I need to add proxy feature to all my ServiceStack services. I am reading the documentation and have a couple of things I do not understand right now (I refer to the sample at the bottom of the page):
Pre-requisites:
All my services run as Docker containers on RedHat, so they are written against .NETCore 2.0 at the moment.
In front of the docker host are other VMs like firewalls, logging server etc and also an Apache proxy server which handles SSL traffic (and Certificate management).
My URLs (and all Request and Response Headers) need to be changed. From outside I have something like https://dev.mycompany.com/[a service code]/[path as defined in the route of my DTOs] which must be mapped to something like http://[dockerhostname]:[port]/[path as defined in the route of my DTOs] (The service code defines which microservice to call and therefore I can map it to a specific port)
Questions:
I guess I have to define in the proxy feature two methods: Func<IHttpRequest, Stream, Task<Stream>> TransformRequest AND Func<IHttpResponse, Stream, Task<Stream>> TransformResponse to rewrite incoming (request) urls and outgoing (response) urls. Is this correct?
In the sample (the last code block in the documentation) there is a line req => $"http://${resolve(req)}.techstacks.io" + req.RawUrl.Replace("/techstacks","/")). What is resolve(req)? In my IDE (JetBrains Rider on Linux with .NETCore 2.0) this method is UNKNOWN?
If you’re already going through an Apache proxy why aren’t you configuring that to do any proxying you need? Going through 2 proxy servers sounds unnecessarily inefficient.
That’s dependent on your app, the Transform* delegates allow you to modify the incoming Request/Response so you’re able to do things like URL rewriting, but if your App doesn’t return any absolute URLs then there’s not going to be anything rewrite.
That is an example of using a custom (i.e. your own) function to resolve the sub domain from the incoming request. Note the example just shows changing the sub domain + stripping the path info, but you can proxy/map it to any URL you want.
If you’re already going through an Apache proxy why aren’t you configuring that to do any proxying you need? Going through 2 proxy servers sounds unnecessarily inefficient.
I am not familiar with the deeper functionality details of mod_proxy and url-rewriting. The guys responsable for the infrastructure in the datacenter told me, that mod_proxy cannot do everything we need and may be error-prone. So I have to play around with it and the ProxyFeature and see how it works and performs…
I need to support several infrastructures and I definitely do NOT want to manage SSL certificates on all my servers in all my environments such as dev, demo, prod etc. which are all different networks with different VMs in the datacenter. And of course the clients must not know anything about IP Port numbers of my services. So the Apache works mainly as a router and dispatcher since one single client can talk to many different services at the same time, each running in a docker container.
Sometime in the future, all this should be moved to a kubernetes environment which then will make the apache obsolete.
And thanks about the clarification of resolve(req)!