HAproxy Console
Install HAproxy console for environments with internal ONLY IP addressing
- First of all you should should install haproxy
yum install haproxy
- keep a backup of your current haproxy.cfg file
mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak
- now create a new configuration file for haproxy. nano /etc/haproxy/haproxy.cfg and paste the following changing what needs to be changed depending on your current configuration setup
global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin #stats socket /var/lib/haproxy/status mode 660 level admin stats timeout 30s user haproxy group haproxy daemon ca-base /etc/ssl/certs crt-base /etc/ssl/private ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH ssl-default-bind-options no-sslv3 tune.ssl.default-dh-param 2048 defaults log global mode http option httplog option dontlognull timeout connect 50000 timeout client 50000 timeout server 50000 frontend http bind *:80 bind *:443 ssl crt /etc/ssl/cert.pem mode http option http-server-close http-request replace-value Cookie __utma.* ; use_backend %[capture.req.uri,map(/home/mapper/randomtobackendmap.map)] default_backend www # backend www balance roundrobin option httpclose option forwardfor server www 127.0.0.1:80 # Adding XenServers backend XenServer1 balance roundrobin option httpclose option forwardfor server www 10.1.1.1:80 # backend XenServer2 balance roundrobin option httpclose option forwardfor server www 10.1.1.2:80 # # Add as many XenServers As you have
- for SSL declaration in the first part, you need to generate the /etc/ssl/cert.pem key. Keep in mind that SSL needs to be valid and obtained by official SSL certificate authority
- The most important is the last paragraph (Adding XenServers) which is your internal servers list (pools only), change XenServer1,XenServer2 names and IPs with the right data
Install Python script
- install python and dependencies
yum install python yum -y install python-pip pip install flask pip install expiringdict
- Create a .py file according to your server details mentioned above. Please use the below link and adjust it :
http://wiki.xenmodule.com/app.txt
notice that you will need to remove any '**' on the file (its only to let you know where to edit!)
- edit your serversmap list on line 9
- edit PROXY MAP part at line 21,22, so your “CONSOLE PROXY MAP” in Xenica Configurations will be: http://your_proxy_IP/mapper/randomtobackendmap for example, or whatever you put in app.route
- in line 30 you need a local file path to save the temp data, or you can keep the default path (make sure it's exist and writable)
- in line 43 put your proxy vps ip
- make sure to rename the file extension from .txt to .py
* start haproxy and enable on boot
systemctl start haproxy ; systemctl enable haproxy
* start app.py python script and make it run in background, with a nohup instruction
nohup python app.py