Routing after domain name

Hi all!
Tell me how in haproxy 2.6 you can route traffic to domain names? Given:***

All domains have the same uri /test/* and, accordingly, need to be proxyed to different servers,
it’s clear that through path_beg, but how to make it on 3 different domains?

if i do

backend backend-front-dev
http-request replace-path /front(/)?(.) /\2
server dev-swarm-01 dev-swarm-01:3031 check maxconn 30
backend backend-front-stage
http-request replace-path /front(/)?(.
) /\2
server stage-swarm-01 stage-swarm-01:3031 check maxconn 30

Then the top rule backend-front-dev is applied

How to do it right?

Thanks in advance!

In your frontend, something like:

    acl dev_auth hdr(host) -i
    acl stage_auth hdr(host) -i
    acl prod_auth hdr(host) -i
    use backend backend-front-dev if dev_auth
    use backend backend-front-stage if stage_auth
    use backend backend-front-prod if prod_auth
    default_backend <some-default-backend>

This checks the host header in the incoming request for the domain that is being requested.

Thank you for your reply!

But I need the frontend rule to include exactly the same uri /test

i tried to do so
http-request set-header X-Forwarded-Host %[req.hdr(host)]

     use_backend backend-front-auth if { path_beg -i /test AND -i auth.domain .com }

backend section looks like this

backend backend-front-auth
http-request set-path “%[path,regsub(/test /,/,i)]”

balance roundrobin

server srv-swarm-01 srv-swarm-01:3031
server srv-swarm-02 srv-swarm-02:3031
server srv-swarm-03 srv-swarm-03:3031
server srv-swarm-04 srv-swarm-04:3031
server srv-swarm-05 srv-swarm-05:3031
server srv-swarm-06 srv-swarm-06:3031

But it didn’t work for me either, I can’t find what the problem is…

This only works for one domain
for dev & stage doesn’t work at the same time

Oh, try this:

    acl dev_auth hdr(host) -i
    acl stage_auth hdr(host) -i
    acl prod_auth hdr(host) -i
    acl test_path path_beg -i /test
    use backend backend-front-dev if dev_auth test_path
    use backend backend-front-stage if stage_auth test_path
    use backend backend-front-prod if prod_auth test_path
    default_backend <some-default-backend>

Edit: You probably don’t want to set the request path in the backend. Modifying the request changes it between HAProxy and the server, but the client in front of HAProxy may never see it.


I got this config and it works correctly. Names in this order and without lines default_backend

    acl is_auth        hdr_end(host) -i
    acl is_auth_dev    hdr_end(host) -i
    acl is_auth_stage  hdr_end(host) -i

    acl test_path path_beg -i /test

    use_backend backend-front-dev if is_auth_dev test_path
    use_backend backend-front-stage if is_auth_stage test_path
    use_backend backend-front-auth if is_auth test_path

    use_backend auth        if is_auth
    use_backend auth_dev    if is_auth_dev
    use_backend auth_stage  if is_auth_stage

backend backend-front-stage
mode http
balance roundrobin
server stage-swarm-01 stage-swarm-01:5031 check
server stage-swarm-02 stage-swarm-02:5031 check
server srv-dockerhost-stage srv-dockerhost-stage:5031 check

acl rules must go in the correct order, and the first suitable one is executed (I mean, as in any firewall, the rule above is more important), although I did not find explicit information on this, correct me if I’m wrong

1 Like

Yes and no. ACLs can be declared in any order as long as they are declared before any use_backend. Once a backend is chosen, no other backend or ACL below it matters, so the use_backend order is the important one.

1 Like