如何将HAProxy配置为将两个域名“代理”到localhost中的不同端口

Question

我有一台包含FE应用程序和BE的服务器。 FE侦听端口80，BE部署到Tomcat侦听默认端口8080。HAProxy用于侦听端口443 /处理ssl。代理到FE /端口80可以正常工作，但不能代理到BE / Tomcat监听端口8080。这是我正在使用的配置：

global
        log /dev/log    local0
        log /dev/log    local1 notice
        chroot /var/lib/haproxy
        maxconn 3072
        tune.ssl.default-dh-param 2048
        stats socket /run/haproxy/admin.sock mode 660 level admin
        stats timeout 30s
        user haproxy
        group haproxy
        daemon
        # Default SSL material locations
        ca-base /etc/ssl/ssl.key
        crt-base /etc/ssl/private
        # Default ciphers to use on SSL-enabled listening sockets.
        # For more information, see ciphers(1SSL). This list is from:
        #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
        #ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
        ssl-default-bind-options no-sslv3

defaults
        log     global
        mode    http
        option  httpchk
        option  httplog
        option  dontlognull
        option  forwardfor
        option  http-server-close
        option  http-keep-alive
        option  abortonclose
        option  redispatch
        retries 3
        maxconn 3072
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http

listen stats
        bind 0.0.0.0:9000
        mode http

frontend http-in
        bind *:443 ssl crt /etc/ssl/private/bundle.pem
        http-request set-header X-Forwarded-Proto https if { ssl_fc }
        redirect scheme https if !{ ssl_fc }

        # Define hosts
        acl host_fe hdr(host) -i fe.domain.com
        acl host_be hdr(host) -i be.domain.com

        ## figure out which one to use
        use_backend fecluster if host_fe
        use_backend becluster if host_be

backend fecluster
        balance leastconn
        option httpclose
        option forwardfor
        server node1 localhost:80 cookie A check

backend becluster
        mode http
        balance leastconn
        option httpclose
        option forwardfor
        cookie JSESSIONID prefix
        http-request set-header X-Forwarded-Port %[dst_port]
        http-request add-header X-Forwarded-Proto https if { ssl_fc }
        redirect scheme https if !{ ssl_fc }
        server node1 localhost:8080 maxconn 32 check inter 5000 
        cookie node1

Tomcat可以直接使用ip地址正常工作，事实并非如此。因此，host_be / becluster需要帮助。