May I suggest taking a look at the Nagios plugins ? They are intended for the same purpose, and there are many of them. Recent Fedoras come with each in a separate package so they're easy to install. When they don't do what we need, they offer a good skeleton to start with.
In particular, the check_http plugin is capable of checking certificates in addition of downloading a page over https. check_tcp knows SSL. check_imap and check_smtp can also speak TLS. And so on. The check_ssh plugin can't actually negotiate certs yet but I don't see why you couldn't use the ssh *command* for a full end-to-end check. I would stay away from implementations requiring large interpreters if smaller ones are available, so they don't end up disabling services when they accidentally run out of memory. As a matter of fact, I would strongly suggest to define a particular return code to indicate "failed service" to distinguish from execution failures, and have a wrapper that checks for it at least (if not builtin into ldirectord). -- Laurentiu Badea Joseph Mack NA3T wrote: > On Tue, 25 Nov 2008, Ariel Liguori wrote: > > I seemed to have dropped the ball on this... > > With Ariel's posting, the subject of finding a good check > for ssh (and presumably sftp, and https) for ldirectord has > come up again. Ariel's code is doing a port connect test > similar to the one in ldirectord. Horms has code that uses > Net::SSH and Net::SFTP to do a full password-based login. A > nice feature would be a key exchange. Also possibly an https > page fetch. ...And anything else you can think of... > > If anyone is up for writing such a thing, off-line send > Graeme <[email protected]> and myself some code and after a > check, we'll pass it along to Horms > > Thanks Joe > _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
