HAproxy Console

Install HAproxy console for environments with internal ONLY IP addressing

  • First of all you should should install haproxy

yum install haproxy

  • keep a backup of your current haproxy.cfg file

mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak

  • now create a new configuration file for haproxy. nano /etc/haproxy/haproxy.cfg and paste the following changing what needs to be changed depending on your current configuration setup
global
log /dev/log    local0
log /dev/log    local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH  
ssl-default-bind-options no-sslv3
tune.ssl.default-dh-param 2048
defaults
log     global
mode    http
option  httplog
option  dontlognull
timeout connect 50000
timeout client  50000
timeout server  50000
frontend http
bind 162.x.x.x:80
bind 162.x.x.x:443 ssl crt /etc/ssl/console.servarica.com/console$
mode http
option http-server-close
http-request replace-value Cookie __utma.* ;
use_backend %[capture.req.uri,map(/home/mapper/randomtobackendmap.map)]$
default_backend www
#
backend www
balance roundrobin
option httpclose
option forwardfor
server www 127.0.0.1:80

# Adding XenServers
backend XenServer1
balance roundrobin
option httpclose
option forwardfor
server www 10.1.1.1:80
#
backend XenServer2
balance roundrobin
option httpclose
option forwardfor
server www 10.1.1.2:80
#
# Add as many XenServers As you have

The important part above is the last paragraph (Adding XenServers) which is your internal server declaration, along with the SSL declaration in the first part. Keep in mind that SSL needs to be valid and obtained by official SSL certificate authority

Install Python script

  • install python and dependencies

yum install python yum -y install python-pip pip install flask pip install expiringdict

  • Create a .py file according to your server details mentioned above. Please use the below link and adjust it :

http://wiki.xenmodule.com/app.txt

notice that you will need to remove any '**' on the file (its only to let you know where to edit!)

  • create an empty /path/mapper/randomtobackendmap.map file according to above declarations
  • start haproxy and enable on boot

systemctl start haproxy ; systemctl enable haproxy

  • start python script with a nohup instruction

eg: nohup python app.py

  • haproxy_console.txt
  • Last modified: 2018/09/11 14:17
  • by orwah