Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Cloud Service Automation4.80.0002

Administer > HA Configuration > Configure the Apache load balancer node

Configure the Apache load balancer node

This section describes how to upgrade, install, configure, and start the applications needed to set up the Apache load balancer node in a CSA cluster configured for high availability. The Apache load balancer node proxies web requests into the CSA and Marketplace Portal cluster.

The Apache load balancer node consists of the Apache HTTP web server configured as a load balancer.

Upgrade the Apache load balancer node

To upgrade the Apache load balancer node, complete the following steps:

Stop the Apache load balancers on both the CSA_Proxy and MPP_Proxy nodes.
If the Apache load balancer exists, then uninstall the existing Apache applications from the CSA_Proxy node following the manufacturer's recommendations.
Follow the instructions below to install and configure the Apache load balancer node on the CSA_Proxy node. You are upgrading the CSA_Proxy node because this is the node which is associated with the CSA software license. You can continue to use this software license after the upgrade. If you choose to upgrade the MPP_Proxy node, you must request a software license for the MPP_Proxy node.

Apache Load balancer has a ProxyTimeOut value. This value should be set to a higher value than the default value. For more details see the Cloud Service Automation Troubleshooting Guide.

Install the Apache HTTP web server

To install the Apache HTTP web server on the Apache load balancer node, do the following:

Install the supported version of the Apache HTTP server (including SSL) from apache.org (http://www.apache.org/). After navigating to the mirror site, the 32-bit Windows installer is available in the httpd/binaries/win32 directory.

See the Cloud Service Automation System and Software Support Matrix for the supported version of the Apache HTTP Server.
Verify that the following modules exist in the <path_to>\Apache24\modules directory on Windows, or in the/etc/httpd/modules directory on Linux:

mod_authz_host.so mod_headers.so mod_log_config.so mod_proxy.so mod_proxy_balancer.so mod_proxy_connect.so mod_proxy_http.so mod_rewrite.so mod_ssl.so mod_slotmem_shm.so mod_Ibmethod_byrequests.so

Configure the Apache HTTP web server as a load balancer

Complete the tasks in the following sections to configure the Apache load balancer node.

Generate a certificate

If you will be using a secure protocol such as TLS to communicate from the Apache load balancer node to the CSA and Marketplace Portal nodes, you will need to generate the Apache load balancer node's certificate (in this document, it will be referred to as apache_csa.crt).

Generate the certificate and private key. For a test environment, you can create a self-signed certificate and key using the following command:

Windows:

"<path_to>\Apache24\bin\openssl" req -x509 -days 365 -sha256 -newkey rsa:2048 -nodes -keyout <path_to>\Apache24\conf\apache_csa.key -out <path_to>\Apache24\conf\apache_csa.crt -config <path_to>\Apache24\conf\openssl.cnf -subj /O=HPE/OU=HPE/CN=[APACHE_LOAD_BALANCER_HOSTNAME]

Linux:

openssl req -new -x509 -days 365 -sha256 -newkey rsa:2048 -nodes -keyout /etc/httpd/conf/apache_csa.key -out /etc/httpd/conf/apache_csa.crt -config /etc/httpd/conf/openssl.cnf -subj /O=HPE/OU=HPE/CN=[APACHE_LOAD_BALANCER_HOSTNAME]

For detailed instructions on how to create certificates, refer to the Apache documentation (http://httpd.apache.org/docs/2.4/ssl/ssl_faq.html#aboutcerts).
Copy the certificate file (apache_csa.crt) to the CSA_HOME/jboss-as/standalone/configuration directory on the CSA nodes and to the CSA_HOME/portal/conf/ directory on the Marketplace Portal nodes.

Configure the Apache HTTP web server

To configure the Apache HTTP web server, complete the following steps:

If the Apache load balancer is communicating with CSA over HTTP:

Create a virtual host file for the CSA nodes. In the <path_to>\Apache24\conf\extra directory on Windows, or the extra/etc/httpd/conf.d directory on Linux, create a file named csa.conf that contains the following content:

Note Apache load balancer has a ProxyTimeOut value. This value should be set to a higher value than the default value which is 180. For more details see the Cloud Service Automation Troubleshooting Guide.

Windows:

Listen 8443 <VirtualHost _default_:8443> ProxyTimeOut <TIMEOUT_VALUE> ServerName [APACHE_LOAD_BALANCER_HOSTNAME] ErrorLog <path_to>\Apache24\logs\csa_error.log TransferLog <path_to>\Apache24\logs\csa_access.log SSLEngine on
SSLProtocol -all +TLSv1+TLSv1.1+TLSv1.2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLHonorCipherOrder on SSLCertificateFile <path_to>\Apache24\conf\apache_csa.crt SSLCertificateKeyFile <path_to>\Apache24\conf\apache_csa.key
```
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests Off
ProxyPreserveHost On

   <Proxy *>
						
     Require all granted
						
   </Proxy>
						
   RewriteEngine On
						
   RewriteCond %{THE_REQUEST} \ (.*)//+(.*)\ [NC]
						
   RewriteRule .* %1/%2 [R=301,L]
						
   Header add Set-Cookie "CSA_ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
						
   <Proxy balancer://csacluster/>
						
    BalancerMember http://[CSA_NODE1_HOSTNAME]:[CONSOLE_PORT_HTTP] route=csa1 timeout=180
    BalancerMember http://[CSA_NODE2_HOSTNAME]:[CONSOLE_PORT_HTTP] route=csa2 timeout=180
    BalancerMember http://[CSA_NODE3_HOSTNAME]:[CONSOLE_PORT_HTTP] route=csa3 timeout=180
    ProxySet stickysession=CSA_ROUTEID
						
   </Proxy>
						
   ProxyPass / balancer://csacluster/
						
   ProxyPassReverse / balancer://csacluster/
			
</VirtualHost>
```
Linux:

Listen 8443 <VirtualHost _default_:8443> ProxyTimeOut <TIMEOUT_VALUE> ServerName [APACHE_LOAD_BALANCER_HOSTNAME]    ErrorLog /etc/httpd/logs/csa_error.log    TransferLog /etc/httpd/logs/csa_access.log    SSLEngine on    SSLProtocol -all +TLSv1+TLSv1.1+TLSv1.2   SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH   SSLHonorCipherOrder on       SSLCertificateFile /etc/httpd/conf/apache_csa.crt    SSLCertificateKeyFile /etc/httpd/conf/apache_csa.key SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On    <Proxy *>      Require all granted    </Proxy>    RewriteEngine On    RewriteCond %{THE_REQUEST} \ (.*)//+(.*)\ [NC]    RewriteRule .* %1/%2 [R=301,L]    Header add Set-Cookie "CSA_ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED    <Proxy balancer://csacluster/>     BalancerMember http://[CSA_NODE1_HOSTNAME]:[CONSOLE_PORT_HTTP] route=csa1 timeout=180     BalancerMember http://[CSA_NODE2_HOSTNAME]:[CONSOLE_PORT_HTTP] route=csa2 timeout=180     BalancerMember http://[CSA_NODE3_HOSTNAME]:[CONSOLE_PORT_HTTP] route=csa3 timeout=180     ProxySet stickysession=CSA_ROUTEID    </Proxy>    ProxyPass / balancer://csacluster/    ProxyPassReverse / balancer://csacluster/ </VirtualHost>

If the Apache load balancer is communicating with CSA over HTTPS:

Windows:

Listen 8443 <VirtualHost _default_:8443> Proxy TimeOut <TIMEOUT_VALUE> ServerName [APACHE_LOAD_BALANCER_HOSTNAME]    ErrorLog <path_to>\Apache24\logs\csa_error.log    TransferLog <path_to>\Apache24\logs\csa_access.log    SSLEngine on       SSLProtocol -all +TLSv1+TLSv1.1+TLSv1.2   SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH      SSLCertificateFile <path_to>\Apache24\conf\apache_csa.crt    SSLCertificateKeyFile <path_to>\Apache24\conf\apache_csa.key   SSLProxyEngine On    SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On   <Proxy *>       Order deny,allow       Allow from all    </Proxy>    RewriteEngine On    RewriteCond %{THE_REQUEST} \ (.*)//+(.*)\ [NC]    RewriteRule .* %1/%2 [R=301,L]    Header add Set-Cookie "CSA_ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED    <Proxy balancer://csacluster/>     BalancerMember https://[CSA_NODE1_HOSTNAME]:[CONSOLE_PORT_HTTPS] route=csa1 timeout=180     BalancerMember https://[CSA_NODE2_HOSTNAME]:[CONSOLE_PORT_HTTPS] route=csa2 timeout=180     BalancerMember https://[CSA_NODE3_HOSTNAME]:[CONSOLE_PORT_HTTPS] route=csa3 timeout=180     ProxySet stickysession=CSA_ROUTEID    </Proxy>    ProxyPass / balancer://csacluster/    ProxyPassReverse / balancer://csacluster/ </VirtualHost>

Linux:

Listen 8443 <VirtualHost _default_:8443> Proxy TimeOut <TIMEOUT_VALUE> ServerName [APACHE_LOAD_BALANCER_HOSTNAME]    ErrorLog /etc/httpd/logs/csa_error.log    TransferLog /etc/httpd/logs/csa_access.log    SSLEngine on    SSLProtocol -all +TLSv1+TLSv1.1+TLSv1.2   SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH      SSLCertificateFile /etc/httpd/conf/apache_csa.crt    SSLCertificateKeyFile /etc/httpd/conf/apache_csa.key SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On    <Proxy *>       Order deny,allow       Allow from all    </Proxy>    RewriteEngine On    RewriteCond %{THE_REQUEST} \ (.*)//+(.*)\ [NC]    RewriteRule .* %1/%2 [R=301,L]    Header add Set-Cookie "CSA_ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED    <Proxy balancer://csacluster/>    BalancerMember https://[CSA_NODE1_HOSTNAME]:[CONSOLE_PORT_HTTPS] route=csa1 timeout=180    BalancerMember https://[CSA_NODE2_HOSTNAME]:[CONSOLE_PORT_HTTPS] route=csa2 timeout=180    BalancerMember https://[CSA_NODE3_HOSTNAME]:[CONSOLE_PORT_HTTPS] route=csa3 timeout=180    ProxySet stickysession=CSA_ROUTEID    </Proxy>    ProxyPass / balancer://csacluster/    ProxyPassReverse / balancer://csacluster/ </VirtualHost>
Create a virtual host file for the Marketplace Portal nodes. In the <path_to>\Apache24\conf\extra directory on Windows or the /etc/httpd/conf.d directory on Linux, create a file named mpp.conf that contains the following content:

Windows:

Listen 8089 <VirtualHost _default_:8089> ServerName [APACHE_LOAD_BALANCER_HOSTNAME] ErrorLog <path_to>\Apache24\logs\mpp_error.log TransferLog <path_to>\Apache24\logs\mpp_access.log SSLEngine on SSLProtocol -all +TLSv1+TSLV1.1+TLSv1.2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLHonorCipherOrder on SSLCertificateFile <path_to>\Apache24\conf\apache_csa.crt SSLCertificateKeyFile <path_to>\Apache24\conf\apache_csa.key SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On <Proxy *> Require all granted </Proxy> Header add Set-Cookie "MPP_ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED <Proxy balancer://mppcluster/> BalancerMember https://[MPP_NODE1_HOSTNAME]:[MPP_PORT_HTTPS] route=mpp1 BalancerMember https://[MPP_NODE2_HOSTNAME]:[MPP_PORT_HTTPS] route=mpp2 BalancerMember https://[MPP_NODE3_HOSTNAME]:[MPP_PORT_HTTPS] route=mpp3 ProxySet stickysession=MPP_ROUTEID </Proxy> ProxyPass / balancer://mppcluster/ ProxyPassReverse / balancer://mppcluster/ </VirtualHost>

Linux:

Listen 8089 <VirtualHost _default_:8089> ServerName [APACHE_LOAD_BALANCER_HOSTNAME] ErrorLog /etc/httpd/logs/mpp_error.log TransferLog /etc/httpd/logs/mpp_access.log SSLEngine on SSLProtocol -all +TLSv1+TLSv1.1+TLSv1.2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLHonorCipherOrder on SSLCertificateFile /etc/httpd/conf/apache_csa.crt SSLCertificateKeyFile /etc/httpd/conf/apache_csa.key SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off ProxyRequests Off ProxyPreserveHost On <Proxy *> Require all granted </Proxy> Header add Set-Cookie "MPP_ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED <Proxy balancer://mppcluster/> BalancerMember https://[MPP_NODE1_HOSTNAME]:[MPP_PORT_HTTPS] route=mpp1 BalancerMember https://[MPP_NODE2_HOSTNAME]:[MPP_PORT_HTTPS] route=mpp2 BalancerMember https://[MPP_NODE3_HOSTNAME]:[MPP_PORT_HTTPS] route=mpp3 ProxySet stickysession=MPP_ROUTEID </Proxy> ProxyPass / balancer://mppcluster/ ProxyPassReverse / balancer://mppcluster/ </VirtualHost>
Edit the <path_to>\Apache24\conf\httpd.conf file on Windows or the /etc/httpd/conf/httpd.conf file on Linux:
1. Add or update the list of modules that are loaded to include the following modules:
  
  Windows:
  
  LoadModule authz_host_module modules\mod_authz_host.so LoadModule headers_module modules\mod_headers.so LoadModule log_config_module modules\mod_log_config.so LoadModule proxy_module modules\mod_proxy.so LoadModule proxy_balancer_module modules\mod_proxy_balancer.so LoadModule proxy_connect_module modules\mod_proxy_connect.so LoadModule proxy_http_module modules\mod_proxy_http.so LoadModule rewrite_module modules\mod_rewrite.so LoadModule ssl_module modules\mod_ssl.so LoadModule slotmem_shm_module modules/mod_slotmem_shm.so LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
  
  Linux:
  
  LoadModule authz_host_module modules/mod_authz_host.so LoadModule headers_module modules/mod_headers.so LoadModule log_config_module modules/mod_log_config.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule ssl_module modules/mod_ssl.so LoadModule slotmem_shm_module modules/mod_slotmem_shm.so LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
2. Add the following lines:
  
  Windows:
  
  Include conf\extra\csa.conf Include conf\extra\mpp.conf
  
  Linux:
  
  Include conf.d/*.conf

Start the Apache load balancer node

To start the Apache load balancer node on Windows:

Navigate to the Services screen (Control Panel > Administrative Tools > Services).
Right-click on the Apache2.4 service and select Start.

To start the Apache load balancer node on Linux:

Open a command prompt and type:

service httpd start

Send Help Center feedback