How to succesfully control a virtual service if no real servers are defined?

[Sebastiaan Veldhuisen]

Hello there,
We currently have mon checking 2 real http server once per 30 seconds. 
If a real http server fails it will be taken out of the LVS via 
lvs.alert. The real http server will be added back into
the lvs once the test succeeds (again via lvs.alert). The problem is 
however, i want to do a check on If all real http servers are removed 
from the lvs for the service http.
In that specific case, i want to remove the http virtual service from 
the lvs, which will  unmask the http server on the loadbalancer that 
will serve a technical maintenance page.

How do i do this?
I already got  the scripts from Christopher de Marco (ipvs.alert and 
ipvs.monitor) whih allows you to monitor if a virtual service has real 
servers defined an take action, but i don't understand how to incorprate 
them into mon.cf. The problem is that i can't put bot real http servers 
in the same host group, because i have to do different alert actions 
(read: delete the specific server from the lvs). I saw that Christopher 
had this same problem in an older thread 
(http://www.mail-archive.com/mon@linux.kernel.org/msg01427.html). I've 
contacted him, but he doens't respond to my mails. Anybody has a clue on 
how to implement this?

Regards,
Sebastiaan Veldhuisen
Specific part of mon.cf
--------------------------
watch webmail1
   service http
       description umail unsecure (IMP) webserver 1
       interval 30s
       monitor http.monitor
       period wd {Sun-Sat}
               alert mail.alert [EMAIL PROTECTED]
               upalert mail.alert [EMAIL PROTECTED]
               #alert mobile.alert [EMAIL PROTECTED]
               #upalert mobile.alert [EMAIL PROTECTED]
               alert lvs.alert -P tcp -V x.x.x.18:80 -R x.x.x.4:80 -W 1 
-F dr
               upalert lvs.alert -P tcp -V x.x.x.18:80 -R x.x.x.4:80 -W 
1 -F dr
               alertevery 1h
               alertafter 2
   service https
       description umail secure (IMP) webserver 1
       interval 30s
       monitor https.monitor
       period wd {Sun-Sat}
               alert mail.alert [EMAIL PROTECTED]
               upalert mail.alert [EMAIL PROTECTED]
               alert mobile.alert [EMAIL PROTECTED]
               upalert mobile.alert [EMAIL PROTECTED]
               alert lvs.alert -P tcp -V x.x.x.18:443 -R x.x.x.4:443 -W 
1 -F dr
               upalert lvs.alert -P tcp -V x.x.x.18:443 -R x.x.x.4:443 
-W 1 -F dr
               alertevery 1h
               alertafter 2

watch webmail2
   service  http
       description umail unsecure (IMP) webserver 2
       interval 30s
       monitor http.monitor
       period wd {Sun-Sat}
               alert mail.alert [EMAIL PROTECTED]
               upalert mail.alert [EMAIL PROTECTED]
               #alert mobile.alert [EMAIL PROTECTED]
               #upalert mobile.alert [EMAIL PROTECTED]
               alert lvs.alert -P tcp -V x.x.x.18:80 -R x.x.x.5:80 -W 1 
-F dr
               upalert lvs.alert -P tcp -V x.x.x.18:80 -R x.x.x.5:80 -W 
1 -F dr
               alertevery 1h
               alertafter 2
   service  https
       description umail secure (IMP) webserver 2
       interval 30s
       monitor https.monitor
       period wd {Sun-Sat}
               alert mail.alert [EMAIL PROTECTED]
               upalert mail.alert [EMAIL PROTECTED]
               alert mobile.alert [EMAIL PROTECTED]
               upalert mobile.alert [EMAIL PROTECTED]
               alert lvs.alert -P tcp -V x.x.x.18:443 -R x.x.x.5:443 -W 
1 -F dr
               upalert lvs.alert -P tcp -V x.x.x.18:443 -R x.x.x.5:443 
-W 1 -F dr
               alertevery 1h
               alertafter 2
---------------------


ipvs.monitor
---------------------
#!/usr/bin/perl
# ipvs.monitor - Linux Virtual Server monitor for mon
#   Check  whether  the  specified virtual  service   is defined, and,
#   optionally, whether it has any realservers defined.
#
# Invocation:
#   ipvs.monitor [options] -V <virtual_service> -P <protocol>
#
# Options:
#   -z allows a virtual service to have zero realservers defined
#
# Notes:
#   - Since  it uses  ipvsadm, this  script  (and therefore  mon) must
#   unfortunately run as root :(
#   - ipvs.monitor returns 0 on success and 1 on failure
use Getopt::Std;
getopts ("zV:P:");
%proto = (
           "tcp" => "-t",
           "udp" => "-u",
          );
$virtual_service = "$opt_V";
@ipvs = `/sbin/ipvsadm -l $proto{$opt_P} $virtual_service 2>&1`;
# allow a service with no realservers?
defined $opt_z ?
 ($n = 2)
 :
 ($n = 3);
# Check the output:
# ...two lines of headers
# ...one line of virtual service
# ...one line for each realserver
$#ipvs < $n ?
 exit 1
 :
 exit 0;
# # ## ### ##### ######## ############# #####################
# CHANGELOG
# Tue Jul 27 11:17:39 MYT 2004
#   Initial version
#   Christopher DeMarco <[EMAIL PROTECTED]>
# Tue Jul 27 14:14:08 MYT 2004
#   added -z switch
#   Christopher DeMarco <[EMAIL PROTECTED]>
# # ## ### ##### ######## ############# #####################
#   Copyright (C) 2004, Christopher DeMarco
#
#   This program is  free  software; you  can  redistribute it  and/or
#   modify it  under the terms  of the GNU  General  Public License as
#   published by the Free Software Foundation; either version 2 of the
#   License, or (at your option) any later version.
#
#   This program is  distributed in the hope  that it will  be useful,
#   but WITHOUT  ANY WARRANTY; without  even  the implied warranty  of
#   MERCHANTABILITY or FITNESS FOR A  PARTICULAR PURPOSE.  See the GNU
#   General Public License for more details.
#
#   You should have received a copy of  the GNU General Public License
#   along  with this program;  if   not, write  to the Free   Software
#   Foundation,  Inc.,  59  Temple   Place,   Suite 330,  Boston,   MA
#   02111-1307 USA
---------------------

ipvs.alert
---------------------
#!/usr/bin/perl
# ipvs.alert - Linux Virtual Server alert for mon
#   Bring a realserver up or down, or remove the entire virtual server.
#
# Invocation:
#   To remove a realserver from a virtual service:
#     ipvs.alert -P <protocol> -V <virtual> -R <realserver:port>
#   To add a realserver to an existing virtual service:
#     ipvs.alert -u -P <protocol> -V <virtual> -R <realserver> -W <weight> -F 
<forwarding>
#   To remove a virtual service along with any associated realservers:
#     ipvs.alert -D -P <protocol> -V <virtual>
#   To create a virtual service with the given realserver:
#     ipvs.alert -u -B -P <protocol> -V <virtual> -S <scheduler> -R <realserver> -W 
<weight> -F <forwarding>
#
# Options:
#   -P protocol (tcp|udp)
#   -V virtual service
#   -R realserver
#   -W weight
#   -F forwarding type (nat|tun|dr)
#   -S scheduler (rr|wrr|lc|wlc|lblc|lblcr|dh|sh|sed|nq)
#   -D delete the entire virtual server
#   -B rebuild the virtual server
#
# Notes:
#   - -u is  added automatically  when    ipvs.alert  is  part  of  an
#   ``upalert''.
#   - You   can't   build  (-B) a   virtual service  without  giving a
#   realserver, but   you *can* add  a  realserver without  building a
#   virtual service.
#   - the comments are almost double the  volume of the script itself.
#   Good, bad or just plain ugly?
#   -  Since it  uses ipvsadm,  this  script (and  therefore Mon) must
#   unfortunately run as root :(

use Getopt::Std;
getopts ("uDBs:g:h:t:l:P:V:R:W:F:S:");
$ipvsadm = "/sbin/ipvsadm";
$virtual_service = "$opt_V";
$realserver = "-r $opt_R";
$scheduler = "-s $opt_S";
%proto = (
           "tcp" => "-t",
           "udp" => "-u",
          );
%type = (
          "nat" => "-m",
          "tun" => "-i",
          "dr"  => "-g",
         );
if ($opt_u) { # bring up the realserver
 if ($opt_B) { # build the virtual service first
   system("$ipvsadm -A $proto{$opt_P} $virtual_service $scheduler");
 }
 $weight = "-w $opt_W";
 system("$ipvsadm -a $proto{$opt_P} $virtual_service $realserver $weight 
$type{$opt_F}");
} elsif ($opt_D) { # tear down the entire virtual server
 system("$ipvsadm -D $proto{$opt_P} $virtual_service");
} else { # delete the realserver
 system("$ipvsadm -d $proto{$opt_P} $virtual_service $realserver");
};

# # ## ### ##### ######## ############# #####################
# CHANGELOG
# Mon Jul 12 14:12:49 MYT 2004
#   Initial [messy] version
#   Christopher DeMarco <[EMAIL PROTECTED]>
# Thu Jul 15 11:02:06 MYT 2004
#   Added -D to delete the entire virtual server
#   Bringing up a service also adds the virtual server
#   General code overhaul
#   Christopher DeMarco <[EMAIL PROTECTED]>
# Mon Jul 26 10:09:34 MYT 2004
#   Renamed "lvs" to "ipvs"
#   Christopher DeMarco <[EMAIL PROTECTED]>
# # ## ### ##### ######## ############# #####################
#   Copyright (C) 2004, Christopher DeMarco
#
#   This program is  free  software; you  can  redistribute it  and/or
#   modify it  under the terms  of the GNU  General  Public License as
#   published by the Free Software Foundation; either version 2 of the
#   License, or (at your option) any later version.
#
#   This program is  distributed in the hope  that it will  be useful,
#   but WITHOUT  ANY WARRANTY; without  even  the implied warranty  of
#   MERCHANTABILITY or FITNESS FOR A  PARTICULAR PURPOSE.  See the GNU
#   General Public License for more details.
#
#   You should have received a copy of  the GNU General Public License
#   along  with this program;  if   not, write  to the Free   Software
#   Foundation,  Inc.,  59  Temple   Place,   Suite 330,  Boston,   MA
#   02111-1307 USA
---------------------



_______________________________________________
mon mailing list
mon@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/mon