How to implement a distributed proxy with quotas?
I'm in the process of developping a scalable proxy (Linux/C/C++, Nginx modules or custom HTTP server) handling incoming HTTP requests, and re-routing them to others locations based on parameters included in the incoming request itself (IP, time for example) or external factors (hence the use of an Nginx module able to retrieve the external factors).
However, the tricky part is regarding quotas. For example, I wish I could block proxying requests originating from an IP when it's daily allowance quota is over.
Implementing quotas is nothing but difficult. However, having quotas work in a distributed environment (where ideally everything is shared-nothing) is far but trivial. Indeed, the quota state must be shared to all distributed processes so that they can know whether they should proceed or not. Having a central quota handler means using locks. This makes me think that the performances will drop very quickly. Locking the quotas status everytime a proxying request is being handled doesn't look like the solution to me.
Any hints ?
I'm in the process of developping a scalable proxy (Linux/C/C++, Nginx modules or custom HTTP server) handling incoming HTTP requests, and re-routing them to others locations based on parameters included in the incoming request itself (IP, time for example) or external factors (hence the use of an Nginx module able to retrieve the external factors).
However, the tricky part is regarding quotas. For example, I wish I could block proxying requests originating from an IP when it's daily allowance quota is over.
Implementing quotas is nothing but difficult. However, having quotas work in a distributed environment (where ideally everything is shared-nothing) is far but trivial. Indeed, the quota state must be shared to all distributed processes so that they can know whether they should proceed or not. Having a central quota handler means using locks. This makes me think that the performances will drop very quickly. Locking the quotas status everytime a proxying request is being handled doesn't look like the solution to me.
Any hints ?
No comments:
Post a Comment