What is YARP?
YARP(Yet Another Reverse Proxy) is a reverse proxy open-source project built by Microsoft. Before diving into it, let us try to understand what a proxy server is. Whenever someone talks about proxy servers, they refer to the forward proxy, which is the most common type of proxy.
The forward proxy acts as a mediator between the user and the web servers they access, which means that each user request passes through the forward proxy before being redirected to the web page.
And after the data is retrieved, it again goes through the forward proxy server before appearing to the user. From the perspective of the internet server, the request is actually made by the forward proxy server and not the user themselves. A forward proxy can also cache information and retrieve it for future requests.
Now that you know what forward proxy is, let’s try to understand what reverse proxy is in this post, and then move onto our main topic YARP.
Table of Contents
- What is Reverse Proxy?
- What is YARP?
- Why use YARP
- Configuring and using YARP in your applications
What is Reverse Proxy?
As discussed earlier, a forward proxy sits in front of a client and ensures that no origin server directly communicates with that specific client. Reverse proxy does the opposite of what a forward proxy does.
A reverse proxy ensures that it sits in front of the origin servers and makes sure that no client directly communicates with the origin servers. There are several subtle benefits of a reverse proxy server such as load balancing, caching, SSL encryption, and protection from DoS and DDoS attacks.
Some enterprises build their own reverse proxy servers, which require highly intensive software and hardware engineering tools and resources. And on top of that, it requires huge investments for purchasing hardware which may not be suitable for all businesses, especially startups. This is where the YARP comes into the picture. The best part about YARP is that it is customizable and can be built to match the exact needs of different deployment scenarios.
What is YARP?
YARP is an open-source library with which you can implement core proxy-related functionalities by adding or replacing modules. Currently, YARP can be utilized in the form of NuGet packages and code snippets. Microsoft is planning to provide a project template and a prebuilt exe for YARP so that users do not spend time handling redundant code snippets and setting up a project.
YARP is implemented on top of the .NET framework and is available to Windows, Mac, and Linux users. Development can be done with your favorite editor, be it Visual studio or Visual studio code.
Why use YARP?
Reverse proxies enhance the reliability, performance, and security of the requests and even provide load balancing for applications and APIs. They are even capable of offloading services from applications through caching, intelligent compression, and SSL encryption.
Many organizations wish to build their own reverse proxies. Due to budget constraints, many businesses are unable to build one. This is when the YARP solution came as a savior for them. It helped customize the HTTP requests according to different environments/
Although there are many existing reverse proxies, the customizations of those proxies are not cost-effective while the maintenance charges are also quite high.
The point is, many existing proxies use HTTP/1.1, but owing to the constant change in workloads to accommodate gRPC traffic, it requires HTTP/2 support which follows a complex implementation. But with the use of YARP, projects get to customize the routing and handling behavior without implementing the HTTP protocol.
Configuring and using YARP in your applications
The proxy configuration is read from the appsettings.json file which has routes and clusters. The route configuration targets matched paths and routes redirected to a cluster, where clusters are destinations that respond to requests through a specific route.
You can even include route-based policies to a configuration such as adding authorization rules to a specific route, or ensuring that cross-origin sharing policies are in place for routes. As a result, YARP provides a customized set of configurations that contribute to a modern policy-based routing.
Also, it is possible to reload the configuration settings dynamically without restarting the proxy. So if you are autoscaling an application via Kubernetes server or Azure Service Fabric, you can update it as new endpoints are added or old ones removed.
Another interesting feature of YARP is the ability to add your own middleware to a proxy, using the .NET pipeline feature to add new features. For instance, you could reject requests based on rules and send custom messages from the proxy without passing any data to the end clusters. This is where using middleware in the request header comes into the picture, as it is not a good idea to modify the request body or responses.
Also, YARP supports built-in transforms, that can modify requests and responses. For example, when you are using YARP as a secure sockets layer accelerator(device configured to accelerate encryption/decryption routine), you can modify the headers and responses to remove encryption.
YARP can be an important part of your application’s self-monitoring process as it checks endpoint health. Requests can be sent to clusters and based on the responses from the clusters, they can be classified as healthy or unhealthy. With unhealthy clusters blocked, you can ensure the proper working of your application without coming across any false responses. Built to support many internal projects, Microsoft has built YARP, delivering the most reliable reverse proxy with various customization mechanisms available.