I am using haproxy version 1.6.2
I have enabled http2 using the config below which I need to use "mode tcp". But once I have switched from "mode http" to "mode tcp" I couldn't use acl path_beg to
frontend websocks
mode tcp
bind *:443 ssl crt /etc/certs/domain.pem alpn h2,http/1.1 ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH; no-sslv3
timeout client 1h
acl is_api path_beg /api
acl is_xmpp path_beg /chat
use_backend api_backend if is_api
use_backend xmpp_backend if is_xmpp
use_backend fe_public_tcp if { ssl_fc_alpn -i h2 }
default_backend fe_public
fe_public
server fe1 localhost:444 weight 1 maxconn 4096 check inter 10000 ssl verify none
fe_public_tcp
mode tcp
server fe1 localhost:445
api_backend
server api1 localhost:9966
xmpp_backend
server xmpp1 localhost:9955
How do I make path_beg and http2 works again? or is there a way to enable http2 without mode tcp?
To use protocol specific features you have to use the appropriate mode. Mode tcp gives you only access to tcp specific features, but to get http specific features like choosing the backend based on the URI you need to have mode http.
Unfortunately HTTP/2 looks very different from HTTP/1.x and is not support by mode http currently so you have to use mode tcp. This also means that you cannot make any decisions based on URI as long as you want to support HTTP/2.
Better support for HTTP/2 is expected with haproxy version 1.7. From http://www.haproxy.org/news.html: