New to rancher and haproxy. Trying to use rancher’s ingress for several routes and I need to strip part of the path.
Example
The incoming request could be
blah.com/v1/somename/sub/sub2
What I want to go to the internal service would be
/sub/sub2
I tried using
backend assignment
acl assign_test path_beg -i v1/assignment
reqrep ^([^\ :])\ /v1/sub[/]?(.) \1\ //\2 if assign_test
but haproxy logs show:
‘option forwardfor’ ignored for proxy ‘default’ as it requires HTTP mode.\n[WARNING] 276/031850 (171) : parsing [/etc/haproxy/haproxy.cfg:48] : a ‘http-request’ rule placed after a ‘reqxxx’ rule will still be processed before.\n[WARNING] 276/031850 (171) : parsing [/etc/haproxy/haproxy.cfg:49] : a ‘http-request’ rule placed after a ‘reqxxx’ rule will still be processed before.\n[WARNING] 276/031850 (171) : config : ‘option forwardfor’ ignored for proxy ‘default’ as it requires HTTP mode.\n …done.\n"
Going to localhost/v1/sub/sub1 doesn’t work.
The path is always going to start with /
, so path_beg -i v1/assignment
is never true.
That is a good catch, I’ll try it in the morning.
That works.
Though it doesn’t do what I wanted it to do.
I was able to get this working with the following custom config
backend v1_standard
reqrep ^([^\/]*\/)v(\d+)\/([^\/]*)\/[\/]?(.*) \1\4
Now I’m seeing another issue.
I have loaded several paths in the load balancer using the GUI.
path target backend
/v1/service1 s1 v1_standard
/v1/service2 s2 v1_standard
What I am not seeing is even when I put curl localhost/v1/service2 it is still routing to service1
As written you’d need a separate backend for each. The request goes to a backend, and that backend contains the list of containers of the target services. So you’re putting both into one pool and getting 1 vs 2 randomly.
Since you want the replacement to affect the backend that is chosen, it would make more sense to do once in the frontend instead and not assign custom backed names.
Also there’s no reason to capture the parts you don’t want, or rewrite the part you’re not changing, and the slash handling is generally odd, you accept a double slash at only some levels. I didn’t try this and wrote it on no phone but ^([^\/]*)\/+v\d+\/+[^\/]*\/+ \1/
The groupings were me just trying to do something I try not to do, be clever.
I added
frontend 80
balance roundrobin
bind *:80
reqrep ^([^\/]*)\/+v\d+\/+[^\/]*\/+ \1/
and removed the backend however now I’m getting 503 using:
curl http://localhost/v1/assignment/health
Also tried with my original ^([^/]/)v(\d+)/([^/])/[/]?(.*) \1\4 in the frontend with the same 503
Maybe I’m doing something else wrong.
Here is my entire custom haproxy config
global
log 127.0.0.1:8514 local0
debug
defaults
log global
mode tcp
option httplog
frontend 80
balance roundrobin
reqrep ^([^/])/+v\d+/+[^/]/+ \1/
backend v1_standard
reqrep ^([^/])/+v\d+/+[^/]/+ \1/
backend v1_standard2
mode http
reqrep ^([^/]/)v(\d+)/([^/])/[/]?(.*) \1\4
backend stats
mode http
stats enable
stats uri /haproxy_stats
And here is my paths setup in case it helps
For now I’m going with separate backends for each service and I’ll revisit later to look into optimizing for less duplication