On 28/11/2014 02:44 μμ, Pavlos Parissis wrote: > Hi, > > I want HAProxy to add a response header if request includes a specific > header. I implemented the logic [1] but I get the following > > parsing [/etc/haproxy/haproxy.cfg:77] : acl 'lb_debug' will never match > because it only involves keywords that are incompatible with 'frontend > http-response header rule' > [WARNING] 331/135906 (6390) : config : log format ignored for proxy > 'haproxy' since it has no log address. > > Found few references on Internet and if I understood them correctly it > fails because at the moment rspadd is evaluated HAProxy doesn't know > request information like headers. Am I right? and if I am right , do we > have solution? Willy mentioned in a similar thread about a dirty way to > get it but I failed to find it. > >
Baptise provided a solution which captures the mentioned header in
request and check if it exists during response. But, he also made a note
about being a dirty hack.
Here it is
frontend for_bar_com
capture request header User-Agent len 120
capture request header Host len 32
capture request header LBDEBUG len 5
bind 10.189.200.1:80
http-response set-header LBNODE <uuid> if { capture.req.hdr(2) -i yes }
default_backend for_bar_com
After I sent my e-mail, I changed it to always return the header and use
the system UUID which kind of more secure in terms of not exposing any
information to all users. That requires to have an easy mapping
mechanism in place to map UUIDs with actual hostnames, which can be
easily done when you have puppet/salt/REST_APIs available.
Thanks for solution Baptise but why is it consider a dirty hack? I must
assume that it may cause problems in a more complex setups.
Cheers,
Pavlos
signature.asc
Description: OpenPGP digital signature
