Documentation Console
eneszh
Log In Start now
Inceptiondb
Quick Start Guide with InceptionDB
Managing Collections
Working with Data
InceptionDB API Reference
Create Collection
Create Database
Document Operations
Drop Database
Get Database
List Collections
List Databases
Update Database
Lambda
Getting Started with Lambda
Managing Lambda Functions
Invoking Lambda Functions
Lambda API Reference
Create Lambda
Delete Lambda
Get Lambda
List Lambdas
Modify Lambda
Mux Router
Run Lambda (Admin)
Run Lambda (Public)
Files
Getting Started
Managing Buckets
Working With Files
Files API Reference
Create Bucket
Delete Bucket
Delete File
Download File
File Headers
Get Bucket
List Buckets
List Files
Modify Bucket
Upload File
Config
Getting Started
Managing Configs
Config API Reference
Create Config
Delete Config
Get Config
Get User Config
List Configs
Patch Config
Update User Config
InstantLogs
Getting Started
Ingesting Logs
Streaming and Filtering
InstantLogs API Reference
Create Logger
Create Logger API Key
Delete Logger
Delete Logger API Key
Filter Logs
Get Logger
Ingest Framed Events
Ingest Logs
List Loggers
Logger Stats
Stream Events
Tailon Queues
Getting Started
Managing Queues
Producing and Consuming
Tailon API Reference
Create Queue
Delete Queue
Get Queue
List Clients
List Queues
Read Messages
Write Messages
Scheduler
Getting Started
Managing Schedulers
Task Lifecycle
Scheduler API Reference
Acknowledge Task
Create Scheduler
Delete Scheduler
Enqueue Task
Extend Lease
Get Scheduler
List Schedulers
List Tasks
Patch Scheduler
Reschedule Task
Reserve Task
Scheduler Health
Task Stream
Update Scheduler
Kvnode
Getting Started
Collections And Keys
Replication
KVNode API Reference
Create Collection
Delete Collection
Delete Key
Get Key
Health Check
List Collections
List Keys
Node Metrics
Node Status
Readiness Check
Set Key
SDK Reference
Console
Getting Started with the Console
Managing Projects and Services
Console API Reference
Fake API
Get Version
Glue2
Architecture & Routing
Authentication
Managing API Keys
Glue2 API Reference
Backend Status
Get Version
List Virtualhosts
Openapi Spec
Traffic Stats
Holamail
Sending Email
Holamail API Reference
SMTP Reference
Run
Getting Started
Run API Reference
Console Data
Docker Registry
Get Version
Rollback Image
Save Environment
Save Volumes
Start Repository
Stop Repository

Architecture & Routing

Glue2 is the central reverse proxy that sits in front of every HolaCloud service. All incoming traffic — whether from browser users, API clients, or internal services — passes through Glue2 before reaching its destination.

Glue2 Architecture

Reverse Proxy

Glue2 operates as a Layer-7 reverse proxy. It terminates TLS, inspects each request, authenticates the caller, and then forwards the request to the appropriate backend service. No external traffic reaches HolaCloud services directly; Glue2 is the single entry point.

1Client ──▶ Glue2 (auth check) ──▶ Backend Service
23              ├──▶ InceptionDB
4              ├──▶ Lambda
5              ├──▶ Files
6              ├──▶ Config
7              ├──▶ KVNode
8              ├──▶ Scheduler
9              └──▶ Logs

Virtual Host Routing

Glue2 routes requests based on the Host header. Each HolaCloud project is assigned a unique subdomain (<project>.hola.cloud), and Glue2 maps that subdomain to the project's backend service.

Built-in platform services use reserved subdomains:

Host Service
inceptiondb.hola.cloud InceptionDB
api.hola.cloud Public API (Lambda, Files, Config, etc.)
console.hola.cloud HolaCloud Console
auth.hola.cloud Authentication / Session service
logs.hola.cloud InstantLogs

When a request arrives for my-project.hola.cloud, Glue2 looks up the project with that slug, resolves its primary backend service, and forwards the request.

The Proxy Flow

  1. Client sends an HTTP request to <project>.hola.cloud.
  2. Glue2 terminates the TLS connection and reads the Host header.
  3. Glue2 checks authentication (session cookie, API key, or OAuth token). If the endpoint requires auth and none is provided, the request is rejected with 401 Unauthorized.
  4. Glue2 resolves the virtual host to a project ID and backend service target.
  5. Glue2 injects authentication and project headers into the request.
  6. The request is forwarded to the backend service.
  7. The backend response is streamed back to the client, and Glue2 logs the transaction.

Injected Headers

When forwarding to a backend, Glue2 injects:

Header Description
X-Glue-Authentication Plain JSON authentication context
X-Holacloud-Project-Id The UUID of the project derived from the virtual host
X-Holacloud-Tenant-Project-Id Tenant-scoped project ID for multi-tenant isolation
X-Forwarded-For Original client IP address
X-Forwarded-Proto Original protocol (http or https)

Backend services use these headers to identify the caller and enforce authorization. X-Glue-Authentication is plain JSON.

V0 Admin Endpoints

Glue2 exposes a set of admin endpoints under /v0/:

List Virtual Hosts

1curl "https://api.hola.cloud/v0/virtualhosts" \

1["my-project.hola.cloud", "api.my-project.hola.cloud"]

Traffic Stats

1curl "https://api.hola.cloud/v0/stats" \

Backend Health Status

1curl "https://api.hola.cloud/v0/status" \

1[
2  {
3    "id": "project-123",
4    "name": "My Project",
5    "host": "my-project.hola.cloud",
6    "status": 200,
7    "statusText": "200 OK"
8  }
9]

Next Steps

Comments

Leave a comment

Reverse Proxy
Virtual Host Routing
The Proxy Flow
Injected Headers
V0 Admin Endpoints
List Virtual Hosts
Traffic Stats
Backend Health Status
Next Steps

Enterprise cloud software built for regulated and high-growth teams.

Solutions

Resources

Contact

© 2025 hola.cloud All rights reserved.