I have simple haproxy.cfg working on a VM.
frontend main
mode http
bind :80
bind :443 ssl crt /etc/haproxy/certs/current/my.pem
http-request redirect scheme https unless { ssl_fc }
default_backend app
frontend stagesvc-api
bind *:8001-8005 ssl crt /etc/haproxy/certs/current/my.pem ssl crt /etc/haproxy/certs/current
mode http
acl acl_stagesvc-api hdr(host) -i stagesvc-api.kbing.com
acl acl_stagesvc-api hdr_beg(host) -i stagesvc-api.kbing.com:
use_backend bk_stagesvc-api if acl_stagesvc-api
backend bk_stagesvc-api
acl forwarded_proto hdr_cnt(X-Forwarded-Proto) eq 0
acl forwarded_port hdr_cnt(X-Forwarded-Port) eq 0
http-request add-header X-Forwarded-Port %[dst_port] if forwarded_port
http-request add-header X-Forwarded-Proto https if { ssl_fc } forwarded_proto
mode http
server app2 stagesvc-aus.kbing.com: check port 8001
I would like to use HAProxy docker image instead and achieve same as above.
#ls haproxy/
drwxr-xr-x 3 haproxy haproxy 21 Jul 26 17:21 certs
-rwxr-xr-x 1 haproxy haproxy 6902 Aug 16 23:57 haproxy.cfg
#docker run -d --name haproxy-lb -p 80:80 -v $PWD/haproxy:/usr/local/etc/haproxy:ro haproxy:2.4.2
docker: Error response from daemon: driver failed programming external connectivity on endpoint haproxy-lb (06103ac6b845c6f9fcce50c76b35931756e69af5635f038c7220037fc0f10555): (iptables failed: iptables --wait -t filter -A DOCKER ! -i docker0 -o docker0 -p tcp -d 172.17.0.2 --dport 80 -j ACCEPT: iptables: No chain/target/match by that name.
Any help or pointers is appreciated!