be turned on with "--mgmt.enabled", where two nodes are exposed on the mgmt.listen:

GET / routes: enumerate all discovered routes GET / metrics: return Prometheus metrics All available application options-l,-listen= listen on host:port (default: 127.0.0.1 LISTEN 8080) [$LISTEN]-m,-- max= max request size (default: 64000) [$MAX_SIZE]-g,-- gzip enable gz compression [$GZIP]-x -- header= proxy headers [$HEADER]-- signature enable reproxy signature headers [$SIGNATURE]-- dbg debug mode [$DEBUG] ssl:-- ssl.type= [none | static | auto] ssl (auto) support (default: none) [$SSL_TYPE]-- ssl.cert= path to cert.pem file [$SSL_CERT ]-- ssl.key= path to key.pem file [$SSL_KEY]-- ssl.acme-location= dir where certificates will be stored by autocert manager (default:. / var/acme) [$SSL_ACME_LOCATION]-- ssl.acme-email= admin email for certificate notifications [$SSL_ACME_EMAIL]-ssl.http-port= http port for redirect to https And acme challenge test (default: 80) [$SSL_HTTP_PORT]-- ssl.fqdn= FQDN (s) for ACME certificates [$SSL_ACME_FQDN] assets:-a Assets.location= assets location [$ASSETS_LOCATION]-- assets.root= assets web root (default: /) [$ASSETS_ROOT]-- assets.cache= cache duration for assets (default: 0s) [$ASSETS_CACHE] logger:-- logger.stdout enable stdout logging [$LOGGER_STDOUT]-- logger.enabled enable access and Error rotated logs [$LOGGER_ENABLED]-- logger.file= location of access log (default: access.log) [$LOGGER_FILE]-- logger.max-size= maximum size in megabytes before it gets rotated (default: 100) [$LOGGER_MAX_SIZE]-- logger.max-backups= maximum number of old log files to retain (default: 10) [$LOGGER_MAX_BACKUPS] docker:-- docker. Enabled enable docker provider [$DOCKER_ENABLED]-- docker.host= docker host (default: unix:///var/run/docker.sock) [$DOCKER_HOST]-- docker.network= docker network [$DOCKER_NETWORK]-- docker.exclude= excluded containers [$DOCKER_EXCLUDE]-docker.auto enable automatic routing (without labels) [$DOCKER_AUTO] file:-- file.enabled enable file provider [$FILE_ENABLED]-- file.name= file name (default: reproxy.yml) [$FILE_NAME]-- file.interval= file check interval (default: 3s) [$FILE_INTERVAL]-file.delay= file event delay (default: 500ms) [$FILE_DELAY] static :-- static.enabled enable static provider [$STATIC_ENABLED]-- static.rule= routing rules [$STATIC_RULES] timeout:-- timeout.read-header= read header server timeout (default: 5s) [$TIMEOUT_READ_HEADER]-timeout.write= write server timeout (default: 30s) [$TIMEOUT_WRITE]-- timeout.idle= Idle server timeout (default: 30s) [$TIMEOUT_IDLE]-- timeout.dial= dial transport timeout (default: 30s) [$TIMEOUT_DIAL]-- timeout.keep-alive= keep-alive transport timeout (default: 30s) [$TIMEOUT_KEEP_ALIVE]-timeout.resp-header= response header transport timeout (default: 5s) [$TIMEOUT_RESP_HEADER]-timeout.idle-conn= idle Connection transport timeout (default: 90s) [$TIMEOUT_IDLE_CONN]-- timeout.tls= TLS hanshake transport timeout (default: 10s) [$TIMEOUT_TLS]-- timeout.continue= expect continue transport timeout (default: 1s) [$TIMEOUT_CONTINUE] mgmt:-- mgmt.enabled enable management API [$MGMT_ENABLED]-mgmt.listen= listen on host:port ( Default: 0.0.0.0 Help Options 8081) [$MGMT_LISTEN] Help Options:-h Help Show this help message Thank you for reading this article carefully I hope the article "how to use Reproxy" shared by the editor will be helpful to everyone. At the same time, I also hope that you will support and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.