我有4个Java应用程序在我的服务器上运行,2个主要& 2个subapps,我需要通过Haproxy访问。Haproxy多个后端访问相同的路径
APP1 ---->侦听TCP:8442在app1.domain.org subapp1 ----访问>侦听TCP:9001,并与路径访问app1.domain.org/abc
app2 ---->在tcp上监听:8444在app2.domain.org上访问 subapp2 ---->在tcp:9000上监听并且用路径访问app2.domain.org/abc
所以子应用都使用相同的路径访问
我无法让Haproxy将请求路由到正确的子应用程序。使用包含的配置访问主应用程序工作正常,但取决于use_backend语句的顺序,所有子应用程序请求都被路由到相同的后端(其首先列出)。如果我重新排序ACL的话,没有任何区别。好像ACL不正确匹配入站请求。
任何帮助表示赞赏!
我的配置:
global
log localhost local1
log-send-hostname server-hostname
maxconn 1024
user root
group root
daemon
pidfile /var/run/haproxy.pid
ssl-default-bind-options no-sslv3 no-tls-tickets
defaults
log global
mode http
option dontlognull
option forwardfor
no option http-server-close
no option accept-invalid-http-request
timeout client 600s
timeout client-fin 10s
timeout server 600s
stats enable
stats auth user:password
stats uri /haproxyStats
listen admin
mode http
bind *:8080
stats enable
stats hide-version
stats realm Haproxy\ Statistics
stats uri/
stats auth user:password
frontend http-in
bind *:80
acl invalid_src src 0.0.0.0/7 224.0.0.0/3
acl invalid_src src_port 0:1023
http-request deny if invalid_src
option tcplog
log-format %ci\ %f\ %b\ %ST\ %{+Q}r\ %Tr
redirect scheme https code 301 if !{ ssl_fc }
frontend https-in
bind *:443 ssl crt /etc/haproxy/ssl.cert
mode http
acl test_sapp path_beg -i /abc
acl test_sapp hdr(host) -m dom -i *app2.domain.com*
acl prod_sapp path_beg -i /abc
acl prod_sapp hdr(host) -m dom -i *app1.domain.com*
acl test_app1 hdr_end(host) -i app2.domain.com
acl prod_app1 hdr_end(host) -i app1.domain.com
acl invalid_src src 0.0.0.0/7 224.0.0.0/3
acl invalid_src src_port 0:1023
http-request deny if invalid_src
option tcplog
log-format %r
reqadd X-Forwarded-Proto:\ https
use_backend sapp-test if test_sapp
use_backend sapp-prod if prod_sapp
use_backend app-prod if prod_app1
use_backend app-test if test_app1
timeout client 600s
timeout client-fin 10s
backend app-prod
balance leastconn
option httpclose
option forwardfor
server prod-web-node 127.0.0.1:8442 cookie A check
timeout server 600s
backend app-test
option httpclose
option forwardfor
server test-web-node 127.0.0.1:8444 cookie A check
timeout server 600s
backend sapp-prod
balance leastconn
option httpclose
option forwardfor
server prod-mdr-node 127.0.0.1:9001 cookie A check
timeout server 600s
backend sapp-test
balance leastconn
option httpclose
option forwardfor
server test-mdr-node 127.0.0.1:9000 cookie A check
timeout server 600s
谢谢JamesStewy!这工作完美。 – KrisK