ReleaseEngineering/Applications/Proxxy

Proxxy is a basic http cache used in each data center to reduce network transfers. It's essentially a docker container that runs nginx inside, and can cache requests locally to disk.

Source code is currently located here: https://github.com/laggyluke/proxxy/

It is deployed in each region in Amazon inside the VPC. Each region has a single c3.8xlarge instance to handle the load. The instances use Elastic IPs so we can get the same IP address if there's a need to re-create the instances. The routing tables are configured so that proxxy requests files via the public network instead of the VPN connection.

DNS is configured so that *.proxxy.srv.releng.$REGION.mozilla.com is points to the proxxy instances. See https://inventory.mozilla.org/en-US/core/search/#q=proxxy

The proxxy instances can be accessed by ssh'ing to their internal IP from inside the build network. Login us user 'ubuntu' using the proxxy ssh key in the private releng repo.

Clients request files explicitly from the proxxy rather than relying on transparent network proxies, or HTTP_CACHE environment settings. Since the proxxy instances can be handling multiple endpoints, we prepend the hostname of the original url to the proxxy url. e.g. to fetch http://ftp.mozilla.org/foo/bar, the client would first check http://ftp.mozilla.org.proxxy.srv.releng.use1.mozilla.com. Much of this logic is handled by mozharness' proxxy mixin.

If any authentication required, e.g. for pvtbuilds, then proxxy has those credentials baked into the AMI. Test clients on the local network can then request those files from proxxy without authentication.