Hello,
likely that we are not alone with the following requirement:
- provide a sorry-page ("maintenance") if backends are unavailable
- have the ability to still access the backend servers from certain
ip-addresses ("administration after deployment"..)
- no restarts of haproxy ;-)
(since this is for several backends chosen by path, there's an
additional acl, but i left the repetitions for other backends)
###haproxy.conf
frontend main
acl backend_usr url_beg /usrpath1 /usrpath2
acl usrnb nbsrv(be_usr) gt 0
acl usr_h_nb nbsrv(be_usr_h) eq 0
acl maints src -f /etc/haproxy/maint_ips.lst
use_backend be_usr if backend_usr usrnb usr_h_nb
use_backend labl_usr_h if backend_usr usrnb maints
default_backend be_maint
backend be_usr
server usr0 172.23.42.80:8000 check
backend be_usr_h
server usr0 172.23.42.80:8000 check
option httpchk GET /maint.txt HTTP/1.1\r\nHost:\ hidden
backend be_maint
option httpchk GET /ok.txt HTTP/1.0
server maint localhost:8008 check
####
so the logic is along this:
- normal operation: be_usr is UP; be_usr_h is DOWN (no maint.txt
available)
- failure/sorry: be_usr* is DOWN -> be_maint
- maintenance/sorry status: return 200/OK for maint.txt -> be_usr_h is
now UP, which "violates"
the first use_backend statement, effectivly using be_maint now for
everyone whose src-addr isnt in 'maints'-list
and if the backend be_usr is actually up.
"Works for me" -- looking for comments, improvements or yelling ;-)
--double-p
