Hi Guys & Girls,
Hoping someone can point me in the right direction:
We’re receiving a 503 error when we try to connect to a server (full details below) whose access is controlled by haproxy and a server map. However, if we connect to the backend server directly then everything is aok - so we think the error is in the haproxy conf file and/or the map file.
Any help would be greatly appreciated.
The servers:
- server1.domain.local - working fine
- server2.domain.local:5000 - working fine with direct connection
- server3 - alias for server2 but without the port (ie server3.domain.local:80)
The map file (hosts.map):
#front-ends #back-ends
server3.domain.local server3-redirect
doamin.local www-servers
The haproxy conf file (relevant parts):
frontend www
bind *:80
bind *:443 ssl crt '/etc/haproxy/ssl/*.ourdomain.com' crt /etc/haproxy/ssl/ ecdhe secp384r1 alpn h2,http/1.1
acl acl_plain_http ssl_fc,not
http-request redirect scheme https code 301 if acl_plain_http
http-request redirect prefix http://www.ourdomain.com code 301 if { hdr(host) -i domain.com }
http-response add-header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload;"
http-request set-var(txn.host) req.hdr(host)
use_backend %[req.hdr(host),lower,map_dom(/etc/haproxy/maps/hosts.map,www-servers)]
default_backend www-servers
backend server3-redirect
mode http
option http-server-close
cookie SERVERUSED insert indirect nocache
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https
server server3 server2.domain.local:5000 cookie server3 check
backend www_servers
mode http
option http-server-close
cookie SERVERUSED insert indirect nocache
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https
server server1 server1.domain.local:80 cookie server1 check
Cheers
Dulux-Oz