Enable policies to load balance flows

[AltraMayor]

Enabling policies to load balance flows markedly increases the value of Gatekeeper deployments since Gatekeeper servers act as load balancers with DDoS protection and discard the need for dedicated load balancers inside of the protected networks. In fact, Gatekeeper works as a better load balancer since the balancing is geographically distributed at Gatekeeper servers while the description of how to balance is centralized at Grantor servers, that is, Gatekeeper becomes a scalable, geographically-distributed, DDoS-protected, centrally-administrated load balancer.

This issue depends on the merge of pull request #295 since the new GK_BPF flow state enables policies to associate BPF programs to flows.

In order for policies to have a flexible infrastructure to implement the load balancing mechanism, the following items will likely be needed:

• Having a way to create BPF programs on-the-fly inside of the Lua policy. The library BCC may help with this since it can translate a Lua function into BPF code.
• Having a way to send new programs from Grantor servers to Gatekeeper servers. Since programs would be created on-the-fly, Gatekeeper servers cannot pre-load them. Besides the BPF program store that one needs to build on Gatekeeper servers, one challenge will be to support a transport protocol to send the programs. A candidate for this transport protocol is QUIC, which is available in the QUICHE library.

[AltraMayor]

When Gatekeeper acts as a load balancer, the final destinations have to decapsulate the packets themselves if direct delivery (see #230) is not possible. This can be done with a simple BPF program using XDP like Katran does. This way, the decapsulation adds a small overhead to final destinations.

[AltraMayor]

Other examples of large scale load balancers: Maglev, Unimog, and GLB. These examples provide design references that can be useful for Gatekeeper.