|
Does ldirectord have a problem accessing https with a cert error (e.g. IP
doesn't match ssl cert)? That's about the only thing I can think of.
Otherwise, why is it giving a false positive for the receive string?
Thanks, Brent
At 07:21 PM 1/2/2011 -0700, you wrote:
>I'm now using the latest version of ldirectord. There was no change in the
>bug. I have a global variable that changes the output of the web server
>(http & https). Ldirectord seems to work for port 80, but not for port 443.
>I have multiple external IPs natted and looking at the real servers on both
>port 80 & 443.
>
>It's looking for "Connected successfully". When turned off it no longer
>appears; however, the debug code seems to allow the output, even though
>it's not there (external IPs changed to x.x.x.n):
>
>DEBUG2: Checking connect: real
>server=connect:tcp:10.0.3.11:443:::1:masq:\/index\.html:Connected\
>successfully (virtual=tcp:x.x.x.54:443)
>DEBUG3: Connected to 10.0.3.11 (port 443)
>DEBUG2: Enabled real
>server=connect:tcp:10.0.3.11:443:::1:masq:\/index\.html:Connected\
>successfully (virtual=tcp:x.x.x.54:443)
>DEBUG3: Activated service 10.0.3.11:443
>
>
>This is output when enabled, meaning changing the output of the webserver
>to show "Connected Successfully", not turning on the webserver:
>
>[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.54:80) (Weight set to 0)
>[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.50:80) (Weight set to 0)
>[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.44:80) (Weight set to 0)
>[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.45:80) (Weight set to 0)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.54:80)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.54:80) (Weight set to 8)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.50:80)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.50:80) (Weight set to 1)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.44:80)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.44:80) (Weight set to 1)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.45:80)
>[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.45:80) (Weight set to 1)
>
>Note: If I turn off the web server it drops it out like it should:
>TCP x.x.x.54:443 rr
> -> 10.0.3.18:443 Masq 1 1 25
> -> 10.0.3.10:443 Masq 1 1 29
> -> 10.0.3.11:443 Masq 0 0 23 (this is
>quiescent like it should)
>
>Stopping web server:
>[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.54:80) (Weight set to 0)
>[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:443 (x.x.x.54:443) (Weight set to 0)
>[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.50:80) (Weight set to 0)
>[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.44:80) (Weight set to 0)
>[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server:
>10.0.3.11:80 (x.x.x.45:80) (Weight set to 0)
>
>Starting web server:
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.54:80)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.54:80) (Weight set to 8)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:443 (tcp:x.x.x.54:443)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:443 (x.x.x.54:443) (Weight set to 1)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.50:80)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.50:80) (Weight set to 1)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.44:80)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.44:80) (Weight set to 1)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count:
>10.0.3.11:80 (tcp:x.x.x.45:80)
>[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server:
>10.0.3.11:80 (x.x.x.45:80) (Weight set to 1)
>
>About the only thing I can think of it is caching the good output. As a
>work-around maybe I need to check on port 80 instead of port 443? I ran
>this test:
>(1) Removed the receive string: http:80 dropped out (https should have
>dropped out too)
>(2) Turned off the web server: https:443 dropped out.
>(3) Turned on the web server: https:443 popped in (didn't respect the
>receive string)
>(4) Enabled the receive string: http:80 popped in.
>
>This tells me that either (1) https is cached for a very long time or (2)
>ldirectord it doesn't work properly.
>
>Here's my conf for this example:
>
>virtual=x.x.x.54:443
> fallback=127.0.0.1:443
> real=10.0.3.10:443 masq 1
> real=10.0.3.11:443 masq 1
> real=10.0.3.18:443 masq 1
> service=https
> request="index.html"
> receive="Connected successfully"
> scheduler=rr
> #persistent=600
> protocol=tcp
> checktype=connect
>
>Is this correct?
>
>Thanks,
>
>Brent
>
>
>
>At 11:33 AM 12/31/2010 +0900, Simon Horman wrote:
> >On Thu, Dec 30, 2010 at 06:06:52PM -0700, Brent Jensen wrote:
> > >
> > > I've just noticed (not sure how long this has been going on) that my
> > > Ldirectord script doesn't respect the return code from the webservers
> > > using https--it works not matter what the return string is. It works
> > > fine for http. I've seen some old threads on this but not sure of late.
> > > My version I'm running comes from clusterlabs repository
> > > (ldirectord-1.0.3-2.6.el5). I haven't tried any newer versions. Is this
> > > a known bug w/ this version?
> >
> >Hi Brent,
> >
> >Unfortunately I seem to be unable to reproduce this problem using both the
> >current tip version[1] and the version that was included in agents-1.0.3.
> >The latter should correspond to the version that you are using.
> >
> >My test involved a 404, and ldirectord identified the server as being down.
> >
> >My suspicion is that there is a problem in either one of the underlying
> >libraries or your configuration.
> >
> >Would it be possible for you to run the version that you have
> >installed with the -d flag to see if the resulting debugging information
> >sheds any light on the problem? Or perhaps try the latest snapshot
> >to check that it isn't a bug specific to the version you have?
> >
> >[1] http://horms.net/projects/ldirectord/download/ldirectord-latest
>
>
>_______________________________________________
>Please read the documentation before posting - it's available at:
>http://www.linuxvirtualserver.org/
>
>LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>or go to http://lists.graemef.net/mailman/listinfo/lvs-users
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
