HAProxy community

Send multiple URLs to same backend?

OK, I’m very new to haproxy and I’ve been beating my head against this problem for a few days and I’m sure I’m just overlooking something simple. I have five servers that each have three branded customer portals with their own URLs. Each server has a copy of each customer portal. In addition each server is listening for those same three URLs so that we could just change DNS from one server to another and have a working portal.

I would like to take those URLs and use haproxy to load balance amongst the five servers and also provide failover. Ideally haproxy would pass the original URL to the backend server so it loads the correct customer portal without having to have a different backend for each customer, but this is not necessary. Is this possible? If it’s not possible then I can create new portal URLs on each backend server so that each customer’s portal is entirely unique.

Where all my time has been spent is configuring acls. I’ve been trying to make haproxy look at the URL that is entered and send it to a different backend depending on the URL used. I cannot seem to make this work. To complicate matters further, I need haproxy to listen for http on port 80 and https on port 443 but redirect all requests to https.

Basically I want the flow to be as follows:

http(s)://portal.acme.com --> haproxy --> https://portal.acme.com on server 1, 2, 3, 4, or 5 by IP
http(s)://portal.delco.com --> haproxy --> https://portal.delco.com on server 1, 2, 3, 4, or 5 by IP
http(s)://portal.bluesea.com --> haproxy --> https://portal.bluesea.com on server 1, 2, 3, 4, or 5 by IP

If necessary I’m fine doing something like this, though:

http(s)://portal.acme.com --> haproxy --> https://portal.acme[1-5].com
http(s)://portal.delco.com --> haproxy --> https://portal.delco[1-5].com
http(s)://portal.bluesea.com --> haproxy --> https://portal.bluesea[1-5].com

My main question, how do I configure my acl to look at the original URL and send to a specific backend?
My second question, is it possible to pass the original URL to one of five servers by IP address?

I haven’t included my current config because it’s a huge mess and I’m afraid it will confuse matters more than help. If you would like to see it I’ll post it, though.

Any help anybody can provide will be very much appreciated! Thank you!!

Each of the 5 servers delivers the same 3 customer portals, right? Then you don’t have to do anything at all.

You don’t have to distinguish between one customer portal and the other at haproxy, because haproxy doesn’t need that information, given that all 3 servers serve the same content.

Haproxy will not modify anything in the request, unless you specifically configure haproxy to do so, so your servers will know what to serve.

The only thing you have to consider is whether you need session stickiness. So, let’s say the customer logs into the portal.delco.com and haproxy selects server 2. Now the customer refreshes the page and haproxy (doing roundrobin loadbalancing) forwards the request to server 3.

Do all your servers access the same session database/storage? Or is a sessions local to each server, so haproxy needs to make sure the customer sticks to the same server as to not loose it’s session informations? It’s not complicated to do so, you just need to be aware of it.

However it’s important that you don’t overcomplicate the configuration. Your requirements sounds complex, but they really aren’t, so this configuration should be quite compact/simple.

1 Like

I do need session stickiness, definitely. The servers each have their own database and storage, so each can run independently. I was planning to use source ip hashing for stickiness. So if I configure things as below then my above scenario will work? The various URLs will forward as-is to the chosen backend? I don’t think I ever tried a configuration that simple, I was over-complicating it right from the start. Do you see anything in my configuration I should be doing differently? I very much appreciate your time and assistance.

global
    chroot /var/lib/haproxy
    user haproxy
    group haproxy
    daemon
    log /dev/log local0 debug

defaults
    mode tcp
    log global
    option tcplog
    option httpchk
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

 frontend customerportals
   bind *:80
   bind *:443
   option tcplog
   mode tcp
   default_backend portalservers

backend portalservers
   mode tcp
   balance source
   option ssl-hello-chk
   server server1 1.2.3.4:443 check
   server server2 5.6.7.8:443 check

How about forwarding http requests to https? I have two servers that aren’t doing this automatically so I may just try to fix it there rather than using haproxy, but I’m curious how to do it with haproxy if necessary.

Yes, but you will have to remove port 80 there.

Make a dedicated frontend for port 80 instead, just doing the redirect:

frontend httpredirect
 bind :80
 mode http
 http-request redirect scheme https

That should be it.

1 Like

Thank you for your help. That did exactly what I needed it to do. I should have known I was over-complicating it, I usually do.

Thanks again!!