|
Hi,
I've got a problem with a piranha installation but its sort of a
generic
problem so maybe someone here can help...
The installation is a RedHat 6.2 "out of the box" LVS setup. No patches
to
kernel etc. Everything is running fine and I can support virtual IPs for
both http and ftp. The problem is with https. The web servers are both
running secure servers and I'm happy that I've got https configured
correctly as I can connect to the servers directly if I run a browser on
one of the LVS routers. I can also connect to the servers using oppenssl.
A far as the cluster is concerned, if I run lvs by hand (lvs -n) nanny
reports that it gets no reponse from the server so the service is not made
available. From looking at the source for nanny, nanny sends an ICMP ECHO
REQUEST packet to the requested service port and expects a response. If it
gets a response then the service is available. Thats fine but what happens
for SSL services. Nanny does the ping to the port but nothing comes back as
the port is only "talking" SSL.
My question is, if you send an ICMP packet to an SSL listener, should
you
get a response.? If you should then I'll go back to investigating futrher.
However, if you do not then how can you monitor an SSL service?
I'm quite happy to drop piranha and go over to another way of setting
up
the cluster. Or hack nanny and make it "talk" SSL. With the various setup
around, if one wants to monitor an SSL service, what would be the best way
of doing it?
Thanks in advance.
Mark Doutre
Ibidlive-Systems Ltd
Glenlister House
14-16 King Street, East Grinstead, West Sussex
RH19 3DJ
tel: 01342 311778
|
