YARP overview page #34764
Merged
YARP overview page #34764
+63
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…e being created. AI did a good first draft of what the page should contain.
| - Routing: Directs requests to different backend servers based on predefined rules, such as URL patterns or request headers. | ||
| - Load Balancing: Distributes incoming traffic across multiple backend servers to ensure no single server is overwhelmed, improving performance and reliability. | ||
| - SSL Termination: Offloads the SSL encryption/decryption process from backend servers, reducing their workload. | ||
| - Connection Abstraction: The inbound requests from external clients and outbound requests to the backend are independent so can use different versions of HTTP and have independent connection lifetimes. |
This comment was marked as duplicate.
This comment was marked as duplicate.
Sorry, something went wrong.
| - Terminating Connections: The inbound http connections terminate at the proxy and new connections are used for outbound requests to destinations. | ||
| - Routing Requests: Based on the routing rules, the reverse proxy determines which backend server (or cluster of servers) should handle the request. | ||
| - Forwarding Requests: The reverse proxy forwards the client request to the appropriate backend server | ||
| - Connection Pooling: The outbound connections are pooled to reduce connection overhead and make most use of HTTP 1.1 pipelining and parallel requests with HTTP2 & HTTP3 |
This comment was marked as duplicate.
This comment was marked as duplicate.
Sorry, something went wrong.
Update YARP overview date- branch off of samsp
Removed a couple of comments Added transforms to the how a reverse proxy handles HTTP section,
MihaZupan
reviewed
Feb 20, 2025
| - Versions of HTTP, ie, HTTP/1.1, HTTP/2, HTTP/3. The proxy can upgrade or downgrade HTTP versions. | ||
| - Connection lifetimes, which enables features like long-polling on the backend while maintaining short client connections. | ||
| - Control Over URL-Space: Incoming URLs can be transformed before forwarding to the backend. This abstracts the external URLs from how they are mapped to internal services. Internal service endpoints can change without affecting external URLs. | ||
| - Security: Internal service endpoints can be hidden from external exposure, protecting against some types of cyber attacks such as [DDoS attacks](https://www.microsoft.com/security/business/security-101/what-is-a-ddos-attack?msockid=3e35ed3aa4666d8003aaf830a5006c74) and [SQL injection ](/sql/relational-databases/security/sql-injection). |
There was a problem hiding this comment.
How do we help with SQL injection?
|
|
||
| ## Why use a reverse proxy | ||
|
|
||
| Using a reverse proxy offers several advantages: |
There was a problem hiding this comment.
This section feels redundant with the "What a reverse proxy does". I'd merge the two if possible.
There was a problem hiding this comment.
I agree, CoPilot and myself duplicated items.
@samsp-msft I can do that if you like.
@samsp-msft originally had the 2 sections, albeit with less duplicates.
Rick-Anderson
approved these changes
Feb 20, 2025
Co-authored-by: Miha Zupan <mihazupan.zupan1@gmail.com>
| - Versions of HTTP, ie, HTTP/1.1, HTTP/2, HTTP/3. The proxy can upgrade or downgrade HTTP versions. | ||
| - Connection lifetimes, which enables features like long-polling on the backend while maintaining short client connections. | ||
| - Control Over URL-Space: Incoming URLs can be transformed before forwarding to the backend. This abstracts the external URLs from how they are mapped to internal services. Internal service endpoints can change without affecting external URLs. | ||
| - Security: Internal service endpoints can be hidden from external exposure, protecting against some types of cyber attacks such as [DDoS attacks](https://www.microsoft.com/security/business/security-101/what-is-a-ddos-attack?msockid=3e35ed3aa4666d8003aaf830a5006c74) and [SQL injection ](/sql/relational-databases/security/sql-injection). |
There was a problem hiding this comment.
CoPilot hallucinations, I should have checked.
Suggested change
| - Security: Internal service endpoints can be hidden from external exposure, protecting against some types of cyber attacks such as [DDoS attacks](https://www.microsoft.com/security/business/security-101/what-is-a-ddos-attack?msockid=3e35ed3aa4666d8003aaf830a5006c74) and [SQL injection ](/sql/relational-databases/security/sql-injection). | |
| - Security: Internal service endpoints can be hidden from external exposure, protecting against some types of cyber attacks such as [DDoS attacks](https://www.microsoft.com/security/business/security-101/what-is-a-ddos-attack?msockid=3e35ed3aa4666d8003aaf830a5006c74). |
Merged sections, Added scalability note for direct forwarding
|
@Rick-Anderson - please merge if you are happy |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
YARP doesn't have an overview page that can be linked from the website being created. AI did a good first draft of what the page should contain.
Internal previews