Question Regarding Reverse Proxy 2 Server Setups
In this scenario I have 2 servers. One big beefy server with NVMe drives, Many cores, etc. Beefy server has no real DDOS protection. One smaller server with great DDOS protection & filtering. They'll both be running Ubuntu Server 18.04 or Debian probably. They are obviously located on two different networks at two separate datacenters.
I have an entire website already setup and running on beefy server. Everything is perfect however the host has no DDOS protection. I want to use smaller server #2 that is currently sitting unused to act as reverse proxy / ddos protection for the bigger beefier server.
I know I can do this traditionally with NGINX. However I recently came across some interesting software...
Now from my research it seems EnvoyProxy had a bit of speed/performance advantage in benchmarks, so I wanted to go with it. However I keep reading about an Ingress controller might be needed? I never even heard of that term really until today. Will I really need that just to act as reverse proxy and ddos shield? If so do you suggest I use https://github.com/heptio/contour or https://github.com/kubernetes/ingress-nginx ?
Next question...It seems like https://traefik.io & https://caddyserver.com won't require an ingress controller? or its already built in? If that's the case and Envoy is gonna be more complex to setup and maintain, I may focus on traefik or cadddy.
Between Traefik & Caddy, which would you choose & why? I like free SSL and speed. Which would be better for my use case? Thanks!