That should be fine - simple dynamic hierarchical caching If you are using hierarchical caching, you can write plugin using https://docs.trafficserver.apache.org/en/latest/developer-guide/api/functions/TSHttpTxnParentProxySet.en.html or https://docs.trafficserver.apache.org/en/latest/developer-guide/api/functions/TSHttpTxnParentSelectionUrlGet.en.html
to control the parent proxy machines to go to. We have the corresponding functions to call in lua as well. If you are not using hierarchical caching, you can still use C or lua plugin to control your destination, and thus forwarding the request out to the upstream of your choice. And whether you do forward proxy or reverse proxy, things should still be fine. Perhaps you can share more about the your previous problem with this curl command below > > $ curl --proxy http://127.0.0.1:8080 https://httpbin.org/get?answer=42 -v > * Trying 127.0.0.1... > * TCP_NODELAY set > * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > * Establish HTTP proxy tunnel to httpbin.org:443 > > CONNECT httpbin.org:443 HTTP/1.1 > > Host: httpbin.org:443 > > User-Agent: curl/7.54.0 > > Proxy-Connection: Keep-Alive > > > < HTTP/1.1 200 OK > < Date: Sun, 06 Dec 2020 02:22:49 GMT > < Proxy-Connection: keep-alive > < Server: ATS/10.0.0 > < > * Proxy replied OK to CONNECT request > * ALPN, offering h2 > * ALPN, offering http/1.1 > * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH > * successfully set certificate verify locations: > * CAfile: /etc/ssl/cert.pem > CApath: none > * TLSv1.2 (OUT), TLS handshake, Client hello (1): > * error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number > * stopped the pause stream! > * Closing connection 0 > curl: (35) error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version > number Are you using a lua script in this case? And if yes, what is the content of the script? On Mon, Dec 7, 2020 at 9:30 PM Lei Sun <[email protected]> wrote: > > Hi Kit, > > It didn’t work. > > Do you think what I’m trying to do (dynamic hierarchical caching) possible > with ATS? > > Thanks, > Lei > > > On Dec 7, 2020, at 11:23 PM, Shu Kit Chan <[email protected]> wrote: > > > > Ok. I see. Thanks for explaining. So does my previous suggestion work then > > ? > > > >> On Sun, Dec 6, 2020 at 3:36 AM Lei Sun <[email protected]> wrote: > >> > >> Hi Kit, > >> > >> Thanks for thinking through this with me. > >> > >> Here is what I'm trying to do. > >> > >> http/https client => proxy1 (ats) => proxy2_group (parent proxy group of > >> 100 servers) => origin > >> > >> I would like to configure proxy1 (ats), so that it can forward all > >> http/https requests through proxy2_group dynamically based on intelligent > >> rules. For example, if node1, node2 and node3 of the proxy2_group is > >> overloaded, the lua script can then direct more % of traffic to the other > >> 97 nodes within the proxy2_group. > >> > >> It's very similar to the hierarchical caching, but dynamically with lua, > >> since we'd literally be check hundreds of servers in real time. > >> > >> I'd like to figure out how to configure the ATS, so that it can do this. > >> > >> Thanks > >> Lei > >> > >> > >> > >> > >> > >> > >> > >>> On Sat, Dec 5, 2020 at 11:19 PM Shu Kit Chan <[email protected]> wrote: > >>> > >>> I am still not quite sure if i understand what you are trying to do. > >>> But let me take a guess. > >>> > >>> The error "error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong > >>> version number" probably means that you are talking to a invalid https > >>> endpoint through ATS. "https://httpbin.org/"; is a pretty normal > >>> destination. So are you already using lua plugin/script to change the > >>> destination? That destination is probably not a valid https endpoint. > >>> So the CONNECT may still work and return status 200 and follow the lua > >>> script program to route request to new destination. That destination > >>> is not valid https and so curl does not like it. > >>> > >>> If I am right so far, then I think disable the lua plugin will make > >>> ATS to work just like squid. If you really want to use lua to change > >>> the destination, I think you need to make sure to set the scheme to > >>> https as well in your lua script. > >>> > >>> Thanks . > >>> > >>> Kit > >>> > >>> > >>>
