In my use case I'm using SSL to connect to the PG nodes, since I do not want to have SSL termination, I'm locked in to use TCP mode.
With TCP mode, I have no access to the header information, especially host. Because of this I can not use something like
# Primary - RW
frontend PGSQL_primary
bind *:5432
acl host_pglab hdr(host) -i pglab-db.local
acl host_stage hdr(host) -i stage-db.local
use_backend cluster_pglab-primary if host_pglab
use_backend cluster_stage-primary if host_stage
backend cluster_pglab-primary
option httpchk OPTIONS /master
http-check expect status 200
default-server inter 2s fall 2 rise 2 on-marked-down shutdown-sessions
server pglab-db-01 pglab-db-01.local:5432 maxconn 100 check check-ssl verify none port 8008
server pglab-db-02 pglab-db-02.local:5432 maxconn 100 check check-ssl verify none port 8008
backend cluster_stage-primary
option httpchk OPTIONS /master
http-check expect status 200
default-server inter 2s fall 2 rise 2 on-marked-down shutdown-sessions
server pglab-db-01 stage-db-01.local:5432 maxconn 100 check check-ssl verify none port 8008
server pglab-db-02 stage-db-02.local:5432 maxconn 100 check check-ssl verify none port 8008
From client connect to port 5432 and redirect the traffic to either pglab or stage cluster's primary node, depending on the hostname.
Is there some alternative to this, that I can avoid using new port for every cluster ?
I think you'll probably need a protocol-aware proxy like pgbouncer or pgpool.
Of the two I should think that pgbouncer is closer to haproxy in intention and usage.