Skip to main content

C++

C++ is fully supported by Speedscale. Use this page for C++-specific proxy settings, TLS trust configuration, demo guidance, and the proxymock local workflow.

Kubernetes Sidecar

When a C++ application runs with the Speedscale sidecar in forward or dual mode, the application must still send outbound traffic to the sidecar. With libcurl, set HTTP_PROXY and HTTPS_PROXY to http://127.0.0.1:4140 unless you changed proxy-out-port; libcurl honors these *_proxy environment variables.

If tls-out is enabled, trust and routing are separate concerns:

  • routing: HTTP_PROXY and HTTPS_PROXY
  • TLS trust: libcurl uses a compiled-in CA bundle and does not read SSL_CERT_FILE, so the CA must be supplied through libcurl directly (see TLS Trust)

See Proxy Modes and TLS Support for the shared sidecar behavior.

Demo App

  • Public demo: speedscale/mock-lab (cpp directory)
  • Stack: C++ HTTP service using POSIX sockets and libcurl that calls one downstream, the CNCF projects API at https://demo-api.trafficreplay.com
  • Build and run: c++ -std=c++17 main.cpp -o app -lcurl && ./app
    • macOS: libcurl ships with the Xcode Command Line Tools (xcode-select --install) — no extra package needed.
    • Linux: install the libcurl development headers first, e.g. sudo apt-get install libcurl4-openssl-dev (Debian/Ubuntu) or sudo dnf install libcurl-devel (Fedora/RHEL).
  • Quick validation: ./lab/tests/run_tests.sh --recording

This is the canonical public C++ demo for the proxymock quickstart and local replay workflow.

proxymock

Use this path for the fastest C++ first success on a developer workstation.

  1. 1. Install and initialize proxymock
    brew install speedscale/tap/proxymock
proxymock init

    Use browser sign-in by default. Use `proxymock init --api-key <your key>` only for CI or other headless environments.

  2. 2. Start recording
    git clone https://github.com/speedscale/mock-lab
cd mock-lab/cpp
c++ -std=c++17 main.cpp -o app -lcurl
proxymock record -- ./app

    Build first so the binary can link libcurl. macOS already has libcurl via the Xcode Command Line Tools; on Linux install the dev headers first (`sudo apt-get install libcurl4-openssl-dev` on Debian/Ubuntu, `sudo dnf install libcurl-devel` on Fedora/RHEL). Then let proxymock supervise the compiled `./app` binary as it records the downstream calls.

  3. 3. Generate one real workflow
    ./lab/tests/run_tests.sh --recording

    Run the test driver from the repo root. It drives the requests that become the exported production-style trace.

  4. 4. Stop the recording, then run with mocks
    cd mock-lab/cpp
proxymock mock -- ./app

    Reuse the `./app` binary you already built. The mocked run should no longer need live outbound dependencies.

  5. 5. Replay the same traffic against a change
    cd mock-lab/cpp
proxymock replay --test-against http://localhost:8080

    Use replay as the regression check before shipping C++ changes.

TLS Trust

libcurl does not read SSL_CERT_FILE; it trusts a compiled-in CA bundle. To trust the proxymock CA for the downstream HTTPS call, the demo passes the certificate to libcurl directly:

curl_easy_setopt(curl, CURLOPT_CAINFO, getenv("SSL_CERT_FILE"));

This is already done in mock-lab/cpp/main.cpp and works on both macOS and Linux. Without it, the downstream HTTPS call fails certificate verification on Linux (OpenSSL-backed libcurl); on macOS the system libcurl may fall back to the keychain, so passing the proxymock CA explicitly keeps the behavior consistent across platforms. See the shared Language Configuration page for the exact SSL_CERT_FILE path.