Contents
- 1 Introduction
- 2 Introduction to Roxy-WI
- 3 Deploy Roxy-WI
- 4 Initialize Roxy-WI
- 5 Add services to be managed on Roxy-WI
- 6 Use Roxy-WI to manage applications (taking HAproxy as an example)
- 7 Conclusion
1 Introduction
In daily use, we often come across some excellent software managed by configuration files, such as HAProxy, Nginx, Apache and Keepalived. These software are famous for their high performance and flexibility, but their configuration files usually need to be modified directly using a text editor. For those technicians who are familiar with the configuration file formats of these software, using a text editor to directly edit the configuration files is an efficient and habitual operation method.
However, for users who are more accustomed to graphical interfaces, this plain text operation method may seem complicated or even daunting. To make up for this, many projects that provide graphical interface (GUI) management functions have emerged in the community. These tools have greatly lowered the operating threshold and enabled more people to easily use these powerful tools. For example, in a previous article, I introduced a project that provides graphical management functions for Nginx:nginxWebUI(See article:Docker series uses Docker to build a graphical nginx based on nginx Web UI), which is specifically used for nginx graphical management.
Today I want to introduce to you a more comprehensive and popular graphical management tool——Roxy-WIThis project not only supports HAProxy, but is also compatible with Nginx and Apache graphical configuration management (perhaps its other name is more familiar:HAProxy-WI). As a long-developed project, it has become the first choice for many users in configuration management due to its comprehensive functions and user-friendly interface.
Note: In fact, there were more than one GUI project that supported HAproxy before, but now many of them have 404~.
2 Introduction to Roxy-WI
Roxy-WI It is an open source, powerful graphical management tool that is mainly used to configure and manage load balancers and related Web server software, including HAProxy,Nginx and ApacheIt is designed to provide administrators with a convenient web interface to simplify the process of configuration file management while enhancing the efficiency of monitoring and operation. The following are some of the core functions and features of Roxy-WI:
Core Features
- Graphical configuration management
• Supports editing and managing HAProxy, Nginx and Apache configuration files with an intuitive graphical interface, without the need to modify text files directly.
• Provides version control functionality to track configuration change history and facilitate rollback.
- Monitoring and Statistics
• Built-in real-time monitoring function to view performance data of load balancers and servers (such as traffic, number of connections, latency, etc.).
• Supports integration of tools such as Prometheus and Grafana for extended monitoring.
- Log Management
• Provides log viewing function, which can centrally display the log information of HAProxy, Nginx or Apache.
• Supports fast filtering and analysis of logs through the web interface.
- Cluster Management
• Supports management of multiple nodes or instances, and easily synchronizes configurations to other servers through the interface.
• Provides distributed deployment capabilities, suitable for cluster architecture in complex network environments.
- User Management
• Provides a multi-user access mechanism that allows you to set different user permissions (read-only, editor, administrator, etc.).
• Supports LDAP or local account authentication methods.
- Advanced Features
• Supports scheduling tasks, such as restarting services or backing up configuration files.
• Provides SSL certificate management capabilities, including certificate generation and deployment.
• Alarm notifications can be implemented via Telegram or email.
Applicable scenarios
• Small and Medium Enterprises: Help enterprises without professional operation and maintenance teams to easily achieve efficient load balancing management.
• Development Environment: Developers can quickly deploy and test load balancing solutions through the GUI without having to understand the configuration file syntax in depth.
• Complex network environment: Suitable for users who need to manage multiple load balancers and web servers at the same time, especially in scenarios with cluster requirements.
Technical Architecture
The backend of Roxy-WI is mainly written in Python, combined with SQLite or other databases (MySQL, MariaDB) to store configuration information. Its front end is built on modern Web technologies and provides a simple and intuitive user interface. Roxy-WI supports Docker deployment and can also run directly on most Linux systems. Common installation methods include:
• Rapid deployment using official installation script.
• Manually install required dependencies and configure the service environment.
advantage
• Lowers the threshold for operation and maintenance, suitable for users who do not have a deep understanding of the HAProxy/Nginx/Apache configuration file format.
• Comprehensive functions, suitable for production and experimental environments.
• Open source with an active community, providing continuous updates and documentation support.
3 Deploy Roxy-WI
3.1 Preparation: Understanding the Roxy-WI Configuration File
This step is mainly to understand the configuration file "roxy-wi.cfg" of Roxy-WI in advance, because whether you use docker or source code to deploy Roxy-WI, this configuration file will eventually be involved (the github address of the configuration file is as follows:https://github.com/roxy-wi/roxy-wi/blob/master/roxy-wi.cfg). Take the official default configuration as an example for basic description:
[main] # Path to the files destination fullpath = /var/www/haproxy-wi log_path = /var/log/roxy-wi lib_path = /var/lib/roxy-wi # Change secret_phrase to 32 url-safe base64-encoded secret_phrase = _B8avTpFFL19M8P9VyTiX42NyeyUaneV26kyftB2E_4= [configs] # Folders for configs haproxy_save_configs_dir = {main:lib_path}/configs/hap_config/ keepalived_save_configs_dir ={main:lib_path}/configs/kp_config/ nginx_save_configs_dir = {main:lib_path}/configs/nginx_config/ apache_save_configs_dir ={main:lib_path}/configs/apache_config/ [mysql] # By default Sqlite DB is used enable = 0 mysql_user = roxy-wi mysql_password = roxy-wi mysql_db = roxywi mysql_host = 127.0.0.1 mysql_port = 3306
From the last content[mysql]As you can see, the default configuration is to use the Sqlite database (enable = 0 means disabling the MySQL compatible database). If you want to use the MySQL or MariaDB database, see the detailed configuration steps later in the article.
If you choose to use the default SQLite database, you also need to add the following configuration in roxy-wi.cfg:
# ---------------------------- # Database configuration (SQLite) # ---------------------------- [database] # Use SQLite database db_type = sqlite # SQLite database file storage path db_path = /var/lib/roxy-wi/roxy-wi.db # Modify the path according to your needs
The following is a sample configuration of the configuration file used by roxy-wi to manage HAProxy using the Sqlite database:
# Roxy-Wi configuration file# ---------------------------- # Database configuration (SQLite) # ---------------------------- [database] # Use SQLite database db_type = sqlite # Storage path of SQLite database file db_path = /var/lib/roxy-wi/roxy-wi.db # Modify the path according to your needs# ---------------------------- # HAProxy configuration# ---------------------------- [haproxy] # Path of HAProxy configuration file haproxy_cfg_file = /etc/haproxy/haproxy.cfg # Path of HAProxy status page and other runtime information haproxy_status_url = http://haproxy host IP:8085 # If you need HAProxy status page# ---------------------------- # Web interface configuration# ---------------------------- [web] # Set the IP and port that the Roxy-Wi web interface listens to listen_ip = 0.0.0.0 # Listen on all IP addresses listen_port = 443 # You can change the port as needed # ---------------------------- # User management # ---------------------------- [users] # Administrator account configuration admin_user = admin admin_pass = your_secure_password # Please set a strong password # You can add other users as needed # user1 = password1 # user2 = password2 # ---------------------------- # Logging configuration # ---------------------------- [logging] # Enable logging log_enabled = true # Set the log file path log_file = /var/log/roxy-wi/roxy-wi.log # Log level (optional values: info, debug, warning, error) log_level = info # ---------------------------- # Other settings (such as API access, automatic backup, etc.) # ---------------------------- [api] # Whether to enable API (if you need to manage HAProxy through API) api_enabled = false # If you do not use API, you can set it to false [backup] # Configure whether to automatically backup HAProxy Configure backup_enabled = false # If you do not need automatic backup, you can turn it off# Backup file storage path backup_dir = /var/backups/haproxy/ # ---------------------------- # Monitoring settings (optional) # ---------------------------- [monitoring] # Enable HAProxy monitoring monitoring_enabled = true # Configure the frequency of HAProxy monitoring (seconds) monitoring_interval = 60 # Monitor every 60 seconds
explain:
- Database Configuration:
• db_type = sqlite: specifies to use SQLite as the database. You can also use mariaDB, but I only manage one HAProxy and I really can’t use mariaDB.
• db_path = /var/lib/roxywi/roxy-wi.db: Sets the path to the SQLite database file, usually you can choose a safe path.
- HAProxy Configuration:
• haproxy_cfg_file = /etc/haproxy/haproxy.cfg: Specifies the path to the HAProxy configuration file.
• haproxy_status_url = http://127.0.0.1:8000: Specifies the HAProxy status page URL, which is typically used for health checks and monitoring.
- Web Configuration:
• listen_ip = 0.0.0.0: The web interface will listen on all IP addresses, you can limit it to specific IP addresses for security.
• listen_port = 8000: The access port of the Web interface. Make sure that this port is not occupied by other applications.
- User Configuration:
• admin_user = admin and admin_pass = your_secure_password: Configure the username and password for the administrator account. Be sure to set a strong password.
• Additional users can be added as needed.
- Log Configuration:
• log_enabled = true: Enable logging.
• log_file = /var/log/roxy-wi/roxy-wi.log: specifies the storage path of the log file.
• log_level = info: log level. You can select different levels according to your needs, such as debug, warning, and error.
- API Configuration:
• api_enabled = false: If you don’t use the API to manage HAProxy, keep this false. If you need the API, you can set it to true and make additional configuration.
- Automatic backup configuration:
• backup_enabled = false: If you do not need to automatically back up the HAProxy configuration files, you can disable this feature. If you need to back up, you can enable it and set the backup directory.
- Monitoring settings:
• monitoring_enabled = true: Enable HAProxy monitoring.
• monitoring_interval = 60: Collect HAProxy monitoring data every 60 seconds.
3.2 Docker deployment
3.2.1 Roxy-WI official attitude towards docker deployment
The official Docker deployment method is not recommended:
Why does Roxy-WI officially not recommend using Docker to deploy production environments?
Roxy-WI officially stated that the Docker deployment method is mainly suitable for development, testing or learning environments, but not for production environments. The reasons behind this are mainly the following:
1. Security issues
• Insufficient isolation:Docker provides a containerized environment, but its isolation is not as strong as that of a virtual machine (VM). If the container is not configured properly or has security vulnerabilities, it may pose a risk to the host system, especially when running critical services in a production environment.
• Update and patch issues:Officials may not provide timely security updates or patches for Docker images, especially for security vulnerabilities in containerized environments. Production environments require higher security and reliability.
2. Performance Issues
• Resource isolation overhead:Although Docker provides resource isolation, the overhead brought by containerization may reduce system efficiency in high-performance demand scenarios. For example, when Roxy-WI needs to process complex configuration files and high-traffic services, the containerized environment may become a bottleneck.
• Optimization Difficulty: Compared to running directly on the operating system, containerized system resource allocation and performance optimization may not be as efficient as source code deployment, especially when dealing with a large number of concurrent tasks.
3. Long-term stability and compatibility issues
• Mirror image instability:Docker images may not have been rigorously tested for a long time. When the Docker engine version is updated or the image is changed, some functions may fail or incompatibility issues may occur, affecting the stability of the production environment.
• Insufficient containerization support: Roxy-WI is not fully optimized for container environments. The multiple services it manages (such as HAProxy, Nginx, and Apache) involve complex configuration and hardware access requirements, and containerization may increase compatibility issues.
4. Lack of persistent storage
• Data persistence challenges:Docker containers are temporary storage by default, and data may be lost after restart. Although data can be persisted by mounting volumes, improper configuration may cause the loss of key configuration files in the production environment.
• File system limitations: Roxy-WI requires frequent modification of configuration files or the use of persistent data. The file system characteristics of the container may cause additional complexity and are not conducive to long-term maintenance.
5. Debugging and maintenance complexity
• Difficulty debugging: Problem location in a containerized environment is usually more complicated than deploying directly on a physical or virtual machine. Although Docker provides some debugging tools, troubleshooting in a production environment is more difficult.
• Log management issues: Containerized log management is different from traditional environments and may require additional configuration to ensure that logs are collected and persisted correctly, especially when containers are frequently restarted or migrated.
6. Source code deployment makes it easier to manage multiple applications
The core function of Roxy-WI is to manage a variety of reverse proxy and load balancing tools, including HAProxy,Nginx and Apache. Source code deployment can be:
• Directly access all configuration files and services on the host machine without complicated mounting or mapping.
• Manage service restart and update operations more efficiently, reducing permission management and interaction issues introduced by containerization.
• Provide greater flexibility to adapt to complex deployment requirements in production environments.
7. Officially recommended deployment method
Roxy-WI officially recommends deployment via source code or traditional operating system installation. Compared to containerization, this method has been more rigorously tested and verified over a long period of time, can provide higher stability and reliability, and is easier to debug and maintain.
in conclusion
Docker deployment is suitable for development, testing or learning environments because it simplifies the installation and deployment process. However, in production environments, due to limitations in security, performance, compatibility, debugging and maintenance, the official recommendation is to use source code or operating system-level deployment, especially in scenarios where Roxy-WI needs to manage multiple services such as HAProxy, Nginx and Apache, source code deployment can provide higher flexibility and reliability.
Note: When I was writing this article, I was not prepared to accept the official advice and planned to use Docker deployment + SQLite database to get the job done. As a result, I encountered some strange problems (some pages were normal despite normal settings, while others were always loading, etc.), so in the end I simply deployed the source code + MariaDB database~.
3.2.2 Deployment using docker run format
1. Create a working directory
mkdir -p /docker/roxy-wi/data mkdir -p /docker/roxy-wi/config
2. Deploy using the docker run command:
docker run --name roxy-wi -d --privileged --restart=always --net=public-net \ -v /docker/roxy-wi/data:/var/roxy-wi/lib \ -v /docker/roxy-wi/config:/etc/roxy-wi \ -p 8443:443 \ registry.roxy-wi.org/roxy-wi
3.2.3 Deployment using docker-compose
1. Create a working directory
mkdir -p /docker/roxy-wi/
2. Create docker-compose.yml
vim /docker/roxy-wi/docker-compose.yml
Then paste the following in and save:
version: '3.8' services: roxy-wi: image: registry.roxy-wi.org/roxy-wi container_name: roxy-wi restart: always privileged: true networks: - public-net ports: - "8443:443" volumes: - /docker/roxy-wi/data:/var/roxy-wi/lib - /docker/roxy-wi/config:/etc/roxy-wi networks: public-net: external: true
3. Pull up the Roxy-WI container
cd /docker/roxy-wi docker-compose up -d
In addition: Because docker is not the recommended way to deploy Roxy-WI, I will be lazy and not explain the meaning of the parameters in detail. As for those friends who "knowingly go to the tiger mountain, please study it by yourself, it is also very simple.
3.3 APT source code deployment
3.3.1 Preface
Regarding source code deployment, I recommend that you use Ubuntu's TLS (long-term support version, such as 22.04). I used Debian's LXC to deploy on PVE as I used to do before (Debian system is not directly supported by the official):
As a result, a lot of problems occurred, which really made me a little overwhelmed, so I simply switched to the Ubuntu 22.04 version of LXC, and then it was completed smoothly.
In addition, if you must use Debian, you can directly use the code of the Roxy-WI homepage on GitHub, copy it to the local computer using the git command, and then install it manually (github link address:https://github.com/roxy-wi/roxy-wi), but I need to deploy Apache or Nginx by myself, which I think is a bit troublesome, so I gave up.
Note 1: Some tutorials on the Internet also use git to deploy, and some useroxy-wi.pyTo start the service, some usesetup.pyTo install, the key is that these two files cannot be found in the Roxy-WI homepage on github, which makes me confused.
Note 2: In fact, using the APT method is to deploy the Apache and Roxy-WI source codes together, saving time and worry.
Note 3: If you don’t know how to use PVE to create LXC, you can refer to my previous article:Docker series uses LXC to set up a Minecraft Bedrock Edition server based on Turnkey-gameserver.
3.3.2 Preparation (optional)
1. Install and upgrade pip version
ubunut 22.04 has python3 installed by default, but pip is not installed. When using the apt command to install Roxy-WI related components, pip is also installed, but because the pip version is lower (22.02), it does not support the "--break-system-packages" option (at least version 23.3 is required), so the following output will appear when the default installation is used:
Therefore, it is recommended to use the following command to install pip and confirm the default installed pip version before officially installing Roxy-WI:
apt update apt install python3-pip pip3 --version
Then use the following command to upgrade the pip version:
python3 -m pip install --upgrade pip
Confirm that the upgrade was successful:
2. Repair the distro-info package
After upgrading the pip version, the following error will appear:
This is because the version number 1.1build1 in the distro-info package does not conform to the standard format. PEP 440 version specification, and pip follows the specification more strictly in the new version, so it will fail when parsing the version, so you can run the following command to fix it:
apt install --reinstall python3-distro-info
3. Create the roxy log directory in advance
After installation, though it will eventually create"/var/log/roxy-wi"Directory, but this prompt will appear frequently during the installation process
Obsessive compulsive disorder means it looks very uncomfortable, so it is recommended to create it in advance:
mkdir -p /var/log/roxy-wi
Note 1: Directly using Ubuntu 24.04 may not have these problems, but since I have a ready-made LXC template for 22.04, I am too lazy to bother with 24.04. Besides, the new version may not be as reliable as the old version.
Note 2: It is best to have a scientific environment.
3.3.3 Install Roxy-WI using apt command
1. Add Roxy-WI warehouse address
echo \ "deb [arch=amd64, trusted=yes] https://repo.roxy-wi.org/ubuntu \ $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/roxy-wi.list > /dev/null
2. Update the warehouse
apt update
3. Install Roxy-WI
apt-get install roxy-wi roxy-wi-checker roxy-wi-metrics roxy-wi-smon roxy-wi-portscanner roxy-wi-keep-alive roxy-wi-socket
4. Confirm the Roxy-WI default configuration file:
cat /etc/roxy-wi/roxy-wi.cfg
3.3.4 Configure Roxy-WI to use mariadb database (optional)
When introducing the Roxy-WI configuration file, I mentioned earlier that Roxy-WI uses the SQLite database by default. This is sufficient when you only use Roxy-WI to manage one instance, but once you manage multiple instances at the same time, it is a bit difficult. At this time, you need to use an external database: mysql or mariadb. The following is a demonstration of the configuration process of mariadb:
1. Create a new Roxy-WI library and user on the database
Here you can choose the database you are used to. If you want to use mariaDB or mysql, you need to change "enable = 0" to "enable = 1". At the same time, you need to initialize the database in the local or remote database (use the mysqldump command to log in to the database) using the following command:
CREATE DATABASE roxy-wi; CREATE USER 'roxy-wi'@'%' IDENTIFIED BY 'your_password'; GRANT ALL PRIVILEGES ON roxy-wi.* TO 'roxy-wi'@'%'; FLUSH PRIVILEGES;
Note: If the local or remotely deployed database supports remote management, you can also use a client such as DBeaver to initialize it. For specific steps, please refer to my previous article:Manually initialize the database: create a new empty database and grant permissions to the corresponding user.
2. Install the MariaDB client on the device where Roxy-WI is deployed:
apt-get install mariadb-client libmariadb-dev
3. On the device where Roxy-WI is deployed, modify the "roxy-wi.cfg" configuration file to point to the MriaDB database:
[mysql] # By default Sqlite DB is used enable = 1 mysql_user = roxy-wi # The username must be the same as the one created in the first partmysql_password = your_password # The password must be the same as the one created in the first partmysql_db = roxy-wi # The database name must be the same as the one created in the first partmysql_host = 127.0.0.1 # If roxy-wi and the database are on the same device, you can use 127.0.0.1; if they are not on the same device, fill in the IP address of the database device heremysql_port = 3306 # Fill in the actual external service port of the mariadb database
4. Initialize the MariaDB database using the official script
Run the create_db.py script on the device where Roxy-WI is deployed. The script is located in the "/var/www/haproxy-wi" folder:
python3 /var/www/haproxy-wi/create_db.py
If the initialization is normal, the following output will appear:
And you can see that a large number of tables have appeared in the Roxy-WI library, which was originally empty in the MariaDB database, indicating that the initialization was successful:
5. Create a service corresponding to Roxy-WI for future management (optional)
The essence of using APT to install Roxy-WI is to directly use Apache to provide services for Roxy-WI (in fact, it is a convenient manual installation. The path of Roxy-WI in the apache configuration file is/etc/apache2/sites-enabled/roxy-wi.conf), which is different from the systemd type of service we are used to (it cannot be directly managed using commands such as systemctl reload and restart (it can be usedsystemctl restart apache2orsystemctl reload apache2to achieve this, but people with OCD say they don’t like it).
Therefore, you can create a Roxy-WI.service as a shortcut to manage Roxy-WI separately to suit your habits. Follow the steps below.
Create a new Roxy-WI.service file:
vim /etc/systemd/system/roxy-wi.service
Then paste the following in and save:
[Unit] Description=Roxy-WI (via Apache) After=network.target [Service] Type=oneshot ExecStart=/bin/systemctl restart apache2 ExecReload=/bin/systemctl reload apache2 RemainAfterExit=yes [Install] WantedBy=multi-user.target
Reload the Systemd configuration, set the newly created Roxy-WI service to start automatically at boot, and start the service immediately:
systemctl daemon-reload systemctl enable roxy-wi systemctl start roxy-wi
After that, you can usesystemctl reload roxy-wiandsystemctl restart roxy-wiRoxy-WI is managed separately.
4 Initialize Roxy-WI
4.1 Login to Roxy-WI
use"https://roxy-wi host machine IPLog in to the Roxy-WI web interface:
Enter your username and password to log in (the default username and password are both admin):
Click "admin" in the upper right corner to modify the password:
If you want to use a custom domain name to access Roxy-WI, redirect local port 80 to port 443 (if CDN is used, you need to configure it on the CDN provider side), customize SSL certificates, etc., you need to modify the Apache configuration file corresponding to Roxy-WI:
vim /etc/httpd/conf.d/roxy-wi.conf
If you want to use a custom domain name for access, find the following line and replace "roxy-wi.example.com" with your domain name:
... ServerName my_domain.local ...
If you want to enable redirection from port 80 to port 443, add the following line to the configuration file:
ServerName my_domain.local Redirect permanent "/" "https://my_domain.local/"
If you want to use a custom certificate, edit the following line:
... SSLEngine on SSLCertificateFile /var/www/haproxy-wi/app/certs/haproxy-wi.crt SSLCertificateKeyFile /var/www/haproxy-wi/app/certs/haproxy-wi.key ...
4.2 Add the target server where the service to be managed is located
4.2.1 Add SSH credentials for the Roxy-WI device
1. Usessh-keygenCommand to generate a key pair (optional):
ssh-keygen -t rsa -b 4096 -f /var/lib/roxy-wi/keys/roxywi_id_rsa
Then on the path/var/lib/roxy-wi/keys/Generate the private key file "roxywi_id_rsa" and the public key file "roxywi_id_rsa.pub"
2. Copy the public key file of the Roxy-WI device to the target server where haproxy is located (assuming the server IP is 192.168.1.100):
ssh-copy-id -i /var/lib/roxy-wi/keys/roxywi_id_rsa.pub [email protected]
If the device where Roxy-WI is located is the same as the target server, you can also manually copy it:
mkdir -p /root/.ssh # Optional step, if there is no /root/.ssh directory, you need to create it cat /var/lib/roxy-wi/keys/roxywi_id_rsa.pub >> /root/.ssh/authorized_keys
3. In "Admin area" - "SSH credentials" - "Add", add an SSH credential for the device where Roxy-WI is located (used to use ssh to log in to other devices with HAproxy, Nginx, and Apache applications installed for management):
Added successfully:
Then upload the contents of the previously generated private key file (/var/lib/roxy-wi/keys/roxywi_id_rsa):
Note: There is a prerequisite for using Roxy-WI to manage haproxy based on the "SSH key" method, that is, the target server where haproxy is located must be able to support ssh public key login: that is, in the "/etc/ssh/sshd_config" file, the setting of "PubkeyAuthentication yes" must take effect (friends who are interested in the detailed operation of configuring ssh public key login can refer to the article:Debian series configuration ssh public key login).
Using "SSH key" is the official recommended default value (because it is safe), but it is not necessary. If you do not want to use SSH based on public key login, you can also use the traditional username and password to log in to SSH. Just uncheck "Enable SSH key" when adding ssh credentials, and a box for filling in the password will appear:
4.2.2 Add the target server where the application to be managed is located (taking the HAproxy server as an example)
In "Admin area"-"Servers"-"Add" add the host where haproxy is located:
Successfully added:
After adding, you can directly test whether Roxy-WI and the device where haproxy is located can be successfully connected using ssh:
5 Add services to be managed on Roxy-WI
5.1 Install services that need to be managed by Roxy-WI (taking HAproxy as an example)
Click "Installation"-"Proxy service" and select the corresponding server to install HAproxy:
After successful installation, you can see the content in the HAproxy section:
Note 1: For those who plan to use Roxy-WI to manage HAproxy from the beginning, if HAproxy is a new deployment, you can install HAproxy in Roxy-WI (the same is true for Nginx, Apache, and Keepalived), which can save a lot of trouble.
Note 2: For "Avaliable versions", you can choose any version of the software you want to install, such as the latest version 3.1.1-1 of haproxy. However, whether it can be installed depends on the latest version of the apt repository on the target server. For example, the latest apt repository of my target server Ubuntu 22.04 is 2.4.24. Therefore, even if you want to install 3.1.1-1, the actual version can only be 2.4.24.
Note 3: If you use Roxy-WI to install Nginx or Apache, the process is the same, so I will not introduce them one by one.
5.2 Add the existing HAproxy service on the target server (optional)
If you have already used HAproxy and now just want to use Roxy-WI to manage it (make sure the HAproxy service is managed by a standard service management tool such as systemd; make sure the status of HAProxy,Statistics Page and Log Configuration It must be set up correctly), and it is not troublesome. Follow the normal steps above to add SSH credentials, add a server, and then add an existing service in Services in the server. Let's take HAproxy as an example:
However, if you have some custom configuration when installing HAproxy yourself (for example, not using the default path), you will also need to configure it in the "Admin area"-"Settings"-"HAproxy" section:
If the service to be managed is not HAproxy but Nginx or Apache, the process is similar.
6 Use Roxy-WI to manage applications (taking HAproxy as an example)
6.1 Overview
This part is about how to use Roxy-WI to manage applications. However, I will only briefly introduce Roxy-WI from the perspective of usage. If I also talk about it from the perspective of applications (such as HAproxy, Nginx, Apache), not only will the content of this article be confused, but it may also be unclear. Besides, friends who have already started to study Roxy-WI to manage applications must know what they should know. If I talk about some unnecessary things, I guess I will be despised.
Roxy-WI's HAProxy feature provides a user-friendly interface for managing and monitoring HAProxy configuration and status. It simplifies the deployment and management process of HAProxy, allowing users to easily edit configuration files, view real-time traffic statistics, check health status, and handle optimization of load balancing rules. Through this interface, users can effectively manage multiple HAProxy instances, create and delete front-end and back-end services, adjust load balancing strategies, and ensure high availability and flexibility in traffic distribution.
The following figure shows the functional modules provided when using Roxy-WI to manage HAproxy:
Next, I will briefly go over the more important functions.
6.2 Overview
The "Overview" function provides an intuitive interface to help users monitor and manage HAProxy instances in real time. It displays key performance data of the HAProxy instance, including traffic statistics (such as Bytes In and Bytes Out), current and total number of sessions, and other information. In addition, users can directly perform management operations through this interface, such as starting, reloading, restarting, or stopping the HAProxy instance:
This function helps users quickly understand the overall working status of HAProxy and identify potential performance bottlenecks or configuration problems, thus providing a basis for further optimization and management.
6.3 Config
The "Config" function is mainly used to configure and manage various settings of HAProxy. Through this function, users can edit the HAProxy configuration file to configure load balancing strategies, listening ports, backend servers, etc. It provides a friendly graphical interface, simplifies the HAProxy configuration process, avoids direct manual editing of complex configuration files, and is suitable for users who want to intuitively manage HAProxy configuration.
Then you can see the contents of haproxy.cfg corresponding to the selected haproxy instance:
For example, if I want to see the contents of the "frontend http_front" configuration section, I can just click on it to expand it:
After clicking Edit on the right side of the above picture, you can directly enter the editing mode:
As you can see, even if you are not familiar with the content of the haproxy.cfg configuration file, you can directly use the Config function item of Roxy-WI to manage the content of haproxy.cfg. For those who are familiar with the content of the configuration file, it is even more powerful.
Note: For those who are not familiar with HAProxy configuration, you can refer to my previous article:HAProxy practical tutorial: multi-scenario deployment and common function configuration analysis.
6.4 Stats
The "Stats" function is used to monitor and view real-time statistics of HAProxy. Through this function, users can intuitively view key indicators such as the connection status, number of requests, error rate, and traffic of the front-end, back-end, and each server, which helps to quickly diagnose the operation of load balancing, identify abnormal traffic, and optimize service performance. In addition, Roxy-WI integrates HAProxy's built-in statistics page through the Web interface, so that operation and maintenance personnel can easily obtain relevant data without manually configuring HAProxy's stats monitoring items:
6.5 Logs
The "Logs" function is used to view the real-time logs of HAProxy, helping users monitor traffic, troubleshoot problems, and analyze request processing. This function provides a visual interface for logs, allowing users to view and filter log contents directly on the web interface without logging into the server or manually searching for log files. Through the "Logs" option, users can quickly discover connection errors, backend server status changes, or abnormal requests, improve operation and maintenance efficiency, and facilitate debugging of HAProxy configurations.
However, although the path for reading HAProxy logs is set in Roxy-WI's "Admin area"-"Settings":
However, by default, you cannot see the logs in "Logs". This is because HAProxy does not write logs directly, but is only responsible for sending logs to rsyslog, which then writes them to the /var/log/haproxy/ directory. Therefore, if you want "Logs" to display HAProxy logs normally, you need to modify haproxy.cfg first and add the following configuration in the global section:
global log /dev/log local0 info log /dev/log local1 notice
Confirm whether there is/var/log/haproxy/If this path does not exist, create it yourself:
mkdir -p /var/log/haproxy/
Create the HAProxy configuration file in rsyslog:
vim /etc/rsyslog.d/haproxy.conf
Then paste the following and save:
$ModLoad imudp $UDPServerRun 514 local0.* /var/log/haproxy/haproxy.log local1.* /var/log/haproxy/haproxy.notice.log
Then reload the HAProxy configuration and restart rsyslog:
systemctl reload haproxy systemctl restart rsyslog
You can then view the HAProxy logs in Logs.
6.6 Add proxy
The "Add Proxy" function is used to quickly add a new proxy (load balancing) configuration. With this function, users can easily create and configure new load balancing in the web interface, including front-end and back-end settings. It simplifies the HAProxy configuration process. Users only need to fill in relevant parameters, such as listening port, back-end server, load balancing strategy, etc. The system will automatically generate the corresponding configuration code and apply it, which makes managing multiple proxies more efficient and avoids the trouble of manually editing complex configuration files:
Create the frontend:
Create the backend:
SSL Offloading:
I won’t take screenshots of the other interfaces one by one, but in general, it is really very friendly for friends who are not used to the CLI interface.
7 Conclusion
For HAProxy, Roxy-WI is probably the best graphical management tool currently. As for the graphical management of Nginx and Apache, although Roxy-WI performs well, there are many other options after all, so I chose HAProxy for demonstration in this article.
However, Roxy-WI is not necessary. If you are really familiar with the configuration files of HAProxy (Nginx, Apache, etc.), a vim is enough~, plus the built-in statistics interface (in fact, Roxy-WI basically directly quotes this~):
It's definitely enough for daily use.
Note 1: Actually, I regretted it when I wrote the second half of the article. HAProxy is too convenient to manage through the configuration file. After the modification, use the commandsystemctl reload haproxyReload the content, the current connection will not be interrupted, what else do you need (using Roxy-WI to perform the same operation requires a browser to access Roxy-WI, and you have to click the mouse several times~), and the statistics provided by Roxy-WI are actually directly calling the statistics of HAProxy itself, and there is no additional advantage. In contrast, it took me a lot of time to toss Roxy-WI itself. Now I think it is not worth it, but I was already on the pirate ship at that time, and I had to finish the article. Of course, this is not to say that Roxy-WI is not good, but from my own original intention of studying Roxy-WI just to facilitate the management of HAProxy, it is simply "picking up sesame seeds and losing watermelons". The key to the problem is actually: does HAProxy still need graphical management? Finally, I just hope that this article can be helpful to those friends who need to use Roxy-WI to manage HAProxy, Nginx, Apache and other software. For me, I have confirmed that it is useless.
Note 2: Roxy-WI also provides an official demo site. Interested friends can experience it directly:Roxy-WI demo site, username/password: admin/admin.
