I have a haproxy container running on port 80. This container is started with command
docker run -d -p 80:80 --name haproxy1 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7
This haproxy used following configuration file /home/ubuntu/haproxy/haproxy.cfg
global
defaults
frontend sok-front-end
bind *:80
mode http
default_backend sok-front-end
backend sok-front-end
mode http
balance roundrobin
server srv3 172.17.0.2:8000
To make this haproxy work with SSL, first create a ssl.pem file with your SSL certificate contents in following order
1) Your Private Key 2) Your SSL CRT 4) CA-BUNDLE
copy and paste all those certs into ssl.pem file inside /home/ubuntu/haproxy/ssl.pem
Now modify your /home/ubuntu/haproxy/haproxy.cfg file as follows
global
defaults
frontend sok-front-end
bind *:80
bind :::443 ssl crt /usr/local/etc/haproxy/ssl.pem
acl https ssl_fc
http-request set-header X-Forwarded-Proto http if !https
http-request set-header X-Forwarded-Proto https if https
mode http
default_backend sok-front-end
backend sok-front-end
mode http
balance roundrobin
server srv3 172.17.0.2:8000
Now we need to stop current docker container as it only allow port 80 to be shared.
docker container stop haproxy1
Lets create a new haproxy container with port 443 forwaded.
docker run -d -p 80:80 -p 443:443 --name haproxy2 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7
See Haproxy
Leave a Reply