HAproxy Console

Install HAproxy console for environments with internal ONLY IP addressing

  • First of all you should should install haproxy

yum install haproxy

  • keep a backup of your current haproxy.cfg file

mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak

  • now create a new configuration file for haproxy. nano /etc/haproxy/haproxy.cfg and paste the following changing what needs to be changed depending on your current configuration setup
global
log /dev/log    local0
log /dev/log    local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
#stats socket /var/lib/haproxy/status  mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH  
ssl-default-bind-options no-sslv3
tune.ssl.default-dh-param 2048
defaults
log     global
mode    http
option  httplog
option  dontlognull
timeout connect 50000
timeout client  50000
timeout server  50000
frontend http
bind *:80
bind *:443 ssl crt /etc/ssl/cert.pem
mode http
option http-server-close
http-request replace-value Cookie __utma.* ;
use_backend %[capture.req.uri,map(/home/mapper/randomtobackendmap.map)]
default_backend www
#
backend www
balance roundrobin
option httpclose
option forwardfor
server www 127.0.0.1:80

# Adding XenServers
backend XenServer1
balance roundrobin
option httpclose
option forwardfor
server www 10.1.1.1:80
#
backend XenServer2
balance roundrobin
option httpclose
option forwardfor
server www 10.1.1.2:80
#
# Add as many XenServers As you have

- for SSL declaration in the first part, you need to generate the /etc/ssl/cert.pem key. Keep in mind that SSL needs to be valid and obtained by official SSL certificate authority

- The most important is the last paragraph (Adding XenServers) which is your internal servers list (pools only), change XenServer1,XenServer2 names and IPs with the right data

Install Python script

  • install python and dependencies
  yum install python
  yum -y install python-pip 
  pip install flask
  pip install expiringdict 
  • Create a .py file according to your server details mentioned above. Please use the below link and adjust it :

http://wiki.xenmodule.com/app.txt

notice that you will need to remove any '**' on the file (its only to let you know where to edit!)

  • edit your serversmap list on line 9
  • edit PROXY MAP part at line 21,22, so your “CONSOLE PROXY MAP” in Xenica Configurations will be: http://your_proxy_IP/mapper/randomtobackendmap for example, or whatever you put in app.route
  • in line 30 you need a local file path to save the temp data, or you can keep the default path (make sure it's exist and writable)
  • in line 43 put your proxy vps ip
  • make sure to rename the file extension from .txt to .py

* start haproxy and enable on boot

  
  systemctl start haproxy ; systemctl enable haproxy

* start app.py python script and make it run in background, with a nohup instruction

  
  nohup python app.py  
  • haproxy_console.txt
  • Last modified: 2022/01/26 13:41
  • by orwah