moxy - HTTP Reverse Proxy / Load Balancer for Marathon+Mesos

<p>Inspired by <a href="http://vulcanproxy.com">http://vulcanproxy.com</a> I decided to start a small project and make a similar Reverse Proxy / Load Balancer that uses Marathon + Mesos as backend. The reason is to create an alternative to many of the hacks that exists today that generates config for haproxy/nginx, etc.</p> <p>I saw Vulcanproxy is using a proxy library called Oxy made by Mailgun so I decided to just use that instead of writing a complete proxy/lb myself. Its also been proven to work in production for quite some time now.</p> <p>The code is public on <a href="https://github.com/martensson/moxy">https://github.com/martensson/moxy</a> and has just some few basic features at the moment. I try to keep the proxy simple with as few dependencies as possible.</p> <p>I am normally a Devops guy and not a professional programmer so the code might not be perfect idiomatic Go and can probably be improved in many ways. But I really love the language and I try to continuously improve my skills and code. I thought it would be nice to post it here in case someone else might have use for a similar tool or just want to take a look at the code to point out improvements :)</p> <p>All constructive criticism and tips are welcome!</p> <hr/>**评论：**<br/><br/>bketelsen: <pre><p>hey cool. I&#39;m looking for one of these today as a matter of fact. I&#39;ll check it out.</p></pre>bketelsen: <pre><p>Three things that might be useful:</p> <ul> <li>Static mappings [ host-header: blah.me.com -&gt; host1:8080 ]</li> <li>naked domain mappings - me.com and <a href="http://www.me.com" rel="nofollow">www.me.com</a> all go to marathon &#34;me&#34; app</li> <li>TLS termination - this is really easy in Go, and would be particularly useful here with a wildcard cert.</li> </ul> <p>I may send a PR for some of this if I have time. Thanks for sharing!</p></pre>bmartensson: <pre><p>Thanks a lot, but a few questions regarding your points:</p> <ul> <li>Static Mapping - I guess this is meant for apps running outside Marathon?</li> <li>Naked domain mappings - you mean matching in the style of .<em>**me.</em>* ? To match <a href="http://www.me.com" rel="nofollow">www.me.com</a> and me.apps.example.com? My idea was to match based on app.domain.com to make it in style with other PaaS solutions like Heroku. This would easily permit you to just add a wildcard dns entry (*.domain.org) and point it to the proxy IP and you would directly have all possible sub-domains available for apps.</li> <li>TLS termination - this could be a nice optional feature for the people who wants to eliminate the extra step of putting a second proxy in front of moxy just to terminate SSL/TLS.</li> </ul> <p>Regarding the domain part I also thought of adding the possibility to parse optional ENV variables from Marathon were apps can specify custom domain mappings. In case you don&#39;t necessarily want your app-name as the domain name.</p> <p>Thanks again and PRs are always welcome! :)</p></pre>bketelsen: <pre><p>Env style variables aren&#39;t a bad idea for domain names - jwilder did one like that for registrator/consul. Static mapping - yes for apps outside marathon. I may have some that run standalone, and don&#39;t want to run multiple proxies TLS termination will make things pretty complicated, so it&#39;s probably only useful when there&#39;s a single domain and wildcard dns entry.</p> <p>Thanks for this!</p></pre>bmartensson: <pre><p>I understand now, it&#39;s some good ideas and should not be that difficult to implement. Will put that on the list!</p></pre>bmartensson: <pre><blockquote> <p>TLS termination</p> </blockquote> <p>Added support for this now. Also made some refactoring and config is now set in a toml file. :)</p></pre>Growlizing: <pre><p>What is Marathon and Mesos? xD</p> <p>So is this like a runtime (re-)configurable proxy/load balancer?</p></pre>bmartensson: <pre><p>I think its easiest to understand Mesos and Marathon by checking out their websites: <a href="https://mesosphere.github.io/marathon/" rel="nofollow">https://mesosphere.github.io/marathon/</a> and <a href="https://mesos.apache.org/" rel="nofollow">https://mesos.apache.org/</a> but you can see them as your own container hosting for distributed systems and micro services.</p> <p>Problem is neither of them really offer a good proxy/load balancer right out of the box. There are other 3rd party solutions but many of them require a bit of work to run. </p> <p>Moxy would just be a single binary that you start and that&#39;s it pretty much. It listens to events (changes) inside Marathon if applications are started/stopped/moved/etc and directly updates its configuration/proxy settings on-the-fly. Every app would live under its own (sub)-domain and that would be the way Moxy would proxy its traffic to the different apps.</p> <p>Not sure if this answers your question :)</p></pre>ashayh: <pre><p>Doesn&#39;t marathon &#34;ships with a simple bash script that pulls the set of services from the marathon api and updates an HAProxy config.&#34; ? </p> <p><a href="http://blog.factual.com/docker-mesos-marathon-and-the-end-of-pets" rel="nofollow">http://blog.factual.com/docker-mesos-marathon-and-the-end-of-pets</a></p></pre>bmartensson: <pre><p>That means it has to run in cron and continuously reload haproxy. It&#39;s not a very elegant solution and can potentially cause a bit of downtime (cron is limited down to 1min). Instead moxy listens for events/callbacks directly from Marathon and updates its config directly for every change. My goal was also to have a single binary with no external dependencies with enough features and good performance. :)</p></pre>