.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "LDIRECTORD 8" .TH LDIRECTORD 8 "2020-06-27" "perl v5.28.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" ldirectord \- Linux Director Daemon .PP Daemon to monitor remote services and control Linux Virtual Server .SH "SYNOPSIS" .IX Header "SYNOPSIS" \&\fBldirectord\fR [\fB\-d|\-\-debug\fR] [\-\-] [\fIconfigfile\fR] \&\fBstart\fR | \fBstop\fR | \fBrestart\fR | \fBtry-restart\fR | \fBreload\fR | \fBforce-reload\fR | \fBstatus\fR .PP \&\fBldirectord\fR [\fB\-h|\-?|\-\-help|\-v|\-\-version\fR] .SH "DESCRIPTION" .IX Header "DESCRIPTION" \&\fBldirectord\fR is a daemon to monitor and administer real servers in a cluster of load balanced virtual servers. \fBldirectord\fR typically is started from heartbeat but can also be run from the command line. On startup \fBldirectord\fR reads the file \fB/etc/ha.d/conf/\fR\fIconfiguration\fR. After parsing the file, entries for virtual servers are created on the \s-1LVS.\s0 Now at regular intervals the specified real servers are monitored and if they are considered alive, added to a list for each virtual server. If a real server fails, it is removed from that list. Only one instance of \&\fBldirectord\fR can be started for each configuration, but more instances of \&\fBldirectord\fR may be started for different configurations. This helps to group clusters of services. Normally one would put an entry inside \&\fB/etc/ha.d/haresources\fR .PP \&\fInodename virtual-ip-address ldirectord::configuration\fR .PP to start ldirectord from heartbeat. .SH "OPTIONS" .IX Header "OPTIONS" \&\fIconfiguration\fR: This is the name for the configuration as specified in the file \&\fB/etc/ha.d/conf/\fR\fIconfiguration\fR .PP \&\fB\-d|\-\-debug\fR Don't start as daemon and log verbosely. .PP \&\fB\-h|\-\-help\fR Print user manual and exit. .PP \&\fB\-v|\-\-version\fR Print version and exit. .PP \&\fBstart\fR the daemon for the specified configuration. .PP \&\fBstop\fR the daemon for the specified configuration. This is the same as sending a \s-1TERM\s0 signal to the running daemon. .PP \&\fBrestart\fR the daemon for the specified configuration. The same as stopping and starting. .PP \&\fBreload\fR the configuration file. This is only useful for modifications inside a virtual server entry. It will have no effect on adding or removing a virtual server block. This is the same as sending a \s-1HUP\s0 signal to the running daemon. .PP \&\fBstatus\fR of the running daemon for the specified configuration. .SH "SYNTAX" .IX Header "SYNTAX" .SS "Description of how to write configuration files" .IX Subsection "Description of how to write configuration files" \&\fBvirtual = \fR\fI(ip_address|hostname:portnumber|servicename)|firewall\-mark\fR .PP Defines a virtual service by IP-address (or hostname) and port (or servicename) or firewall-mark. A firewall-mark is an integer greater than zero. The configuration of marking packets is controlled using the \f(CW\*(C`\-m\*(C'\fR option to \fBipchains\fR(8). All real services and flags for a virtual service must follow this line immediately and be indented. .PP \&\fBchecktimeout = \fR\fIn\fR .PP Timeout in seconds for connect, external, external-perl and ping checks. If the timeout is exceeded then the real server is declared dead. .PP If defined in a virtual server section then the global value is overridden. .PP If undefined then the value of negotiatetimeout is used. negotiatetimeout is also a global value that may be overridden by a per-virtual setting. .PP If both checktimeout and negotiatetimeout are unset, the default is used. .PP Default: 5 seconds .PP \&\fBnegotiatetimeout = \fR\fIn\fR .PP Timeout in seconds for negotiate checks. .PP If defined in a virtual server section then the global value is overridden. .PP If undefined then the value of checktimeout is used. checktimeout is also a global value that may be overridden by a per-virtual setting. .PP If both negotiatetimeout and checktimeout are unset, the default is used. .PP Default: 30 seconds .PP \&\fBcheckinterval = \fR\fIn\fR .PP Defines the number of second between server checks. .PP When fork=no this option defines the amount of time ldirectord sleeps between running all of the realserver checks in all virtual service pools. .PP When fork=yes this option defines the amount of time each forked child sleeps per virtual service pool after running all realserver checks for that pool. .PP If set in the virtual server section then the global value is overridden, but \s-1ONLY\s0 if using forking mode (\fBfork = \fR\fIyes\fR). .PP Default: 10 seconds .PP \&\fBcheckcount = \fR\fIn\fR .PP This option is deprecated and slated for removal in a future version. Please see the 'failurecount' option. .PP The number of times a check will be attempted before it is considered to have failed. Only works with ping checks. Note that the checktimeout/negotiatetimeout is additive, so if a connect check is used, checkcount is 3 and checktimeout is 2 seconds, then a total of 6 seconds worth of timeout will occur before the check fails. .PP If defined in a virtual server section then the global value is overridden. .PP Default: 1 .PP \&\fBfailurecount = \fR\fIn\fR .PP The number of consecutive times a failure will have to be reported by a check before the realserver is considered to have failed. A value of 1 will have the realserver considered failed on the first failure. A successful check will reset the failure counter to 0. .PP If defined in a virtual server section then the global value is overridden. .PP Default: 1 .PP \&\fBautoreload = \fR\fByes\fR | \fBno\fR .PP Defines if should continuously check the configuration file for modification. If this is set to 'yes' and the configuration file changed on disk and its modification time (mtime) is newer than the previous version, the configuration is automatically reloaded. .PP Default: no .PP \&\fBcallback = "\fR\fI/path/to/callback\fR\fB"\fR .PP If this directive is defined, \fBldirectord\fR automatically calls the executable \fI/path/to/callback\fR after the configuration file has changed on disk. This is useful to update the configuration file through \fBscp\fR on the other heartbeated host. The first argument to the callback is the name of the configuration. .PP This directive might also be used to restart \fBldirectord\fR automatically after the configuration file changed on disk. However, if \fBautoreload\fR is set to yes, the configuration is reloaded anyway. .PP \&\fBfallback = \fR\fIip_address|hostname[:portnumber|sercvicename]\fR [\fBgate\fR | \fBmasq\fR | \fBipip\fR] .PP the server onto which a webservice is redirected if all real servers are down. Typically this would be 127.0.0.1 with an emergency page. .PP If defined in a virtual server section then the global value is overridden. .PP \&\fBfallbackcommand = "\fR\fIpath to script\fR\fB"\fR .PP If this directive is defined, the supplied script is executed whenever all real servers for a virtual service are down or when the first real server comes up again. In the first case, it is called with \*(L"start\*(R" as its first argument, in the latter with \*(L"stop\*(R". Additional parameters are vserver with vport (vserver:vport) as second param and protocol (tcp/udp) as third param to identify the virtual service within the fallback script. .PP If defined in a virtual server section then the global value is overridden. .PP \&\fBlogfile = "\fR\fI/path/to/logfile\fR\fB"\fR|syslog_facility .PP An alternative logfile might be specified with this directive. If the logfile does not have a leading '/', it is assumed to be a \fBsyslog\fR\|(3) facility name. .PP Default: log directly to the file \fI/var/log/ldirectord.log\fR. .PP \&\fBemailalert = "\fR\fIemailaddress\fR[, \fIemailaddress\fR]...\fB"\fR .PP A valid email address for sending alerts about the changed connection status to any real server defined in the virtual service. This option requires perl module MailTools to be installed. Automatically tries to send email using any of the built-in methods. See perldoc Mail::Mailer for more info on methods. .PP Multiple addresses may be supplied, comma delimited. .PP If defined in a virtual server section then the global value is overridden. .PP \&\fBemailalertfrom = \fR\fIemailaddress\fR .PP A valid email address to use as the from address of the email alerts. You can use a plain email address or any RFC-compliant string for the From header in the body of an email message (such as: \*(L"ldirectord Alerts\*(R" ) Do not quote this string unless you want the quotes passed in as part of the From header. .PP Default: unset, take system generated default (probably root@hostname) .PP \&\fBemailalertfreq =\fR \fIn\fR .PP Delay in seconds between repeating email alerts while any given real server in the virtual service remains inaccessible. A setting of zero seconds will inhibit the repeating alerts. The email timing accuracy of this setting is dependent on the number of seconds defined in the checkinterval configuration option. .PP If defined in a virtual server section then the global value is overridden. .PP Default: 0 .PP \&\fBemailalertstatus = \fR\fBall\fR | \fBnone\fR | \fBstarting\fR | \fBrunning\fR | \fBstopping\fR | \fBreloading\fR,... .PP Comma delimited list of server states in which email alerts should be sent. \&\fBall\fR is a short-hand for "\fBstarting\fR,\fBrunning\fR,\fBstopping\fR,\fBreloading\fR". If \fBnone\fR is specified, no other option may be specified, otherwise options are ored with each other. .PP If defined in a virtual server section then the global value is overridden. .PP Default: all .PP \&\fBsmtp = \fR\fIip_address|hostname\fR\fB"\fR .PP A valid \s-1SMTP\s0 server address to use for sending email via \s-1SMTP.\s0 .PP If defined in a virtual server section then the global value is overridden. .PP \&\fBexecute = "\fR\fIconfiguration\fR\fB"\fR .PP Use this directive to start an instance of ldirectord for the named \fIconfiguration\fR. .PP \&\fBsupervised = \fR\fByes\fR | \fBno\fR .PP If \fIyes\fR, then ldirectord does not go into background mode. All log-messages are redirected to stdout instead of a logfile. This is useful to run \fBldirectord\fR supervised from daemontools. See http://untroubled.org/rpms/daemontools/ or http://cr.yp.to/daemontools.html for details. .PP Default: \fIno\fR .PP \&\fBfork = \fR\fByes\fR | \fBno\fR .PP If \fIyes\fR, then ldirectord will spawn a child process for every virtual server, and run checks against the real servers from them. This will increase response times to changes in real server status in configurations with many virtual servers. This may also use less memory then running many separate instances of ldirectord. Child processes will be automatically restarted if they die. .PP Default: \fIno\fR .PP \&\fBquiescent = \fR\fByes\fR | \fBno\fR .PP If \fIyes\fR, then when real or failback servers are determined to be down, they are not actually removed from the kernel's \s-1LVS\s0 table. Rather, their weight is set to zero which means that no new connections will be accepted. .PP This has the side effect, that if the real server has persistent connections, new connections from any existing clients will continue to be routed to the real server, until the persistent timeout can expire. See ipvsadm for more information on persistent connections. .PP This side-effect can be avoided by running the following: .PP echo 1 > /proc/sys/net/ipv4/vs/expire_quiescent_template .PP If the proc file isn't present this probably means that the kernel doesn't have \s-1LVS\s0 support, \s-1LVS\s0 support isn't loaded, or the kernel is too old to have the proc file. Running ipvsadm as root should load \s-1LVS\s0 into the kernel if it is possible. .PP If \fIno\fR, then the real or failback servers will be removed from the kernel's \s-1LVS\s0 table. The default is \fIyes\fR. .PP If defined in a virtual server section then the global value is overridden. .PP Default: \fIyes\fR .PP \&\fBreaddquiescent = \fR\fByes\fR | \fBno\fR .PP If \fIyes\fR, then when real or failback servers are determined to be down, they are readded to the kernel's \s-1LVS\s0 table with weight 0 if they do not exist in the table. Setting the value to no, allows manually removing the realserver to manually disable all persistent connections. .PP \&\fBcleanstop = \fR\fByes\fR | \fBno\fR .PP If \fIyes\fR, then when ldirectord exits it will remove all of the virtual server pools that it is managing from the kernel's \s-1LVS\s0 table. .PP If \fIno\fR, then the virtual server pools it is managing and any real or failback servers listed in them at the time ldirectord exits will be left as-is. If you want to be able to stop ldirectord without having traffic to your realservers interrupted you will want to set this to \fIno\fR. .PP If defined in a virtual server section then the global value is overridden. .PP Default: \fIyes\fR .PP \&\fBmaintenancedir = \fR\fIdirectoryname\fR .PP If this option is set ldirectord will look for a special file in the specified directory and, if found, force the status of the real server identified by the file to down, skipping the normal health check. This would be useful if you wish to force servers down for maintenance without having to modify the actual ldirectord configuration file. .PP For example, given a realserver with \s-1IP 172.16.1.2,\s0 service on port 4444, and a resolvable reverse \s-1DNS\s0 entry pointing to \*(L"realserver2.example.com\*(R" ldirectord will check for the existence of the following files: .IP "172.16.1.2:4444" 4 .IX Item "172.16.1.2:4444" .PD 0 .IP "172.16.1.2" 4 .IX Item "172.16.1.2" .IP "realserver2.example.com:4444" 4 .IX Item "realserver2.example.com:4444" .IP "realserver2.example.com" 4 .IX Item "realserver2.example.com" .IP "realserver2:4444" 4 .IX Item "realserver2:4444" .IP "realserver2" 4 .IX Item "realserver2" .PD .PP If any one of those files is found then ldirectord will immediately force the status of the server to down as if the check had failed. .PP Note: Since it checks for the IP/hostname without the port this means you can decide to place an entire realserver into maintenance across a large number of virtual service pools with a single file (if you were going to reboot the server, for instance) or include the port number and put just a particular service into maintenance. .PP This option is not valid in a virtual server section. .PP Default: disabled .SS "Section virtual" .IX Subsection "Section virtual" The following commands must follow a \fBvirtual\fR entry and must be indented with a minimum of 4 spaces or one tab. .PP \&\fBreal =\fR \fIip_address|hostname[\->ip_address|hostname][:portnumber|servicename\fR] \fBgate\fR | \fBmasq\fR | \fBipip\fR [\fIweight\fR] [\fB"\fR\fIrequest\fR\fB\*(L", \*(R"\fR\fIreceive\fR\fB"\fR] .PP Defines a real service by IP-address (or hostname) and port (or servicename). If the port is omitted then a 0 will be used, this is intended primarily for fwmark services where the port for real servers is ignored. Optionally a range of IPv4 addresses (or two hostnames) may be given, in which case each IPv4 address in the range will be treated as a real server using the given port. The second argument defines the forwarding method, must be \fBgate\fR, \fBipip\fR or \fBmasq\fR. The third argument is optional and defines the weight for that real server. If omitted then a weight of 1 will be used. The last two arguments are also optional. They define a request-receive pair to be used to check if a server is alive. They override the request-receive pair in the virtual server section. These two strings must be quoted. If the request string starts with \fIhttp://...\fR the IP-address and port of the real server is overridden, otherwise the IP-address and port of the real server is used. .SS " For \s-1TCP\s0 and \s-1UDP\s0 (non fwmark) virtual services, unless the forwarding method is \fBmasq\fP and the \s-1IP\s0 address of a real server is non-local (not present on a interface on the host running ldirectord) then the port of the real server will be set to that of its virtual service. That is, port-mapping is only available to if the real server is another machine and the forwarding method is \fBmasq\fP. This is due to the way that the underlying \s-1LVS\s0 code in the kernel functions." .IX Subsection " For TCP and UDP (non fwmark) virtual services, unless the forwarding method is masq and the IP address of a real server is non-local (not present on a interface on the host running ldirectord) then the port of the real server will be set to that of its virtual service. That is, port-mapping is only available to if the real server is another machine and the forwarding method is masq. This is due to the way that the underlying LVS code in the kernel functions." .SS " More than one of these entries may be inside a virtual section. The checktimeout, negotiatetimeout, checkcount, fallback, emailalert, emailalertfreq and quiescent options listed above may also appear inside a virtual section, in which case the global setting is overridden." .IX Subsection " More than one of these entries may be inside a virtual section. The checktimeout, negotiatetimeout, checkcount, fallback, emailalert, emailalertfreq and quiescent options listed above may also appear inside a virtual section, in which case the global setting is overridden." \&\fBchecktype = \&\fR\fBconnect\fR | \fBexternal\fR | \fBexternal-perl\fR | \fBnegotiate\fR | \fBoff\fR | \fBon\fR | \fBping\fR | \fBchecktimeout\fR\fIN\fR .PP Type of check to perform. Negotiate sends a request and matches a receive string. Connect only attempts to make a \s-1TCP/IP\s0 connection, thus the request and receive strings may be omitted. If checktype is a number then negotiate and connect is combined so that after each N connect attempts one negotiate attempt is performed. This is useful to check often if a service answers and in much longer intervals a negotiating check is done. Ping means that \s-1ICMP\s0 ping will be used to test the availability of real servers. Ping is also used as the connect check for \s-1UDP\s0 services. Off means no checking will take place and no real or fallback servers will be activated. On means no checking will take place and real servers will always be activated. Default is \fInegotiate\fR. .PP \&\fBservice = \fR\fBdns\fR | \fBftp\fR | \fBhttp\fR | \fBhttps\fR | \fBhttp_proxy\fR | \fBimap\fR | \fBimaps\fR | \fBldap\fR | \fBmysql\fR | \fBnntp\fR | \fBnone\fR | \fBoracle\fR | \fBpgsql\fR | \fBpop\fR | \fBpops\fR | \fBradius\fR | \fBsimpletcp\fR | \fBsip\fR | \fBsmtp\fR | \fBsubmission\fR .PP The type of service to monitor when using checktype=negotiate. None denotes a service that will not be monitored. .PP simpletcp sends the \fBrequest\fR string to the server and tests it against the \fBreceive\fR regexp. The other types of checks connect to the server using the specified protocol. Please see the \fBrequest\fR and \fBreceive\fR sections for protocol specific information. .PP Default: .IP "\(bu" 4 Virtual server port is 21: ftp .IP "\(bu" 4 Virtual server port is 25: smtp .IP "\(bu" 4 Virtual server port is 53: dns .IP "\(bu" 4 Virtual server port is 80: http .IP "\(bu" 4 Virtual server port is 110: pop .IP "\(bu" 4 Virtual server port is 119: nntp .IP "\(bu" 4 Virtual server port is 143: imap .IP "\(bu" 4 Virtual server port is 389: ldap .IP "\(bu" 4 Virtual server port is 443: https .IP "\(bu" 4 Virtual server port is 587: submission .IP "\(bu" 4 Virtual server port is 993: imaps .IP "\(bu" 4 Virtual server port is 995: pops .IP "\(bu" 4 Virtual server port is 1521: oracle .IP "\(bu" 4 Virtual server port is 1812: radius .IP "\(bu" 4 Virtual server port is 3128: http_proxy .IP "\(bu" 4 Virtual server port is 3306: mysql .IP "\(bu" 4 Virtual server port is 5432: pgsql .IP "\(bu" 4 Virtual server port is 5060: sip .IP "\(bu" 4 Otherwise: none .PP \&\fBcheckcommand = "\fR\fIpath to script\fR\fB"\fR .PP This setting is used if checktype is external or external-perl and is the command to be run to check the status of a real server. It should exit with status 0 if everything is ok, or non-zero otherwise. .PP Four parameters are passed to the script: .IP "\(bu" 4 virtual server ip/firewall mark .IP "\(bu" 4 virtual server port .IP "\(bu" 4 real server ip .IP "\(bu" 4 real server port .PP If the checktype is external-perl then the command is assumed to be a Perl script and it is evaluated into an anonymous subroutine which is called at check time, avoiding a fork-exec. The argument signature and exit code conventions are identical to checktype external. That is, an external-perl checktype should also work as an external checktype. .PP Default: /bin/true .PP \&\fBcheckport = \fR\fIn\fR .PP Number of port to monitor. Sometimes check port differs from service port. .PP Default: port specified for each real server .PP \&\fBrequest = "\fR\fIuri to requested object\fR\fB"\fR .PP This object will be requested each checkinterval seconds on each real server. The string must be inside quotes. Note that this string may be overridden by an optional per real-server based request-string. .PP For an \s-1HTTP/HTTPS\s0 check, this should be a relative \s-1URI,\s0 while it has to be absolute for the 'http_proxy' check type. In the latter case, this \&\s-1URI\s0 will be requested through the proxy backend that is being checked. .PP For a \s-1DNS\s0 check this should the name of an A record, or the address of a \s-1PTR\s0 record to look up. .PP For a MySQL, Oracle or PostgeSQL check, this should be an \s-1SQL SELECT\s0 query. The data returned is not checked, only that the answer is one or more rows. This is a required setting. .PP For a simpletcp check, this string is sent verbatim except any occurrences of \en are replaced with a new line character. .PP \&\fBreceive = "\fR\fIregexp to compare\fR\fB"\fR .PP If the requested result contains this \fIregexp to compare\fR, the real server is declared alive. The regexp must be inside quotes. Keep in mind that regexps are not plain strings and that you need to escape the special characters if they should as literals. Note that this regexp may be overridden by an optional per real-server based receive regexp. .PP For a \s-1DNS\s0 check this should be any one the A record's addresses or any one of the \s-1PTR\s0 record's names. In case of dynamic \s-1DNS\s0 answers (different answers on the same question) a regex to match multiple addresses or \s-1PTR\s0 record names could also defined. .PP For a MySQL check, the receive setting is not used. .PP \&\fBhttpmethod = \s-1GET\s0\fR | \fB\s-1HEAD\s0\fR .PP Sets the \s-1HTTP\s0 method which should be used to fetch the \s-1URI\s0 specified in the request-string. \s-1GET\s0 is the method used by default if the parameter is not set. If \s-1HEAD\s0 is used, the receive-string should be unset. .PP Default: \s-1GET\s0 .PP \&\fBvirtualhost = "\fR\fIhostname\fR\fB"\fR .PP Used when using a negotiate check with \s-1HTTP\s0 or \s-1HTTPS.\s0 Sets the host header used in the \s-1HTTP\s0 request. In the case of \s-1HTTPS\s0 this generally needs to match the common name of the \s-1SSL\s0 certificate. If not set then the host header will be derived from the request url for the real server if present. As a last resort the \s-1IP\s0 address of the real server will be used. .PP \&\fBlogin = "\fR\fIusername\fR\fB"\fR .PP For \s-1FTP, IMAP, LDAP,\s0 MySQL, Oracle, \s-1POP\s0 and PostgreSQL, the username used to log in. .PP For \s-1RADIUS\s0 the username is used for the attribute User-Name. .PP For \s-1SIP,\s0 the username is used as both the to and from address for an \&\s-1OPTIONS\s0 query. .PP Default: .IP "\(bu" 4 \&\s-1FTP:\s0 Anonymous .IP "\(bu" 4 MySQL Oracle, and PostgreSQL: Must be specified in the configuration .IP "\(bu" 4 \&\s-1SIP:\s0 ldirectord\e@, hostname is derived as per the passwd option below. .IP "\(bu" 4 Otherwise: empty string, which denotes that case authentication will not be attempted. .PP \&\fBpasswd = "\fR\fIpassword\fR\fB"\fR .PP Password to use to login to \s-1FTP, IMAP, LDAP,\s0 MySQL, Oracle, \s-1POP,\s0 PostgreSQL and \s-1SIP\s0 servers. .PP For \s-1RADIUS\s0 the passwd is used for the attribute User-Password. .PP Default: .IP "\(bu" 4 \&\s-1FTP:\s0 ldirectord\e@, where hostname is the environment variable \s-1HOSTNAME\s0 evaluated at run time, or sourced from uname if unset. .IP "\(bu" 4 Otherwise: empty string. In the case of \s-1LDAP,\s0 MySQL, Oracle, and PostgreSQL this means that authentication will not be performed. .PP \&\fBdatabase = "\fR\fIdatabasename\fR\fB"\fR .PP Database to use for MySQL, Oracle and PostgreSQL servers, this is the database that the query (set by \fBreceive\fR above) will be performed against. This is a required setting. .PP \&\fBsecret = "\fR\fIradiussecret\fR\fB"\fR .PP Secret to use for \s-1RADIUS\s0 servers, this is the secret used to perform an Access-Request with the username (set by \fBlogin\fR above) and passwd (set by \&\fBpasswd\fR above). .PP Default: empty string .PP \&\fBscheduler =\fR \fIscheduler_name\fR .PP Scheduler to be used by \s-1LVS\s0 for loadbalancing. For an information on the available sehedulers please see the \fBipvsadm\fR\|(8) man page. .PP Default: \*(L"wrr\*(R" .PP \&\fBpersistent =\fR \fIn\fR .PP Number of seconds for persistent client connections. .PP \&\fBnetmask =\fR \fIw.x.y.z\fR | \fIprefixlen\fR .PP Netmask to be used for granularity of persistent client connections. IPv4 netmask should be specified in dotted quad notation. IPv6 netmask should be specified as a prefix length between 1 and 128. .PP \&\fBprotocol = tcp\fR | \fBudp\fR | \fBfwm\fR .PP Protocol to be used. If the virtual is specified as an \s-1IP\s0 address and port then it must be one of tcp or udp. If a firewall mark then the protocol must be fwm. .PP Default: .IP "\(bu" 4 Virtual is an \s-1IP\s0 address and port, and the port is not 53: tcp .IP "\(bu" 4 Virtual is an \s-1IP\s0 address and port, and the port is 53: udp .IP "\(bu" 4 Virtual is a firewall mark: fwm .PP \&\fBmonitorfile = "\fR\fI/path/to/monitorfile\fR\fB"\fR .PP File to continuously log the real service checks to for this virtual service. This is useful for monitoring when and why real services were down or for statistics. .PP The log format is: [timestamp|pid|real_service_id|status|message] .PP Default: no separate logging of service checks. .PP \&\fBops = \fR\fByes\fR | \fBno\fR .PP Specify that a virtual service uses one-packet scheduling. This option can be used only for \s-1UDP\s0 services. If this option is specified, all connections are created only to schedule one packet. Option is useful to schedule \&\s-1UDP\s0 packets from same client port to different real servers. .PP \&\fBservicename = \fR\fIshort name\fR .PP A name for this service. This is for the sole purpose of making it easier to know which service is affected when e\-mail notifications are sent out. It will be included in the e\-mail subject and body. .PP \&\fBcomment = \fR\fIcomment\fR .PP Notes about this service to be included in e\-mail notifications (for example, purpose of the service or relevant administrator to contact). .SH "IPv6" .IX Header "IPv6" Directives for IPv6 are virtual6, real6, fallback6. IPv6 addresses specified for virtual6, real6, fallback6 and a file of maintenance directory should be enclosed by brackets ([2001:db8::abcd]:80). .PP Following checktype and service are supported. .PP \&\fBchecktype: \fR\fBconnect\fR | \fBexternal\fR | \fBexternal-perl\fR | \fBnegotiate\fR | \fBoff\fR | \fBon\fR | \fBchecktimeout\fR\fIN\fR .PP \&\fBservice: \fR\fBdns\fR | \fBhttp\fR | \fBhttps\fR | \fBnntp\fR | \fBnone\fR | \fBsimpletcp\fR | \fBsip\fR .PP Note: When using a service type with http or https, you need to install perl module perl\-Net\-INET6Glue. .SH "FILES" .IX Header "FILES" \&\fB/etc/ha.d/ldirectord.cf\fR .PP \&\fB/var/log/ldirectord.log\fR .PP \&\fB/var/run/ldirectord.\fR\fIconfiguration\fR\fB.pid\fR .PP \&\fB/etc/services\fR .SH "SEE ALSO" .IX Header "SEE ALSO" ipvsadm, heartbeat .PP Ldirectord Web Page: http://www.vergenet.net/linux/ldirectord/ .SH "AUTHORS" .IX Header "AUTHORS" Horms .PP Jacob Rief