You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Configuration Changes

For redundant installations, the haproxy configuration must be maintained on both nodes identically. 

Location of Configuration File

The configuration file is located in:

/etc/haproxy/haproxy.cfg

User for haproxy Administration

The following URL can be used, to access the administration web admin site for the load balancer:

http(s)://acd-store:7777

This page can be used for example to deactivate certain resources for maintenance purposes.

Users, who can access the web admin site, must be configured in the configuraiton file.

First of all, a password must be generated, using the following command:

CAUTION PASSWORD

python -c 'import crypt; print crypt.crypt("<password>", "$5$jhaProxy")'

This command creates a password hash with a salt value jhaProxy. This hash and the user name is added to the configuration file. The line for newuser is added, and the user is added at the end of the group admin line:

userlist stats-auth
        ...
        user  newuser   password <hashvalue>
        group admin     users admin,jtel,newuser

Configure Redirects

The configuration file allows redirects from the following URLs to the correct login page:

  • Root requests directly to the load balancer are redirected to /CarrierPortal/login/RESELLER/CLIENT
  • Requests to /mini are redirected to the mini client login page /CarrierPortal/mclogin/RESELLER/CLIENT

Modify the redirect parameters RESELLER and CLIENT according to the required standard RESELLER UID and CLIENT UID on the system. If required (for example for cloud installations), you can remove the /CLIENT part of the URL.

        redirect        location /CarrierPortal/login/RESELLER/CLIENT if root_req
        redirect        location /CarrierPortal/mclogin/RESELLER/CLIENT if mini_req

Configure Backend Webservers and SOAP

The list of the backend web application servers and SOAP servers must be configured.

The alias from /etc/hosts will work fine, however make sure you have all of the servers configured.

Here is the backend configuration for two webservers for the portal:

backend jtel_portal
        ...
        server          jboss1 acd-jb1:8080 weight 1 cookie jboss1 check inter 1m
        server          jboss2 acd-jb2:8080 weight 1 cookie jboss2 check inter 1m

And here is the backend configuration for two webservers for the portal:

backend jtel_soap
        ...
        server          jboss1 acd-jb1:8080 weight 1 cookie jboss1 check inter 1m
        server          jboss2 acd-jb2:8080 weight 1 cookie jboss2 check inter 1m

Start the haproxy Service

Start the haproxy service as follows:

systemctl start haproxy.service

Im Anschluss sollte geprüft werden, ob der Dienst auch tatsächlich läuft. Ist dies nicht der Fall, kann die Log-Datei Aufschluß über eventuelle Konfigurationsfehler geben.

Bei Konfigurationsänderungen kann der haproxy DIenst im laufenden Betrieb mittels folgendem Befehl seine Konfiguration aktualisieren:

Update the configuration during operation
service haproxy reload

Test

Open the following URL in a browser:

http://acd-lb/admin

You should see the login screen of the jtel portal web application:


  • No labels