BuildStuff 2019: Let me handle that for you... Why you need a reverse proxy

•Als PPTX, PDF herunterladen•

0 gefällt mir•400 views

Let me handle that for you... Why you need a reverse proxy in your architecture. Containers are the runtime for distributed apps - that's old .NET monoliths being broken down into multiple components, as well as new .NET Core microservices projects. Your orchestrator can connect containers together without making any of them publicly accessible, so you can make your entire app private with just a single, secure entrypoint to your application. That's a reverse proxy, a piece of software which receives all external network traffic and fetches the response from a private container, before sending it back to the client. You can offload a lot of concerns to your reverse proxy and keep your application code clean - the proxy handles SSL, compression, load-balancing, routing and healthchecks. In this session you'll see the popular open-source reverse proxy Traefik in action. I'll use Traefik as the front-end to distributed .NET applications running in a Docker cluster, and show you to add the features of a reverse proxy without any changes to application code.

Software

Let me handle that for you…
Why you need a reverse proxy in your architecture
@EltonStoneman | elton@docker.com | #BuildStuffLT

• Understanding reverse proxies
• Proxying HTTP anywhere: Nginx
• Container-native proxies: Traefik

docker.com
blog.sixeyed.com
kubernetes.io

docker.com
blog.sixeyed.com
kubernetes.io
proxy
• Policies
• Auditing
• Caching

dak4.net
blog.sixeyed.com
eltonstoneman.com

dak4.net
blog.sixeyed.com
eltonstoneman.com
reverse-proxy
• Policies
• Auditing
• Caching
• Routing
• Load-balancing
• SSL, headers…

reverse-proxy
workshop
blog
website
• dak4.net
• blog.sixeyed.com
• eltonstoneman.com

reverse-proxy
website
api1
api2
• eshop.com
api3

reverse-proxy
website
api1
api2
• eshop.com
• eshop.com/api
api3

reverse-proxy
monolith
• monolith.com
• monolith.com/new
new-feature

NGINX (pr. engine-x)
• Fast lightweight HTTP server
• Static configuration
• Easily containerized
• Open source & commercial

nginx
website
api1
api2
api3
• nginx.conf
• TCP/IP

• Routing
• Load-balancing
• Caching
• SSL
nginx
todo
pi
blog

• Routing
• Load-balancing
• Caching
• SSL
• High Availability
nginx
todo
pi
blog

• Routing
• Load-balancing
• Caching
• SSL
• High Availability
nginx.dmz
todo.internal
pi.internal
blog.internal

Traefik (pr. traffic … or tray-fik)
• Container-native reverse proxy
• Dynamic configuration
• Easy orchestrator integration
• Open source & commercial

traefik
website
api1
api2
api3
• Platform
integration

• Routing
• Load-balancing
• Caching
• SSL
traefik
todo
pi
blog

• Routing
• Load-balancing
• Caching
• SSL
• High Availability
traefik
todo
pi
blog

REVERSE PROXY BENEFITS
• Centralized infrastructure
• Improved performance & HA
• Native container ingress
• DMZ for app containers

REVERSE PROXY PATTERNS
• Multiple apps
• Microservices
• Monolith decomposition
• API gateway & WAF

NEXT STEPS
• Today’s demos | is.gd/95WQhY
• Docker and Kubernetes for .NET Devs | dak4.net
• Learn Docker in a Month of Lunches | is.gd/xZ8HiC
• Manning 40% code | ctwbuild19

THANK YOU :)
@EltonStoneman | elton@docker.com | #BuildStuffLT

Weitere ähnliche Inhalte

Was ist angesagt?

NotOnTheHightStreet.com is the UK's largest curated marketplace, turning over £100mil per year. In this presentation Henrique tells the story of how NotOnTheHighStreet.com transitioned to Micro-Services and Docker, and lessons learned along the way. Video: https://www.youtube.com/watch?v=OOZC6_gTrC4 Join DevOps Exchange London here: http://www.meetup.com/DevOps-Exchange-London Follow DOXLON on twitter http://www.twitter.com/doxlon

Henrique Rodrigues (NotOnTheHighStreet.com) - Building a Future-Proof Infrast...

Outlyer

The QlikView Desktop and Server add-on that facilitates the automation of QlikView tasks! With Orchestrator for Qlikview® you could automates many tasks and activities of QlikView documents that now you had to perform manually, making the Qlikview activities easy and usefull. Orchestrator is the perfect application to take full advantage of the capabilities of QlikView, without having to learn complex programming languages or macro automation. Send file to FTP server, create triggers to start an automation or launch reload by calling edx has never been so easy! A few mouse clicks and all done! Download and try it free.

Orchestrator for QlikView: add-on product description

Marco Zampieri

Loki: An Opensource Zipkin/Prometheus Mashup written in Go.

Weaveworks

Signal r azurepresentation

Justin Wendlandt

The Need For Speed - NEBytes

Phil Pursglove

Node.js Introduction

Sira Sujjinanont

Intelligent Cloud Conference 2018 - Automatically scaling Kubernetes pods bas...

Tom Kerkhove

Microsoft has built a rich ecosystem around the various flavors of ASP.NET – MVC, Web API and even WebForms have a place in the modern web development world. So what the heck is up with ASP.NET Core anyways? Microsoft has flipped the ASP.NET world on its head with this fast, cross-platform web framework, designed from the ground up with developers from all walks of life in mind – and the change isn’t as scary as you think. In this session, we’ll learn about ASP.NET Core and its design philosophies. We’ll learn how to leverage several popular development tools frequently used by developers outside of the ASP.NET ecosystem, including Gulp, Bower, Node and NPM, to build and run our application. Finally, we’ll use Visual Studio Code to create and run our very first ASP.NET Core project (on a Mac no less!) For current ASP.NET developers, we’ll also touch on the portability of your current ASP.NET code.

ASP.NET Core - Phillosophies, Processes and Tooling

💻 Spencer Schneidenbach

Concourse and Database

Gwenn Etourneau

Xen in the Cloud

The Linux Foundation

Azure series 2 creating a cloud service - web role

Saravanan Subburayal

Things you wish you never knew about the Prometheus Remote Write API.

Kausal

Project FiFo - Architecture

Licenser

Elk meetup boston - logz.io

tomerlevy9

Deep Dive building solutions on the SharePoint Framework - SPS Brussels 2016

Waldek Mastykarz

REAL Expert Alliance OCI series part 4 - OKE

Rolando Carrasco

Infrastructure microservices such as Service Discovery and Routing need mechanisms to manage distributed state. The most common answer for this is the use of a central, consistent key value store such as Consul, Etcd or Zookeeper. These systems use consensus-based algorithms, such as Raft or Paxos, to provide consistency and failure tolerance. I believe this is a dangerous direction for our industry, and instead we should be focusing on ease of use and reliabiligy. As such, Weave wants its infrastructure microservices to be decentralized, yet easy to install and run; our approach is inspired by the Internet, which is distributed and operates with no consensus. In this talk, I'll explain how we designed our Service Discovery and Address Management using Convergent Replicated Data Types (CRDTs) and Gossip, review the pros and cons of this concept, and how it compares to alternatives.

We don't need consensus: All agreed?

Weaveworks

OSGi offers an excellent service discovery mechanism, but it is limited to services inside the JVM. With Docker nowadays it is trivially easy to deploy all kind of (micro) services, using pretty much any technology stack, so we’d like to discover those as easily as the ones inside the JVM. We will have a look at how we can use the Docker API to discover services in other containers, and how we can use Consul to expand service discovery to other hosts.

ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...

Frank Lyaruu

Was ist angesagt? (18)

Henrique Rodrigues (NotOnTheHighStreet.com) - Building a Future-Proof Infrast...

Orchestrator for QlikView: add-on product description

Loki: An Opensource Zipkin/Prometheus Mashup written in Go.

Signal r azurepresentation

The Need For Speed - NEBytes

Node.js Introduction

Intelligent Cloud Conference 2018 - Automatically scaling Kubernetes pods bas...

ASP.NET Core - Phillosophies, Processes and Tooling

Concourse and Database

Xen in the Cloud

Azure series 2 creating a cloud service - web role

Things you wish you never knew about the Prometheus Remote Write API.

Project FiFo - Architecture

Elk meetup boston - logz.io

Deep Dive building solutions on the SharePoint Framework - SPS Brussels 2016

REAL Expert Alliance OCI series part 4 - OKE

We don't need consensus: All agreed?

ApacheCon Core: Service Discovery in OSGi: Beyond the JVM using Docker and Co...

Ähnlich wie BuildStuff 2019: Let me handle that for you... Why you need a reverse proxy

Discover the very wide world of web servers, in addition to the basic web deliverance fonctionnality, we will cover the reverse proxy, the resource caching and the load balancing. Nginx and apache HTTPD will be used as web server and reverse proxy, and to illustrate some caching features we will also present varnish a powerful caching server. To introduce load balancers we will compare between Nginx and Haproxy.

Reverse proxy & web cache with NGINX, HAProxy and Varnish

El Mahdi Benzekri

A web app in pure Clojure

Dane Schneider

Hybrid integration with self hosted azure api gateways - published v1.0

Nikolai Blackie

DevNexus 2015: Kubernetes & Container Engine

Kit Merker

Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1FjjXpZ. Andrew Kennedy talks about the reasons for creating a Docker cloud and how they realized that to do this properly they needed first class networking to handle composite distributed applications such as Riak. It was a short step from this to using Brooklyn itself to bootstrap a Docker cloud effectively colonizing the infrastructure. And so Clocker was born. Filmed at qconlondon.com. Andrew Kennedy is a Senior Software Engineer at Cloudsoft and the founder of the Clocker project. He is a contributor to several Open Source projects including Apache jclouds and Apache Qpid and is also a founder member of the Apache Brooklyn project.

How to Train Your Docker Cloud

C4Media

Kuby, ActiveDeployment for Rails Apps

Cameron Dutro

Looking for continuous delivery options that are also cloud agnostic? Docker could be your answer. This webinar answers some of your basic questions about Docker and gives you an overview of how to setup Docker for Continuous Delivery. We will also touch upon more advanced topics like Cloud Portability, Microservices deployment and MEAN stack enablement. Get details at https://www.synerzip.com/webinar/docker-containers-for-continuous-delivery-webinar-february-2015/

Docker Containers for Continuous Delivery

Synerzip

Webinar - DreamObjects/Ceph Case Study

Ceph Community

Development myshoes and Provide Cycloud-hosted runner -- GitHub Actions with ...

whywaita

Building & Testing Scalable Rails Applications

evilmike

Laying OpenStack Cinder Block Services

Kenneth Hui

Scalable Django Architecture

Rami Sayar

performance.ppt

fakeaccount225095

Integration is not hip but relevant, especially with respect to the ongoing digital transformation. What does this mean in concrete terms with modern software architectures? Traditionally, monolithic ESB platforms are used in the integration space. Is this still in keeping with the times? We think not. Why? Today’s requirements are volatile, and data loads are increasing constantly. So modern integration architectures need to be scalable, flexible, and easy to adjust. This session discusses requirements for integration architectures based on reactive principles and patterns. It also looks at possible solution architectures based on groundbreaking technologies such as Akka and modern platform solutions (on premises and cloud).

Integration Reloaded - Integration solutions based on reactive principles

Sven Bernhardt

20181025 integration reloaded_integration_solutions_based_on_reactive_principles

OPITZ CONSULTING Deutschland

Building and deploying an analytic service on Cloud is a challenge. A bigger challenge is to maintain the service. In a world where users are gravitating towards a model where cluster instances are to be provisioned on the fly, in order for these to be used for analytics or other purposes, and then to have these cluster instances shut down when the jobs get done, the relevance of containers and container orchestration is more important than ever. Container orchestrators like Kubernetes can be used to deploy and distribute modules quickly, easily, and reliably. The intent of this talk is to share the experience of building such a service and deploying it on a Kubernetes cluster. In this talk, we will discuss all the requirements which an enterprise grade Hadoop/Spark cluster running on containers bring in for a container orchestrator. This talk will cover in details how Kubernetes orchestrator can be used to meet all our needs of resource management, scheduling, networking, and network isolation, volume management, etc. We will discuss how we have replaced our home grown container orchestrator with Kubernetes which used to manage the container lifecycle and manage resources in accordance to our requirements. We will also discuss the feature list as container orchestrator which is helping us deploy and patch 1000s of containers and also a list which we believe need improvement or can be enhanced in a container orchestrator. Speaker Rachit Arora, SSE, IBM

Why Kubernetes as a container orchestrator is a right choice for running spar...

DataWorks Summit

CDNs have traditionally been considered "black box" services with lack of control and visibility. Modern applications and DevOps culture require more flexibility, customization, and insight into your infrastructure, and how content is being served. In this talk, we'll explore how you can use content delivery networks as an extension of your applications, with full control, flexibility, and transparency at the network edge.

Extending Your Applications to the Edge with CDNs

Salesforce Developers

The new repository in AEM 6

Jukka Zitting

While developers see and realize the benefits of Kubernetes, how it improves efficiencies, saves time, and enables focus on the unique business requirements of each project; InfoSec, infrastructure, and software operations teams still face challenges when managing a new set of tools and technologies, and integrating them into an existing enterprise infrastructure. These meetup slides go over what’s needed for a general architecture of a centralized Kubernetes operations layer based on open source components such as Prometheus, Grafana, ELK Stack, Keycloak, etc., and how to set up reliable clusters and multi-master configuration without a load balancer. It also outlines how these components should be combined into an operations-friendly enterprise Kubernetes management platform with centralized monitoring and log collection, identity and access management, backup and disaster recovery, and infrastructure management capabilities.  This presentation will show real-world open source projects use cases to implement an ops-friendly environment. Check out this and more webinars in our BrightTalk channel: https://goo.gl/QPE5rZ

Centralizing Kubernetes and Container Operations

Kublr

NetflixOSS for Triangle Devops Oct 2013

aspyker

Ähnlich wie BuildStuff 2019: Let me handle that for you... Why you need a reverse proxy (20)

Reverse proxy & web cache with NGINX, HAProxy and Varnish

A web app in pure Clojure

Hybrid integration with self hosted azure api gateways - published v1.0

DevNexus 2015: Kubernetes & Container Engine

How to Train Your Docker Cloud

Kuby, ActiveDeployment for Rails Apps

Docker Containers for Continuous Delivery

Webinar - DreamObjects/Ceph Case Study

Development myshoes and Provide Cycloud-hosted runner -- GitHub Actions with ...

Building & Testing Scalable Rails Applications

Laying OpenStack Cinder Block Services

Scalable Django Architecture

performance.ppt

Integration Reloaded - Integration solutions based on reactive principles

20181025 integration reloaded_integration_solutions_based_on_reactive_principles

Why Kubernetes as a container orchestrator is a right choice for running spar...

Extending Your Applications to the Edge with CDNs

The new repository in AEM 6

Centralizing Kubernetes and Container Operations

NetflixOSS for Triangle Devops Oct 2013

Mehr von Elton Stoneman

Pluralsight Webinar: Simplify Your Project Builds with Docker

BuildStuff 2019: Let me handle that for you... Why you need a reverse proxy

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (18)

Ähnlich wie BuildStuff 2019: Let me handle that for you... Why you need a reverse proxy

Ähnlich wie BuildStuff 2019: Let me handle that for you... Why you need a reverse proxy (20)

Mehr von Elton Stoneman

Mehr von Elton Stoneman (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

BuildStuff 2019: Let me handle that for you... Why you need a reverse proxy