README
¶
XLB Proof of concept
Proof of concept for load-balancer implementation
Requirements
General
Implement a basic TCP load balancer. Load balancers are used to distribute network load across multiple hosts (or upstreams).
Technical
- A reusable library implementing the functionality of the load balancer.
- A server that exposes the library functionality while providing secure communication to clients and an authorization layer.
Goals
Assemble full prototype of required components to route authenticated LB pass-through traffic
This project should serve as a base source of connected components for the XLB project.
Scopes
- Only forwarding balancer method in this POC is Round-Robin strategy
- Unit testing limited for POC, only available for Round-Robin validation
- Database layer implemented with Badger to optimize testing of behaviors between optimizations
- Certificate keys limited to RSA to reduce the research time
Prerequisites
General TLS
make tls
Client TLS
Can be achieved by series of commands (imitation of real customer)
Create Client with ID
curl -k --location 'https://localhost:8083/api/v1/client' \
--header 'Content-Type: application/json' \
--data '{"name": "testuser"}' | jq
{
"uuid": "adcfce79-7048-48ac-a55e-269f3745e6f0",
"key": "dc9bea78b73818aead83bea41d362b84b230a61cc21c8b342112f0176ac78e25",
"name": "testuser",
"createdAt": {
"seconds": 1712087318,
"nanos": 563993000
}
}
Create Client Key
curl -k --location --request POST 'https://localhost:8083/api/v1/client/auth' \
--header 'Authorization: Basic YWRjZmNlNzktNzA0OC00OGFjLWE1NWUtMjY5ZjM3NDVlNmYwOmRjOWJlYTc4YjczODE4YWVhZDgzYmVhNDFkMzYyYjg0YjIzMGE2MWNjMjFjOGIzNDIxMTJmMDE3NmFjNzhlMjU='
| jq
{
"Token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjM2MDAsImZvbyI6MiwiaXNzIjoieGxiLWF1dGhvcml0eSIsInN1YiI6ImFkY2ZjZTc5LTcwNDgtNDhhY.fvXV8zrQS_WjxBaH6HVv-5QwnkKmyfw-05N5wlXEhfuMOLCePBaY6eyxY7tibdVY1b3nEuy_zm6SyLrqu-mSbnjyQl4mBCVUgxmnpR5XWuZCPIddpR4NCJuhxm8YMDPFiVaTUC-kGEVYC--vUQ9_4FenRJ31sq-GpYage5muxI1ZGLH-FwCuwzVgnHEkDHJ01oAOaE9G2tc2lVbjDd3OO-TgjeuIHkRjC7wZ2C5w82PbVf8IZOQnEjgvTJba5MkWt8HfYsplYqtsvMhAmKRvfJ67W24aTNel4y6X0VuL2Gsfd6JItKIzyMil_-hvAPR6QmItYa_v9dwoLu42b5OBE1JvQkEPKe9Z8gwP8NhApQ5UFbaoeYBYnGtT-lSlnNrgHXq3LMemv2ELg6coIIEdw_4sobbtQHVg8BnwUwlWKn22yjiiL-qRQqzYzMGk6Z0kGQ9trI-ON3yxTe1BNqj1eDrsc0eu4EpNivqh3tAM8J1LK4PdqCRmxABRYSpJumpm"
}
Create Frontend For the applicaiton
curl -k --location 'https://localhost:8083/api/v1/client/frontend' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MTIwOTM3MDAsImZvbyI6MiwiaXNzIjoieGxiLWF1dGhvcml0eSIsInN1YiI6ImFkY2ZjZTc5LTcwNDgtNDhh.PRepRH8pwzlP0gGP9LJuw5Sw_FrKTuCfuGZiwVNnVdCYhJ6i7jFfWLThNqKEX4A3chBXkj90W3eucCj_SrdGDbdGEPnX9lKKLuaTWcLPIDODTFAZManVFj7Fma-xDbYEBrUvZ4EGnvJpz8WKE_2fqE_doJ7nXWHR3Vmh9MPKCw4zcsUvxB5yRMqLnVC4ZrP28Jbj0Nou4L2m_Oh_8qFMXJWXXsoanFFhpwxqyHcR1eAUaQ5vw5z3USEVid86a6oNCLDy_AlBKoyvaXP0m0hSc27qoktMOl3WN5HMGpDrz_U0S8QXjJl6c_Dak0TLhto-x9CF21Ku5kKofE92KD1u_J6IvKOcXDctATlXs-OjOlgyOCd5k6X-i57AgQ5vEpKU4MB_Kv8eAGAAtdHfDftAxWt1eEe5dCsCgZU7sO_m8tDnLwRS1c-OF89Hh9M5b-oAjSlPE0fOwvU118wjqIchjwbKrfw_VNjyVnQfyDQnfANZ6hsPddVO11iyDvlts361' \
--data '{
"active": true,
"strategy": 0,
"routeTimeoutSec": 30,
"routes": [
{
"dest": "142.250.189.174:80",
"capacity": 10
}
]
}'
{
"uuid": "1a916327-b70e-423d-8ff6-664dc4d98cde",
"active": true,
"routeTimeoutSec": 30,
"clientId": "adcfce79-7048-48ac-a55e-269f3745e6f0",
"accessKey": "1074dfb781ecc4917ff6fc714db3b92607498fe648b033427a2605d12be8356a",
"routes": [
{
"dest": "142.250.189.174:80",
"capacity": 10
}
]
}
Create Client Access Keys
curl -k --location 'https://localhost:8083/api/v1/client/frontend/1a916327-b70e-423d-8ff6-664dc4d98cde/tls' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MTIwOTM3MDAsImZvbyI6MiwiaXNzIjoieGxiLWF1dGhvcml0eSIsInN1YiI6ImFkY2ZjZTc5LTcwNDgtND.PRepRH8pwzlP0gGP9LJuw5Sw_FrKTuCfuGZiwVNnVdCYhJ6i7jFfWLThNqKEX4A3chBXkj90W3eucCj_SrdGDbdGEPnX9lKKLuaTWcLPIDODTFAZManVFj7Fma-xDbYEBrUvZ4EGnvJpz8WKE_2fqE_doJ7nXWHR3Vmh9MPKCw4zcsUvxB5yRMqLnVC4ZrP28Jbj0Nou4L2m_Oh_8qFMXJWXXsoanFFhpwxqyHcR1eAUaQ5vw5z3USEVid86a6oNCLDy_AlBKoyvaXP0m0hSc27qoktMOl3WN5HMGpDrz_U0S8QXjJl6c_Dak0TLhto-x9CF21Ku5kKofE92KD1u_J6IvKOcXDctATlXs-OjOlgyOCd5k6X-i57AgQ5vEpKU4MB_Kv8eAGAAtdHfDftAxWt1eEe5dCsCgZU7sO_m8tDnLwRS1c-OF89Hh9M5b-oAjSlPE0fOwvU118wjqIchjwbKrfw_VNjyVnQfyDQnfANZ6hsPddVO11iyDvlts361'
{
"key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlHNVFJQkFBS0NBWUVBdjdTTm1UeGR5ZS9adkNIc3BoN0hhMVJURlIwRzk2WjA5bEhmWXdPVVJhVWhPMk1vCkxyNEFTL3A5Sit2STJRd25aTW12SVUwYWtIZngzSDZTVWJ4Z3hiREJ5VUVyTVlkcS9VUnVHNGlnQmpyVXJ3WUwKcDlVb0xQeG5aZ0dZSnIyK1FKUktPcC9kYVk3WDJXUU5UQ0ZXT1RHZ3pVUkhEdXlNeE9nMm8vaG9TS2pPTENuVApPY2NPaVhZeU9xZ0pEaXJKWDBkdEg0RG81ekNPendTbGx2SmsvNFcvWitTTlJ2UzlYcFRjbHpuMTBKakVkSUtNCmhFd3lCaG9CNGp1QjRtOWFIaWwzT0Z6OHFmUHN1a08rOE1xYlNMQUhWd2QvRGhUUzk2akl4TDlWUE4vemZlcjEKbEU2MWNCdi9PaVZKbVRNY3JYZ0JTOXMyTGZKT0V2bUlWVk5XYWhIQVRqb2U5SVZQU1ZneGh3cnFFOUhjWEZSMgo4MWhERkY0dXQ2ZnBWYnl2clFjWDlEQzFabGx5RVBubEcvbUp5WXpkOE02bnZxYnpCd0xSOFlnR3lSSGhmcmdZCmxuNFNnbEthb0ZkaGM5TC90S3dVbFcvcTRuQllEOTlaMzhrYVFtdnVHUnFnR0cwKzNlclJXNEZBY2s2QWtVRzgKV0ptc0x5eGRwekZsOXh0NUFnTUJBQUVDZ2dHQkFLYWxRM256ZWV3eTdlbVc2K3EwVXRKQUtVRHZUTUUzRi9HUAoxa3B5TUJBaXJiSzhUWS9rWnNtbFkrcXlFcFJxOWt1czd1cFo1ait6cExIeDdTdlVQNk5hTmZySEJjODJVcEQ3ClRXUHQ3bjI3NG1xTExOS21meGdzQ1k0bzBLVE15SGZHOElmcHRFVXdnUDVlOVJnNjJvTTVXdmxVNHhoY0ZUcU8KU2dGYnpQdHNrbHpkdHRwQTZhZ2c4U1VBTVc3NVRyZmVsVU9QZ2VhRzFYMnNJbTRISkRqamdUSEZBZkt1aVhlUQptL2x4enZlWDlSNzY1VCtVSk9BYzk0bzhCSHBjSkUzbWo3UVFOR05qTDE1clNSZzkyR1lnZ3p2YjBLSktqZzJhCnpVencvK2U1d1hEcitubVI4N2xEQkkwUWc3b3lFMGxUS24vQ0pleTJVaWRDYVI1dmNCNnBOUEc3VjgwclFIYTAKdWFHUWp2VjhPYTdTWkhZSE1vWEtoVHJxUGtLOU9PRU84WmFIWFpsRHpPNmxoWTVEUFJhRmFFeDcyVVAxQW1SYQppTDdjZ3lzTG40Q3JoRktYaFhoNzB5WjdSSEc2TnB0ZDlUejlHazRCYnI3T1Z6L0F6UVEvV2FtdWl5Yk5ucnRUCjBuQVZCNWVzV2twV2g5blJPOG9ZZk5sblFMUnBBUUtCd1FES2x0UVJqbmxMZEdWYmd3KytvQ0RwQ3RYY3o1Z2QKWFNxQzZkRWcvSXFBU3RSb3MwdHBob3doS2FuWlNMemtNQ1VpR1I4SGNjVmlEZDkrYURUand2QlgrN1MxWXphTAovdmZMSGdvSll4MDloeVNZRkdpYjBnN0x2aVM1WWhpSG4zdDlLTG1PWUxTa3laeFl4RUhPTkhrWk8vd1BpcitNCmxzWnh2MVhZbG9XMlRYak1sTXAyQzFEUVNKd0xVdVM3QnRrNHBxZGVVaUVhZmF5VDFO5BYTBQMjY3TEE0b2JZdWdYMkkzeWcwVjhBcEVDZ2NFQThqOGw2OXd5MklUa0I2REJURnYrbWlwdQpZY1M4ODZJR09rV0FYelNPa3JzUFlSUzFEOFlCOHJMazBFQytoUlYwdUh2NTVqM0JYTnJDQXFHWFQ2QTltZFRqCjFXQTVwQ1FhdjdZaGgvSG4rQjFEcnZORGhHWVhMY0g4Ny9uNSt1R3U5YTFwb2xHbXlxSHp2bVpQeE5RVjhEWnQKNnpSVlZqbjBPaTd0RmtsWVJnSXowRjNBM1p4NzNYRDY4eXlsa3JtTG5ET25hOG5wK2liS3kzbFAwTCtJdTNFQgpjTVNYSzM5SnpRTVF4UlIxZXlWQ212dmpUK1MyK1F4ZU1yZE5aQzVwQW9IQkFJZFNPRldCMVlPUlBDTGthSi9zClZnOVVMWVpSSkVwNDhPeUJRaS9HZ0nFrQzN2RmxwWlFQcmkKTzZpSmVTdXdHYjlwa0JzYzlaZFBuVGg4RFBXSXJGZG8rSGtmaVdoTEhoZDVjQU1xTU1mcDBNQkI2eTFmNnBUUwplQkZpLy90aHNwRTJKVmZWZG9JMkNScThwUFFDYnpwcVZKREw3MitnN3lmK2F4cHNOMS9KZkZNMW54RWdIR2QrCkNLazRTUDEvbUNlbzB6MTV6b3dTdFZ3R2VWMKc1U0dTA0aUtkQVhZdi82RDlDWmI0enl6Z3JJeWQ5UVkxRjNiUjhkMXdqU1d0TlpadjJFamZTbjVKMGZ3S2JkNQpVTXhoTVc5VlZ2QkFWNUJ5NzhjQ0Q4b2lPeGpmNDNXQVlPanU1OHVTRTMrOTRudVRmTEVQRlJVYmc4a0xnQjVnCmtOWGJvbmU0SXFJdk5GNHd6WXJwL2pSNlcxSEkxTUhXYVRkQ3FPaVY3eHZ6YzRIU1ZZUklaeW5FQ2djQnBhR0dwL3dITApyRUVCclJDTWZxQ3E0dGZBL0p4WG9xekZrNlBKdTV1OW9YR0JRTVhIYSsyTUFlMmpOOXh0ZWcwK294NnBOeUZCCjQ5bitncGlLNHcrMUh3SkphdzdGYzZQdUk3NkdYQmRXeVZMZDNPRjZLVVJHR054S3QxbW4xdFp3SEtpZGVVa0oKVVhXaWd5b3M3TTB3S2ZNck9obEpxRjVhZGRuL1JRcVVMczFNL1pFUTB5dUIxdXkxVTZZcjFtVUloSlFQb05VRQpjZE1IbkE2WXZSajVYNWoyMUlKTlJ1WVlKLzYyR0hEWkpwNExqZVpjYmRPZXVUclAwSWJBa2RFPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=",
"certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV0RENDQXh5Z0F3SUJBZ0lRTjg4bzEwR1JKcUYxc2hqZWNkUEkwREFOQmdrcWhraUc5dzBCQVFzRkFEQTUKTVJZd0ZBWURWUVFHRXcxVmJtbDBaV1FnVTNSaGRHVnpNUTR3REFZRFZRUUtFd1Y0WkdseVpURVBNQTBHQTFVRQpBd3dHWTJGZmVHeGlNQ0FZRHpBd01ERXdNVEF4TURBd01EQXdXaGNOTWpVd05EQXlNakExTXpJMVdqQjZNUzB3Ckt3WURWUVFLRXlSaFpHTm1ZMlUzT1MwM01EUTRMVFE0WVdNdFlUVTFaUzB5TmpsbU16YzBOV1UyWmpBeFNUQkgKQmdOVkJBTVRRREV3TnpSa1ptSTNPREZsWTJNME9URTNabVkyWm1NM01UUmtZak5pT1RJMk1EYzBPVGhtWlRZMApPR0l3TXpNME1qZGhNall3TldReE1tSmxPRE0xTm1Fd2dnR2lNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUJqd0F3CmdnR0tBb0lCZ1FDL3RJMlpQRjNKNzltOElleW1Ic2RyVkZNVkhRYjNwblQyVWQ5akE1UkZwU0U3WXlndXZnQkwKK24wbjY4alpEQ2RreWE4aFRScVFkL0hjZnBKUnZHREZzTUhKUVNzeGgycjlSRzRiaUtBR090U3ZCZ3VuMVNncwovR2RtQVpnbXZiNUFsRW82bjkxcGp0ZlpaQTFNSVZZNU1hRE5SRWNPN0l6RTZEYWorR2hJcU00c0tkTTV4dzZKCmRqSTZxQWtPS3NsZlIyMGZnT2puTUk3UEJLV1c4bVQvaGI5bjVJMUc5TDFlbE55WE9mWFFtTVIwZ295RVRESUcKR2dIaU80SGliMW9lS1hjNFhQeXA4K3k2UTc3d3lwdElzQWRYQjM4T0ZOTDNxTWpFdjFVODMvTjk2dldVVHJWdwpHLzg2SlVtWk14eXRlQUZMMnpZdDhrNFMrWWhWVTFacUVjQk9PaDcwaFU5SldER0hDdW9UMGR4Y1ZIYnpXRU1VClhpNjNwK2xWdksrdEJ4ZjBNTFZtV1hJUStlVWIrWW5Kak4zd3pxZStwdk1IQXRIeGlBYkpFZUYrdUJpV2ZoS0MKVXBxZ1YyRnowdiswckJTVmIrcmljRmdQMzFuZnlScENhKzRaR3FBWWJUN2Q2dEZiZ1VCeVRvQ1JRYnhZbWF3dgpMRjJuTVdYM0cza0NBd0VBQWFOMU1ITXdEZ1lEVlIwUEFRSC9CQVFEQWdXZ01CMEdBMVVkSlFRV01CUUdDQ3NHCkFRVUZCd01DQmdnckJnRUZCUWNEQVRBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkZoVkI4M20KOEdMNXJ4OXdyOG1RRjhSRWtWQmxNQk1HQTFVZEVRUU1NQXFCQ0hSbGMzUjFjMlZ5TUEwR0NTcUdTSWIzRFFFQgpDd1VBQTRJQmdRQzdzeUUrNUM5aTRaYXVMN3FLaTZidDZRd2NoOTJrbURmY0dYYVloRGpFZzZINERNRWE0cGNICm95ejlkTEJQaWJsS1ZMc0h0YUU4eXJtVDBOMkpBRGl0dDVrSEw4V3pDb2c2N0V3V0lTa0ptSW5VY1lzQklDV2oKR3U3aG54LzhLMTYvbTZTZEtmWitOUXpTTDgvZmw5Z3FTQklNMEhldjZxSXlZbXk4d1VUpFWlA4eHMxenJjNTlaczhHTEF6TTJMdWJMcnZ4SEJDRmtaUHRzcVRoQWJJWmpECjIzK0pLTHNFbmsyWkpjeTRMZG5Sa0MvUTk1UG9Qekk2anQ4R0Y0ZHhZSHZzS2pvcEx0VDhRS05MdmJ0V1FYaHUKVnVRNmRVTzNOMVVGYlhESEludkpSckxFcEoyNktUFhScndhNApMcVE3cDN0VjFEbE8yZGhYQnRPR3dkOSt0VEErdUx3M1AxUWU2VFBsS3l1aU1YTm5CMUk4V2M0UkhVRk5ndU1FGTGZYMTBETEt5eC9GN3lrVWdiNmlDa0E3a1VwcGM3Y2IKbEFldEhTSzNmNHc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"
}
Add Credentials to the test client
- cert.pem
- key.pem
Launch server and client
Server
go run main.go
Client
cd testing/balancer-client
go run client.go
Documentation
¶
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.