Open shehabadel opened 2 years ago
Open a dns and point to the ip of the virtual machine in A record
Generate SSL
sudo apt install letsencrypt
sudo certbot certonly --standalone
Enter dns for example: distproxy.ddns.net
then concatenate the output certificates
sudo cat `/etc/letsencrypt/live/<name of the domain>/fullchain.pem` `/etc/letsencrypt/live/<name of the domain>/privkey.pem` | sudo tee /haproxy.pem
Now modify the dist.cfg
to be like that
frontend distFE
bind *:80
bind *:443 ssl crt /haproxy.pem
timeout client 1000s
mode http
default_backend distBE
backend distBE
mode http
timeout server 1000s
timeout connect 1000s
server ws1 https://dist-ws1.herokuapp.com
server ws2 https://dist-ws2.herokuapp.com
Dead end
Switched to NGINX instead of HAProxy
load-balancer.conf
file to configure the NGINX Serversudo nano /etc/nginx/conf.d/load-balancer.conf
Write the following configuration
# Define which servers to include in the load balancing scheme.
# It's best to use the servers' private IPs for better performance and security.
http {
upstream ws {
ip_hash;
server dist-ws1.herokuapp.com;
server dist-ws2.herokuapp.com;
}
# This server accepts all traffic to port 80 and passes it to the upstream.
# Notice that the upstream name and the proxy_pass need to match.
server {
listen 80;
server_name disthaproxy.ddns.net;
location / {
#Upgrading the connection in order to establish the websocket connection
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://ws;
}
}
server {
listen 443 ssl;
server_name disthaproxy.ddns.net;
ssl_certificate #/etc/letsencrypt/live/<7ot path el domain hena>/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/<7ot path el domain hena>/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
#Upgrading the connection in order to establish the websocket connection
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://ws;
}
}
}
3. Remove the default configuration
`sudo rm /etc/nginx/sites-enabled/default`
4. Restart NGINX
`sudo systemctl restart nginx`
IP hashing method instead. IP hashing uses the visitors IP address as a key to determine which host should be selected to service the request. This allows the visitors to be each time directed to the same server, granted that the server is available and the visitor’s IP address hasn’t changed.
dist.cfg
backend distBE mode http timeout server 1000s timeout connect 1000s server ws1 https://dist-ws1.herokuapp.com/ server ws2 https://dist-ws2.herokuapp.com/