Le 2/15/24 à 10:33, Michael Hekeler a écrit :
Hello,
I'm trying to configure relayd(8) to use tags, to allow legit host names
only and modify HTTP headers, and fallback. But I can't have it working
properly.
I don't understand exactly what you want to achieve. Do you want:
A. Requests with http header "www.example" going to primary.
And going to fallback if primary is down.
And block all other requests.
or:
B. Request with http header "www.example" going to primary.
And all other going to fallback.
And block nothing (=all requests are served either by primary or
by fallback)
It looks more like A.
I want to relay to the primary by default.
I the primary fails, then I want to relay to a secondary. Which is just
a static webpage saying "work in progress, be back soon".
If A) then put both servers in the table and let HCE decide which host
is up. Something like that (header check ignored in example):
table <www> {192.0.2.4 192.0.2.7}
redirect www {
listen on 192.0.2.30 port 80
forward to <www> check http “/” code 200
}
This implies "mode roundrobin" which is not what I want. The secondary
should only be displayed when the primary is down.
If B) then you need an an additional pass rule in your protocol.
Something like that (to be honest I don't know why you need the tag here
so I ignored that in that example):
http protocol www {
pass request quick header "Host" value "www.example" \
forward to <primary>
pass request forward to <fallback>
block
}
I need tags because the relayd(8) exposes several FQDN and sets various
headers depending on those.
Using such a configuration:
#-8<-------
table <primary> { 192.0.2.4 }
table <fallback> { 192.0.2.7}
http protocol www {
block
match request header "Host" value "www.example" tag "example"
pass request tagged "example" forward to <primary>
}
relay www {
listen on 192.0.2.30 port 80
protocol www
forward to <primary> port 80 check http "/" code 200
forward to <fallback> port 80
}
#-8<-------
forwards all tagged HTTP traffic to the primary server. But if it is turned
off, relayd(8) only replies with error rather than sending the traffic to
the fallback server.
Removing tags and using a simple "pass" directive in protocol (as described
in the man page) does work as expected regarding the fallback server.
Is there a way to use both tags and fallback with relayd(8) to mimic
Apache's Failover[1] configuration with "ProxyPass" and "BalancerMember
(...) status=+H" ?
Thank you,
Joel C.
[1] https://httpd.apache.org/docs/trunk/howto/reverse_proxy.html#failover
--
Bonne journée,
Joel C.
Tél: +33 663541230
