Can access one service via HAProxy but not others

Help!
1

Hi, I am running docker container services on my host ‘host-192-168-1-100.example.com ’ which i can access like ‘host-192-168-1-100.example.com :port’.

I want proxy three of my services on different ports and i am using url-based routing like this

global
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

    # utilize system-wide crypto-policies
    ssl-default-bind-ciphers PROFILE=SYSTEM
    ssl-default-server-ciphers PROFILE=SYSTEM

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

frontend http_front
    bind *:80
    redirect scheme https code 301 if !{ ssl_fc }

frontend https_front
   bind *:443 ssl crt /etc/ssl/private/haproxy.pem

        

    use_backend serviceone if { path /node-1/serviceone } || { path_beg /node-1/serviceone/ } 
    use_backend servicetwo if { path /node-1/servicetwo } || { path_beg /node-1/servicetwo/ }
    use_backend servicethree if { path /node-1/servicethree } || { path_beg /node-1/servicethree/ }

backend serviceone
    http-request replace-path /node-1/serviceone(/)?(.*) /\2
    server node-1 host-192-168-1-100:8443 check ssl verify none

backend servicetwo
    http-request replace-path /node-1/servicetwo(/)?(.*) /\2
    server node-1 host-192-168-1-100:6443 check ssl verify none

backend servicethree
    http-request replace-path /node-1/servicethree(/)?(.*) /\2
    server node-1 host-192-168-1-100:443 check ssl verify none

I can access all my containers without HAproxy, and I can access ServiceOne via HAproxy at https://fqdn/node-1/serviceone. But, servicetwo shows me a 401 Unauthorized Authentication Required. Since I can access it without HAproxy, which directs me to a login page where I can enter my credentials, I don’t understand why it is showing me this error directly through HAproxy instead of taking me to the login page. Also, servicethree is also not accessible.

My servicetwo is runing on http.

Any help would be greatly appreciated

2

can anyone help with this?

3

Use different hostnames pointing to Haproxy as opposed to paths like /service1 , /service2 and /service3.

The reason is that while haproxy can correct the request URI (as you do in the backend with http-request replace-path), haproxy cannot replace or rewrite the URI in the HTTP payload (the HTML code) like links to CSS and JS files, etc.

There is an ocean of issues caused by path style content switching, which is why I strongly encourage to use hostnames instead.