GopherProxy & Sentinel is a production-grade, health-aware Load Balancer and Service Discovery engine built entirely in Go. It simulates a cloud-native environment locally, featuring a decoupled Data Plane (Proxy) and Control Plane (Sentinel), managed via Redis, and fully observable through Prometheus and Grafana.
The system follows a three-tier distributed architecture:
- The Data Plane (GopherProxy): A high-concurrency Go reverse proxy that routes traffic to healthy backends and enforces security via Rate Limiting.
- The Control Plane (Sentinel): An automated monitoring agent that pings backend ports and updates the shared Service Registry.
- The Service Registry (Redis): A persistent "Source of Truth" where backends are registered and de-duplicated.
- The Observability Stack: Prometheus scrapes metrics from the Proxy, and Grafana visualizes the traffic flow and backend health.
- Decoupled Service Discovery: Uses Redis Sets to manage dynamic backend registration without restarting the proxy.
- High-Performance Concurrency: Leverages
sync.RWMutexfor efficient multi-reader access andsync/atomicfor thread-safe load balancing. - Security & Hardening:
- Rate Limiting: Implements a Token Bucket algorithm to prevent local DDoS.
- Graceful Shutdown: Handles OS signals (
SIGINT,SIGTERM) to ensure zero-drop connection closing. - Isolation: Runs as a non-privileged
gopheruserinside the container.
- Observability (SRE): Exports custom Prometheus metrics including Request Counters and Healthy Backend Gauges.
- Cloud-Native Optimization: Multi-stage Docker build using
ARGandStatic Linking, resulting in a tiny 13.4MB image.
- Language: Go (Standard Library,
httputil,context) - Registry: Redis
- Monitoring: Prometheus & Grafana
- Deployment: Docker, Docker Compose
- Networking: HTTP Reverse Proxy, TCP Dialing
- Docker & Docker Compose
- Python (to run mock backend servers)
docker-compose up --buildOpen two separate terminals:
# Terminal A
python -m http.server 8081
# Terminal B
python -m http.server 8082# Observe the Rate Limiter (2 req/sec)
for i in {1..50}; do curl -I http://localhost:8080; doneThis project is licensed under the MIT License - see the LICENSE file for details.
