We Keep Coding

How to pass path from haproxy frontend to backend in version 1.5.18

I have a condition where I need to pass whatever path is given in the frontend url to a backend redirect statement. E.g. Frontend https://example.com/abc/xyz to backend http://server-address:port/abc/xyz. I am using http redirect in the backend as of now. But now it has been requested to pass any path along with the frontend URL, to be appended to backend as well. I cannot use redirect on frontend as I need to use port 443 which is being used by other service. So I am use acl_path to point to a different backend, so I need to achieve this using backend itself. My frontend config is below-
frontend a
bind 10.10.10.10:443 ssl crt /etc/pki/org/key/somekey.key force-tlsv12 ciphers SOME-CIPHER
mode http
acl a_dev_app hdr_dom(host) -m beg a.dev.app.
acl b_dev_app hdr_dom(host) -m beg b.dev.app.
option http-server-close
use_backend a if a_dev_app
use_backend b if b_dev_app
Backend config-
backend b
balance roundrobin
cookie a-web-backend insert indirect nocache
http-request redirect location http://server-url:8081/b
mode http
option httpchk /b
server a-web-d01 http://server-url:8081 check maxconn 150 cookie a-web-d01

Haproxy acl - service unavailable

I'm trying to setup haproxy acl, and it gives me 503: Service unavailable error, even redirect by port works fine. What am I doing wrong?
Appreciate any help.
This doesn't work by x.x.x.x/havana :
frontend https
bind *:80
mode http
option httpclose
acl otter-path path -i /havana/
use_backend otter-server if otter-path
This shows backend fine by x.x.x.x:82 :
frontend otter-server
bind *:82
option forwardfor
default_backend otter-server
Backend configuration:
backend otter-server
server otter2 192.168.0.15:8004

acl otter-path path -i /havana/
remove the last "/" i.e:
acl otter-path path -i /havana
your trying to hitx.x.x.x/havana but matching x.x.x.x/havana/

the problem was - it redirects not to backend, but to backend/havana, which doesn't exist.
Solution is to remove subpath after redirect, so it points exact to backend root
backend annotrack-mouse
balance roundrobin
http-request set-uri %[url,regsub(^/havana/mouse,/,)] if { path_beg /ha$
server annotrack-mouse 192.168.0.10:3000
option httpchk

Setting Custom Header on a per server basis in HAProxy

I need to load balance 3rd party services using HAProxy 1.7. Each of the servers requires unique Basic Auth Headers. I am looking for an approach similar to this below, where I can "roundrobin" between backend servers, but each server needs a different HTTP header:
frontend http-in
bind *:80
use_backend servs
backend servs
reqidel '^Authorization:.*'
reqadd 'Authorization: Basic blahblahblah'
server url1 asdf.example.com:8080 check ssl verify none
reqidel '^Authorization:.*'
reqadd 'Authorization: Basic blah2blah2blah2'
server url2 asdf.example.com:8081 check ssl verify none
This approach only ever uses the first server (url1).

I implemented the following solution to allow for custom headers for each server being load balanced.
frontend http-in
bind *:80
use_backend proxy
backend proxy
balance roundrobin
server url1-proxy 0.0.0.0:8080
server url2-proxy 0.0.0.0:8081
listen url1-proxy
bind *:8080
reqidel '^Authorization:.*'
reqadd 'Authorization: Basic blahblahblah'
server url1 asdf.example.com:8080 check ssl verify none
listen url2-proxy
bind *:8081
reqidel '^Authorization:.*'
reqadd 'Authorization: Basic blah2blah2blah2'
server url2 asdf.example.com:8081 check ssl verify none

setting up haproxy to listen to ssl

I followed the instructions at https://www.digitalocean.com/community/tutorials/how-to-implement-ssl-termination-with-haproxy-on-ubuntu-14-04 to setup haproxy to listen to ssl.
However when i try to hit any request through https it doesn't seem to be working, i basically get a ERR_CONNECTION_REFUSED.
I started haproxy by outputting all the operations into nohup. I tried looking into nohup and i dont seem to be getting any info there when i hit the request.
Basically this is the config that i added:
frontend https
bind *:443 ssl crt /etc/ssl/private/{domainname.com}.pem
reqadd X-Forwarded-Proto:\ https
default_backend default
While generating the certificate i have the same domainname.com as well.
Is there any other way to find out why it doesnt seem to work.

You can use "openssl" to verify the certificate response:
echo | openssl s_client -showcerts -connect yourdomain:443
or try "curl":
curl -v -o /dev/null https://yourdomain
check if your haproxy logging is enabled and correct, e.g.:
global
log 127.0.0.1 local0
defaults
log global

how to balance to a specific server if hostname matches x.domaine.com (Haproxy)

as mentioned in the title, i've set an Haproxy loadbalancer with a basic configuration, what i'd like to do is to always redirect request to the first server if the hostname matches x.domaine.com, but keep the balancing for domaine.com, is it possible with Haproxy, and if so how can i do it.
her's my configuration
listen webcluster *:80
mode http
balance roundrobin
option httpchk HEAD / HTTP/1.0
option forwardfor
cookie LSW_WEB insert
option httpclose
server bigSRV 192.168.1.10:8082 cookie LSW_WEB01 check
server miniSRV 192.168.2.10:8082 cookie LSW_WEB01 check
thanks in advence

after hours of digging i finally got it to work, so i'm going to answer my own question in case if samone have the same issue
generally i created a frontend that listen on port:80 and in which i defined 2 ACLs that uses the "if" statement to check the http header and then redirect to one of the backends defined, if no request matches the conditions, we redirect to default backend, here's how it's done (on haproxy.cfg) :
frontend http-proxy
bind *:80
acl is_www hdr(host) -i www.domain.com
acl is_x hdr(host) -i x.domain.com
use_backend clusterWWW if is_www
use_backend clusterX if is_x
default_backend clusterWWW
backend clusterWWW
server bigSRV 192.168.1.10:8082 cookie LSW_WEB01 check
server miniSRV 192.168.2.10:8082 cookie LSW_WEB01 check
backend clusterX
server bigSRV 192.168.1.10:8082 cookie LSW_WEB01 check