Configuration Changes

Location of Configuration File

The configuration file is located in:

/etc/haproxy/haproxy.cfg

Must Change

The following items must be changed:

Peers Replicates Section

The peer name "localproxy" must be changed to the host name of the proxy server (the short hostname).

This will otherwise cause a warning in the log, and the stick tables will not reload correctly when the server is reloaded.

peers replicates
        peer localproxy 127.0.0.1:1024

Error Pages

Comment out all of the default error pages. These do not exist on the Debian package for haproxy.

# default error pages
# errorfile 400 /usr/share/haproxy/400.http
# errorfile 408 /usr/share/haproxy/408.http
# errorfile 504 /usr/share/haproxy/504.http
# errorfile 503 /usr/share/haproxy/503.http
# errorfile 502 /usr/share/haproxy/502.http
# errorfile 403 /usr/share/haproxy/403.http
# errorfile 500 /usr/share/haproxy/500.http

Configure Redirects

The configuration file allows redirects from the following URLs to the correct login page:

• Root requests directly to the load balancer are redirected to /CarrierPortal/login/RESELLER/CLIENT
• Requests to /mini are redirected to the mini client login page /CarrierPortal/mclogin/RESELLER/CLIENT

Modify the redirect parameters RESELLER and CLIENT according to the required standard RESELLER UID and CLIENT UID on the system. If required (for example for cloud installations), you can remove the /CLIENT part of the URL.

        redirect        location /CarrierPortal/login/RESELLER/CLIENT if root_req
        redirect        location /CarrierPortal/mclogin/RESELLER/CLIENT if mini_req

Configure Backend Webservers and SOAP

The list of the backend web application servers and SOAP servers must be configured.

The alias names configured in /etc/hosts will work fine, however make sure you have all of the servers configured.

Here is the backend configuration for two webservers for the portal:

backend jtel_portal
        ...
        server          jboss1 acd-jb1:8080 weight 1 cookie jboss1 check inter 1m
        server          jboss2 acd-jb2:8080 weight 1 cookie jboss2 check inter 1m

And here is the backend configuration for two webservers for the portal:

backend jtel_soap
        ...
        server          jboss1 acd-jb1:8080 weight 1 cookie jboss1 check inter 1m
        server          jboss2 acd-jb2:8080 weight 1 cookie jboss2 check inter 1m

Optional Changes

User for haproxy Administration

The following URL can be used, to access the administration web admin site for the load balancer:

http(s)://acd-store:7777

This page can be used for example to deactivate certain resources for maintenance purposes.

Users, who can access the web admin site, must be configured in the configuraiton file.

First of all, a password must be generated, using the following command:

python2 -c 'import crypt; print crypt.crypt("<password>", "$5$jhaProxy")'

This command creates a password hash with a salt value jhaProxy. This hash and the user name is added to the configuration file. The line for newuser is added, and the user is added at the end of the group admin line:

userlist stats-auth
        ...
        user  newuser   password <hashvalue>
        group admin     users admin,jtel,newuser

Start the haproxy Service

Start the haproxy service as follows:

systemctl start haproxy.service

Test

Open the following URL in a browser:

http://acd-lb/admin

You should see the login screen of the jtel portal web application: