SlideShare a Scribd company logo

RubyConf 2012: Custom Reverse Proxies

Download as PPTX, PDF
N
nickblah

Abstracting Features Into Custom Reverse Proxies (Or: Making Better Lemonade From Chaos) Life isn't always simple. We often have to deal with a mishmash of applications, languages, and servers. How can we begin to standardize functionality across this chaos? Custom reverse proxies to the rescue! Using Ruby and EventMachine, learn how you can abstract high-level features and functionality into fast reverse proxies that can improve scalability, save time, and make the world happy. - See how we've applied this across a diverse set of web service APIs to standardize the implementation of authentication, request throttling, analytics, and more. - See how this can save development time, eliminate code duplication, make your team happy, make the public happy, and make you a hero. - See how this can be applied to any TCP-based application for a wide-variety of use cases. - Still think your situation is complicated? Learn about the U.S. Government's plans to standardize API access across the entire federal government. With some reverse proxy magic, this isn't quite as difficult or as foolhardy as it may first sound. It also comes with some nice benefits for both the public audience and government developers.

1 of 57
Abstracting Features Into Custom Reverse Proxies Or: Making Better Lemonade From Chaos Photo by Lori Greig http://www.flickr.com/photos/lori_greig/4906180111 Nick Muerdter • RubyConf 2012 • November 1, 2012
Photo by Brian Lane Winfield Moore http://www.flickr.com/photos/doctabu/342220423
Internet Reverse Proxy Web Server Internal Network
Internet Reverse Proxy Web Server Internal Network
RUBY! CUSTOM FEATURES! EVENTMACHINE! Internet Reverse Proxy Web Server Internal Network
OKAY, BUT…
Photo by Brian Lane Winfield Moore http://www.flickr.com/photos/doctabu/342220423
WHY & HOW
A Story… Photo by Elgin County Archives http://www.flickr.com/photos/elgincountyarchives/678920411
Photo by rocketlass http://www.flickr.com/photos/rocketlass/525244911
Photo by alandberning http://www.flickr.com/photos/14617207@N00/487211147
Analysis Solar services Deployment Transportation services … Commercial Buildings Buildings services … … …
Users Don’t Care Photo from National Media Museum http://www.flickr.com/photos/nationalmediamuseum/3589381656
What We Wanted • 1 entry point to all our APIs • 1 user account for all our APIs • API key access to all our APIs • Rate limiting for all our APIs • Analytics for all our APIs
What We Didn’t Want • Changes required to each API
CUSTOM REVERSE PROXY !!!
• Authentication • Rate Limiting • Analytics Department A Department B Internet Reverse Proxy Department C Department D Internal Network
Better Lemonade? Photo by Lara604 http://www.flickr.com/photos/lara604/4563803829
For API Users • 1 API key for all our services • Shielded from our internal complexities
For Our Developers • Old APIs: Do absolutely nothing • New APIs: Do absolutely nothing • Get for free: –Authentication –Rate Limiting –Analytics
• Reduced implementation code • Standardization is enforced • New features in the reverse proxy benefit everyone • Reverse proxies can also be used for scaling
Building these things… Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/217984968
em-proxy • Ruby & EventMachine • Blazing fast • Flexible • Low-level
Proxy.start(:host => "0.0.0.0", :port => 80) do |conn| conn.server :srv, :host => "127.0.0.1", :port => 81 conn.on_data do |data| # Do something with the incoming data... data end conn.on_response do |backend, resp| # Do something with the response... resp end conn.on_finish do |backend, name| # Do something when finished... end end
conn.on_data do |data| # Modify the User-Agent on the incoming # request data.gsub(/User-Agent: .*?rn/, "User-Agent: em-proxy/0.1rn") end
redis = Redis.new(:host => "127.0.0.1") conn.on_data do |data| # Fun things with Ruby! ip = peer[0] redis.incr(ip) data end
parser = Http::Parser.new parser.on_headers_complete = proc do |h| # Hello, friendlier HTTP headers... puts h["User-Agent"] end conn.on_data do |data| parser << data data end
Photo by Madison Guy http://www.flickr.com/photos/madison_guy/338691904
Transparency Photo by Brett Jordan http://www.flickr.com/photos/x1brett/6126873518
Speed & Efficiency Photo by jamesjustin http://www.flickr.com/photos/jamesjustin/3629097108
4 3.5 3 Time (milliseconds) 2.5 2 1.5 1 0.5 0 Direct em-proxy rack-reverse-proxy (Terribly unscientific benchmarks)
2400 2300 2200 Time (milliseconds) 2100 2000 1900 1800 1700 1600 1500 1400 Direct em-proxy rack-reverse-proxy (Terribly unscientific benchmarks)
Flexibility Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/217904751
What Else Can You Do? Photo by paul-simpson.org http://www.flickr.com/photos/paulsimpson1976/4039170901
• Error handling? • Web page manipulation? – Insert standard analytics JavaScript snippet? – Add a standard header and footer? • Add JSONP callbacks for all JSON APIs? • Security checks? • More than HTTP… – Intercept & manipulate e-mail? – Intercept & manipulate database calls?
Photo by Keoki Seu http://www.flickr.com/photos/keokiseu/497331463
Buffering Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/3159321339
Content-Length Photo by Sterlic http://www.flickr.com/photos/sterlic/4299633060
gzip Photo by Kaptain Kobold http://www.flickr.com/photos/kaptainkobold/6930870617
Want Bigger? Photo by elviskennedy http://www.flickr.com/photos/elviskennedy/546541995
WEB SERVICES BONANZA
Main Objectives • Make it easier for users to find and consume federal APIs • Make it easier for federal agencies to develop & deploy more APIs
Same Problem Photo by alandberning http://www.flickr.com/photos/14617207@N00/487211147
Same Solution? • Authentication • Rate Limiting • Analytics Agency A Agency B Internet Reverse Proxy Agency C Agency D Internal Network
Stay Tuned… Photo by Lord Jerome http://www.flickr.com/photos/lordjerome/127381557
SO………
Photo by judepics http://www.flickr.com/photos/judepics/159365806
• Reverse Proxies: Fun for the whole family! • Custom Reverse Proxies: You might be able to implement more functionality at this layer than you realize. • Think Different: They can provide a different way to architect some features of your apps.
Resources & Support Photo by Musée McCord Museum http://www.flickr.com/photos/museemccordmuseum/5348751435
API Umbrella • Our full API management solution – Includes custom Event Machine based proxy • Open source https://github.com/NREL/api-umbrella (Just recently open sourced, so pardon the current state of things)
Ruby & Event Machine • em-proxy – https://github.com/igrigorik/em-proxy – Simple and very capable • ProxyMachine – https://github.com/mojombo/proxymachine – Simpler, but can only act on requests, not responses • Goliath – https://github.com/postrank-labs/goliath – More of a framework, uses em-synchrony (Fibers)
Other Reverse Proxies • HAProxy – http://haproxy.1wt.eu/ – General proxy and load balancing awesomeness • Varnish Cache – https://www.varnish-cache.org/ – Proxy caching layer coolness • nginx – http://nginx.org/ – Web server powerhouse and nice proxy
Renewable Energy APIs • http://developer.nrel.gov/ (Lots more APIs coming soon)
nick.muerdter@nrel.gov @nickblah
nick.muerdter@nrel.gov @nickblah Enjoyed this presentation? Enjoyed this ‘stache? Enjoy charity? http://bit.ly/rubystache

Recommended

Boot2Gecko And The WebAPIs
Boot2Gecko And The WebAPIsBoot2Gecko And The WebAPIs
Boot2Gecko And The WebAPIs
Schalk Neethling
 
From Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotion
From Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotionFrom Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotion
From Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotion
Michael Denomy
 
Quantifying The Mobile Difference
Quantifying The Mobile DifferenceQuantifying The Mobile Difference
Quantifying The Mobile Difference
Guy Podjarny
 
WordPress & Your iPad: Doing it right
WordPress & Your iPad: Doing it rightWordPress & Your iPad: Doing it right
WordPress & Your iPad: Doing it right
Tris Hussey
 
Marac 2010 visualization
Marac 2010 visualizationMarac 2010 visualization
Marac 2010 visualization
Jeanne Kramer-Smyth
 
Training Google to Love Your Website
Training Google to Love Your WebsiteTraining Google to Love Your Website
Training Google to Love Your Website
Jeanne Kramer-Smyth
 
Building Archives Websites That Google Will Love
Building Archives Websites That Google Will LoveBuilding Archives Websites That Google Will Love
Building Archives Websites That Google Will Love
Jeanne Kramer-Smyth
 
#SMDAY #JCMO
#SMDAY #JCMO#SMDAY #JCMO
#SMDAY #JCMO
stephaniesbell
 

Recommended

Boot2Gecko And The WebAPIs
Boot2Gecko And The WebAPIsBoot2Gecko And The WebAPIs
Boot2Gecko And The WebAPIs
Schalk Neethling
 
From Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotion
From Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotionFrom Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotion
From Ruby on Rails to RubyMotion - Writing your First iOS App with RubyMotion
Michael Denomy
 
Quantifying The Mobile Difference
Quantifying The Mobile DifferenceQuantifying The Mobile Difference
Quantifying The Mobile Difference
Guy Podjarny
 
WordPress & Your iPad: Doing it right
WordPress & Your iPad: Doing it rightWordPress & Your iPad: Doing it right
WordPress & Your iPad: Doing it right
Tris Hussey
 
Marac 2010 visualization
Marac 2010 visualizationMarac 2010 visualization
Marac 2010 visualization
Jeanne Kramer-Smyth
 
Training Google to Love Your Website
Training Google to Love Your WebsiteTraining Google to Love Your Website
Training Google to Love Your Website
Jeanne Kramer-Smyth
 
Building Archives Websites That Google Will Love
Building Archives Websites That Google Will LoveBuilding Archives Websites That Google Will Love
Building Archives Websites That Google Will Love
Jeanne Kramer-Smyth
 
#SMDAY #JCMO
#SMDAY #JCMO#SMDAY #JCMO
#SMDAY #JCMO
stephaniesbell
 
Cloud Computing im Unternehmen / Jan 25th 2011
Cloud Computing im Unternehmen / Jan 25th 2011Cloud Computing im Unternehmen / Jan 25th 2011
Cloud Computing im Unternehmen / Jan 25th 2011
Lothar Wieske
 
Rails Performance Tricks and Treats
Rails Performance Tricks and TreatsRails Performance Tricks and Treats
Rails Performance Tricks and Treats
Marshall Yount
 
Building Rackspace Cloud Monitoring
Building Rackspace Cloud MonitoringBuilding Rackspace Cloud Monitoring
Building Rackspace Cloud Monitoring
gdusbabek
 
BBC Backstage Web Horizon 2007 Presentation
BBC Backstage Web Horizon 2007 PresentationBBC Backstage Web Horizon 2007 Presentation
BBC Backstage Web Horizon 2007 Presentation
Ian Forrester
 
Web Services for Fun and Profit
Web Services for Fun and ProfitWeb Services for Fun and Profit
Web Services for Fun and Profit
Simon Willison
 
Going Fast on the Mobile Web
Going Fast on the Mobile WebGoing Fast on the Mobile Web
Going Fast on the Mobile Web
Jason Grigsby
 
Cloud Architecture + Cloud Architects / Jan 24th 2012
Cloud Architecture + Cloud Architects / Jan 24th 2012Cloud Architecture + Cloud Architects / Jan 24th 2012
Cloud Architecture + Cloud Architects / Jan 24th 2012
Lothar Wieske
 
API Management in the Federal Government (D.C. Web API User Group)
API Management in the Federal Government (D.C. Web API User Group)API Management in the Federal Government (D.C. Web API User Group)
API Management in the Federal Government (D.C. Web API User Group)
nickblah
 
Hacking cloud computing adoption
Hacking cloud computing adoptionHacking cloud computing adoption
Hacking cloud computing adoption
Guy Rosen
 
The Age of Responsive Design
The Age of Responsive DesignThe Age of Responsive Design
The Age of Responsive Design
Denise Jacobs
 
EscConf - Deep Dive Frontend Optimization
EscConf - Deep Dive Frontend OptimizationEscConf - Deep Dive Frontend Optimization
EscConf - Deep Dive Frontend Optimization
Jonathan Klein
 
gRPC @ Weaveworks
gRPC @ WeaveworksgRPC @ Weaveworks
gRPC @ Weaveworks
Weaveworks
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
Amazon Web Services
 
Mobile web performance dwx13
Mobile web performance dwx13Mobile web performance dwx13
Mobile web performance dwx13
Avenga Germany GmbH
 
Making the Web Fireproof: A Building Code for Websites
Making the Web Fireproof: A Building Code for WebsitesMaking the Web Fireproof: A Building Code for Websites
Making the Web Fireproof: A Building Code for Websites
Dylan Wilbanks
 
OSCAL: Free and Open Source Tools for Image and Video Performance
OSCAL: Free and Open Source Tools for Image and Video PerformanceOSCAL: Free and Open Source Tools for Image and Video Performance
OSCAL: Free and Open Source Tools for Image and Video Performance
Doug Sillars
 
Mobile Development across Different Platforms @ Immobilienscout24
Mobile Development across Different Platforms @ Immobilienscout24Mobile Development across Different Platforms @ Immobilienscout24
Mobile Development across Different Platforms @ Immobilienscout24
Hasan Hosgel
 
The web is too slow
The web is too slow The web is too slow
The web is too slow
Andy Davies
 
Ubi Zen 2.1 - por que middlewares ?
Ubi Zen 2.1 - por que middlewares ?Ubi Zen 2.1 - por que middlewares ?
Ubi Zen 2.1 - por que middlewares ?
Fabricio Nogueira Buzeto
 
Microsoft tech talk march 28 2014
Microsoft tech talk march 28 2014Microsoft tech talk march 28 2014
Microsoft tech talk march 28 2014
Cory Forsyth
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 

More Related Content

Similar to RubyConf 2012: Custom Reverse Proxies

Cloud Computing im Unternehmen / Jan 25th 2011
Cloud Computing im Unternehmen / Jan 25th 2011Cloud Computing im Unternehmen / Jan 25th 2011
Cloud Computing im Unternehmen / Jan 25th 2011
Lothar Wieske
 
Rails Performance Tricks and Treats
Rails Performance Tricks and TreatsRails Performance Tricks and Treats
Rails Performance Tricks and Treats
Marshall Yount
 
Building Rackspace Cloud Monitoring
Building Rackspace Cloud MonitoringBuilding Rackspace Cloud Monitoring
Building Rackspace Cloud Monitoring
gdusbabek
 
BBC Backstage Web Horizon 2007 Presentation
BBC Backstage Web Horizon 2007 PresentationBBC Backstage Web Horizon 2007 Presentation
BBC Backstage Web Horizon 2007 Presentation
Ian Forrester
 
Web Services for Fun and Profit
Web Services for Fun and ProfitWeb Services for Fun and Profit
Web Services for Fun and Profit
Simon Willison
 
Going Fast on the Mobile Web
Going Fast on the Mobile WebGoing Fast on the Mobile Web
Going Fast on the Mobile Web
Jason Grigsby
 
Cloud Architecture + Cloud Architects / Jan 24th 2012
Cloud Architecture + Cloud Architects / Jan 24th 2012Cloud Architecture + Cloud Architects / Jan 24th 2012
Cloud Architecture + Cloud Architects / Jan 24th 2012
Lothar Wieske
 
API Management in the Federal Government (D.C. Web API User Group)
API Management in the Federal Government (D.C. Web API User Group)API Management in the Federal Government (D.C. Web API User Group)
API Management in the Federal Government (D.C. Web API User Group)
nickblah
 
Hacking cloud computing adoption
Hacking cloud computing adoptionHacking cloud computing adoption
Hacking cloud computing adoption
Guy Rosen
 
The Age of Responsive Design
The Age of Responsive DesignThe Age of Responsive Design
The Age of Responsive Design
Denise Jacobs
 
EscConf - Deep Dive Frontend Optimization
EscConf - Deep Dive Frontend OptimizationEscConf - Deep Dive Frontend Optimization
EscConf - Deep Dive Frontend Optimization
Jonathan Klein
 
gRPC @ Weaveworks
gRPC @ WeaveworksgRPC @ Weaveworks
gRPC @ Weaveworks
Weaveworks
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
Amazon Web Services
 
Mobile web performance dwx13
Mobile web performance dwx13Mobile web performance dwx13
Mobile web performance dwx13
Avenga Germany GmbH
 
Making the Web Fireproof: A Building Code for Websites
Making the Web Fireproof: A Building Code for WebsitesMaking the Web Fireproof: A Building Code for Websites
Making the Web Fireproof: A Building Code for Websites
Dylan Wilbanks
 
OSCAL: Free and Open Source Tools for Image and Video Performance
OSCAL: Free and Open Source Tools for Image and Video PerformanceOSCAL: Free and Open Source Tools for Image and Video Performance
OSCAL: Free and Open Source Tools for Image and Video Performance
Doug Sillars
 
Mobile Development across Different Platforms @ Immobilienscout24
Mobile Development across Different Platforms @ Immobilienscout24Mobile Development across Different Platforms @ Immobilienscout24
Mobile Development across Different Platforms @ Immobilienscout24
Hasan Hosgel
 
The web is too slow
The web is too slow The web is too slow
The web is too slow
Andy Davies
 
Ubi Zen 2.1 - por que middlewares ?
Ubi Zen 2.1 - por que middlewares ?Ubi Zen 2.1 - por que middlewares ?
Ubi Zen 2.1 - por que middlewares ?
Fabricio Nogueira Buzeto
 
Microsoft tech talk march 28 2014
Microsoft tech talk march 28 2014Microsoft tech talk march 28 2014
Microsoft tech talk march 28 2014
Cory Forsyth
 

Similar to RubyConf 2012: Custom Reverse Proxies (20)

Cloud Computing im Unternehmen / Jan 25th 2011
Cloud Computing im Unternehmen / Jan 25th 2011Cloud Computing im Unternehmen / Jan 25th 2011
Cloud Computing im Unternehmen / Jan 25th 2011
 
Rails Performance Tricks and Treats
Rails Performance Tricks and TreatsRails Performance Tricks and Treats
Rails Performance Tricks and Treats
 
Building Rackspace Cloud Monitoring
Building Rackspace Cloud MonitoringBuilding Rackspace Cloud Monitoring
Building Rackspace Cloud Monitoring
 
BBC Backstage Web Horizon 2007 Presentation
BBC Backstage Web Horizon 2007 PresentationBBC Backstage Web Horizon 2007 Presentation
BBC Backstage Web Horizon 2007 Presentation
 
Web Services for Fun and Profit
Web Services for Fun and ProfitWeb Services for Fun and Profit
Web Services for Fun and Profit
 
Going Fast on the Mobile Web
Going Fast on the Mobile WebGoing Fast on the Mobile Web
Going Fast on the Mobile Web
 
Cloud Architecture + Cloud Architects / Jan 24th 2012
Cloud Architecture + Cloud Architects / Jan 24th 2012Cloud Architecture + Cloud Architects / Jan 24th 2012
Cloud Architecture + Cloud Architects / Jan 24th 2012
 
API Management in the Federal Government (D.C. Web API User Group)
API Management in the Federal Government (D.C. Web API User Group)API Management in the Federal Government (D.C. Web API User Group)
API Management in the Federal Government (D.C. Web API User Group)
 
Hacking cloud computing adoption
Hacking cloud computing adoptionHacking cloud computing adoption
Hacking cloud computing adoption
 
The Age of Responsive Design
The Age of Responsive DesignThe Age of Responsive Design
The Age of Responsive Design
 
EscConf - Deep Dive Frontend Optimization
EscConf - Deep Dive Frontend OptimizationEscConf - Deep Dive Frontend Optimization
EscConf - Deep Dive Frontend Optimization
 
gRPC @ Weaveworks
gRPC @ WeaveworksgRPC @ Weaveworks
gRPC @ Weaveworks
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
 
Mobile web performance dwx13
Mobile web performance dwx13Mobile web performance dwx13
Mobile web performance dwx13
 
Making the Web Fireproof: A Building Code for Websites
Making the Web Fireproof: A Building Code for WebsitesMaking the Web Fireproof: A Building Code for Websites
Making the Web Fireproof: A Building Code for Websites
 
OSCAL: Free and Open Source Tools for Image and Video Performance
OSCAL: Free and Open Source Tools for Image and Video PerformanceOSCAL: Free and Open Source Tools for Image and Video Performance
OSCAL: Free and Open Source Tools for Image and Video Performance
 
Mobile Development across Different Platforms @ Immobilienscout24
Mobile Development across Different Platforms @ Immobilienscout24Mobile Development across Different Platforms @ Immobilienscout24
Mobile Development across Different Platforms @ Immobilienscout24
 
The web is too slow
The web is too slow The web is too slow
The web is too slow
 
Ubi Zen 2.1 - por que middlewares ?
Ubi Zen 2.1 - por que middlewares ?Ubi Zen 2.1 - por que middlewares ?
Ubi Zen 2.1 - por que middlewares ?
 
Microsoft tech talk march 28 2014
Microsoft tech talk march 28 2014Microsoft tech talk march 28 2014
Microsoft tech talk march 28 2014
 

Recently uploaded

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 

Recently uploaded (20)

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 

RubyConf 2012: Custom Reverse Proxies

  • 1. Abstracting Features Into Custom Reverse Proxies Or: Making Better Lemonade From Chaos Photo by Lori Greig http://www.flickr.com/photos/lori_greig/4906180111 Nick Muerdter • RubyConf 2012 • November 1, 2012
  • 2. Photo by Brian Lane Winfield Moore http://www.flickr.com/photos/doctabu/342220423
  • 3. Internet Reverse Proxy Web Server Internal Network
  • 4. Internet Reverse Proxy Web Server Internal Network
  • 5. RUBY! CUSTOM FEATURES! EVENTMACHINE! Internet Reverse Proxy Web Server Internal Network
  • 7. Photo by Brian Lane Winfield Moore http://www.flickr.com/photos/doctabu/342220423
  • 9. A Story… Photo by Elgin County Archives http://www.flickr.com/photos/elgincountyarchives/678920411
  • 12. Analysis Solar services Deployment Transportation services … Commercial Buildings Buildings services … … …
  • 13.
  • 14. Users Don’t Care Photo from National Media Museum http://www.flickr.com/photos/nationalmediamuseum/3589381656
  • 15. What We Wanted • 1 entry point to all our APIs • 1 user account for all our APIs • API key access to all our APIs • Rate limiting for all our APIs • Analytics for all our APIs
  • 16. What We Didn’t Want • Changes required to each API
  • 18. • Authentication • Rate Limiting • Analytics Department A Department B Internet Reverse Proxy Department C Department D Internal Network
  • 19. Better Lemonade? Photo by Lara604 http://www.flickr.com/photos/lara604/4563803829
  • 20. For API Users • 1 API key for all our services • Shielded from our internal complexities
  • 21. For Our Developers • Old APIs: Do absolutely nothing • New APIs: Do absolutely nothing • Get for free: –Authentication –Rate Limiting –Analytics
  • 22. • Reduced implementation code • Standardization is enforced • New features in the reverse proxy benefit everyone • Reverse proxies can also be used for scaling
  • 23. Building these things… Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/217984968
  • 24. em-proxy • Ruby & EventMachine • Blazing fast • Flexible • Low-level
  • 25. Proxy.start(:host => "0.0.0.0", :port => 80) do |conn| conn.server :srv, :host => "127.0.0.1", :port => 81 conn.on_data do |data| # Do something with the incoming data... data end conn.on_response do |backend, resp| # Do something with the response... resp end conn.on_finish do |backend, name| # Do something when finished... end end
  • 26. conn.on_data do |data| # Modify the User-Agent on the incoming # request data.gsub(/User-Agent: .*?rn/, "User-Agent: em-proxy/0.1rn") end
  • 27. redis = Redis.new(:host => "127.0.0.1") conn.on_data do |data| # Fun things with Ruby! ip = peer[0] redis.incr(ip) data end
  • 28. parser = Http::Parser.new parser.on_headers_complete = proc do |h| # Hello, friendlier HTTP headers... puts h["User-Agent"] end conn.on_data do |data| parser << data data end
  • 29. Photo by Madison Guy http://www.flickr.com/photos/madison_guy/338691904
  • 30. Transparency Photo by Brett Jordan http://www.flickr.com/photos/x1brett/6126873518
  • 31. Speed & Efficiency Photo by jamesjustin http://www.flickr.com/photos/jamesjustin/3629097108
  • 32. 4 3.5 3 Time (milliseconds) 2.5 2 1.5 1 0.5 0 Direct em-proxy rack-reverse-proxy (Terribly unscientific benchmarks)
  • 33. 2400 2300 2200 Time (milliseconds) 2100 2000 1900 1800 1700 1600 1500 1400 Direct em-proxy rack-reverse-proxy (Terribly unscientific benchmarks)
  • 34. Flexibility Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/217904751
  • 35. What Else Can You Do? Photo by paul-simpson.org http://www.flickr.com/photos/paulsimpson1976/4039170901
  • 36. • Error handling? • Web page manipulation? – Insert standard analytics JavaScript snippet? – Add a standard header and footer? • Add JSONP callbacks for all JSON APIs? • Security checks? • More than HTTP… – Intercept & manipulate e-mail? – Intercept & manipulate database calls?
  • 37. Photo by Keoki Seu http://www.flickr.com/photos/keokiseu/497331463
  • 38. Buffering Photo from The Library of Congress http://www.flickr.com/photos/library_of_congress/3159321339
  • 39. Content-Length Photo by Sterlic http://www.flickr.com/photos/sterlic/4299633060
  • 40. gzip Photo by Kaptain Kobold http://www.flickr.com/photos/kaptainkobold/6930870617
  • 41. Want Bigger? Photo by elviskennedy http://www.flickr.com/photos/elviskennedy/546541995
  • 42.
  • 44. Main Objectives • Make it easier for users to find and consume federal APIs • Make it easier for federal agencies to develop & deploy more APIs
  • 45. Same Problem Photo by alandberning http://www.flickr.com/photos/14617207@N00/487211147
  • 46. Same Solution? • Authentication • Rate Limiting • Analytics Agency A Agency B Internet Reverse Proxy Agency C Agency D Internal Network
  • 47. Stay Tuned… Photo by Lord Jerome http://www.flickr.com/photos/lordjerome/127381557
  • 50. • Reverse Proxies: Fun for the whole family! • Custom Reverse Proxies: You might be able to implement more functionality at this layer than you realize. • Think Different: They can provide a different way to architect some features of your apps.
  • 51. Resources & Support Photo by Musée McCord Museum http://www.flickr.com/photos/museemccordmuseum/5348751435
  • 52. API Umbrella • Our full API management solution – Includes custom Event Machine based proxy • Open source https://github.com/NREL/api-umbrella (Just recently open sourced, so pardon the current state of things)
  • 53. Ruby & Event Machine • em-proxy – https://github.com/igrigorik/em-proxy – Simple and very capable • ProxyMachine – https://github.com/mojombo/proxymachine – Simpler, but can only act on requests, not responses • Goliath – https://github.com/postrank-labs/goliath – More of a framework, uses em-synchrony (Fibers)
  • 54. Other Reverse Proxies • HAProxy – http://haproxy.1wt.eu/ – General proxy and load balancing awesomeness • Varnish Cache – https://www.varnish-cache.org/ – Proxy caching layer coolness • nginx – http://nginx.org/ – Web server powerhouse and nice proxy
  • 55. Renewable Energy APIs • http://developer.nrel.gov/ (Lots more APIs coming soon)
  • 57. nick.muerdter@nrel.gov @nickblah Enjoyed this presentation? Enjoyed this ‘stache? Enjoy charity? http://bit.ly/rubystache

Editor's Notes

  1. Sits in front of your serverDoes stuff, but is transparent to the user
  2. Common usage in Ruby communityNginx’s role:Serve static filesDeal with slow clients
  3. You can implement your own reverse proxyWrite it in Ruby and implement your own features
  4. Why we’re using custom reverse proxiesWhy you might find them usefulThe basics of building one
  5. About web servicesWanted to expose them to the world
  6. About silosNot agriculture, organizationalAlso systematic (legacy apps, etc)
  7. NREL~2000 employeesDifferent development teams scattered across lab
  8. Another way to look at the segmentationDifferent groups have expertise in different languagesEven in smaller business, you might deal with segmentation
  9. Trying to force all groups to make changes is a huge uphill battleAlso time consuming
  10. Custom reverse proxy slips between the internet and our existing API serversProxy deals with common functionalityExisting APIs don’t changeExisting APIs can now just assume that those things are taken care of.Proxy is agnostic to backend technology
  11. All our APIs are in one place and can be accessed in the same way.Users don’t need to understand our internal group structure to know where to find APIs.
  12. Our API developers don’t need to worry about any of the high level functionalityAPIs simply need to exist for them to be put behind the proxy
  13. Lot’s of other ways to achieve some of these goals, but nice benefits to the reverse proxy:Reduced code: Individual APIs don’t have to implement any code. With other solutions, even if you simplified and abstracted the code, having to do nothing wins.Enforced standardization: Individual apps can’t mess up things like authentication with a faulty implementation.New features: Everyone benefits. Example: Adding caching layer.Scaling: Load balancing between multiple backends.
  14. - Basicem-proxy example
  15. Doing something as data is receivedNote:You’re operating at a raw HTTP level here.You’re dealing with chunks of data, so you can’t assume you have the full request body.
  16. It’s Ruby!This is the real power: access any arbitrary Ruby library and do custom things.
  17. Remember you’re operating at a TCP level hereIf you want to deal with HTTP in an easy way, you’ll need to handle that manually.Other libraries to deal with HTTP.
  18. Why do things at this low level when we’re used to nice high level frameworks like Rails and Sinatra?
  19. Low level proxy makes it much easier to pass along the original request in it’s complete, unaltered format (headers, HTTP method, body, etc).With higher level frameworks, the raw HTTP request has already been parsed and processed by a web server by the time it hits your app.More difficult and error prone trying to recreate the original request.
  20. EventMachine is fast.Evented systems very suitable for proxies
  21. em-proxy adds 0.5msrack-reverse-proxy adds nearly 3msComparatively a lot, but is 3ms really worth it?
  22. Larger requests, the problem is compounded.em-proxy adds 150msrack-reverse-proxy adds nearly 800msWhy?Rack deals with complete request and complete response.Must buffer complete request and response in memory before transferring them.Memory balloons with large file uploads and downloads.em-proxy deals with chunks of data.Streams requests and response as fast as it receives them.Memory use much lower for large file uploads and downloads, since only a single chunk is in memory at a time.
  23. Low level by default, up to you to implement more.You make decisions like whether to buffer requests and responsesCan be used for non-HTTP things (websockets, any other TCP thing)
  24. - Aside from authentication, rate limiting, and analytics
  25. Imagine a 1GB file upload and 5GB data downloadIf your proxy layer buffers, there will be delays. Streaming to the server and to the client won’t be possible.Buffering is sometimes desirable (Unicorn &amp; nginx).Other times not. Our API use case means we want the proxy to be as transparent as possible, since we don’t know what all the APIs will want to do.
  26. If you want to modify the response body, it can be a little tricky.Be sure to update the Content-Length header appropriately.
  27. If you want to modify the response body, and the backend returns a gzipped response.You must buffer the responseDecompress after fully received, then modify the body, then re-gzip.Be sure to update the Content-Length header too.
  28. Digital Strategy for the Federal GovernmentInvolved in the API portion of things.
  29. Heavy push for web servicesExpect to see a lot more federal agencies exposing their data and services as web APIs.
  30. With more APIs, we need better organization.We also need to make it easier for agencies.
  31. APIs spread across agencies.Just a bigger version of our internal issues.
  32. Agencies like this model and want something like itCurrently evaluating using our API Umbrella platform, or other platforms that are variations on the same idea.Involved in getting something up and running within 6 months.
  33. Lots of web service action in the federal government over the next year.
  34. Not appropriate for everythingCan be useful for applying global features that can easily be layered
  35. Custom reverse proxy does fun thingsRedis used for rate limitingMongDB for authentication and analytics