-
Stop sending requests to node to enable maintenance on it
echo "set server backend_name/svc_name state drain" | socat stdio /var/run/haproxy/admin.sock -
Start sending requests to node to disable maintenance on it
echo "set server backend_name/svc_name state ready" | socat stdio /var/run/haproxy/admin.sock -
Show statistics
echo "show stat" | socat stdio /var/run/haproxy/admin.sock | cut -d "," -f 1-2,5-10,34-36 | column -s, -t -
[TCP] Wildcard domain match based redirection
acl api_urls req.ssl_sni -m end .test.local
use_backend backend_api if api_urls
- [TCP] IP address based redirection
acl acl_frontend_green src xxx.xxx.xxx.xxx/xx #blue_green_deployment
use_backend backend_green if acl_frontend_green
- [HTTP] SSL Redirection
redirect scheme https code 301 if !{ ssl_fc }
- [HTTP] Letsencrypt path based redirection
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend letsencrypt_backend if letsencrypt-acl
- [HTTP] Backend servers count based redirection
# frontend
acl backend_ko nbsrv(backend_prod) lt 1
use_backend backend_failed if backend_ko
default_backend backend_prod
# backend_failed
backend backend_failed
acl failed_path hdr_beg(host) -i sub.domain.local
http-request redirect code 307 location https://another.domain.local if !failed_path
http-request redirect code 307 location https://new.domain.local if failed_path
# backend_prod
backend backend_prod
fullconn 20000
balance roundrobin
cookie SERVERUSED insert indirect nocache
default-server check maxconn 500
mode http
log global
server server1 xxx.xxx.xxx.xxx:443 ssl check verify none cookie server1 check maxconn 20000 send-proxy
server server2 xxx.xxx.xxx.xxx:443 ssl check verify none cookie server2 check maxconn 20000 send-proxy