I believe this article doesn't exactly touch on the difference between a proxy and reverse proxy, and this is apparent if you look at the two diagrams presented - they are really the same, as being a part of 'internet' is highly subjective in this regard. GCP has Anthos I believe but I'm not familiar with it. I think Azure used to have an equivalent but they retired it. AWS has a cloud native one called AWS Cloud Map which isn't tied to k8s, so it's quite flexible. You'll mostly find service meshes with container orchestration tools, so istio is a popular example that goes with k8s. And importantly it can provide logging, and timings and metrics on your requests to help you with troubleshooting. You can get it to throttle requests too so you don't have to build that traffic into your actual APIs. You get more features with it like you can get a certain set of requests to an API to go to your experimental service instead of the original one. So you can see a mesh is like a proxy but with application deployments and configurations in mind. And if that internal validation service also has some authentication such as mutual TLS, or JWT, the mesh could take care of some of that too. Similarly instead of connecting to the API at, the URL points at and this connects to the mesh which takes care of routing the request to the real internal validation API and can also perform TLS termination and load balancing if there are multiple instances of that internal validation service. This request goes to the service mesh, where the actual mapping to the real destination exists. Instead of a DB connectionstring pointing to .com:5432 you might just have a connection string pointing at shop-orders-db and that's it. This is where some people use service meshes. Or your API base URL changes or its authentication method changes, now you've got a lot of work ahead of you. If the DB server changes for example, you might have 50 connectionstrings to update. If you have lots of little services and applications sitting about, and all of them need to talk to each other and various APIs and various DBs, then managing the URLs and connectionstrings becomes harder. That's fine and normal at smaller scales, it's manageable. You can just put the URL to the API or the connectionstring to your DB in its configuration somewhere. You have a little application or service, and you want it to talk to some other API or DB in your network. It can reduce requests through caching, it can provide a compatibility layer, and it can filter requests.įrom here, your analogy for a reverse proxy can be used to contrast the two types. The person doing the ordering can refuse to relay their request. Maybe there's a child at the table who wants to order six icecream sundaes. The person doing the ordering can translate their order into a language the pub staff can understand.įiltering of requests. Maybe there are people at the table who speak a different language. But if they have a single person go up and order for everyone, there are several advantages: They could each go up and order for themselves. Everyone at the table wants to place an order. There's no table service, you have to order at the bar. I think your version can be extended further. Are you interested in promoting your own content? STOP! Read this first.For posting job listings, please visit /r/forhire or /r/jobbit.Do you have something funny to share with fellow programmers? Please take it to /r/ProgrammerHumor/.Do you have a question? Check out /r/learnprogramming, /r/cscareerquestions, or Stack Overflow.Direct links to app demos (unrelated to programming) will be removed.
Forwarding proxy vs reverse proxy code#
If there is no code in your link, it probably doesn't belong here. Just because it has a computer in it doesn't make it programming.That means no image posts, no memes, no politics.Please keep submissions on topic and of high quality.r/programming is a reddit for discussion and news about computer programming