fnobilia
commented
7 years ago RADAR-CNS/RADAR-Backend#5 could be solved also with a HTTP Proxy
Closed blootsvoets closed 6 years ago
fnobilia
commented
7 years ago RADAR-CNS/RADAR-Backend#5 could be solved also with a HTTP Proxy
afolarin
commented
7 years ago Is there generally a preference for any of these three? Nginx HAProxy Apache
fnobilia
commented
7 years ago We need to develop at least a custom filter to ensure that each message contains both key and value. I would go for the easiest one in terms of development.
blootsvoets
commented
7 years ago HAProxy would not be suitable for processing and filtering. For custom filters, both Apache and Nginx by default support C code. Nginx has modules to also allow Lua, Java, Groovy, Clojure, JavaScript, Perl, with a variable performance hit (but very possibly much faster to develop). For basic path filtering like header checking, I'd vastly prefer Nginx because of its simplicity and readability. For the filter API, they look pretty similar. All-in-all, I'd choose Nginx.
For a content-checking filter for the Kafka REST Proxy, we could also modify their docker container with a different WEB-INF/web.xml combined with our own Java code. That is probably faster to develop than a webserver-based one.
afolarin
commented
7 years ago Copying Serge Osokin into this as I think it is a good starting point for discussion cc/ @sosokin
nivemaham
commented
7 years ago [WIP] We have a simple HTTP-Proxy-Servlet running on a tomcat in front of kafka-rest-proxy. I will add a new docker-compose with new tomcat integrated.
blootsvoets
commented
7 years ago Also nginx is now deployed. I'll set up the relevant location blocks.
yatharthranjan
commented
6 years ago I think its implemented now. Should we close this one ?
afolarin
commented
6 years ago yup
For example Nginx or Apache could be put in front of the Kafka Rest Proxy to restrict consumer paths, and the dashboard and API should preferably have HTTP basic authentication.