1 概念

1.1 正向代理

一种客户端代理技术,用于帮助客户端访问无法直接访问的网络资源,并隐藏客户端IP,常见的场景有***、浏览器HTTP代理

1.2 反向代理

一种服务端代理技术,用于隐藏真实服务端节点,并实现负载均衡、缓存、安全校验、协议转换等,常见的有LVS、nginx

2 实践

2.1 实现一个正向代理服务

2.1.1 基本思路
  • 代理接收客户端请求,复制该请求对象,并根据实际需要配置请求参数
  • 构造新的请求,发送到服务端,并获取服务端的响应内容
  • 接收到响应内容后返回给客户端
2.1.2 具体实现
package main

import (
    "fmt"
    "io"
    "log"
    "net"
    "net/http"
    "strings"
)

type proxy struct {}

func (p *proxy)ServeHTTP(w http.ResponseWriter,r *http.Request){
    fmt.Printf("Received request: %s %s %s\n",r.Method,r.Host,r.RemoteAddr)
    transport := http.DefaultTransport

    // 浅拷贝一个request 对象,避免后续修影响了源对象
    req := new(http.Request)
    *req = *r

    // 设置X-Forward-For 头部
    if clientIp,_,err := net.SplitHostPort(r.RemoteAddr);err ==nil{
        if prior,ok := req.Header["X-Forward-For"];ok{
            clientIp = strings.Join(prior,", ") + ", " + clientIp
        }
        req.Header.Set("X-Forward-For",clientIp)
    }

    // 构造新请求
    response,err:=transport.RoundTrip(req)
    if err != nil {
        w.WriteHeader(http.StatusInternalServerError)
        return
    }

    // 获取响应数据并返回
    for k,v := range response.Header{
        for _,v1 := range v{
            w.Header().Add(k,v1)
        }
    }
    w.WriteHeader(response.StatusCode)
    io.Copy(w,response.Body)
    response.Body.Close()

}

func main() {
    //mux := http.NewServeMux()
    server := &http.Server{
        Addr: ":9090",
        Handler: &proxy{},
    }
    if err:=server.ListenAndServe();err != nil{
        log.Fatal("Http proxy server start failed.")
    }
}

2.2 Go实现一个反向代理服务

2.2.1 基本思路
2.2.2 具体实现

Http real Server 实现:监听8081和8082端口,返回请求的URL

package main

import (
    "fmt"
    "log"
    "net/http"
    "os"
    "os/signal"
    "syscall"
    "time"
)

type realServer struct {
    Addr string
}

func (rs *realServer) HelloHandler(w http.ResponseWriter,r *http.Request){
    reqUrl := fmt.Sprintf("http://%s%s\n",rs.Addr,r.RequestURI)
    w.Write([]byte(reqUrl))
}

func (rs *realServer) Run(){
    fmt.Println("Http server tart to serve at :",rs.Addr)
    mux := http.NewServeMux()
    mux.HandleFunc("/",rs.HelloHandler)
    server := &http.Server{
        Addr: rs.Addr,
        Handler: mux,
        WriteTimeout: time.Second * 3,
    }
    go func(){
        if err := server.ListenAndServe();err != nil{
            log.Fatal("Start http server failed,err:",err)
        }
    }()
}

func main() {
    rs1 := &realServer{Addr:"127.0.0.1:8081"}
    rs2 := &realServer{Addr:"127.0.0.1:8082"}

    go rs1.Run()
    go rs2.Run()

    doneCh := make(chan os.Signal)
    signal.Notify(doneCh,syscall.SIGINT,syscall.SIGTERM)
    <- doneCh
}

模拟请求

// output
$ curl http://127.0.0.1:8081/hellotest?id=1 -s
http://127.0.0.1:8081/hellotest?id=1

$ curl http://127.0.0.1:8082/hellotest?id=2 -s
http://127.0.0.1:8082/hellotest?id=2

反向代理服务端实现

package main

import (
    "bufio"
    "fmt"
    "log"
    "net/http"
    "net/url"
    "time"
)
var serverPort = "8888"

// 为了测试,简单的通过当前时间戳取余的方式模拟随机访问后端rs
func GetRandServer()string{
    ports := []string{"8081","8082"}
    n := time.Now().Unix() % 2
    return ports[n]
}

func handler(w http.ResponseWriter,r *http.Request){
  // 解析并修改代理服务
    port := GetRandServer()
    proxyAddr := "http://127.0.0.1:" + port
    proxy ,err := url.Parse(proxyAddr)
    if err != nil{
        log.Println(err)
        return
    }
    r.URL.Scheme = proxy.Scheme
    r.URL.Host = proxy.Host

    // 代理请求
    transport := http.DefaultTransport
    resp ,err := transport.RoundTrip(r)
    if err != nil{
        log.Println(err)
        w.WriteHeader(http.StatusInternalServerError)
        return
    }

    // 将响应结果返回
    for key,value := range resp.Header{
        for _,v := range value{
            w.Header().Add(key,v)
        }
    }
    defer resp.Body.Close()
    bufio.NewReader(resp.Body).WriteTo(w)
}

func main() {
    http.HandleFunc("/",handler)
    fmt.Println("Http reverse proxy server start at : 127.0.0.1:",serverPort)
    if err := http.ListenAndServe(":"+serverPort,nil);err != nil{
        log.Fatal("Start server failed,err:",err)
    }
}

测试

$ for i in {0..9};do curl http://127.0.0.1:8888/reversetest?id=111 -s;done
http://127.0.0.1:8082/reversetest?id=111
http://127.0.0.1:8082/reversetest?id=111
http://127.0.0.1:8082/reversetest?id=111
http://127.0.0.1:8082/reversetest?id=111
http://127.0.0.1:8081/reversetest?id=111
http://127.0.0.1:8081/reversetest?id=111
http://127.0.0.1:8081/reversetest?id=111
http://127.0.0.1:8081/reversetest?id=111
http://127.0.0.1:8081/reversetest?id=111
http://127.0.0.1:8082/reversetest?id=111