Hi, We're having a strange problem with cookies being set and I'm hoping someone can help diagnose whats happening here.
So we our http and https frontends set up like this: #--------------------------------- # "frontend" section describes a set of listening sockets accepting client connections. frontend PROD_aff_webfarm #--------------------------------- bind 10.2.0.201:80 <http://10.2.0.201/> mode http default_backend www_prodswap maxconn 4000 #--------------------------------- # "frontend" section describes a set of listening sockets accepting client connections. frontend PROD_www_https #--------------------------------- bind 10.2.0.201:443 mode tcp acl is_port_443 dst_port 443 use_backend PROD_https_swap if is_port_443 default_backend PROD_http maxconn 4000 These then use the following backends: #--------------------------------- # "backend" section describes a set of servers to which the proxy will connect to forward incoming connections. backend www_prodswap #--------------------------------- mode http option httplog stats enable stats auth ****:**** balance roundrobin cookie SWAP_SERVERID insert indirect nocache option httpclose option forwardfor option httpchk /healthcheck.txt # file on sprodswap1 and prodswap2 server prodswap1 10.2.0.50:80 <http://10.2.0.50/> cookie prodswap1 weight 50 check server prodswap2 10.2.0.51:80 <http://10.2.0.51/> cookie prodswap2 weight 50 check #--------------------------------- #Added to use https on prodswap backend PROD_https_swap #--------------------------------- mode tcp option tcplog balance roundrobin stick-table type ip size 200k expire 30m stick on src server prodswap1 10.2.0.50:443 server prodswap2 10.2.0.51:443 So far, so good...the SWAP_SERVERID cookies gets set fine. Now...from here, the servers at the www_prodswap and PROD_https_swap backends redirects some of their traffic to these frontends using reverse proxy that is configured in our paython site and effectively uses curl to access urls and the delivers that data back out to the client: #--------------------------------- # "frontend" section describes a set of listening sockets accepting client connections. frontend PROD_rev_proxy_http #--------------------------------- bind 10.2.0.202:80 <http://10.2.0.202/> mode http option httplog default_backend PROD_http #--------------------------------- # "frontend" section describes a set of listening sockets accepting client connections. frontend PROD_rev_proxy_tcp #--------------------------------- bind 10.2.0.202:443 acl is_port_443 dst_port 443 mode tcp use_backend PROD_https if is_port_443 default_backend PROD_http These front ends them direct traffic to the following backends: #--------------------------------- # "backend" section describes a set of servers to which the proxy will connect to forward incoming connections. backend PROD_http #--------------------------------- mode http option httplog stats enable stats auth ****:**** balance roundrobin stick on src table PROD_https cookie PHP_SERVERID insert indirect nocache option httpclose option forwardfor option httpchk /healthcheck.txt server prod4 10.2.0.105:80 <http://10.2.0.105/> cookie prod4 weight 34 check server prod5 10.2.0.106:80 <http://10.2.0.106/> cookie prod5 weight 33 check server prod6 10.5.0.107:80 <http://10.5.0.107/> cookie prod6 weight 33 check #--------------------------------- backend PROD_https #--------------------------------- mode tcp option tcplog balance roundrobin stick-table type ip size 200k expire 30m stick on src server prod4 10.2.0.105:443 server prod5 10.2.0.106:443 server prod6 10.5.0.107:443 So here's the problem....The pages on the PROD_http/PROD_https load just fine, but the PHP_SERVERID cookie is only set intermittently. Why would that be? Do I have the cookies settings configured incorrectly? The reason I ask is because we believe that these cookies settings are causing server affinity to be lost. Any insight into this would be greatly appreciated. Also...is it possible to have cookies set for HTTPs as well and can it be the same cookie as the http cookie? I'm currently using HAproxy1.4. Thanks in advance! Aaron [email protected] -- ------------------------------------------------------------------------------------------------------------- If you received this communication by mistake, please don't forward it to anyone else (it may contain confidential or privileged information), please erase all copies of it, including all attachments, and please let the sender know it went to the wrong person. Thank you.
