Does ldirectord have a problem accessing https with a cert error (e.g. IP doesn't match ssl cert)? That's about the only thing I can think of. Otherwise, why is it giving a false positive for the receive string? Thanks, Brent
At 07:21 PM 1/2/2011 -0700, you wrote: >I'm now using the latest version of ldirectord. There was no change in the >bug. I have a global variable that changes the output of the web server >(http & https). Ldirectord seems to work for port 80, but not for port 443. >I have multiple external IPs natted and looking at the real servers on both >port 80 & 443. > >It's looking for "Connected successfully". When turned off it no longer >appears; however, the debug code seems to allow the output, even though >it's not there (external IPs changed to x.x.x.n): > >DEBUG2: Checking connect: real >server=connect:tcp:10.0.3.11:443:::1:masq:\/index\.html:Connected\ >successfully (virtual=tcp:x.x.x.54:443) >DEBUG3: Connected to 10.0.3.11 (port 443) >DEBUG2: Enabled real >server=connect:tcp:10.0.3.11:443:::1:masq:\/index\.html:Connected\ >successfully (virtual=tcp:x.x.x.54:443) >DEBUG3: Activated service 10.0.3.11:443 > > >This is output when enabled, meaning changing the output of the webserver >to show "Connected Successfully", not turning on the webserver: > >[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.54:80) (Weight set to 0) >[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.50:80) (Weight set to 0) >[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.44:80) (Weight set to 0) >[Sun Jan 2 18:48:47 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.45:80) (Weight set to 0) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.54:80) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.54:80) (Weight set to 8) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.50:80) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.50:80) (Weight set to 1) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.44:80) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.44:80) (Weight set to 1) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.45:80) >[Sun Jan 2 18:49:03 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.45:80) (Weight set to 1) > >Note: If I turn off the web server it drops it out like it should: >TCP x.x.x.54:443 rr > -> 10.0.3.18:443 Masq 1 1 25 > -> 10.0.3.10:443 Masq 1 1 29 > -> 10.0.3.11:443 Masq 0 0 23 (this is >quiescent like it should) > >Stopping web server: >[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.54:80) (Weight set to 0) >[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:443 (x.x.x.54:443) (Weight set to 0) >[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.50:80) (Weight set to 0) >[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.44:80) (Weight set to 0) >[Sun Jan 2 18:59:18 2011|ldirectord.cf|5834] Quiescent real server: >10.0.3.11:80 (x.x.x.45:80) (Weight set to 0) > >Starting web server: >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.54:80) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.54:80) (Weight set to 8) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:443 (tcp:x.x.x.54:443) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:443 (x.x.x.54:443) (Weight set to 1) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.50:80) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.50:80) (Weight set to 1) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.44:80) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.44:80) (Weight set to 1) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Resetting soft failure count: >10.0.3.11:80 (tcp:x.x.x.45:80) >[Sun Jan 2 18:59:35 2011|ldirectord.cf|5834] Restored real server: >10.0.3.11:80 (x.x.x.45:80) (Weight set to 1) > >About the only thing I can think of it is caching the good output. As a >work-around maybe I need to check on port 80 instead of port 443? I ran >this test: >(1) Removed the receive string: http:80 dropped out (https should have >dropped out too) >(2) Turned off the web server: https:443 dropped out. >(3) Turned on the web server: https:443 popped in (didn't respect the >receive string) >(4) Enabled the receive string: http:80 popped in. > >This tells me that either (1) https is cached for a very long time or (2) >ldirectord it doesn't work properly. > >Here's my conf for this example: > >virtual=x.x.x.54:443 > fallback=127.0.0.1:443 > real=10.0.3.10:443 masq 1 > real=10.0.3.11:443 masq 1 > real=10.0.3.18:443 masq 1 > service=https > request="index.html" > receive="Connected successfully" > scheduler=rr > #persistent=600 > protocol=tcp > checktype=connect > >Is this correct? > >Thanks, > >Brent > > > >At 11:33 AM 12/31/2010 +0900, Simon Horman wrote: > >On Thu, Dec 30, 2010 at 06:06:52PM -0700, Brent Jensen wrote: > > > > > > I've just noticed (not sure how long this has been going on) that my > > > Ldirectord script doesn't respect the return code from the webservers > > > using https--it works not matter what the return string is. It works > > > fine for http. I've seen some old threads on this but not sure of late. > > > My version I'm running comes from clusterlabs repository > > > (ldirectord-1.0.3-2.6.el5). I haven't tried any newer versions. Is this > > > a known bug w/ this version? > > > >Hi Brent, > > > >Unfortunately I seem to be unable to reproduce this problem using both the > >current tip version[1] and the version that was included in agents-1.0.3. > >The latter should correspond to the version that you are using. > > > >My test involved a 404, and ldirectord identified the server as being down. > > > >My suspicion is that there is a problem in either one of the underlying > >libraries or your configuration. > > > >Would it be possible for you to run the version that you have > >installed with the -d flag to see if the resulting debugging information > >sheds any light on the problem? Or perhaps try the latest snapshot > >to check that it isn't a bug specific to the version you have? > > > >[1] http://horms.net/projects/ldirectord/download/ldirectord-latest > > >_______________________________________________ >Please read the documentation before posting - it's available at: >http://www.linuxvirtualserver.org/ > >LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org >Send requests to lvs-users-requ...@linuxvirtualserver.org >or go to http://lists.graemef.net/mailman/listinfo/lvs-users _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users
