Mailing List Archive

UDP syslog load balancer healthcheck workaround
Want to share the ldirector_port_check script based on check_port.pl script
[1] which can be used to perform the remote healthcheck for listen ports.
The remote monitoring UDP listen ports is not possible. Ldirector use
simple ping of remote host for UDP services, which is not sufficient. To
let the ldirector manage the real servers for UDP services, the external
check script needs to be used.
The attached script can be used to monitor remote TCP port as an health
check for remote UDP port. In case the remote TCP port become unavailable,
also the UDP real server will be removed from LVS balancing configuration.
The only requirement is that the rsyslog instance should have both UDP and
TCP ports open with same port number.

Script can be used with ldirectord configuration as follows:
~# cat /etc/heartbeat/ldirectord.cf
checktimeout=10
checkinterval=2
autoreload=yes
logfile="/var/log/ldirectord.log"
quiescent=no
readdquiescent=no

virtual=10.0.x.a:5514
real=10.0.x.b:5514 gate
real=10.0.x.c:5514 gate
service=none
scheduler=rr
protocol=tcp
checktype=connect

virtual=10.0.x.a:5514
real=10.0.x.b:5514 gate
real=10.0.x.c:5514 gate
service=none
scheduler=rr
protocol=udp
checktype=external-perl
checkcommand=/usr/local/sbin/ldirector_port_check

[1]
https://exchange.nagios.org/directory/Plugins/Network-Protocols/*-TCP-and-UDP-(Generic)/check_port-2Epl/details

--
Peter
Re: UDP syslog load balancer healthcheck workaround [ In reply to ]
Small remark for ldirectord config.
The UDP syslog service work much better with scheduler=sh (source hash) and
quiescent=yes.
That will let the LVS balance across real servers with source-ip going to
the same destination if available. For UDP service the LVS does not route
packets for unavailable real servers (with weight set to 0). With
quiescent=no the real server is removed from LVS configuration and the
source-hash mapping is lost. For source-ip hash sheduler, the weight needs
to be setup as it does mean "maximum allowed connections" for real server.
http://kb.linuxvirtualserver.org/wiki/Source_Hashing_Scheduling

On the contrary, for TCP the quiescent=yes causing the new connections are
still balanced to the unavailable real servers causing the connection to
fail. In combination with source-ip hash might cause general unavailability
for part of the environment.

Then the configuration might look like this
virtual=10.0.x.a:5514
real=10.0.x.b:5514 gate 50
real=10.0.x.c:5514 gate 50
real=10.0.x.d:5514 gate 50
quiescent=no
service=none
scheduler=sh
protocol=tcp
checktype=connect

virtual=10.1.x.a:5514
real=10.0.x.b:5514 gate 100
real=10.0.x.c:5514 gate 100
real=10.0.x.d:5514 gate 100
quiescent=yes
service=none
scheduler=sh
protocol=udp
checktype=external-perl
checkcommand=/usr/local/sbin/ldirector_port_check


On Wed, Jun 26, 2019 at 2:11 PM Peter Viskup <skupko.sk@gmail.com> wrote:

> Want to share the ldirector_port_check script based on check_port.pl
> script [1] which can be used to perform the remote healthcheck for listen
> ports.
> The remote monitoring UDP listen ports is not possible. Ldirector use
> simple ping of remote host for UDP services, which is not sufficient. To
> let the ldirector manage the real servers for UDP services, the external
> check script needs to be used.
> The attached script can be used to monitor remote TCP port as an health
> check for remote UDP port. In case the remote TCP port become unavailable,
> also the UDP real server will be removed from LVS balancing configuration.
> The only requirement is that the rsyslog instance should have both UDP and
> TCP ports open with same port number.
>
> Script can be used with ldirectord configuration as follows:
> ~# cat /etc/heartbeat/ldirectord.cf
> checktimeout=10
> checkinterval=2
> autoreload=yes
> logfile="/var/log/ldirectord.log"
> quiescent=no
> readdquiescent=no
>
> virtual=10.0.x.a:5514
> real=10.0.x.b:5514 gate
> real=10.0.x.c:5514 gate
> service=none
> scheduler=rr
> protocol=tcp
> checktype=connect
>
> virtual=10.0.x.a:5514
> real=10.0.x.b:5514 gate
> real=10.0.x.c:5514 gate
> service=none
> scheduler=rr
> protocol=udp
> checktype=external-perl
> checkcommand=/usr/local/sbin/ldirector_port_check
>
> [1]
> https://exchange.nagios.org/directory/Plugins/Network-Protocols/*-TCP-and-UDP-(Generic)/check_port-2Epl/details
>
> --
> Peter
>
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.