Hello good people,
i am currently trying to find the best way to integrate ip-based sticky session on the real-ip while using cloudflare as a cdn. The problem is that “stick on src” now uses the ip from the CF proxy, thats why I ended up with this setup, I try to set the cf-connecting-ip as the src and than use “stick on src” but it doesnt seem to work correctly:
frontend https
bind *:80
bind *:443 ssl crt /etc/ssl/certs/origin-cert.pem ssl-min-ver TLSv1.2
mode http
http-request redirect scheme https unless { ssl_fc }
acl from_cf src -f /etc/haproxy/cf-ips
http-request set-src req.hdr(CF-Connecting-IP) if from_cf
#stick-table type ip size 30m expire 12h
default_backend cluster
log 127.0.0.1:514 local0 warning
backend sf-cluster
balance roundrobin
stick-table type ip size 50m expire 12h
stick on src
server s2 xxx.xxx.xxx.xxx:80 check
server s3 xxx.xxx.xxx.xxx:80 check
server s4 xxx.xxx.xxx.xxx:80 check
If anyone could help point me in the right direction if this solution is even okay or if there is a way better/easier solution I would highly appreciate it.
1 post - 1 participant