Proxy http requests to external proxy for internet access

Issue Type:

• Bug report
• Feature request

We are running a Linkerd-to-Linkerd setup where we use http_proxy to route HTTP traffic to Linkerd, but in our infrastructure internet access is only provided using a proxy server. We need to be able to tell Linkerd to proxy internet traffic to another proxy server.

Here is the Linkerd config we use today:

admin:
  ip: 0.0.0.0
  port: 9990

namers:
- kind: io.l5d.consul
  includeTag: true
  failFast: true
  useHealthCheck: false
  host: infrastructure-consul
  port: 8500

routers:
  - label: http1-out
    protocol: http
    servers:
      - port: 4140
        ip: 0.0.0.0
    dtab: |
      /svc        =>  /#/io.l5d.consul/.local/external;
      /host       => /svc;
      /http/*/*   => /host;
    identifier:
     kind: io.l5d.header.token

  - label: http1-in
    protocol: http
    servers:
      - port: 4141
        ip: 0.0.0.0
    dtab: |
      /svc        =>  /#/io.l5d.consul/.local/internal;
      /host       => /svc;
      /http/*/*   => /host;
    identifier:
      kind: io.l5d.header.token

telemetry:
  - kind: io.zipkin.http
    host: zipkin:9411
    initialSampleRate: 1.00

usage:
  orgId: linkerd-examples-consul

We have tried to use the io.buoyant.rinet but that only gives us the feature to make Linkerd make http requests to external resources, but not to a proxy. We could route internet traffic directly to the Internet proxy, but then we loos all the features of Linkerd and we need to implement that in all our services.

We are only using http(s) so we do only need to talk to an http proxy(in our case a squid).

Our end gold would be a flow looking like this: [service] -> [Linkerd] -> [InternetProxy] -> (Internet)

Or if multiple connected services are in play: [service] -> [Linkerd] -> [Linkerd] -> [service] -> [Linkerd] -> [InternetProxy] -> (Internet)

Environment:

• Linkerd version 1.3.5