RubyConf 2012: Custom Reverse Proxies

1. Abstracting Features IntoCustom Reverse Proxies Or: Making Better Lemonade From Chaos Photo by Lori Greig http://www.flickr.com/photos/lori_greig/4906180111Nick Muerdter • RubyConf 2012 • November 1, 2012

2. Photo by Brian Lane Winfield Moorehttp://www.flickr.com/photos/doctabu/342220423

3. Internet Reverse Proxy Web Server Internal Network

4. Internet Reverse Proxy Web Server Internal Network

5. RUBY! CUSTOM FEATURES! EVENTMACHINE!Internet Reverse Proxy Web Server Internal Network

6. OKAY, BUT…

7. Photo by Brian Lane Winfield Moorehttp://www.flickr.com/photos/doctabu/342220423

8. WHY & HOW

9. A Story… Photo by Elgin County Archives http://www.flickr.com/photos/elgincountyarchives/678920411

10. Photo by rocketlasshttp://www.flickr.com/photos/rocketlass/525244911

11. Photo by alandberninghttp://www.flickr.com/photos/14617207@N00/487211147

12. Analysis Solar services DeploymentTransportation services … Commercial Buildings Buildings services … … …

13. Users Don’t Care Photo from National Media Museum http://www.flickr.com/photos/nationalmediamuseum/3589381656

14. What We Wanted• 1 entry point to all our APIs• 1 user account for all our APIs• API key access to all our APIs• Rate limiting for all our APIs• Analytics for all our APIs

15. What We Didn’t Want• Changes required to each API

16. CUSTOMREVERSE PROXY !!!

17. • Authentication • Rate Limiting • Analytics Department A Department BInternet Reverse Proxy Department C Department D Internal Network

18. Better Lemonade? Photo by Lara604 http://www.flickr.com/photos/lara604/4563803829

19. For API Users• 1 API key for all our services• Shielded from our internal complexities

20. For Our Developers• Old APIs: Do absolutely nothing• New APIs: Do absolutely nothing• Get for free: –Authentication –Rate Limiting –Analytics

21. • Reduced implementation code• Standardization is enforced• New features in the reverse proxy benefit everyone• Reverse proxies can also be used for scaling

22. Building these things… Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/217984968

23. em-proxy• Ruby & EventMachine• Blazing fast• Flexible• Low-level

25. conn.on_data do |data| # Modify the User-Agent on the incoming # request data.gsub(/User-Agent: .*?rn/, "User-Agent: em-proxy/0.1rn")end

26. redis = Redis.new(:host => "127.0.0.1")conn.on_data do |data| # Fun things with Ruby! ip = peer[0] redis.incr(ip) dataend

27. parser = Http::Parser.newparser.on_headers_complete = proc do |h| # Hello, friendlier HTTP headers... puts h["User-Agent"]endconn.on_data do |data| parser << data dataend

28. Photo by Madison Guyhttp://www.flickr.com/photos/madison_guy/338691904

29. Transparency Photo by Brett Jordan http://www.flickr.com/photos/x1brett/6126873518

30. Speed & Efficiency Photo by jamesjustin http://www.flickr.com/photos/jamesjustin/3629097108

31. 4 3.5 3Time (milliseconds) 2.5 2 1.5 1 0.5 0 Direct em-proxy rack-reverse-proxy (Terribly unscientific benchmarks)

32. 2400 2300 2200Time (milliseconds) 2100 2000 1900 1800 1700 1600 1500 1400 Direct em-proxy rack-reverse-proxy (Terribly unscientific benchmarks)

33. Flexibility Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/217904751

34. What Else Can You Do? Photo by paul-simpson.org http://www.flickr.com/photos/paulsimpson1976/4039170901

35. • Error handling?• Web page manipulation? – Insert standard analytics JavaScript snippet? – Add a standard header and footer?• Add JSONP callbacks for all JSON APIs?• Security checks?• More than HTTP… – Intercept & manipulate e-mail? – Intercept & manipulate database calls?

36. Photo by Keoki Seuhttp://www.flickr.com/photos/keokiseu/497331463

37. Buffering Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/3159321339

38. Content-Length Photo by Sterlic http://www.flickr.com/photos/sterlic/4299633060

39. gzip Photo by Kaptain Kobold http://www.flickr.com/photos/kaptainkobold/6930870617

40. Want Bigger? Photo by elviskennedy http://www.flickr.com/photos/elviskennedy/546541995

41. WEBSERVICESBONANZA

42. Main Objectives• Make it easier for users to find and consume federal APIs• Make it easier for federal agencies to develop & deploy more APIs

43. Same Problem Photo by alandberning http://www.flickr.com/photos/14617207@N00/487211147

44. Same Solution? • Authentication • Rate Limiting • Analytics Agency A Agency BInternet Reverse Proxy Agency C Agency D Internal Network

45. Stay Tuned… Photo by Lord Jerome http://www.flickr.com/photos/lordjerome/127381557

46. SO………

47. Photo by judepicshttp://www.flickr.com/photos/judepics/159365806

48. • Reverse Proxies: Fun for the whole family!• Custom Reverse Proxies: You might be able to implement more functionality at this layer than you realize.• Think Different: They can provide a different way to architect some features of your apps.

49. Resources & Support Photo by Musée McCord Museum http://www.flickr.com/photos/museemccordmuseum/5348751435

50. API Umbrella• Our full API management solution – Includes custom Event Machine based proxy• Open sourcehttps://github.com/NREL/api-umbrella (Just recently open sourced, so pardon the current state of things)

51. Ruby & Event Machine• em-proxy – https://github.com/igrigorik/em-proxy – Simple and very capable• ProxyMachine – https://github.com/mojombo/proxymachine – Simpler, but can only act on requests, not responses• Goliath – https://github.com/postrank-labs/goliath – More of a framework, uses em-synchrony (Fibers)

52. Other Reverse Proxies• HAProxy – http://haproxy.1wt.eu/ – General proxy and load balancing awesomeness• Varnish Cache – https://www.varnish-cache.org/ – Proxy caching layer coolness• nginx – http://nginx.org/ – Web server powerhouse and nice proxy

53. Renewable Energy APIs• http://developer.nrel.gov/ (Lots more APIs coming soon)

54. nick.muerdter@nrel.gov@nickblah

55. nick.muerdter@nrel.gov @nickblahEnjoyed this presentation? Enjoyed this ‘stache? Enjoy charity? http://bit.ly/rubystache