Synopsis

You own small public subnet and want to be able to access multiple web sites or application behind a single public IP address.
Basically, you want to use your Aloha load-balancer as a reverse proxy.

Diagram

The diagram below shows how the reverse proxy works.
In our case, we have 2 domains pointing to the Aloha IP address.
Depending on the domain name, the Aloha will decide which farm it will use.
reverse_proxy

Configuration

On the Aloha, the reverse-proxy configuration is achieved by HAProxy.
HAProxy configuration can be done in the “layer 7” tab of the GUI or through the CLI command “service haproxy edit”.

First, the Frontend definition.
This is where HAProxy will take rooting decision based on layer 7 information.
[sourcecode language=”text”]
frontend ft_websites
mode http
bind 0.0.0.0:80
log global
option httplog
# Capture Host header is important to know whether rules matches or not
capture request header host len 64
# mysite configuration
acl site1 hdr_sub(host) site1.com
acl site1 hdr_sub(host) site1.eu
use_backend bk_site1 if site1
# yoursite configuration
acl site2 hdr_sub(host) site2.com
acl site2 hdr_sub(host) site2.ie
use_backend bk_site2 if site2
# default configuration
default_backend bk_default
[/sourcecode]

And now, we can define our backend sections for each website or application:
[sourcecode language=”text”]
# First site backend configuration
backend bk_site1
mode http
balance roundrobin
cookie SERVERID insert indirect nocache # persistence cookie
option forwardfor # add X-Forwarded-For
option httpchk HEAD / HTTP/1.0rnHost: www.site1.com
default-server inter 3s rise 2 fall 3 slowstart 0 # servers default parameters
server srv1 192.168.10.11:80 cookie s1 weight 10 maxconn 1000 check
server srv2 192.168.10.12:80 cookie s2 weight 10 maxconn 1000 check

# Second site backend configuration
backend bk_site2
mode http
balance roundrobin
cookie SERVERID insert indirect nocache # persistence cookie
option forwardfor # add X-Forwarded-For
option httpchk HEAD / HTTP/1.0rnHost: www.site2.com
default-server inter 3s rise 2 fall 3 slowstart 0 # servers default parameters
server srv1 192.168.10.13:80 cookie s1 weight 10 maxconn 1000 check
server srv2 192.168.10.14:80 cookie s2 weight 10 maxconn 1000 check
[/sourcecode]

And finally, the “garbage collector”, the default backend which hosts all the traffic that has not match any other rules.
It may be important to watch logs from this backend in order to ensure there is no mis-configuration.
[sourcecode language=”text”]
backend bk_default
mode http
balance roundrobin
option forwardfor # add X-Forwarded-For
option httpchk HEAD /
default-server inter 3s rise 2 fall 3 slowstart 0 # servers default parameters
server srv1 192.168.10.8:80 weight 10 maxconn 1000 check
server srv2 192.168.10.9:80 weight 10 maxconn 1000 check
[/sourcecode]

Links