Hi
I'm having trouble wrapping my head around what I belive is a really simple
problem.
I've got a working HAProxy setup with a few listeners and a few backends and
some ACL's that direct traffic accordingly.
Now I'm about to add a new backend for some function-testing in this setup, and
I want to restrict what ends up there.
This is thinned down version of my configuration (oh, global or default-level
ACL's be nice..):
---
global
...
defaults default
mode http
balance roundrobin
listen in-DK
bind 127.0.0.1:4431
acl acl_collector path_beg -f /etc/haproxy/collector_patterns.lst
acl acl_collector hdr_sub(Referer) -f
/etc/haproxy/collector_patterns.lst
acl acl_webservice path_beg /services
use_backend collectors if acl_collector
use_backend webservice if acl_webservice
default_backend admin
listen in-NO
bind 127.0.0.1:4432
acl acl_collector path_beg -f /etc/haproxy/collector_patterns.lst
acl acl_collector hdr_sub(Referer) -f
/etc/haproxy/collector_patterns.lst
acl acl_webservice path_beg /services
use_backend collectors if acl_collector
use_backend webservice if acl_webservice
default_backend admin
backend admin
server admin1 172.27.80.36:8080 id 1 maxconn 500 check observe layer7
backend webservice
server webservice1 172.27.80.37:8080 id 2 maxconn 500 check observe
layer7
backend collectors
server collector1 172.27.80.38:8080 id 3 maxconn 1000 check observe
layer7
server collector1 172.27.80.39:8080 id 4 maxconn 1000 check observe
layer7
---
The file /etc/haproxy/collector_patterns.lst contains these 3 lines:
---
/collect
/answer
/LinkCollector
---
This new backend I want for testing (let's call it new_collectors) should
recieve the traffic the existing ACL acl_collector directs to the backend
collectors, but ONLY if that traffic comes from a certain IP or contains a
certain HTTP header.
How do I manage that?
Regards,
Jens Dueholm Christensen
