Last active
May 31, 2017 14:49
-
-
Save MehdiTAZI/c2f93b69aa66acbd95acb4119bb572c2 to your computer and use it in GitHub Desktop.
Integration of a Mono Ticketing Instance ( JIRA ) With a Multi-Site Automation platfrom ( Rundeck )
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TODO | |
| 1 - install and start HAProxy | |
| 2 - define the revese proxy rules according to host pattern substring | |
| 3 - listen on the corresponding ports and hosts : nc -l 9654 | |
| 4 - add the new hosts on /etc/hosts | |
| 5 - send request with the correct hostname using : nc localhost 10000 | |
| 6 - sent a POST request to verify that the request POST content is still present after the forwarding | |
| 7 - add the correct tokens that matchs the final hosts using HAProxy set-header function | |
| 8 - verify that the correct token is sent in the server side hosts | |
| 9 - add a simple authentification mode on HAProxy | |
| 10 - try using a webservice that authenticate using a simple credential | |
| curl -k -s -S -L -H "X-Tower-Auth-Token: 1230KQ0D0K12301K3130K13" -H "Conation/json" -H "Accept: application/json" -X POST -d '{"argString": "-user_email | |
| -param_1 value1 -param_2 value2"}' tower-europe.prod.domainname:9654/api/2/service | |
| #--------------------------------------------------------------------- | |
| # Example configuration for a possible web application. See the | |
| # full configuration options online. | |
| # | |
| # http://haproxy.1wt.eu/download/1.4/doc/configuration.txt | |
| # | |
| #--------------------------------------------------------------------- | |
| #--------------------------------------------------------------------- | |
| # Global settings | |
| #--------------------------------------------------------------------- | |
| global | |
| # to have these messages end up in /var/log/haproxy.log you will | |
| # need to: | |
| # | |
| # 1) configure syslog to accept network log events. This is done | |
| # by adding the '-r' option to the SYSLOGD_OPTIONS in | |
| # /etc/sysconfig/syslog | |
| # | |
| # 2) configure local2 events to go to the /var/log/haproxy.log | |
| # file. A line like the following can be added to | |
| # /etc/sysconfig/syslog | |
| # | |
| # local2.* /var/log/haproxy.log | |
| # | |
| log 127.0.0.1 local2 | |
| chroot /var/lib/haproxy | |
| pidfile /var/run/haproxy.pid | |
| maxconn 4000 | |
| user haproxy | |
| group haproxy | |
| daemon | |
| # turn on stats unix socket | |
| stats socket /var/lib/haproxy/stats | |
| #--------------------------------------------------------------------- | |
| # common defaults that all the 'listen' and 'backend' sections will | |
| # use if not designated in their block | |
| #--------------------------------------------------------------------- | |
| defaults | |
| mode http | |
| log global | |
| option httplog | |
| option dontlognull | |
| option http-server-close | |
| option forwardfor except 127.0.0.0/8 | |
| option redispatch | |
| retries 3 | |
| timeout http-request 10s | |
| timeout queue 1m | |
| timeout connect 10s | |
| timeout client 1m | |
| timeout server 1m | |
| timeout http-keep-alive 10s | |
| timeout check 10s | |
| maxconn 3000 | |
| frontend http-in | |
| bind *:9654 | |
| mode http | |
| option httplog | |
| # regex vs list hosts | |
| acl europeACL hdr_reg(host) -i ^tower-*europe.*.domainname$ | |
| acl africaACL hdr_reg(host) -i ^tower-*africa.*.domainname$ | |
| acl asiaACL hdr_reg(host) -i ^rundeck-*asia.*.domainname$ | |
| http-request del-header X-Tower-Auth-Token | |
| http-request set-header X-Tower-Auth-Token 12381AZJAZA92139JZ9 #MY_DEFAULT_TOKEN | |
| default_backend backend-europe | |
| use_backend backend-europe if europeACL | |
| use_backend backend-asia if asiaACL | |
| use_backend backend-africa if africaACL | |
| backend backend-europe | |
| mode http | |
| option forwardfor | |
| http-request del-header X-Tower-Auth-Token | |
| http-request set-header X-Tower-Auth-Token 1239AQDK9D913IU91EJ9QSD9JSQD #TOKEN OF EUROPE INSTANCE | |
| option httpchk HEAD / HTTP/1.1\r\nHost:localhost | |
| server host1 tower.europe.production.domain:9654 | |
| backend backend-africa | |
| mode http | |
| http-request set-header X-Tower-Auth-Token 34509SJQI9QDSJ9 #TOKEN OF AFFRICA INSTANCE | |
| server host1 tower.africa.production.domain:9654 | |
| backend backend-asia | |
| mode http | |
| http-request set-header X-Tower-Auth-Token 192QSSQ9JD19J219J #TOKEN OF ASIA INSTANCE | |
| server host1 tower.asia.production.domain:9654 | |
| #--------------------------------------------------------------------- | |
| # main frontend which proxys to the backends | |
| #--------------------------------------------------------------------- | |
| frontend main *:5000 | |
| acl url_static path_beg -i /static /images /javascript /stylesheets | |
| acl url_static path_end -i .jpg .gif .png .css .js | |
| use_backend static if url_static | |
| default_backend app | |
| #--------------------------------------------------------------------- | |
| # static backend for serving up images, stylesheets and such | |
| #--------------------------------------------------------------------- | |
| backend static | |
| balance roundrobin | |
| server static 127.0.0.1:4331 check | |
| #--------------------------------------------------------------------- | |
| # round robin balancing between the various backends | |
| #--------------------------------------------------------------------- | |
| backend app | |
| balance roundrobin | |
| server app1 127.0.0.1:5001 check | |
| server app2 127.0.0.1:5002 check | |
| server app3 127.0.0.1:5003 check | |
| server app4 127.0.0.1:5004 check | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment