HAproxy: digest authentication – Valuable Tech Notes

We have setup a loadbalancer to balance 2 servers. The config looks like this:

global
    maxconn 40960
    user haproxy
    group haproxy
    daemon

defaults
    log     global
    option  dontlognull
    retries 3
    #option redispatch
    timeout client 10s
    timeout server 10s
    timeout connect 4s
    maxconn 40960

listen webpool lbIP:80
    mode http
    cookie SERVERID insert indirect
    balance roundrobin
    server slave1 slave1IP:80 cookie A check port 8981
    server slave2 slave2IP:80 cookie B check port 8982

The servers slave1 and slave2 needs digest authentication. When the client
sends a request the first request is balanced to slave1. This returns a 401: Unauthorized.
The second request is balanced to slave2 and will succeed, it returns a 200: OK. The problem is
that the authentication always happens on slave1 and the the response always came from slave2. I want
both requests(authentication and returning data) into one connection/slave.

Is it possible to configure this in HAproxy?

Best Answer

If I understood you well, you can try using a different balancing algorithm balance source instead of roundrobin. Using this algorithm, all the requests from the same IP will go the same backend server (unless that server is down). This can distribute the load between your backend servers evenly depending on your clients IP addresses.

Best Answer

Related Solutions

Ssl – HaProxy – Http and SSL pass through config

Docker – haproxy forward uri to root of another server

Related Topic