Versions Compared

Old Version 6

changes.mady.by.user jtel Support

Saved on

compared with

New Version Current

changes.mady.by.user jtel Support

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Content imported from a Scroll Translations translation file.
Sv translation
languageen

Introduction

The role LB provides the central access point to the portal and the SOAP interfaces. This is where the requests are distributed to the available Web application servers, taking into account an even load distribution, the possible failure of one or more Web servers, and the service-specific restrictions. Furthermore, this role also handles the provision of the connection using HTTPS, which is encrypted using TLS. The service can be provided both on HTTP (port 80) and HTTPS (port 443).

Automatic redirection to HTTPS or special URLs can also be implemented here, for example:

Since the role usually requires very few resources, it is usually installed on the same machine on which the STORE role was installed.

Install haproxy

Install Software

The installation of haproxy is performed using the following commands:

Translations Ignore
Code Block
languagebash
dnf -y install haproxy
mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.sample

The second command renames the installed configuration, as this is not required. 

Acticate haproxy

Activate the haproxy service with the following command:

Translations Ignore
Code Block
languagebash
systemctl enable haproxy.service

Configure Firewall

Configure the firewall with the following commands:

Translations Ignore
Code Block
languagebash
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=7777/tcp --permanent
firewall-cmd --reload

SeLinux Configuration

Enable haproxy to open any port with the following selinux command:

Translations Ignore
Code Block
languagebash
setsebool -P haproxy_connect_any=1
semanage permissive -a haproxy_t

haproxy Log

To allow the haproxy service to log to the syslog service, the following commands are executed. 

The logs from haproxy will be in /var/log/messages

Translations Ignore
Code Block
languagebash
sed -i -e 's/#$ModLoad *imudp/$ModLoad imudp/' -e 's/#$UDPServerRun *514/$UDPServerRun 514/' /etc/rsyslog.conf
cat <<EOFF>/etc/rsyslog.d/haproxy.conf
local2.* /var/log/haproxy.log
EOFF
service rsyslog restart

Installation Steps

Children Display



Sv translation
languagede

Status
colourRed
titleTHIS PAGE IS ONLY AVAILABLE IN ENGLISH

Sv translation
languagefr

Introduction

Le rôle LB fournit le point d'accès central au portail et aux interfaces SOAP. C'est là que les demandes sont distribuées aux serveurs d'applications Web disponibles, en tenant compte d'une répartition uniforme de la charge, de la panne possible d'un ou de plusieurs serveurs Web et des restrictions spécifiques au service. En outre, ce rôle gère également la fourniture de la connexion à l'aide de HTTPS, qui est chiffrée à l'aide de TLS. Le service peut être offert à la fois sur HTTP (port 80) et HTTPS (port 443).

Une redirection automatique vers le HTTPS ou des URL spéciales peut également être mise en œuvre ici, par exemple :

Comme le rôle nécessite généralement très peu de ressources, il est généralement installé sur la même machine sur laquelle le rôle MAGASIN a été installé.

Étapes d'installation

Children Display

Sv translation
languagede

THIS PAGE IS ONLY AVAILABLE IN ENGLISH
Status
colourRed
title