Middleware Stacks

Middleware Stacks in Qpoint Proxy allow for the injection of custom functionalities such as metrics collection, performance monitoring, traffic logging, and more. These functionalities are implemented using WebAssembly (WASM) modules, providing a flexible and powerful way to extend the proxy’s capabilities.

Middleware Stacks require SSL/TLS Termination.

Configuring Middleware Stacks

Middleware stacks are defined in the stacks section of the proxy-config.yaml file. Each stack consists of a list of middleware modules that are applied to the traffic passing through the proxy.

Example Stack Configuration

Below is an example of a stack configuration that includes two middleware modules:

stacks:
  default:
    middlewares:
      - name: duration-micro
        config: "us"
        wasm: "docker://us-docker.pkg.dev/qpoint-edge/public/middleware/http_duration:0bb591c"
      - name: report
        wasm: "/path/to/local/report.wasm"
  complete:
    middlewares:
      - name: duration-milli
        config: "ms"
        wasm: "docker://us-docker.pkg.dev/qpoint-edge/public/middleware/http_duration:0bb591c"
      - name: report
        wasm: "/path/to/local/report.wasm"

  • stacks: Top-level section defining all middleware stacks.

  • default, complete: Names of the stacks.

  • middlewares: List of middleware modules in each stack.

    • name: Descriptive name of the middleware.

    • config: Configuration parameters for the middleware.

    • wasm: Path to the WebAssembly module, either a local path or a remote URI.

Applying Middleware Stacks to Endpoints

Middleware stacks are applied to specific endpoints by referencing the stack name in the endpoint configuration. This allows for flexible and targeted application of middleware functionalities.

Example Endpoint Configuration with Stack

proxy:
  audit_logs: stdout # Where to publish Audit Logs
  tls_ca_crt: "PEM or file://global_ca_cert.pem"  # Path or inline CA certificate
  tls_ca_key: "PEM or file://global_ca_key.pem"  # Path or inline CA key
  default_domain_action: ALLOW
  
  endpoints:
    - domain: "api.example.com"
      action: DENY
      allow:
        - ip: 172.17.0.1
      stack: complete  # Reference to the 'complete' stack
    - domain: "api.github.com"
      action: DENY
      allow:
        - ip: 172.17.0.1
      stack: default  # Reference to the 'default' stack

Practical Use Cases

  1. Metrics Collection: Use the duration-micro middleware to measure the time taken for each request, providing valuable performance metrics.

  2. Traffic Logging: Use the report middleware to log and forward request details for monitoring and analysis.

  3. Custom Processing: Develop and deploy custom WASM modules to implement specific functionalities such as request modification, authentication, or data transformation.

PreviousSSL/TLS TerminationNextClient Setup

Last updated