Articles in this section

Installing JetProxy (Multiple Site Solution)

Todd Kirkland
  • Updated
Follow

Hardware Requirements

See https://kc.jetpatch.com/hc/en-us/articles/360024120731-Hardware-specifications 

Network Requirements

  • Ensure connectivity between JetProxy and JetPatch server using telnet over port 443.
  • Ensure firewall settings allowing connection on the JetProxy over port 443/HTTPS.

Nginx Configuration

Configure Proxy for JetPatch server using nginx. 

a. Create the following file:

/etc/yum.repos.d/nginx.repo

b. Copy the following in the file, and save it:

CentOS/RHEL 7:

[nginx]

name=nginx repo

baseurl=http://nginx.org/packages/rhel/7/$basearch/

gpgcheck=0

enabled=1

CentOS/RHEL 6:

[nginx]

name=nginx repo

baseurl=http://nginx.org/packages/rhel/6/$basearch/

gpgcheck=0

enabled=1

CentOS/RHEL 5:

[nginx]

name=nginx repo

baseurl=http://nginx.org/packages/rhel/5/$basearch/

gpgcheck=0

enabled=1

c. Run:

yum install nginx

d. When NGINX installation is complete, delete the following file:

/etc/nginx/conf.d/default.conf

JetProxy Application Configuration

Download the attached shell script according to the operating system you are using: 

intigua-gw-setup-script-rhel.sh = for RHEL / CentOS machines (5/6/7)

intigua-gw-setup-script-ubuntu.sh = for Ubuntu machines

Execute using sudoer privilege.  Example command line (change IP address to the JetPatch server):

#For RHEL machines
./intigua-gw-setup-script-rhel.sh https://<JetPatch-Server>

#For Ubuntu machines
./intigua-gw-setup-script-ubuntu.sh https://<JetPatch-Server>

If NGINIX does not start, run the following:

systemctl stop nginx
rm /etc/nginx/conf.d/intigua.conf
systemctl start nginx

Creating a JetProxy Management Service

The default, the built-in management service for the JetPatch connector is not aware of the JetProxy address. Thus, you will need to create a new one for the endpoints that will be using the JetProxy address as their primary URL.

This is also important for connector upgrades.

Additional Configuration

In high scale environments (>500 Endpoints) the following steps are required: 

  1. Append/modify fs.file-max = 70000  to  /etc/sysctl.conf file
  2. Add/modify the following lines in /etc/security/limits.conf
    • nginx       soft    nofile   10000
    • nginx       hard    nofile  30000
  3. Reload changes by sysctl -p
  4. In the top of the nginx.conf file (may be located in /etc/nginx/nginx.conf) add worker_rlimit_nofile 30000    like:
  5. change worker_connections to 30000 (nginx.conf)
  6. Reload changes - nginx -t && nginx -s reload
To verify: Open a shell in nginx user and enter  the following commands:
  • ulimit -Hn
  • ulimit -Sn
 The output should be:
  • 30000
  • 10000

The above steps (for scale environments) should also be performed if: 

  • In "/var/log/nginx/error.log" the following errors are seen:
    • (24: Too many open files)
    • worker_connections are not enough while connecting
  • In "/var/log/nginx/access.log" many connections are getting http 500 errors

 

Validate JetProxy Is Working 

To check if the JetProxy is working, just open a browser application (Chrome, Safari) and try to reach 

https://<YOUR_PROXY_ADDRESS>/vmanager-server

You should redirect to the JetPatch login screen.

Note - it this is not happening, check for firewall rules configuration on the JetProxy to enable incoming https communication.

Related articles

Comments

0 comments

Please sign in to leave a comment.