HAproxy Console

{{:user:servarica.png?direct|}}
{{ :user:xenica.png?direct|}}
<html>
<head>
<style>
h1 {
    color: #3498DB;
    text-align: center;
     font-weight:bold;
}

h1 {
    font-family: Arial;
    font-size: 40px;
}
</style>
</head>
<h1><bold>HAproxy Console</bold></h1>
</html>

Install HAproxy console for environments with internal ONLY IP addressing

  * First of all you should should install haproxy
   
 yum install haproxy


  * keep a backup of your current haproxy.cfg file 

 mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak

  * now create a new configuration file for haproxy. nano /etc/haproxy/haproxy.cfg and paste the following changing what needs to be changed depending on your current configuration setup

  global
  log /dev/log    local0
  log /dev/log    local1 notice
  chroot /var/lib/haproxy
  stats socket /run/haproxy/admin.sock mode 660 level admin
  stats timeout 30s
  user haproxy
  group haproxy
  daemon
  ca-base /etc/ssl/certs
  crt-base /etc/ssl/private
  ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH  
  ssl-default-bind-options no-sslv3
  tune.ssl.default-dh-param 2048
  defaults
  log     global
  mode    http
  option  httplog
  option  dontlognull
  timeout connect 50000
  timeout client  50000
  timeout server  50000
  frontend http
  bind 162.x.x.x:80
  bind 162.x.x.x:443 ssl crt /etc/ssl/console.servarica.com/console$
  mode http
  option http-server-close
  http-request replace-value Cookie __utma.* ;
  use_backend %[capture.req.uri,map(/home/mapper/randomtobackendmap.map)]$
  default_backend www

  backend www
  balance roundrobin
  option httpclose
  option forwardfor


  server www 127.0.0.1:80
  backend xen3
  balance roundrobin
  option httpclose
  option forwardfor
  server www 10.1.1.x:80

The important part above is the last paragraph which is your internal server declaration along with the SSL declaration in the first part. Keep in mind that SSL needs to be valid and obtained by official SSL certificate authority

 Install Python script

  * install python and dependencies

yum install python
yum -y install python-pip 
pip install flask
pip install expiringdict 

  * Create a .py file according to your server details mentioned above. Please use the below link and adjust it
          
          http://www.xenmodule.com/app.txt 

     * create an empty /path/mapper/randomtobackendmap.map file  according to  above declarations

  *  start haproxy and enable on boot
    
    systemctl start haproxy ; systemctl enable haproxy
      * start python script with a nohup instruction
eg: nohup python script.py