8 Top Open Source Reverse Proxy Sava maka Linux
Ihe nkesa proxy bụ ụdị ihe nkesa proxy na-ebunye n'etiti ndị ahịa yana sava azụ/mmepụta, dịka ọmụmaatụ, sava HTTP dị ka NGINX, Apache, wdg.. ma ọ bụ sava ngwa edere na Nodejs, Python, Java, Ruby. , PHP, na ọtụtụ asụsụ mmemme ndị ọzọ.
Ọ bụ ọnụ ụzọ ámá ma ọ bụ ihe nkesa intermediary na-ewere arịrịọ onye ahịa, na-ebufe ya na otu sava azụ azụ ma ọ bụ karịa, ma emesịa weta nzaghachi site na ihe nkesa ahụ wee nyefee ya n'aka onye ahịa, si otú a na-eme ka ọ dị ka à ga-asị na ọdịnaya dị. sitere na reverse proxy server n'onwe ya.
N'ozuzu, ihe nkesa proxy bụ proxy na-eche ihu n'ime dị ka 'n'ihu-njedebe' iji chịkwaa ma chekwaa ohere nke sava azụ na netwọk nkeonwe: a na-ebugharị ya n'azụ firewall netwọk.
Ọ na-enyere sava azụ azụ aka nweta amaghị aha iji kwalite nchekwa ha. N'ime akụrụngwa IT, onye nnọchi anya proxy nwekwara ike ịrụ ọrụ dị ka firewall ngwa, ihe nkwụnye ibu, njedebe TLS, ngwa ngwa weebụ (site na caching static and dynamic content), na ọtụtụ ndị ọzọ.
N'isiokwu a, anyị ga-enyocha 8 n'elu oghere proxy sava ị nwere ike iji na sistemụ Linux.
1. HAProxy
HAProxy (HAProxy, nke na-anọchi anya Proxy nnweta dị elu), isi mmalite mepere emepe, ngwa ngwa, ntụkwasị obi, yana ihe nrụzi ibu dị elu na ngwanrọ proxying maka ngwa TCP na HTTP, wuru maka nnweta dị elu.
HAProxy bụ HTTP reverse-proxy, TCP proxy na normalizer, SSL/TLS terminator/ initiator/offloader, caching proxy, HTTP mkpakọ offloader, onye na-ahụ maka okporo ụzọ, mgbanwe nke dabeere na ọdịnaya, ọnụ ụzọ FastCGI, na ndị ọzọ. Ọ bụkwa ihe nchebe megide DDoS na mmejọ ọrụ.
A na-akwado ya site na ihe omume na-achịkwa, injin na-adịghị egbochi nke na-ejikọta oyi akwa I/O dị oke ọsọ na nke nwere ihe dị mkpa, nke nwere ọtụtụ ihe nhazi nke na-enyere ya aka ịnagide ọtụtụ iri puku njikọ na-ejikọta ọnụ. N'ụzọ doro anya, HAProxy na-eji protocol PROXY nyefee ozi njikọ nke onye ahịa iji kwado ma ọ bụ malite sava ka ngwa wee nweta ozi niile dị mkpa.
Ụfọdụ n'ime njirimara bụ isi nke HAProxy gụnyere proxying, nkwado SSL, nyochaa ma steeti ihe nkesa na steeti nke ya, ịdị elu dị elu, nhazi ibu, nkwụsi ike (nọgidere onye ọbịa na otu ihe nkesa ọbụna gafee ihe omume dị iche iche), ntụgharị ọdịnaya, ntụgharị HTTP, na redirection. Nchekwa ihe nkesa, ịtu osisi, ọnụ ọgụgụ, na ọtụtụ ndị ọzọ.
2. NGINX
NGINX, ihe efu, isi mmalite mepere emepe, arụmọrụ dị elu yana sava HTTP ama ama yana proxy ntụgharị. Ọ na-arụkwa ọrụ dị ka ihe nkesa proxy IMAP/POP3. A maara NGINX nke ọma maka ịrụ ọrụ dị elu, nkwụsi ike, nhazi atụmatụ bara ụba, nhazi dị mfe na nke na-agbanwe agbanwe, yana oriri ihe onwunwe dị ala (karịsịa obere akara ebe nchekwa).
Dị nnọọ ka HAProxy, NGINX nwere ihe owuwu ihe omume na-eme ka ọ ghara inwe nsogbu imekọ ọnụ na iri puku kwuru iri puku njikọ, ebe ọ na-eji protocol HAProxy's PROXY.
NGINX na-akwado proxying mgbanwe ngwa ngwa site na iji caching iji ngx_http_proxy_module module, nke na-enye ohere ịnyefe arịrịọ na sava ọzọ n'elu protocols na-abụghị HTTP, dị ka FastCGI, uwsgi, SCGI, na memcached.
N'ụzọ dị mkpa, ọ na-akwado nguzozi ibu na nnabata mmejọ nke bụ akụkụ dị mkpa nke usoro mgbakọ na mwepụ na-ekesa buru ibu. Modul ngx_http_upstream_module na-enye ohere maka ịkọwapụta otu sava azụ iji kesaa arịrịọ ndị ahịa na-abịa. Nke a na-eme ka ngwa gị sie ike karị, dị na ntụkwasị obi, nwee nnukwu ike, yana oge nzaghachi yana ntinye. Na mgbakwunye, gbasara nchekwa, ọ na-akwado nkwụsị SSL/TLS yana ọtụtụ atụmatụ nchekwa ndị ọzọ.
Akụkọ bara uru na sava weebụ Nginx ị nwere ike ịmasị ịgụ:
- Etu esi etinye sava Weebụ Nginx na Ubuntu 20.04
- Otu esi etinye Nginx na CentOS 8
- Etu esi agbakwa ibe ọnọdụ NGINX
3. Gbanwee cache HTTP
Varnish HTTP Cache (ma ọ bụ Varnish Cache ma ọ bụ naanị Varnish) bụ n'efu, mepere emepe, arụmọrụ dị elu, yana sọftụwia caching reverse-proxy ama ama nke ọma dị ka ngwa ngwa webụ, emebere iji melite arụmọrụ HTTP site na iji caching n'akụkụ sava.
A na-etinye ya n'etiti onye ahịa na sava weebụ ma ọ bụ ihe nkesa ngwa; oge ọ bụla onye ahịa na-arịọ maka ozi ma ọ bụ ihe enyemaka sitere na sava weebụ, Varnish na-echekwa otu ozi ahụ, yabụ oge ọzọ onye ahịa rịọrọ maka otu ozi ahụ, Varnish ga-ejere ya ozi na-ezigaghị arịrịọ na sava weebụ wee belata ibu ahụ. na ihe nkesa na n'aka nke na-eme ka nnyefe ọdịnaya weebụ dị ngwa.
Varnish na-eji asụsụ nhazi na-agbanwe agbanwe mara dị ka Varnish Configuration Language (VLC) nke n'ime ihe ndị ọzọ na-enyere ndị na-ahụ maka sistemụ aka ịhazi ka ekwesịrị isi hazie arịrịọ mbata, ihe ọdịnaya kwesịrị iziga, yana ebe, yana otu esi agbanwe arịrịọ ma ọ bụ nzaghachi. , na ọtụtụ ndị ọzọ.
varnish nwekwara ike ịgbatị - enwere ike ịgbatị ya site na iji Varnish Modules (VMODs) na ndị ọrụ nwere ike dee modul omenala ha ma ọ bụ jiri modul nyere obodo.
Isi njedebe nke Varnish bụ enweghị nkwado ya maka SSL/TLS. Nanị ụzọ iji mee ka HTTPS nwee ike bụ ibuga SSL/TLS terminator ma ọ bụ onye na-ebupụ ihe dị ka HAProxy ma ọ bụ NGINX n'ihu ya.
4. Tæfɪk
Træfɪk (akpọ Traffic) bụ free, mepere emepe, ọgbara ọhụrụ na ngwa ngwa HTTP proxy na ihe ngbanwe ibu maka ibuga obere ọrụ na-akwado ọtụtụ algọridim na-edozi ibu. Ọ nwere ike iji ndị na-enye ọrụ dị iche iche jikọọ (ma ọ bụ usoro nchọpụta ọrụ ma ọ bụ ngwa ngwa) dị ka Kubernates, Docker, Etcd, Rest API, Mesos/Marathon, Swarm, na Zookeper.
Njirimara ya na-ahụ n'anya bụ ikike ya ijikwa nhazi ya na-akpaghị aka na n'ike n'ike wee chọpụta nhazi ziri ezi maka ọrụ gị. Ọ na-eme nke a site n'inyocha akụrụngwa gị ka ịchọta ozi dị mkpa wee chọpụta ọrụ na-enye arịrịọ sitere na ụwa mpụga. Ndị na-eweta ya na-agwa Træfɪk ebe ngwa gị ma ọ bụ obere ọrụ dị.
A na-akwado atụmatụ ndị ọzọ nke Træfɪk maka WebSockets, HTTP/2, na GRPC, na nbudata ọkụ (na-aga n'ihu na-emelite nhazi ya na-enweghị ịmalitegharị), HTTPS na-eji akwụkwọ ikike Encrypt (nkwado akwụkwọ ikike anụ ọhịa), ma kpughee API REST. Ọ na-edobe ndekọ ohere, ọ na-enyekwa metrik (ezumike, Prometheus, Datadog, Statsd, InfluxDB).
Ọzọkwa, ụgbọ mmiri Træfɪk nwere interface ọrụ weebụ dabere na HTML nke ejiri na-eleba anya na mmemme. Ọ na-akwadokwa ihe mgbaji sekit, nwaa arịrịọ, mmachi ọnụego, yana nyocha bụ isi.
5. Apache Traffic Server
Nke bụbu ngwaahịa azụmahịa nke Yahoo nwere nke e mechara nyefe n'aka Apache Foundation, Apache Traffic Server bụ ihe efu, oghere mepere emepe na nke na-ebugharị ngwa ngwa na nkesa proxy.
Ihe nkesa okporo ụzọ na-arụkwa ọrụ dị ka onye na-edozi ibu ma nwee ike sonye na nhazi cache na-agbanwe agbanwe. A maara na ejirila ihe karịrị TB 400 kwa ụbọchị nke okporo ụzọ na Yahoo.
Ọ na-egosipụta nhazi nke idobe ndụ, nzacha ma ọ bụ ikpughe arịrịọ ọdịnaya, yana enwere ike ịpụpụ site na API nke na-enye ndị ọrụ ohere ịmepụta plugins omenala iji gbanwee isi HTTP, na-ejikwa arịrịọ ESI, ma ọ bụ chepụta algọridim cache ọhụrụ.
6. Squid Proxy Server
Squid bụ n'efu, isi mmalite mepere emepe, yana nke ama ama yana ihe nkesa proxy yana daemon cache webụ nke na-akwado ụkpụrụ dị iche iche dị ka HTTP, HTTPS, FTP, na ndị ọzọ. Ọ nwere ụdị ntụgharị proxy (httpd-accelerator) nke na-echekwa arịrịọ mbata maka data ọpụpụ.
Ọ na-akwado nhọrọ njikarịcha okporo ụzọ bara ụba, njikwa ohere, ikike, akụrụngwa osisi na ọtụtụ ndị ọzọ.
7. Paụnd
A Pound bụ isi iyi ọzọ na-emepe emepe, proxy reverse na load balancer na n'ihu maka sava weebụ. Ọ bụkwa ihe nkwụsị SSL (nke na-ewepụ arịrịọ HTTPS sitere n'aka ndị ahịa wee ziga ha dị ka HTTP doro anya na sava azụ azụ), ihe HTTP/HTTPS sanitizer (nke na-enyocha arịrịọ maka izi ezi ma nabata naanị ndị a haziri nke ọma), yana ọdịda. -over server.
8. Apache HTTP Server
N'ikpeazụ mana ọ dịghị ihe ọzọ, anyị nwere ihe nkesa HTTP Apache (nke a makwaara dị ka HTTPD), sava weebụ kachasị ewu ewu na ụwa. Enwere ike itinye ya ma hazie ya ka ọ rụọ ọrụ dị ka onye nnọchi anya azụ.
Na mgbakwunye, ị nwekwara ike ịlele Skipper, nwa ọhụrụ nọ na ngọngọ. Ọ bụ rawụta HTTP efu na nke mepere emepe yana proxy ntụgharị maka nhazi ọrụ, gụnyere ikpe ojiji dị ka Kubernetes Ingress.
Nke ahụ bụ ihe anyị nwere maka gị na ntuziaka a. Maka ozi ndị ọzọ gbasara ngwá ọrụ ọ bụla dị na ndepụta a, lelee weebụsaịtị ha. Echefula ịkọrọ anyị echiche gị site na ụdị nzaghachi n'okpuru.