LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: ldirectord https timeout not working?

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: ldirectord https timeout not working?
Cc: Scott Jones <scott@xxxxxxxxxxxxxxxxxx>
From: Horms <horms@xxxxxxxxxxxx>
Date: Fri, 31 May 2002 13:28:26 +1000
On Wed, May 29, 2002 at 01:20:34AM -0700, Scott Jones wrote:
> Hello,
> 
> I've been using ldirectord to do real server monitoring on my lvs cluster
> for more than a year now, but just now ran into a problem.  One of our
> realservers had a problem that made the test page begin but never actually
> respond (it was unable to obtain a database connection from our pool).
> 
> Unfortunately, while ldirectord did exactly what I expected for the http
> service and immediately removed the server, it did not remove the https
> service from that server and people continued to be sent to that machine.
> 
> Here is a discussion on the same topic from late last year, that didn't seem
> to come to any conclusions.
> http://marc.theaimsgroup.com/?l=linux-virtual-server&m=100309935206514&w=2
> 
> Looking at the source code for ldirectord (see below), I do not see any
> reference to the negotiatetimeout variable (which is used in check_http).  I
> am far from a perl expert, but I dug up the documentation for the Net:SSLeay
> perl module at http://symlabs.com/Net_SSLeay/Net_SSLeay.txt , and didn't see
> any kind of mention of a timeout...  is this a limitation of the perl
> libraries?

Hi Scott,

thanks for bringing this problem to my attention. There does
indeed seem to be a limitation in the Net::SSLeay perl library
in that it doesn't seem to have a facility to set a timeout.

I have a work around for this, using a call to alarm() (Yuck!)
and the resulting code should respect the negotiatetimeout
that has been set. The resulting check_https is below. I
have committed this change to CVS and recommend that you get
that version to make sure that you have the latest bug fixes.

Information on accessing the linux-ha tree, where ldirectord
lives, via CVS or the web can be found on www.linux-ha.org.

-- 
Horms


sub check_https
{
        my ($v, $r) = @_;
        require Net::SSLeay;
        $Net::SSLeay::trace = 0;
        my $uri = $$v{request};
        my ($page, $result, %headers);
        eval {
                local $SIG{__WARN__};
                local $SIG{'__DIE__'} = "DEFAULT";
                local $SIG{'ALRM'} = sub { die "Timeout Alarm" };
                alarm $$v{negotiatetimeout};
                ($page, $result, %headers)  = 
&Net::SSLeay::get_https($$r{server}, $$r{port}, $uri);
                my $recstr = $$r{receive};
                warn("Testing: $$r{server}, $$r{port}, $uri");
                if($result =~ /error/i ||
                                ($recstr =~ /.+/ && !($page =~ /$recstr/))) {
                        die("$result");
                }
        };
        alarm 0; # Cancel the alarm

        if ($@) {
                service_set($v, $r, "down");
                return 0;
        }
        service_set($v, $r, "up");
        return 1;
}


<Prev in Thread] Current Thread [Next in Thread>