Versions Compared

Old Version 4

changes.mady.by.user Olivier Michaut

Saved on

compared with

New Version 5

changes.mady.by.user Olivier Michaut

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Panel

Table of Contents

...

Panel

#/etc/haproxy/haproxy.cfg

# --------------------------------------------------------------------------- #
# Global
# --------------------------------------------------------------------------- #
global
  log 127.0.0.1 local0 info


# --------------------------------------------------------------------------- #
# Defaults Timeouts
# --------------------------------------------------------------------------- #
defaults
  retries 3
  option redispatch
  timeout client 30s
  timeout connect 4s
  timeout server 30s


# --------------------------------------------------------------------------- #
# Stats
# --------------------------------------------------------------------------- #
listen stats
 bind *:8081
 mode http
 log global
 maxconn 10
 stats enable
 stats hide-version
 stats refresh 30s
 stats show-node
 stats auth admin:password
 stats uri /status


# --------------------------------------------------------------------------- #
# FTP - mft Servers
# --------------------------------------------------------------------------- #
frontend ftp_service_front
 bind vip:4000-4010 transparent
 mode tcp
 use_backend ftp_service_backend


backend ftp_service_backend
 mode tcp
 stick-table type ip size 10k expire 300s
 stick on src
 server gw0 <SERVERNAME> check port <SERVERPORT>


# --------------------------------------------------------------------------- #
# SFTP - mft Servers
# --------------------------------------------------------------------------- #
frontend sftp_service_front
 bind vip:3000-3010 transparent
 mode tcp
 use_backend sftp_service_backend


backend sftp_service_backend
 mode tcp
 stick-table type ip size 10k expire 300s
 stick on src
 server gw0 <SERVERNAME> check port <SERVERPORT>


# --------------------------------------------------------------------------- #
# UDMG Server
# --------------------------------------------------------------------------- #
frontend gw_service_front
 bind vip:8080 18080 transparent
 mode http
 default_backend gw_service_backend


backend gw_service_backend
 mode http
 balance roundrobin
 cookie SRVNAME insert
 server gw0 <SERVERNAME> check port <SERVERPORT> cookie S01 check


# --------------------------------------------------------------------------- #
# Nginx
# --------------------------------------------------------------------------- #
frontend nx_service_front
 bind vip:80 transparent
 mode http
 default_backend nx_service_backend

backend nx_service_backend
 mode http
 balance roundrobin
 cookie SRVNAME insert
 server gw0 <SERVERNAME> check port 80 cookie S01 check


# --------------------------------------------------------------------------- #
# END
# --------------------------------------------------------------------------- #
# EOF

...

Panel

mft:~# netstat -tanlp | grep -i haproxy
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3000 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3001 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3002 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3003 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3004 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3005 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3006 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3007 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3008 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3009 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:3010 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4000 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4001 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4002 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4003 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4004 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4005 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4006 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4007 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4008 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4009 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:4010 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:80 0.0.0.0:* LISTEN 2122/haproxy
tcp 0 0 192.168.56.100:8080 18080 0.0.0.0:* LISTEN 2122/haproxy

...

Panel

# Proxy Configuration
[proxy]
recover = true
cors = true
tracker = true
logger = true
port = "5000"
inet = "127.0.0.1"

[service.mft]
protocol = "http"
policy = "failover"
admins = ["admin"]

[[service.mft.targets]]
hostname = "<SERVERNAME or SERVER IP>"
port = 808018080

Start the UDMG Server and UDMG Authentication Proxy.

...

Configure the NGINX service to reach the IP that was configured before:

Panel

upstream udmg_auth_proxy {
    ip_hash;
    server <SERVERNAME or SERVER IP>:5000;
    keepalive 10;
}

server {
    listen <SERVERNAME or SERVER IP>::80 default_server;

    location / {
        try_files $uri $uri/ /index.html;
        root "/var/www/localhost/htdocs";
    }

    location /service/ {
      proxy_pass      http://udmg_auth_proxy/;
    }

# You may need this to prevent return 404 recursion.
    location = /404.html {
    internal;
    }
}

...