HAProxyProtocol support in webserver

[ggsrivas]

Environment Details

• Helidon Version: 3.x
• Helidon SE or Helidon MP: Helidon SE
• JDK version: 17
• OS: OS agnostic
• Docker version (if applicable):

---

Problem Description

My Webserver is built using Helidon. I want to enable HAProxy proxy-protocol on my Load balancer that will require this webserver to parse the response correctly. but, I don't see support for proxy-protocol in Helidon.
It would have been helpful if Helidon had support for custom childHandlers for NettyWebServer so, that I could have added this handler myself. See below screenshot,

This is a feature enhancement request, not a bug. It would be great if this support is added directly in the framework and it can be enabled as a configuration. Support for custom childHandler will also resolve this gap. Please note that this support already exists in Netty but since, there is no way to enable it with Helidon.

references:
Proxy-protocol: https://www.haproxy.com/blog/use-the-proxy-protocol-to-preserve-a-clients-ip-address
Netty proxy protocol: https://netty.io/4.0/api/io/netty/handler/codec/haproxy/HAProxyProxiedProtocol.html

[spericas]

@ggsrivas Is the use of HTTP headers to convey client info not a viable alternative in your case?

[ggsrivas]

Hi @spericas , With the Layer4 load balancer, The client info is not preserved. These Load balancers will put their own IP in the header. The proxy protocol is used to preserve that information.

[spericas]

@ggsrivas I put together a prototype based on what you shared with me. For now, it only adds X-Forwarded-For with some client info as an example (it also adds a config flag to enable the protocol). There's a single V1 test.

https://github.com/spericas/helidon/pull/3/files

Please take a look and let me know what you think.

[ggsrivas]

The changes look good. Thanks.

[spericas]

@ggsrivas Could you comment on which other headers are you expecting? Also on how do you expect OCI's LB data to be available? Thanks.

[ggsrivas]

Just the IP address is good enough for my use case. I am thinking the details should be similar to how they are described in this doc,

https://github.com/haproxy/haproxy/blob/master/doc/proxy-protocol.txt

[spericas]

Since we are nearly done supporting this in 4.x (#7829) and there is no longer an immediate requirement to support this in 3.x, I am closing this issue. We can reopen it at later time and use the prototype linked above as a starting point.