reverse proxies
notes on reverse proxies
reverse proxies
tldr use envoy
For some reason or another, you need a reverse proxy.
you have options:
| proxy | language | config | TCP | UDP | http2 | http3 | grpc |
|---|
| Envoy | C++ | yaml / xDS dynamic | yes | yes | front / back | front / back | yes |
| HAProxy | C | custom text / custom dynamic | yes | no | front / back | planned? | yes |
| Nginx | C | custom text | yes | yes | front | front | yes? |
| Traefik | Go | yaml / toml / multi dynamic | yes | yes | front / back | planned? | yes |
Notes
- envoy can be configured statically for basic setups
- envoy is used as a base for more complex dynamic setups, eg k8s ingress
- haproxy is ehhhh on feature support
- nginx is popular but feels compromised feature wise by enterprise edition
- traefik is simple to setup for standalone operations
- traefik include native support for many dynamic config situations
Other
- Apache HTTPD is a pure http (1/2) server, not really well suited for proxying
- MetalLB for bare metal deployments + k8s, won't work in clouds