Re: FW: https status codes
Hi Andy. Franks Andy (IT Technical Architecture Manager) wrote on 26.07.2017: > -Original Message- > From: Franks Andy (IT Technical Architecture Manager) > Sent: 26 July 2017 13:52 > To: 'Aleksandar Lazic' > Subject: RE: https status codes > Thanks Alexander. > I'd imagine that > > option httpchk GET /Login/Heartbeat HTTP/1.1\r\nHost:\ rsh-cp-iis1 > > presents the same rsh-cp-iis1 to both the iis1 and iis2 server? It > seems to work like this with the way I got it working, i.e. option > httpchk GET https://rsh-cp-iis1/Login/Heartbeat, but I would need > rsh-cp-iis1 "name" to be presented to that server, and iis2 to the > iis2 server and so on, could be an eventual list of quite a few backends. as I understand you right you want to do something like this. pseudo code: for host in iis1 iis2 ... iisN do check GET /Login/Heartbeat HTTP/1.1\r\nHost:\ $host I don't know if this is possible with lua, with 'normal' haproxy I don't think so that this is possible. But should the vhost not be the same on all servers? > I'll have a look at the resolver you suggested though.. > Thanks again > Andy > -Original Message- > From: Aleksandar Lazic [mailto:al-hapr...@none.at] > Sent: 26 July 2017 12:00 > To: Franks Andy (IT Technical Architecture Manager) > Cc: haproxy@formilux.org > Subject: Re: https status codes > Hi Andy, > Franks Andy (IT Technical Architecture Manager) wrote on 26.07.2017: >> Hi all, >> >> HAProxy 1.7.6 >> >> I have a hopefully easy question to answer - I'm trying to do server >> checks against 2x IIS nodes which require sending of the destination >> host name (virtual hosts) before delivering content. I'm trying to >> work out how to send the backend server name with the check request. >> At the moment the IIS server >> >> isn't seeing the name, rather an IP address as far as I can tell, and >> responding with a 404. >> >> This is the config >> >>backend bk_web_ssl >> mode http >> option httplog >> option httpchk GET https://rsh-cp-iis1/Login/Heartbeat > As described in the doc you just need to add the host header. > http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4-option%20httpchk > option httpchk GET /Login/Heartbeat HTTP/1.1\r\nHost:\ rsh-cp-iis1 >> http-check expect rstatus 200 >> balance roundrobin >> stick on src table connections >> cookie SERVERID insert nocache indirect >> server RSH-CP-IIS1 192.168.176.175:443 cookie 1 check ssl >> server RSH-CP-IIS2 192.168.176.176:443 cookie 2 check ssl >> >> >> I can sort of get it to work on one of the two by including that >> servers name in the option httpchk line as seen: >> >> option httpchk GET https://rsh-cp-iis1/Login/Heartbeat >> >> .. but would rather just do option httpchk GET /Login/Heartbeat >> >> ..And something like >> server RSH-CP-IIS1 RSH-CP-IIS1:443 cookie 1 check ssl >> server RSH-CP-IIS2 RSH-CP-IIS2:443 cookie 2 check ssl > When you want to use names you will need to add a resolver in 1.7. > http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.3 > >> Is there some keyword I'm missing somewhere or a better way of doing this? >> >> Thanks >> Andy -- Best Regards Aleks
FW: https status codes
-Original Message- From: Franks Andy (IT Technical Architecture Manager) Sent: 26 July 2017 13:52 To: 'Aleksandar Lazic' Subject: RE: https status codes Thanks Alexander. I'd imagine that option httpchk GET /Login/Heartbeat HTTP/1.1\r\nHost:\ rsh-cp-iis1 presents the same rsh-cp-iis1 to both the iis1 and iis2 server? It seems to work like this with the way I got it working, i.e. option httpchk GET https://rsh-cp-iis1/Login/Heartbeat, but I would need rsh-cp-iis1 "name" to be presented to that server, and iis2 to the iis2 server and so on, could be an eventual list of quite a few backends. I'll have a look at the resolver you suggested though.. Thanks again Andy -Original Message- From: Aleksandar Lazic [mailto:al-hapr...@none.at] Sent: 26 July 2017 12:00 To: Franks Andy (IT Technical Architecture Manager) Cc: haproxy@formilux.org Subject: Re: https status codes Hi Andy, Franks Andy (IT Technical Architecture Manager) wrote on 26.07.2017: > Hi all, > > HAProxy 1.7.6 > > I have a hopefully easy question to answer - I'm trying to do server > checks against 2x IIS nodes which require sending of the destination > host name (virtual hosts) before delivering content. I'm trying to > work out how to send the backend server name with the check request. > At the moment the IIS server > > isn't seeing the name, rather an IP address as far as I can tell, and > responding with a 404. > > This is the config > >backend bk_web_ssl > mode http > option httplog > option httpchk GET https://rsh-cp-iis1/Login/Heartbeat As described in the doc you just need to add the host header. http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4-option%20httpchk option httpchk GET /Login/Heartbeat HTTP/1.1\r\nHost:\ rsh-cp-iis1 > http-check expect rstatus 200 > balance roundrobin > stick on src table connections > cookie SERVERID insert nocache indirect > server RSH-CP-IIS1 192.168.176.175:443 cookie 1 check ssl > server RSH-CP-IIS2 192.168.176.176:443 cookie 2 check ssl > > > I can sort of get it to work on one of the two by including that > servers name in the option httpchk line as seen: > > option httpchk GET https://rsh-cp-iis1/Login/Heartbeat > > .. but would rather just do option httpchk GET /Login/Heartbeat > > ..And something like > server RSH-CP-IIS1 RSH-CP-IIS1:443 cookie 1 check ssl > server RSH-CP-IIS2 RSH-CP-IIS2:443 cookie 2 check ssl When you want to use names you will need to add a resolver in 1.7. http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.3 > Is there some keyword I'm missing somewhere or a better way of doing this? > > Thanks > Andy -- Best Regards Aleks
Re: https status codes
Hi Andy, Franks Andy (IT Technical Architecture Manager) wrote on 26.07.2017: > Hi all, > > HAProxy 1.7.6 > > I have a hopefully easy question to answer – I’m trying to do > server checks against 2x IIS nodes which require sending of the > destination host name (virtual hosts) before delivering content. I’m > trying to work out how to send the backend server name with the check > request. At the moment the IIS server > > isn’t seeing the name, rather an IP address as far as I can tell, and > responding with a 404. > > This is the config > >backend bk_web_ssl > mode http > option httplog > option httpchk GET https://rsh-cp-iis1/Login/Heartbeat As described in the doc you just need to add the host header. http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4-option%20httpchk option httpchk GET /Login/Heartbeat HTTP/1.1\r\nHost:\ rsh-cp-iis1 > http-check expect rstatus 200 > balance roundrobin > stick on src table connections > cookie SERVERID insert nocache indirect > server RSH-CP-IIS1 192.168.176.175:443 cookie 1 check ssl > server RSH-CP-IIS2 192.168.176.176:443 cookie 2 check ssl > > > I can sort of get it to work on one of the two by including that > servers name in the option httpchk line as seen: > > option httpchk GET https://rsh-cp-iis1/Login/Heartbeat > > .. but would rather just do option httpchk GET /Login/Heartbeat > > ..And something like > server RSH-CP-IIS1 RSH-CP-IIS1:443 cookie 1 check ssl > server RSH-CP-IIS2 RSH-CP-IIS2:443 cookie 2 check ssl When you want to use names you will need to add a resolver in 1.7. http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.3 > Is there some keyword I’m missing somewhere or a better way of doing this? > > Thanks > Andy -- Best Regards Aleks
https status codes
Hi all, HAProxy 1.7.6 I have a hopefully easy question to answer - I'm trying to do server checks against 2x IIS nodes which require sending of the destination host name (virtual hosts) before delivering content. I'm trying to work out how to send the backend server name with the check request. At the moment the IIS server isn't seeing the name, rather an IP address as far as I can tell, and responding with a 404. This is the config backend bk_web_ssl mode http option httplog option httpchk GET https://rsh-cp-iis1/Login/Heartbeat http-check expect rstatus 200 balance roundrobin stick on src table connections cookie SERVERID insert nocache indirect server RSH-CP-IIS1 192.168.176.175:443 cookie 1 check ssl server RSH-CP-IIS2 192.168.176.176:443 cookie 2 check ssl I can sort of get it to work on one of the two by including that servers name in the option httpchk line as seen: option httpchk GET https://rsh-cp-iis1/Login/Heartbeat .. but would rather just do option httpchk GET /Login/Heartbeat ..And something like server RSH-CP-IIS1 RSH-CP-IIS1:443 cookie 1 check ssl server RSH-CP-IIS2 RSH-CP-IIS2:443 cookie 2 check ssl Is there some keyword I'm missing somewhere or a better way of doing this? Thanks Andy