Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [haproxy]

HAProxy is an open source, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing.

See also:

2099 questions
3
votes
0 answers

BAD REQ 400 when trying to enable HAProxy ssl?

http works but can't connect via secure connection. The haproxy log file error: {} 400 mainssl/ 187 -1 output of socket show errors: frontend mainssl (#3): invalid request backend (#-1), server (#-1), event #4 …
Don
  • 131
  • 9
3
votes
1 answer

haproxy does not add headers conditionally

I have the following config, it's under the frontend section for tls connection and haproxy terminates https connections: acl domain-acl-host hdr(host) -i domain.tld rspadd X-Foo:\ bar if domain-acl-host rspadd X-Baz:\ baz http-response set-header…
zerkms
  • 431
  • 2
  • 5
  • 17
3
votes
1 answer

HAProxy add some headers before 302 redirect

I'm trying to add some security headers to the responses that are directed to a specific port. I have the following configured frontend: frontend desenv_ext_1 bind *:80 bind *:443 ssl crt /etc/ssl/certs/cert.pem mode http option tcplog…
R Wagner
  • 33
  • 1
  • 3
3
votes
1 answer

difference between url_beg and path_beg in haproxy

Haproxy doc prefers using path_beg over url_beg to match path in urls. As per https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#url: With ACLs, using "path" is preferred over using "url", because clients may send a full URL as is…
Deepak Deore
  • 691
  • 1
  • 9
  • 16
3
votes
2 answers

Complex AND/OR in backend conditional

I am attempting to use a backend under the following condition: It is the prod site being requested (i.e. there is mysite.com and beta.mysite.com) AND It's an api request OR It's an opt-in request I have the following acls setup for each…
ThaDon
  • 497
  • 1
  • 5
  • 15
3
votes
3 answers

Haproxy: try different backend if 404

I have a haproxy server with several backends behind it. Backends are picked with round-robin; anyway I need it to try other backends, if it gets 404 from the selected one. If 404 is returned from all reachable backends, haproxy should return 404…
Misko
  • 169
  • 5
3
votes
1 answer

HAProxy 1.7 Redirect/Rewrite specific domains with Map Files

I am new to HAProxy and I would like to redirect requests in map files defined domains. An short example: In my redirect.map file: abc.com xyz.com def.ru idk.com So if the user sends a request to domain abc.com or def.ru he will be redirected to…
Rivest
  • 33
  • 1
  • 4
3
votes
2 answers

Why is keepalived running two MASTER nodes in my Sticky VIP configuration?

I have keepalived setup (floating VIP) in front of haproxy on each of my three-node galera cluster nodes. When I restart keepalived on any given node, sometimes I end up with two nodes running in MASTER (as evidenced by the…
Server Fault
  • 3,714
  • 12
  • 54
  • 89
3
votes
1 answer

haproxy session rate lower than single server qps

I setup a haproxy(1.6.3) on ubuntu 16.04 to load balancing two web servers. From my earlier tests, the web servers can handle over 20k request/s. The web servers were tested against wrk2, and I verified number of requests in log. However, with…
cwhsu
  • 163
  • 4
3
votes
1 answer

How to reroute the traffic to different servers based on the domain name?

I'm trying to configure HAProxy to be used for both HTTPS traffic and OpenVPN connections through port 443. The configuration is straightforward (first-level domain replaced by example.com for the sake of anonymousity): frontend www_ssl mode…
Arseni Mourzenko
  • 2,275
  • 5
  • 28
  • 41
3
votes
1 answer

To reverse proxy Exchange or not

Currently I run Forefront TMG to reverse proxy Exchange 2010 to the outside world. I am now preparing an Exchange 2016 environment and with Forefront TMG getting obsolete, I want a solution without it. I now have pfSense and HAProxy as first line of…
user292026
  • 133
  • 4
3
votes
0 answers

HaProxy Frontend to Backend queuing and timeouts

I'm just trying to wrap my head around queueing/timeouts in HaProxy between a frontend, backend and a server. I'm still learning about TCP, sockets, connections etc so forgive me if any of these questions don't make sense. I'm just looking for…
brad
  • 502
  • 1
  • 10
  • 22
3
votes
1 answer

Preserve backend server status when reloading haproxy

Because I have a large pool of https certificates that changes from day to day (massive multitenant application with many domains), I have a script that may reload haproxy at nearly random times. This works fine. I also set backend servers to MAINT…
Ross Presser
  • 453
  • 6
  • 22
3
votes
1 answer

Redirect domain to second preserving prefix-subdomain

I am working with HAProxy and want to be able to redirect all traffic from domainA to a second domainB preserving the prefix/subdomain. I have tried things like: redirect prefix http://www.domainA.com code 301 if { hdr(host) -i…
SJC
  • 211
  • 2
  • 6
3
votes
1 answer

Disable authorisation on preflight OPTIONS request in HAProxy

We have a HAProxy setup which has basic auth on some of our backends. We now want to enable CORS requests to our backends but this is failing for those with basic auth enabled. When CORS makes it preflight OPTIONS request it does not include the…
RobC
  • 31
  • 2
1 2 3
99 100