Install HAproxy console for environments with internal ONLY IP addressing
- First of all you should should install haproxy
yum install haproxy
- keep a backup of your current haproxy.cfg file
mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak
- now create a new configuration file for haproxy. nano /etc/haproxy/haproxy.cfg and paste the following changing what needs to be changed depending on your current configuration setup
global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon ca-base /etc/ssl/certs crt-base /etc/ssl/private ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH ssl-default-bind-options no-sslv3 tune.ssl.default-dh-param 2048 defaults log global mode http option httplog option dontlognull timeout connect 50000 timeout client 50000 timeout server 50000 frontend http bind 162.x.x.x:80 bind 162.x.x.x:443 ssl crt /etc/ssl/console.servarica.com/console$ mode http option http-server-close http-request replace-value Cookie __utma.* ; use_backend %[capture.req.uri,map(/home/mapper/randomtobackendmap.map)]$ default_backend www
backend www balance roundrobin option httpclose option forwardfor
server www 127.0.0.1:80 backend xen3 balance roundrobin option httpclose option forwardfor server www 10.1.1.x:80
The important part above is the last paragraph which is your internal server declaration along with the SSL declaration in the first part. Keep in mind that SSL needs to be valid and obtained by official SSL certificate authority
Install Python script
- install python and dependencies
yum install python yum -y install python-pip pip install flask pip install expiringdict
- Create a .py file according to your server details mentioned above. Please use the below link and adjust it
http://www.xenmodule.com/app.txt
- create an empty /path/mapper/randomtobackendmap.map file according to above declarations
- start haproxy and enable on boot
systemctl start haproxy ; systemctl enable haproxy
- start python script with a nohup instruction
eg: nohup python script.py