Apps behind HaProxy?

[oguruma]

My home lab has only a single, dynamic IP, so I'd like to use HAProxy (on my router) to point to SCALE apps. I'm currently using HAproxy to point to VMs without issue.

I have a Vaultwarden app. Using the default main service port of 10102, I can access it via 192.168.X.X:10102 (192.168.X.X being my NAS IP).

However, when I configure the HAproxy backend to 192.168.X.X:10102, and the appropriate front-end rules, I get a 503 when I try to my.vaultwarden.com.

I'm sure this is a lack of understanding of Kubernetes networking/Kubernetes in general.

 

[victorlau]

I have the same issue. Hope someone can help.

 

[Darren David]

Bump.

 

[probain]

I haven't tried it specifically with Vaultwarden. But I did just setup a HAproxy to my netdata instance, which works. The HAProxy runs on my router.
I'm assuming that you can you can browse into it with an Incognito browser towards IP:portnumber? (Forgot you wrote you could)

Things that I usually forget and therefore stump my toe on are:

• Check that your health-check methods are compatible with the target. E.g, I've had instances where I need to have either GET or HEAD when checking via HTTP. Or even not using HTTP at all, and falling back to BASIC, or even none.
• Is there a mismatch in HTTP(S) towards the backend? Is your proxy talking with, and the server without? Or vice versa?
• Next step would probably be to check that you're configuring the ACL correctly in the frontend. So that the conditions results in choosing the correct backend.