We want to be able to inject rules from requestctl at the tls termination layer. These rules would be both throttling rules and bandwidth limiting ones, at the very least. This means we might need to extend the action schema, or create alternative action schemas.
In order to do this, we need requestctl to have a haproxy translation layer, which in theory should be easy to do given requestctl is modular. However, the capabilities we have in haproxy aren't the ones we have in varnish, and thus it might be useful to introduce the concept of capabilities of the translation layers, or alternatively to create separate action schemas for each software we want to support - in fact haproxy is just the first of the list.
Enumerating things we'll need to do to complete this work:
- Identify where we want to inject rules from requestctl in haproxy
- Modify requestctl so it can support output for haproxy
- Do the plumbing to inject data via confd/etcd in haproxy, including syntax checks