First, nice work on 1.5, having ssl termination sure makes ssl setups much easier when needing stickiness.
I have a little tougher setup using 1.5 and am at the moment stuck after spend a full day on it. I am running version 1.5.3 I am using ssl on the frontend and also sending ssl to the backend servers. the mode is http and using acls to determine stickyness. My test requests are as follows 1. wget https://domain.com/ping?IPT=transpor6t&FROM_ADDRESS=409 2. wget https://domain.com/ping?FROM_ADDRESS=409&IPT=transport6 3. the real url will have 5 different parameters and the FROM_ADDRESS will be the 3rd Parameter. I need to create sticky requests on this 3rd Parameter and there seems to be many ways to do this using Haproxy and even though using regex is expensive it provides us the most flexibility so that is what we chose. Our ACL setup (more of a test bed to see if we can get it to work) acl block_1 urlp_end(FROM_ADDRESS) 0 acl block_2 urlp_end(FROM_ADDRESS) 9 use_backend block_1_hosts if block_1 use_backend block_2_hosts if block_2 backend block_1_hosts option httpchk GET /ping server rs4 rs4.altheia-group.com:443 weight 1 maxconn 2000 check ssl verify none inter 2000 server rs6 rs6.altheia-group.com:443 weight 1 maxconn 2000 check ssl verify none inter 2000 backup backend block_2_hosts option httpchk GET /ping server rs4 rs4.altheia-group.com:443 weight 1 maxconn 2000 check ssl verify none inter 2000 backup server rs6 rs6.altheia-group.com:443 weight 1 maxconn 2000 check ssl verify none inter 2000 ************** With the extensive testing we have done we believe that only the first parameter it finds in the URL can be matched (it does not search the rest of the parameters). This may be a bug or maybe by design (the docs seems a little ambiguous around urlp) but it would make sense that you should be able to match any parameter in the URL. Test1 wget https://domain.com/ping?IPT=transpor6t&FROM_ADDRESS=409 logs: 5.35.250.77:41464 [22/Aug/2014:14:20:49.783] https-in~ https-in/<NOSRV> -1/-1/-1/-1/12 503 212 - - SC-- 0/0/0/0/0 0/0 "GET /ping?IPT=transpor6t HTTP/1.0" Test2 wget https://domain.com/ping?FROM_ADDRESS=409&IPT=transport6 logs: 5.35.250.77:41465 [22/Aug/2014:14:21:33.763] https-in~ block_2_hosts/rs6 12/0/2/2/16 200 229 - - ---- 0/0/0/0/0 0/0 "GET /ping?FROM_ADDRESS=409 HTTP/1.0" Any help would be greatly appreciated. Many thanks, Andre
