bfenetworks / bfe Goto Github PK
View Code? Open in Web Editor NEWA modern layer 7 load balancer from baidu
Home Page: https://www.bfe-networks.net
License: Apache License 2.0
A modern layer 7 load balancer from baidu
Home Page: https://www.bfe-networks.net
License: Apache License 2.0
Description:
Serve static content by customize rules
之前在一些介绍材料中了解到BFE除了本身组件外,还有两个核心的调度组件,一个GSLB,另外一个GTC组件,这个开源的版本中,GTC外网调度能力是否包含?
Grade A+
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
好歹给点使用文档和范例呀
changes to logid:
Add description of log fields for mod_access
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
compress response depending on the defined rules
For example this file:
https://github.com/baidu/bfe/blob/develop/conf/server_data_conf/route_rule.data
I add some new ProductRule
rule, do I need to reload the bef
to make the new rule take effect?
Write key logs in NSS key log format so that external
programs(eg. wireshark) can decrypt TLS connections for trouble shooting.
Log format:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
Description:
Reference:
Protect resources from unauthorized access by adding encoded data like the hash of a specific part of the URL.
During response forward phase, if flushInterval <0, just flush response header after write
Description:
Reference:
Set default value of cluster configuration items to Reduce configuration costs:
BackendConf
CheckConf
GslbBasic
ClusterBasic
Description:
Reference:
expose metrics in prometheus text-based format
See: https://prometheus.io/docs/instrumenting/exposition_formats/
Add description of variables for mod_header
Remove following fields:
Rename following fields:
Description:
Format of data config:
{
Version: "version_num",
Config: {
"product1": [
{
"Cond": "cond_expression",
"Params": {
"Name": "UID",
"Domain": "example.org",
"Path": "/",
"Expire": 31536000
}
}
]
}
}
Limit the amount of connections/requests a user can make in a given period of time.
log verbose information:
Add license scanning, dependency analysis & intelligent compliance
into development workflow.
Use Rlock for read operation on BalTable (Lookup/GetState, etc)
Maintain basic status about request/response forwarded
Writes information about client sessions/requests in the access log
Support HTTP/3 protocol
Because the project name is BFE, and start with the bfe
string, then the custom go modules are also named bfe_xxx
, it is a redundant naming rule.
Set default value of core config items to Reduce configuration costs:
[server]
httpPort = 8080
httpsPort = 8443
monitorPort = 8299
maxCpus = 0
layer4LoadBalancer = ""
tlsHandshakeTimeout = 30
clientReadTimeout = 60
clientWriteTimeout = 60
keepAliveEnabled = true
gracefulShutdownTimeout = 10
maxHeaderBytes = 1048576
maxHeaderUriBytes = 8192
hostRuleConf = server_data_conf/host_rule.data
vipRuleConf = server_data_conf/vip_rule.data
routeRuleConf = server_data_conf/route_rule.data
clusterConf = server_data_conf/cluster_conf.data
nameConf = server_data_conf/name_conf.data
clusterTableConf = cluster_conf/cluster_table.data
gslbConf = cluster_conf/gslb.data
monitorInterval = 20
debugServHttp = false
debugBfeRoute = false
debugBal = false
debugHealthCheck = false
[httpsBasic]
serverCertConf = tls_conf/server_cert_conf.data
tlsRuleConf = tls_conf/tls_rule_conf.data
cipherSuites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256|TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256|TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
cipherSuites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256|TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
cipherSuites=TLS_ECDHE_RSA_WITH_RC4_128_SHA
cipherSuites=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
cipherSuites=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
cipherSuites=TLS_RSA_WITH_RC4_128_SHA
cipherSuites=TLS_RSA_WITH_AES_128_CBC_SHA
cipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA
curvePreferences=CurveP256
enableSslv2ClientHello = true
clientCABaseDir = tls_conf/client_ca
[sessionCache]
sessionCacheDisabled = true
servers = ""
keyPrefix = "bfe"
connectTimeout = 50
readTimeout = 50
writeTimeout = 50
maxIdle = 20
sessionExpire = 3600
[sessionTicket]
sessionTicketsDisabled = true
sessionTicketKeyFile = tls_conf/session_ticket_key.data
add config doc for mod_http_code
目前开源版本我已验证本机房多个子集群间数据分流,那么现有开源项目是否支持GSLB 跨IDC机房集群流量分流控制?
Description:
Reference:
Proxy http requests to a SCGI server.
Proxy http requests to a FastCGI server.
Support tls 1.3 protocol
determine user geolocation by IP address using MaxMind database(https://github.com/oschwald/maxminddb-golang)
add geolocation to request context
can you help me for give us some examples, such as some comme configure and request urls
Description:
Reference:
Sets the Content-Type in a response based on the file extension.
Support the proxy protocol to be compatible with F5 BigIP/Citrix ADC etc
The proxy protocol:
https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
Validating the user name and password using the “HTTP Basic Authentication” protocol.
See:
web application firewall based on ModSecurity
ModSecurity
https://modsecurity.org/rules.html
bal_gslb: use random value if hash key not found
return customized response(error page/redirect) for specified error
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.