Think twice before change Before start validation hit this url https://198.46.49.167:8090/application.js and trust this certificate from testing machine [[setup_app_server_centos-6.5|Setting up An Application Server Centos 6.5 64bit]] \\ [[bbb_v1.0_setup|bbb_v1.0_setup]]\\ ====== Current production Dns details ====== ^ Public IP Address ^Dns^ Private IP Address ^Status ^ |207.20.42.199 |chat.learnexa.com|10.166.152.241|Live| |207.20.42.195 |prodcollab01.learnexa.com|10.166.152.17| Live| |207.20.42.198 |*.learnexa.com|10.166.152.246| Live| |207.20.42.198 |api.learnexa.com|10.166.152.246| Live| ====== Things to do for Haproxy server migration ====== Change public ip nat in Dimension data cloud from *.learnexa.com 207.20.42.198 = > 10.166.152.246 chat.learnexa.com 207.20.42.199 => 10.166.152.241 to *.learnexa.com 207.20.42.198 = > 10.166.152.226 chat.learnexa.com 207.20.42.199 => 10.166.152.221 ===== Need to check before new haproxy server live ===== * when new site created for example xyz.com should work without ssl cert issue * Maintenance page test from new haproxy server [[ror_machine_ip_details| ror machine ip details link]] **Step 1** login as expprodl prodapp04 cd crossbow/ ./runcap.sh put maintenance page on **add hosts entry to test new chat server in prodapp03 , prodapp04 ** login to prodapp03 configuration file = /deploy/crossbow/current/config/redis.yml from production: host: chat.learnexa.com port: 6379 to production: host: 198.46.49.167 port: 6379 configuration file = /deploy/crossbow/current/config/juggernaut.yml from production: redis_host: chat.learnexa.com redis_port: 6379 juggernaut_host: chat.learnexa.com juggernaut_port: 8090 juggernaut_protocol: https to production: redis_host: 198.46.49.167 redis_port: 6379 juggernaut_host: 198.46.49.167 juggernaut_port: 8090 juggernaut_protocol: https save and exit passenger and god service restart login to prodapp04 configuration file = /deploy/crossbow/current/config/redis.yml from production: host: chat.learnexa.com port: 6379 to production: host: 198.46.49.167 port: 6379 configuration file = /deploy/crossbow/current/config/juggernaut.yml from production: redis_host: chat.learnexa.com redis_port: 6379 juggernaut_host: chat.learnexa.com juggernaut_port: 8090 juggernaut_protocol: https to production: redis_host: 198.46.49.167 redis_port: 6379 juggernaut_host: 198.46.49.167 juggernaut_port: 8090 juggernaut_protocol: https save and exit passenger and god service restart **Step 2** **Login to new haproxy server stop and start chat service** login as expprodl in 10.166.152.18 cd /bin/ ./chat_sss.sh status # check status expprodl 2570 1 0 Aug08 ? 00:01:05 node server.js expprodl 2565 1 0 Aug08 ? 00:08:50 ./redis-server redis.conf once new chat service validation completed login to prodapp03 configuration file = /deploy/crossbow/current/config/redis.yml to production: host: chat.learnexa.com port: 6379 from production: host: 198.46.49.167 port: 6379 configuration file = /deploy/crossbow/current/config/juggernaut.yml to production: redis_host: chat.learnexa.com redis_port: 6379 juggernaut_host: chat.learnexa.com juggernaut_port: 8090 juggernaut_protocol: https from production: redis_host: 198.46.49.167 redis_port: 6379 juggernaut_host: 198.46.49.167 juggernaut_port: 8090 juggernaut_protocol: https save and exit passenger and god service restart login to prodapp04 configuration file = /deploy/crossbow/current/config/redis.yml to production: host: chat.learnexa.com port: 6379 from production: host: 198.46.49.167 port: 6379 configuration file = /deploy/crossbow/current/config/juggernaut.yml to production: redis_host: chat.learnexa.com redis_port: 6379 juggernaut_host: chat.learnexa.com juggernaut_port: 8090 juggernaut_protocol: https from production: redis_host: 198.46.49.167 redis_port: 6379 juggernaut_host: 198.46.49.167 juggernaut_port: 8090 juggernaut_protocol: https save and exit passenger and god service restart login as expprodl prodapp04 cd crossbow/ ./runcap.sh remove maintenance page ====== Only For Fresh Installation steps ====== cd /root yum install pcre-devel zlib-devel wget http://www.haproxy.org/download/1.7/src/haproxy-1.7.2.tar.gz wget https://openssl.org/source/openssl-1.0.2d.tar.gz tar -zxvf openssl-1.0.2d.tar.gz -C /usr/local/src cd /usr/local/src/openssl-1.0.2d ./config make make install mv /usr/bin/openssl /root/ ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl Finally, check your OpenSSL version again, openssl version tar xvzf haproxy-1.5.15.tar.gz make clean make TARGET=custom CPU=native USE_PCRE=1 USE_LIBCRYPT=1 USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1 USE_OPENSSL=yes make install PREFIX="/opt/haproxy" haproxy -vv [[setup_an_app_server|For chat server installation]] ====== node validation without vpn connection for this new haproxy server only applicable ====== Public IP Private IP Haproxy Ip Public IP removed for testing => 10.166.152.220 prodapp03 node validation alone for new haproxy server centos 6.8 ( 10.166.152.18 ) Public IP removed for testing => 10.166.152.222 prodapp04 node validation alone for new haproxy server centos 6.8 ( 10.166.152.18 ) add hosts entry required server ip ===== required vpn prodapp03 prodapp04 both nodes validation ===== 10.166.152.226 prodapp03 prodapp04 both nodes validation for new haproxy server centos 6.8 required vpn as of now don't have public ip add hosts entry 10.166.152.226 test.learnexa.com