Synopsis
Your application uses both HTTP and HTTPS, depending on the pages.
SSL encryption is achieved by your backend server directly.
You want your user to get connected to the same backend for both protocols.
Configuration
This configuration has to be applied on Layer7 (haproxy) tab of the ALOHA.
Whatever protocol used on first request, your client IP will be associated to a backend and inserted in a sticky table.
global stats socket ./haproxy.stats level admin frontend ft_http bind :80 mode http default_backend bk_http frontend ft_https bind :443 mode tcp default_backend bk_https backend bk_http mode http balance roundrobin stick on src table bk_https default-server inter 1s server s1 192.168.1.1:80 check id 1 server s2 192.168.1.2:80 check id 2 backend bk_https mode tcp balance roundrobin stick-table type ip size 200k expire 30m stick on src default-server inter 1s server s1 192.168.1.1:443 check id 1 server s2 192.168.1.2:443 check id 2
Result:
echo "show table https" | socat unix-connect:./haproxy.stat stdio # table: https, type: ip, size:204800, used:2 0x1fea474: key=192.168.1.250 use=0 exp=1764443 server_id=1 0x2014a24: key=192.168.1.251 use=0 exp=1798278 server_id=2
