Setting Custom Header on a per server basis in HAProxy

0
votes

I need to load balance 3rd party services using HAProxy 1.7. Each of the servers requires unique Basic Auth Headers. I am looking for an approach similar to this below, where I can "roundrobin" between backend servers, but each server needs a different HTTP header:

frontend http-in
    bind *:80
    use_backend servs

backend servs
    reqidel '^Authorization:.*'
    reqadd 'Authorization: Basic blahblahblah'
    server url1 asdf.example.com:8080 check ssl verify none
    reqidel '^Authorization:.*'
    reqadd 'Authorization: Basic blah2blah2blah2'
    server url2 asdf.example.com:8081 check ssl verify none

This approach only ever uses the first server (url1).

1
haproxy
Is your question how to round robin between the 2 servers? - Mars
Its how to roundrobin between the two servers, but setting the "Authorization" header to different values for each server. - Flash
Take a look at the hdr() function. It's not exactly what you want but it's a start. It might even be sufficient if you can use for example a second, dummy header. - Mars
What I am need of is a conditional statement that I can apply to each server. Similar to ACLs, but applied individually to each server in a round-robin backend. I have not come across this type of solution, so it may not be possible as I have imagined the solution. - Flash
Can you send another custom header? Then you can route to the correct server using hdr(). So let's say you create 2 additional custom headers and one of them would be intended for server 1 and the other for server 2. The Authorization header can be coupled with these additional headers. - Mars

1 Answers

0
votes

I implemented the following solution to allow for custom headers for each server being load balanced.

frontend http-in
    bind *:80
    use_backend proxy

backend proxy
    balance roundrobin
    server url1-proxy 0.0.0.0:8080
    server url2-proxy 0.0.0.0:8081

listen url1-proxy
    bind *:8080
    reqidel '^Authorization:.*'
    reqadd 'Authorization: Basic blahblahblah'
    server url1 asdf.example.com:8080 check ssl verify none

listen url2-proxy
    bind *:8081
    reqidel '^Authorization:.*'
    reqadd 'Authorization: Basic blah2blah2blah2'
    server url2 asdf.example.com:8081 check ssl verify none