Hi everyone:
I am having problems with getting HAProxy to work with the CPVM. The
problem in a nutshell - CPVM/NoVNC disconnects immediately on opening
any console. Doesn't even wait a second - draws the screen then shows
the "disconnected" banner and stops.
Cloudstack 4.22.0.1 with no additional modules.
I have tried numerous things to debug this, including destroying the
CPVM so it rebuilds.
I have client, server and tunnel timeouts all set to 1h so that
shouldn't be a problem.
Here is my current configuration:
frontend console_proxy_frontend
bind :80
bind *:443 ssl crt /etc/haproxy/certs/cpv.mi-connect.com.pem
http-request redirect scheme https unless { ssl_fc }
mode tcp
# Required for WebSockets (used in CloudStack 4.11+)
option forwardfor
acl is_websocket hdr(Upgrade) -i WebSocket
use_backend websocket_backend if is_websocket
default_backend cpvm_backend
frontend websocket_frontend
bind *:8080
# bind *:8080 ssl crt /etc/haproxy/certs/cpv.mi-connect.com.pem
mode http
acl is_websocket hdr(Upgrade) -i WebSocket
use_backend websocket_backend if is_websocket
default_backend websocket_backend
backend cpvm_backend
mode http
balance roundrobin
# Enable WebSocket support
option http-server-close
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server cpvm1 192.168.1.10:80 check
# server cpvm2 192.168.1.102:8080 check
backend websocket_backend
mode http
balance source
# Enable WebSocket support
# no option httpclose
option http-server-close
option forwardfor
# option forceclose
http-request set-header X-Forwarded-Port %[dst_port]
# http-request add-header X-Forwarded-Proto https if { ssl_fc }
server cpvm1 192.168.1.10:8080 check
The firewall on the proxy is set to allow http, https and 8080/tcp in.
Does anyone have any hints on how to proceed here? What am I doing
wrong?
Thank you for your assistance!
--
Ron Gage
Westland, MI
