Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Netcoreconf 2023 Málaga: El amigo YARP y su col...

Netcoreconf 2023 Málaga: El amigo YARP y su colega Dapr, de fiesta por las Azure Container Apps.

Sergio Parra Guerra

April 25, 2024
Tweet

More Decks by Sergio Parra Guerra

Other Decks in Technology

Transcript

  1. El amigo YARP y su colega Dapr, de fiesta por

    las Azure Container Apps. 2023
  2. #netcoreconf What is a reverse proxy Reverse proxy contoso.com/orders contoso.com/store

    woodgrovebank.com Public Internet Private Network • Acts as the public endpoint for the sites & services, or as a service mesh • Indirects calls to backend servers to perform real work, balancing load between them • Can offload work from backend servers: Encryption, Auth2, Compression, Caching
  3. #netcoreconf What is YARP • Project to create an open-source

    reverse proxy using .NET • Layer 7 proxy – terminates & re-issues requests • Inbound and outbound connections are independent • Enables offloading of work to proxy from back end servers • Extensibility & customizability is key requirement • Configuration – static files, Dynamic via API or on-demand per request • Pipeline of stages for how requests are processed • Use existing ASP.NET middleware or create new • Plan to ship multiple form factors • Standalone proxy “exe” with config files • Library + template project to enable customization • Docker image
  4. #netcoreconf YARP Architecture ASP.NET Routing TLS Termination Auth2 Static Files

    Other routes Config Session Affinity Load Balancing Request Transformations Proxy-er Destination Enumeration HttpClient* Health checks Specific destination server http(s) http(s) Proxy process Kestrel Passive Health Checks
  5. #netcoreconf Kestrel improvements • Telemetry events • Added more events

    • Added eventsource events / fixed activityID • TLS/SNI inspection events • SNI properties supported in config • Async callbacks • Configure TLS settings per SNI • Reloadable config • Auto-reload on file change detections • Graceful switchover to new config • Perf improvements • http2 / gRPC – allocations, flow control, compression
  6. #netcoreconf HttpClient improvements • Multiple HTTP/2 connections per server (gRPC)

    • Server can specify request limit per connection (default=100) • Connection callbacks • PlainTextStreamFilter – can intercept http traffic in plain text • Telemetry • EventSource Events & EventCounters • Track all stages of a request including DNS, TCP etc • HTTP version policies • Control over which versions a connection will use • Perf improvements • Sockets optimized on Linux
  7. #netcoreconf Incubating / Not yet implemented • Connection Abstractions •

    Custom transports eg Unix Domain Sockets • Connection pool management APIs • SNAT limits in Azure • http/3 + QUIC • Mostly applies to inbound connections • Moving components from YARP into .NET (core) • IHttpProxy • Header based routing • TLS connection filters
  8. #netcoreconf How to configure YARP • Routes Contains a collection

    of route matches and their associated configuration. Routes tell the proxy which requests to forward • Clusters Contains a collection of named destinations and their addresses, any of which is considered capable of handling requests for a given route. Clusters tell the proxy where and how to forward requests https://microsoft.github.io/reverse-proxy/articles/config-files.html
  9. #netcoreconf What is holding back microservice development? • Limited tools

    and runtimes to build distributed applications • Runtimes have limited language support and tightly controlled feature sets • Runtimes only target specific infrastructure platforms with limited portability
  10. #netcoreconf Build connected distributed applications faster • APIs for building

    microservices easily • Resiliency built-in • Message and event broker integrations • Service discovery • mTLS encryption • Secrets • ..thanks to sidecar process
  11. #netcoreconf Sidecar model My App Dapr API POST http://localhost:3500/v1.0/invoke/cart/method/neworder GET

    http://localhost:3500/v1.0/state/inventory/item67 POST http://localhost:3500/v1.0/publish/shipping/orders GET http://localhost:3500/v1.0/secrets/keyvault/password POST http://localhost:3500/v1.0-alpha1/workflows/dapr/businessprocess/1234/start HTTP/gRPC Application Dapr sidecar
  12. #netcoreconf Incrementally adoptable • Only the APIs you want •

    With any stack or language • Reuse your code with HTTP/gRPC proxy • Kubernetes, VMs, cloud or hybrid var request = new HttpRequestMessage(); request.RequestUri = new Uri(BASE_URL); //”http://localhost:3500” request.Headers.Add(“dapr-app-id”, configuration[“SCORE_SERVICE"]); request.Method = HttpMethod.Post; request.Content = new StringContent(requestBody, Encoding.UTF8, "application/json"); request.Headers.Add("X-ClientTraceId", Guid.NewGuid().ToString()); return request;
  13. #netcoreconf Industry established best practices for reliability • Secured connections

    (mTLS) • Resilient state • Retries, backoffs, circuit breakers • Message guarantees • Observability
  14. #netcoreconf Build portable applications Write portable code once, and reconfigure

    for any environment: • Local, staging, prod • Multi-cloud • On-prem and edge • Favorite cloud or OSS storage, pub-sub brokers, secrets stores
  15. #netcoreconf HTTP API gRPC API Any cloud or edge infrastructure

    Application code Microservices written in Any code or framework… Hosting infrastructure On-Premises Azure Arc
  16. #netcoreconf Dapr components My App Observability Prometheus AppInsights Jaeger Zipkin

    Bindings & Triggers GCP Storage AWS S3 Kafka Azure Storage Twilio Swappable YAML files with resource connection details Over 70 components available Create components for your resource at: github.com/dapr/components-contrib State Stores Firebase Cassandra Redis Azure CosmosDB AWS DynamoDB Secret Stores AWS Secrets Manager Azure KeyVault GCP Secret Manager HashiCorp Vault Kubernetes Secret PubSub Brokers Redis AWS SQS Azure Service Bus RabbitMQ GCP Pub/Sub