I have this in my config: listen stats 0.0.0.0:8080 description The stats listener. stats uri /
Elsewhere in my config I have something that will redirect http requests to the hostname spark.REDACTED.com over to https, which is not anything unusual. The IP address for this hostname is a VIP that is handled with pacemaker. The problem is that if I try to go to http://spark.REDACTED.com:8080/ ... this is redirected to https://spark.REDACTED.com:8080/ ... and I get this in the log: Apr 20 12:26:54 localhost haproxy[6629]: 10.2.0.108:49435 [20/Apr/2016:12:26:54.617] stats stats/<NOSRV> -1/-1/-1/-1/0 400 187 - - PR-- 3/0/0/0/1 0/0 "<BADREQ>" The entire config for the listener is above -- no redirection. There is nothing else in the config or on the machine that listens on port 8080. What have I done wrong? I have another haproxy pair that doesn't do this, running the same version with similar HTTPS redirects. I don't see any differences in the config that might cause this. I can access the stats URL using the actual machine hostname, but if the machine fails and pacemaker moves everything to the other machine, that won't work. I want to be able to give our staff a URL that will work regardless of which machine in the load balancer pair is active. Thanks, Shawn ------------------ HA-Proxy version 1.5.12 2015/05/02 Copyright 2000-2015 Willy Tarreau <w...@1wt.eu> Build options : TARGET = linux2628 CPU = native CC = gcc CFLAGS = -O2 -march=native -g -fno-strict-aliasing OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.8 Compression algorithms supported : identity, deflate, gzip Built with OpenSSL version : OpenSSL 1.0.2a 19 Mar 2015 Running on OpenSSL version : OpenSSL 1.0.2a 19 Mar 2015 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes Built with PCRE version : 8.31 2012-07-06 PCRE library supports JIT : no (USE_PCRE_JIT not set) Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Linux lb3 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux