Networking
      Back to home
      1. Stratodesk NoTouch Knowledge base
      2. NoTouch Center
      3. Networking

      Virtual Appliance Reverse Proxy modes

      The Virtual Appliance supports multiple Reverse Proxy modes depending on the service it is providing

      Stratodesk Virtual Appliance runs two distinct software modules:

      • NoTouch Center, an enterprise Java-servlet software stack, using the `/easyadmin/*` URLs,
      • VA Console, a PHP-based system administration toolset, using the `/va-admin/` URLs,

      Both modules are web applications, however based on different platforms, each one suited well for its job. For user convenience we don't run them on separate port numbers, but instead everything is behind the normal HTTPS (port 443) webservice. Obviously, one of these modules must act as a "reverse-proxy" then to route requests for the other module accordingly. Which one acts as the front-end can be selected with the "Front-end service" parameter in the VA Configuration.

      For production NTC deployments and larger numbers we suggest using NTC as the front-end-service.

      The benefits of all that are obvious:

      • No need to expose a second port number, like 8080 or 8443
        • Less firewall configuration, less thinking about one more port
      • "Hiding" one service behind the other means one service less visible on the Virtual Appliance.
      • Easy-to-use access control via Firewall configuration (VA)
      • No more need to change port numbers on your own (unless you really want to use a strange port number - most people simply wanted it to run on 443)

      Best practices

      Larger, production NTC appliance

      Use NoTouch Center as front-end service.

      Cloud Xtension

      The Cloud Xtension requires nignx as the front-end service.

      PXE boot

      PXE boot requires NoTouch Center as the front-end service

      Up-to-date notice

      To properly use either of these scenarios, your appliance must be up-to-date. If your appliance was set up before fall 2018 and you want to use NTC as front-end, you will need to log in via SSH login, become root, and run apt-get install php-fpm. Your appliance needs Internet connection and access to Ubuntu repositories (*.ubuntu.com).

      Appliances set up after fall 2018 will not need that installation step.

      Configuration

      To switch between the two scenarios,

      1. Enter the VA Console (NOT NoTouch Center)
      2. Navigate to the VA Configuration area using the sidebar
      3. Switch the "Front-end-service" parameter
      4. Save and reboot the appliance

      Note: If you appliance says that either NTC is too old, or php-fpm is not installed, then please update NoTouch Center or install php-fpm as described above.

      Shell-based configuration

      In order to configure this manually from a shell-prompt, or if you think something went wrong, please log in via SSH login, and use the sudo /opt/bin/setproxy command.

      To make NoTouch Center the front-end service, run sudo /opt/bin/setproxy center. To make nginx the front-end service, run sudo /opt/bin/setproxy nginx