Haproxy does not support proxying different sites (using virtual hosts)

Bug #1154179 reported by Marius B. Kotsbak on 2013-03-12
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
haproxy (Juju Charms Collection)
Undecided
Unassigned

Bug Description

I have tried reusing one haproxy instance for serving different services with different virtual hosts (same IP address, all on port 80).

What I have tried:
* Using bind:

haproxy-jenkins:
    services: |
        - service_name: node-app_service
          service_host: "0.0.0.0"
          service_port: 80
          service_options: [balance leastconn, "bind a.virtual.hostname.com:80"]
          server_options: maxconn 100

        - service_name: node-app2_service
          service_host: "0.0.0.0"
          service_port: 80
          service_options: [balance leastconn, "bind another.virtual.hostname.com:80"]
          server_options: maxconn 100

does not work (gives "cannot bind socket") because the IP behind the hostname is not bound to the machine.

* Using reqiallow:

haproxy-jenkins:
    services: |
        - service_name: node-app_service
          service_host: "0.0.0.0"
          service_port: 80
          service_options: [balance leastconn, "reqiallow ^Host:\\ a.virtual.hostname.com$"]
          server_options: maxconn 100

        - service_name: node-app2_service
          service_host: "0.0.0.0"
          service_port: 80
          service_options: [balance leastconn, "reqiallow ^Host:\\ a.virtual.hostname.com$"]
          server_options: maxconn 100

also does not work, since all entries must be set to "0.0.0.0" (same as with bind) and the second fail to bind to that address.

* Use different IP addresses

At least with Amazon EC2 this seems hard, as only local addresses are exposed to the machines, and it is not possible to attach multiple IPs except with in virtual private cloud: http://aws.typepad.com/aws/2012/07/multiple-ip-addresses-for-ec2-instances-in-a-virtual-private-cloud.html

The proper solution is probably to use frontend and backends with ACL:

http://www.techrawr.com/2009/09/18/using-the-acl-in-haproxy-for-load-balancing-named-virtual-hosts/

but it is possible to do with the current configuration options.

WORKAROUND:

17:37 < sidnei> mariusko: im using haproxy to proxy different sites, the difference is that we're using apache in front of haproxy (for ssl termination)
                and apache forwards to haproxy on a specific port
17:37 < sidnei> mariusko: i understand that your use case is different and you want haproxy on port 80 proxying to multiple backends
17:40 < mariusko> sidnei: using vhost templates?
17:40 < sidnei> mariusko: yup

Related branches

description: updated
description: updated
tags: added: openstack
James Page (james-page) on 2015-03-03
tags: removed: openstack
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers