 Take your hands down. Thank you. Okay. So next up we have Julianne Saronov about for him. Thank you very much So good morning, my name is Julianne. I'm a God developer. I work out continuous Continuous is a company behind an open source project named a traffic and Traffic is an open source reverse proxy made to deploy microservices with is what does it mean? It means that traffic doesn't need any configuration fire traffic just connect to your orchestrator API and then refresh its configuration dynamically by listening to your Orchestrator even by listening to your new container your new service So today for me it makes sense to talk to you how to write a reverse proxy When I start to walk on the presentation Usually search for the main word of my talk on Wikipedia because everybody knows that Wikipedia is the real truth and so If we search for reverse proxy on Wikipedia We can find something like this reverse proxy is a type of proxy server that could retrieve the resources on behalf of a client From one or more servers and then this resource and return to the client as they originated from the web server itself So if we highlight the main world of this definition We can say that a reverse proxy is a proxy server that will return resources from servers to client So in this live coding session, we will need a server We will need a client and we will call the proxy servers that will return resources. So The first thing the server think that today the simple way to have a server is just to launch Dockercontainer so we will use a Dockercontainer. I prepare a container to show you all the use case So I will run this container Okay Thank you And so next we will need a client for the client I could have used a browser, but I think a browser is not enough to show you all the use case So I will use the shell command. So let's try to call this server with the shell command So I will just use the code command and say I want to call my server No HTTP. Oh This is difficult Okay, here. I call my server and then The next step is to build a proxy server So for this we will need an empty main function and we will use a HTTP package and The linsell and serve function and we will listen on the port 8080 and That's all we have a server I launch and then let's try now on this server Okay, we have a page night phone because we need to return resources. So let's try to return resources We need the demo URL We will use the IP of our container Oh, sorry Okay, and I will just end all the error Okay, and I will use the HTTP utl New single us reverse proxy with this demo URL and I will put this into my Server Let's try now No, I need to restart. Okay. Let's start and it works. Thank you. Do you have any question? Oh, yes, I did not use the 25 minutes. Sorry, we need to did dive But I think this interesting to know is that this implementation exists. This implementation is maintained by the go team this is improved to for example in the Next version the 1.12 the other support of web sockets. So with the 1.12 version you can Proxy fight from web socket server But we need to did die So what we have is this we have a client that just send a request to our reverse proxy What we need what we will need is to forward the request to our server. So let's do this So we will remove this thing Okay, we will use a new Under and we will just take the request modify the host With our demo us We need to modify the URL us to With the demo URL us to we need to Change just came to Okay, and we need to remove the request to be on the request because the request tree is filled by the server and a Client will reject a request with a request tree. So we need to empty it Okay, and now we will use the default HTTP client to just forward this request I Will under the error because we are in live coding session and if I have errors I want to know what them so Here we will just write an internal server error Okay, and we will just write in the body the error Okay, and we will return Okay, I will just Ignore this for the moment. I Restore it and then if I try to call my reverse proxy you can see That my demo container receive a request a request Okay But I still have no content because I need to copy the response So we will copy the response Just by write the status code so Okay, and then we will copy just the body of the response We restart and then if we try now We have our content Okay Now let's try another pass. I have a demo that json and you can see that this is This is a json, but the content type is wrong. No What about my demo server? Oh Yeah, this is a good content type. So I met something in fact We need to copy response editor to we only copy the status code and the body. So let's copy the response editor to So for this We will just be for writing the status code. We will loop on the header of the response The radars are map of strings. So we need to have a double loop and we will just set You we will just set this on A response. Okay, let's restart and try again Here I have my content type Good next use case Explored it for what is it for all it for Imagine if I take my client and I just call my demo server The demo server would receive a request with a remote address and did by three. This is my IP This is a client IP But if I use a reverse proxy in fact the reverse proxy will cause the demo server So the reverse proxy will receive a remote address with a three But the demo server will receive an address with a one. So I can't know what is the client IP So for this we need X for what it for Let's See it in a real life. So I will try to run Curve in the container to have a new IP and if I call directly My demo server you can see that the remote address is with a three Now if I try to call my reverse proxy You can see that this is a one. So I will set the X for what it for either So the only thing we have to do for this is just on the request. We will set the Azure X forwarded for With the remote address value But in fact the remote address is not enough because the remote address contain a port So we need to split on the port and just keep the host Okay, let's try again Now if I call my reverse proxy other X forwarded for with the IP with a three. Okay Next use case stream What is trim? Stream is when your server start to send the body then flush and Then send more body Let's see it in the real case If I use curl to call My demo server I can see that I have the beginning of the body then I wait and have the hand Okay, let's try this on our reverse proxy now Okay, we wait we wait and we have all So why? This is because we only flush at the hand of the handler So to handle this we will need to flush more For this what we can do is just thought a new go routine That will just loop You loop with a ticker for example a ticker of something like 10 millisecond and I will just Flush, I'm really sorry for your harm Okay, and in order not to have some go within leak I will just use a new charm to stop this go routine when the body Finish the copy. Okay So just a case a case Where's the dawn and we will return the go routine and Then we will just close this charm here Okay, now let's try this I restart and I try again. Okay, and now we have stream on our reverse proxy Next use case trailer You know what is trailer trailer is like either about that will coming soon. So as you may know Adors can be sent only before you write the status code If you want to send something after you need to do this like this So you start to announce trailer you will say what you will feel next or during the body and Then will you what you've right your status code you brought your body and you can start to set the trailer value What's happened in the robot in fact the body will be in chunk and The chunk is a chunk size then uncheck on the chunk contents then a chunk size a chunk content And if your chunk size is zero, this is a trailer. So this will be something like this. We have five bytes The hell of the content then zero bite and the X trailer value Let's see it in a real case so if I called My demo you can see that I have the trailer here I am on that I will have X trailer and then I feel the X trailer with the X value Let's try this on our reverse proxy It doesn't work because we need to announce our trailer and we need to send the trailer After the body was read because in the client ports We need to Read the trailer before to rig the body You we will only have the keys and then we read the body and we will have the value So we will undo that in our reverse proxy So just before to write the error. We will just create a trailer keys slice Then we will loop on the trailer in the response and here we will only have the key in fact So we will just append the key in the trailer key and Then we will announce the trailer by just write a header named Trailer with the trailer keys value joined just by a comma Okay, let's try with this Now as you can see We are not the trailer we have the header trailer with each trailer, but we don't have any value So we will need to fill the value for this we'll do something like for the error But after reading the body because we need to fill the trailer and so we will loop on The trailer trailer is a map of slice of string to so we need to use the value a double loop on the values Okay, and we just set our value and This will fill our trailer Let's try with this Okay, the extra value is here Next thing HTTP to So your god developer, you know that HTTP to needs HTTPS No, it's wrong. In fact HTTP to need knowledge What does it mean? It means that if you know that your server can do HTTP to you can do HTTP to for example The gRPC server is just HTTP to and the client is HTTP to you don't need HTTPS But if you don't know the simple way to know this it is to use TLS LPN How it works in fact when you will do the TLS LPN You will send a client yellow with the protocol you support the client will say I can do HTTP one I can do HTTP to and then the server will just choose Which protocol to use and it will return this in the server. Hello in the selected protocol So if we want our reverse proxy to do some HTTP to we need to be in HTTPS Let's do this We will just change our listen and serve to be a listenance of TLS and we will have Cert file and key file Okay, and now if I restart My reverse proxy isn't and in HTTPS and I Already know that my demo server just can do HTTPS. So I will just change the scheme here Okay, so it could be enough But the default client in go doesn't say that it support HTTP to you need to configure The transport of your client to just say I can do HTTP to and In order to do this you need to use the HTTP to package and the configure transport function and just give Your transports. So we will give the default transport as we use the default client and we need to just Okay, and with this I will use HTTP to Let's try this if You can see here. This is HTTP to or no bad request why hey, yes, I need to do HTTPS, you know Okay, and now this is HTTP to and do you know what? What use HTTP to and trailer because maybe you you think you'd never use trailer or you never use HTTP to but GRPC use HTTP to and trailer. So if you want a reverse proxy That can do a GRPC you need to implement HTTP to and trailer Okay We we could have feel lots of other thing but the times goes and so now This is a real and and you can ask for question Thank you. Any questions raise your hand please. Yeah, I was wondering about the TLS version Can you talk about with four letters? Can you talk a bit more about it and explain it to a something? You'll be on is really the protocol negotiation. So this is really support that Will negotiate which protocol you will use after the end check in fact This was really clear. Okay. So if there is no more questions run of the bus for Julien