Install and customize Envoy Proxy on our physical server. This server will run LXC containers that will have 2 ports (per container) that require an active proxied ssl secured location. One of the two ports will require an authentication layer, JWT, to connect to it (Push Websocket). The other websocket (Main Websocket) has its own authentication and should have its route without authentication from envoy.
An ideal setup is where there are no outside ports used by the proxy: i.e., [login to view URL] and, local ports used in the container become irrelevant. Since if the proxy goes directly to the lxc containers' bridge NAT location, unique port labeling would not be required to avoid 2 websockets broadcasting on the same port.
Containers will be actively created/destroyed on the EWS (Enterprise Web Server) via script. This same script needs to have the ability to update Envoys' configuration on the creation of new containers, or destruction, and automate the assignment of new proxy routes when information is provided by script execution or allow the release of previously proxied containers that have been deleted. With many elements to the backend configuration, the host (ip:port) in the configuration needs to also be editable via script or global variable. Custom load balancing is to be implemented.
You will work with my full stack developer to ensure the scripting that is written matches the requirements of Envoys configuration.
You will also conference with the Merchant App Team and the Client App Team to instruct on how to implement JWT authentication hard-coding into the front end app suite.