Proxy reverse to inside HTTP internal port 57772
Is a layer before the internal HTTP of Caché/IRIS, such as a Reverse Proxy or API Gateway, a good option?
Example: I have an API using %CSP.REST, and I am using the internal port for development. But for production and approval, I put a reverse proxy using NGINX. Is this recommended? Is it an alternative?
Diagram..png)
Comments
If the "internal HTTP" is using the PWS (Private Web Server), then NO, NIET, it's a bad, very bad idea.
DO NOT USE THE PWS for anything apart testing and local PC playing.
For ANYTHING serious, install and use a "real" web server (Apache, NGINX or IIS).
It has been so since EVER and has been documented since ever, but it seems that many people still used the PWS.
I guess that was (one of?) the reason that drove InterSystems to completely remove PWS since.....2024.1? (or was 2?).
From Ensemble 2018..3 documentation (the oldest available online):
Note:
When installing Caché and Ensemble, this private version of Apache is installed to ensure that:The Management Portal runs out of the box.
An out-of-the-box testing capability is provided for development environments.
The private Apache web server is not supported for any other purpose.
For deployments of http-based applications, including CSP, Zen, and SOAP over http or https, you should not use the private web server for any application other than the Management Portal; instead, you must install and deploy one of the supported web servers (for information, see the section “Supported Web Servers” in the online InterSystems Supported PlatformsOpens in a new tab document for this release).
Additional info:
Thank you very much. I had already read the document, but I had the feeling that with a gateway/reverse proxy layer managing the requests in front of the portal's http (57772), it would be a good idea.
Just as an addendum here, the PWS is configured to be a very stable management platform. This stability is reached on the cost of performance. If you put any load on the PWS it will not cope very well. During my time using it i always experienced lags, CSP timeouts when trying to work with PWS with more than 4 concurrent power users.