Today, we will demonstrate how to set up a reverse proxy in OpenResty Edge for TCP connections.
Let’s go to the OpenResty Edge’s Admin web console. It is our sample deployment of the console. Every user has their local deployment.
This time, we are going to create an application of type stream.
Let’s enter the stream applications page first.
Click this button to create a new application.
We see two types of stream applications: SNI Proxy and TCP.
Our topic today is TCP applications.
SNI Proxy applications will get covered in another tutorial.
Select the type TCP.
We need to specify a port for this application.
First, we need to add this port to this partition.
Click to edit the partition default.
Click the button to add ports.
We see a new line in the list.
Enter 3307 as the port number.
Click to select Type TCP.
Click the Save button to save it.
You can see that the new port has been successfully added to the default partition.
Changes are automatically released while being saved.
Here you see the synchronization status.
Close this panel.
Enter the port we just added to the default partition.
Then click to create this application.
Go to the upstream page.
Create a new upstream for our backend server.
We give this upstream a name, say, tcp_backend.
Here we need the backend server’s IP address.
We’ve already prepared a MySQL server at this IP address.
We connect to this MySQL server.
Type the password
As you see, the server is accessible.
We can now fill out the host field for the backend server.
Enter port number 3307.
We may add more servers to this upstream in the future.
Click to save this upstream.
We can see this
tcp_backend upstream is already there.
Now let’s create a new page rule to use this upstream.
Create a new page rule.
Let’s add a proxy target here.
Select the upstream that we just created.
There are several Balancing policies to choose from. Our upstream has only one server. So the balancing policy does not matter here.
We’d just keep the default round-robin policy.
Create this page rule.
We can see the newly created proxy page rule in the page rule list.
The last step is to make a new configuration release. It will push out our pending changes to all our gateway servers.
Let’s click on this button to make a new release.
Now it is fully synchronized. As we can see, this sample deployment has 14 servers in the gateway network.
We do incremental config synchronization across the whole network.
We live-update config on the request level. None of the application-level configuration changes require server reload, restart, or binary upgrade. So it is very scalable even when you have many different users making frequent releases.
We can also check all the gateway servers grouped by clusters.
We have a node in the United States with an IP address ending with 226. We will test the proxy that we just added using this node.
Click to copy the IP address of this server.
We connect to the MySQL server on the upstream backend using port 3307.
The host is the Edge Node Server that we just saw with the IP address ending with 226.
Now give the user and database names and execute the select command.
Type the password
It works as expected! The server is accessible, just like accessing the backend server directly.
It is what I would like to demonstrate today.
Yichun is one of the earliest advocates and leaders of “open-source technology”. He worked at many internationally renowned tech companies, such as Cloudflare, Yahoo!. He is a pioneer of “edge computing”, “dynamic tracing” and “machine coding”, with over 22 years of programming and 16 years of open source experience. Yichun is well-known in the open-source space as the project leader of OpenResty®, adopted by more than 40 million global website domains.
OpenResty Inc., the enterprise software start-up founded by Yichun in 2017, has customers from some of the biggest companies in the world. Its flagship product, OpenResty XRay, is a non-invasive profiling and troubleshooting tool that significantly enhances and utilizes dynamic tracing technology. And its OpenResty Edge product is a powerful distributed traffic management and private CDN software product.
As an avid open-source contributor, Yichun has contributed more than a million lines of code to numerous open-source projects, including Linux kernel, Nginx, LuaJIT, GDB, SystemTap, LLVM, Perl, etc. He has also authored more than 60 open-source software libraries.