[Info-vax] OpenVMS app stacking
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Wed Jan 3 17:13:47 EST 2018
On 2018-01-03 20:03:04 +0000, DaveFroble said:
> However, one part reminds me of a discussion we had in the past. You
> didn't seem too thrilled with my idea of a listener which would peek
> into a shared socket buffer, then send (in whatever way appropriate)
> the work to another app which would us the same socket. Think that
> idea might work for all those apps waiting for HTTPS connections? I'm
> guessing it might require some work on the destination apps.
The implementation of an application-level TLS router is something I'd
prefer to avoid.
The Auxiliary Server (what most folks call inetd) and/or borrowing the
code in Apache port. Or see how portable something like Gearman
http://gearman.org might be.
Pushing the balancing toward the client where that's feasible, or to
load balancing gear where that's available. Tell the client to
directly chat with {other end-point} for the next {time}. Or program
the client to use DNS SRV records, and load-balance those with the TTL
de jour.
DTLS where connections aren't needed or 2PC retries can be implemented locally.
Maybe DTLS with MQTT or CoAP, or move to TLS with a REST library or
with Tomcat or such.
For designs where there's enough system performance available, open a
chain of TLS connections.
I'm not a huge fan of trying to pass around the entire context of a TLS
end-point. That hand-off seems unlikely to be reliable. Or something
akin to MiTMproxy https://mitmproxy.org and which I'd prefer to avoid
in production designs.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list