Hi,
We are using a new Docker API version and are experiencing issues with settings in haproxy.cfg. It contains specific segments /v1.24/ for an older Docker API version.
What is the recommended way of configuring rules like:
http-request allow if { path /v1.24/version }
Should this be adapted for the current Docker API version or better be made version agnostic using a pattern like
http-request allow if { path_reg ^/v[0-9.]+/version$ }
Thanks!
We are able to help with the haproxy configuration directives themselves.
However we cannot possibly make recommendations for a haproxy configurations to restrict paths to third party products and version. How would we ever maintain such recommendations?
If you want to restrict the paths towards the Docker API server for security reasons, you need to consult with Docker manuals/design guides and possibly docker folks for the paths that are required.