Overview
By default, Zevenet runs simple health checks to the backends or real servers, but sometimes this check is not enough to determine that the backends are working appropriately. For this reason, Zevenet implements a service that executes and manages advanced health checks via a daemon that uses plugins called Farm Guardian.
The main task of Farm Guardian is to work as an advanced monitoring for applications, for this, Farm Guardian reads the farm configuration and obtains the backend list, and helped by a plugin checks the backend health status, Farm Guardian updates the backend status for the given farm allowing or not allowing Zen Load Balancer to send connections at such backend.
The used plugins by Farm Guardian can be found under the directory /usr/local/zenloadbalancer/app/libexec/ .
Farm Guardian Configuration
Health Checks for backend. Checking this box will enable a more advanced monitoring state for backends and totally programmable with your own scripts. When a wrong behavior is detected by Farm Guardian, it automatically disables the real server and will be marked as FGdown. This is an independent service so you don’t have need to restart the farm service.
Time Between Checks. This is the number of seconds that the Farm Guardian will wait to execute the health check.
Command to check. Command to be executed to against the configured backends. Constants or tokens are used in order to provide dynamic configuration.
Farm Guardian Logs. This checkbox will enable the Farm Guardian logs to debug some behavior, although it might consume a lot of storage.
Plugins
Farm Guardian uses plugins in order to configure advanced health checks to detect if a certain real server is working as expected using customized options. There are a lot of health checks for every kind of protocol, service or application. The most important plugins are described below.
check_ftp: This plugin tests FTP connections with the specified host.
check_fping: This plugin will use the fping command to ping the specified host for a fast check.
check_http: This plugin tests the HTTP service on the specified host. It can test plain (HTTP) and secure (HTTPS) protocols, follow redirects, it searches for strings and regular expressions, check connection times, and report on certificate expiration times, HTTP return codes, etc.
check_imap: This plugin tests IMAP connections with the specified host.
check_ldap: This plugin tests LDAP services. It can be tested with a given search.
check_ldaps: This plugin tests LDAPS services. It can be tested with a given search.
check_mysql: This plugin tests connections to a MySQL server.
check_mysql_query: This plugin checks a query result against threshold levels.
check_pgsql: Test whether a PostgreSQL Database is accepting connections.
check_pop: This plugin tests POP connections with the specified host.
check_radius: Tests to see if a RADIUS server is accepting connections.
check_simap: This plugin tests secure IMAP connections with the specified host
check_smtp: This plugin will attempt to open an SMTP connection with the host.
check_snmp: Check status of remote machines and obtain system information via SNMP.
check_spop: This plugin tests secure POP connections with the specified host.
check_ssh: Try to connect to an SSH server at specified server and port.
check_ssmtp: This plugin tests SSMTP connections with the specified host.
check_tcp: This plugin tests TCP connections with the specified host.
For further information, execute the following command under the plugins path:
plugin_name --help
Farm Guardian will use this plugins to check the health status of the backends and will manage the execution error output of the executed plugin for deciding the backend status as follows:
If the error output == 0 then the backend is OK > $? = 0
If the error output <> 0 then the backend is NOT OK > $? <> 0
Custom plugin
These plugins can be configured and fully programmable by sysadmins in order to be adapted to any protocol or application.
This example shows a custom plugin check_load.sh.
#!/bin/bash ### ###comments: ###snmp utils should be installed ###snmpd should be installed and configured in the backends ### MAXVALUE=4 COMMUNITY="public" EXECUTE=`snmpget -v 2c -c $COMMUNITY $1 .1.3.6.1.4.1.2021.10.1.3.1 |cut -d ':' -f2 | cut -d '.' -f1 | sed s/\ // | sed s/\"//` echo "SNMP CPU load check for $1 is $EXECUTE" # If the result is true, exit with 1; error; else exit = 0; OK if (( $EXECUTE >= $MAXVALUE )); then #error output; the server is overloaded and the load balancer isn’t going to send more connections exit 1 else #not error; the server can accept more connections exit 0 fi
Constants
When Farm Guardian execute a plugin, it can use some constants or tokens as arguments, like:
- HOST: Farm Guardian will take care of modifying this constant by the real server IP address.
- PORT: Farm Guardian will take care of modifying this constant by the real server port.
These constants can be used for every plugin, Farm Guardian will use them to run the health check with the real parameters in place.
Example
The next example describes an advanced HTTP health check for web services. A common error is that the application servers show blank pages but the 8080 port still accepts HTTP requests.
For an HTTP farm please, configure the next one in the Farm Guardian section of every service:
Farm Guardian is going to execute the check_http plugin for each backend and will replace the constants HOST and PORT by the IP address and port for each backend, for each execution the given plugin will return the error code 0 if the ‘Welcome’ string is found in the the content of the index.php. In the case that the ‘Welcome’ string isn’t found then this backend will be marked as DOWN.
For further information in regards to the configuration of Farm Guardian, please refer to Farm Guardian configuration guide.
Farm Guardian logs can be enabled although it could consumes a lot of disk space and it saves the logs in the path /usr/local/zenloadbalancer/config/[_service]_farmguardian.log or /var/log/syslog in the most updated Zevenet versions.