Stats not reflecting traffic to acl backend


#1

I have a simple config with a single ACL and a matching backend. The issue I’m having is that all traffic is showing up under the default backend in the stats page. How do I make the traffic show up under the backend that the acl is pointing to? HA-Proxy version 1.8.8-1 2018/04/19

frontend http-justfoia.com_atlhap1-p-mcci
bind *:80
mode http
redirect scheme https if !{ ssl_fc }

frontend https-justfoia.com_atlhap1-p-mcci
bind *:443
option tcplog
mode tcp
acl aikensc-justfoia-com hdr_dom(host) aikensc.justfoia.com
use_backend aikensc-justfoia-com if aikensc-justfoia-com
default_backend backend-atlwebx-p-mcci

backend aikensc-justfoia-com
mode tcp
balance roundrobin
option httpchk GET /HealthCheck.txt HTTP/1.0\r\nHost:\ aikensc.justfoia.com
http-check expect string I\ am\ Healthy
server https-atlweb1-p-mcci 172.16.64.243:443 check ssl
server https-atlweb2-p-mcci 172.16.64.244:443 check ssl

backend backend-atlwebx-p-mcci
mode tcp
balance roundrobin
server http_atlweb1-p-mcci 172.16.64.243 check port 80
server http_atlweb2-p-mcci 172.16.64.244 check port 80

listen stats
bind *:8000 ssl crt /etc/ssl/private/cert.pem
mode http
stats enable
stats realm Haproxy\ Statistics
stats uri /
stats auth user:pass


#2

Stats are correct. Your configuration does not do what you think it is doing.

You cannot match the Host header when you are in TCP mode. You also cannot access encrypted traffic that is passed transparently to the backend (TCP mode on port 443). If you want to content-switch based on Host header, you need to use HTTP mode and that also means you need to terminate SSL.