On Mon, May 22, 2017 at 12:23:31PM -0700, Gold Star wrote:
> Thanks for pointing out the obvious flaw Maciej.
>
> Is it possible to modify option #2 (Lua-script powered endpoint) to define
> a read-write endpoint where read endpoint (HTTP GET) returns the health
> status while the write endpoint (HTTP POST on the same port) will update an
> in-memory variable that represents the health status? We will ensure that
> the source IP and port of the caller are valid for security purpose.
> Subsequent read responses will change based on the updated value of this
> in-memory variable.
>
> Any idea option #2 or option #3 is better or if there are better options
> out there?
Well, there are two options which seem better to me :
- use the agent check. It's by far the cleanest thing to do when you want
to perform some sideband checks like this. It requires a listening port
but that's not dramatic ; it can report various state changes so that
you could build your monitor-fail directives based on more than on/off
- use the process check. It's a fork/exec. I've never used it so my
advice would be limited. My understanding is that it would be close
to what the agent does.
At least in the case of the agent it's possible for haproxy to send a string
along with the connection, allowing the agent to know what server the check
is for, and to possibly return multiple statuses if you can make use of this.
Willy
