How To Configure The HAProxy For VMware Console?

Summary: This technical guide explains everything about how to Configure HAProxy including simple steps to configure and deploy HAProxy that you can use in the VMware console.

What is a Proxy?

In computer networking, the proxy is a server that works between a client and the server. All requests to the internet go to the proxy server first after that it forwards the request as per the proxy server configuration.

Let’s understand this with an example:

You set up a proxy server into your office network and you configured the proxy server to block facebook.com in the office network so whenever a user sends a request to facebook.com from their office computer they will see the facebook.com is blocked by proxy(you can set any kind of message).


WGS VMware WHMCS Module


Why do we require that?

In this VMware module, we need this because of the use of the VMware VM console using the WGS PHP module. As we know nowadays most of the websites running on HTTP S (Hypertext Transfer Protocol Secure) a secure protocol but VMware ESXi host have insecure protocol so you can’t mix a secure website link with insecure website links that’s why we are using the proxy server as a secure link and passing the insecure links through the proxy server.

What’s the requirement to configure HAProxy?

In our module we need
1. We need a Linux OS ( we are saying Linux because of the compatibility)
2. A Public IP address
3. A Fully qualified domain name with HTTPS

How to Install and Configure HAProxy?

We are using CentOS to configure HAProxy, but you can use any OS / Container of your liking. Ensure the machine has a fixed IP address, a hostname (registered in DNS), and fully updated with the latest security patches. Its to easy for everyone to configure HAProxy on your system.

Also, you can use any other proxy setup in this case we are using HAProxy.

Step 1 – Configure the domain into the server with a valid SSL certificate 

For example, we have a valid domain with SSL – proxy.whmcsglobalservices.com

Step 2 – Install HAProxy

HAProxy package is available under the default yum repository for CentOS, Redhat systems.
You can use the following yum package manager command to install and configure HAProxy on your system.

[root@ha ~]#  sudo yum install haproxy

Step 3 – Configure HAProxy

Now make a backup of your current HAProxy configuration using the below command.

[root@ha ~]#  cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.org

Now replace your haproxy configuration using the below configuration

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2 #Log configuration
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy #Haproxy running under user and group "haproxy"
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
#HAProxy VMware Config
#---------------------------------------------------------------------
frontend www-https
bind *:443 ssl crt your domain certificate file path
reqadd X-Forwarded-Proto:\ https
default_backend www-backend
backend www-backend
redirect scheme https if !{ ssl_fc }
server 192.168.1.1 192.168.1.1:443 ssl check verify none

Change the IPs in the configuration file as per your esxi ip. In this configuration, if any request comes on proxy server domain proxy.whmcsglobalservices.com on port 443, this will be redirected to port 443 of 192.168.1.1 (ESXi host).

To access console for multiple ESXi hosts, configure it as given below:

use-server 192.168.1.1 if { urlp(host) -i 192.168.1.1 }
use-server 192.168.1.2 if { urlp(host) -i 192.168.1.2 }
server 192.168.1.2 192.168.1.2 :443 check check-ssl verify none ssl sni req.hdr(host) check-sni 192.168.1.2
server 192.168.1.1 192.168.1.1 :443 check check-ssl verify none ssl sni req.hdr(host) check-sni 192.168.1.1

Step 4 – Start Configure HAProxy Service

Start HAProxy service using the following command, also configure it to auto-start on system boot.

[root@ha ~]# systemctl start haproxy
[root@ha ~]# systemctl enable haproxy

Above HAProxy configuration according to CentOS 7 and proxy version 2.0. So, configuration settings depends on the Operating System and proxy version as well.

In this VMware module, we need this because of the use of the VMware VM console using the WGS PHP module.

What is VMware console and why we need it?

The console is a computer terminal where a user may input commands and view output such as the results of the inputted commands – VMware Remote Console(VMRC) is an application that provides console access and client device connection to VMs on the remote host.

We developed a VMware PHP plugin to access the VMware VMs using the PHP from the website it’s for web hosting provider let me explain, as we know VMware provide VMs means virtual machine and web hosting provider provide VPS(Virtual Private Server) so they create the VM into the VMware server using our PHP plugin and VMware have the option to access the VM console into VMware host but as web hosting provider provides many VMs in one VMware server so it’s not possible to provide the full VMware server access to clients so that’s why our PHP plugin provides the facility to access the console for the particular VM using PHP plugin with some authentication.

How to use it?

After setting up the proxy server you need to update that proxy server IP/Domain name (without https://) in VMware Add-on module >> Proxy Setup. After updating the IP/domain name you can access it from the WHMCS client area.

Set Up

 

Looking for Something More? We can help!

Our WHMCS experts are ready to accept your custom requirements.