HAProxy is as its name says, a proxy that aims high availability. It can be used not only to proxy the HTTP (Layer 7) but to proxy TCP (Layer 4). Among the many things HAProxy has, it is possible to access its management page to do active monitoring. I will talk about how to set up a simple Nagios monitoring.
I will assume you are familiar with Nagios and HAProxy configuration. The first step is to add the proper configuration to the HAProxy, put something like this:
log 127.0.0.1 local2
stats socket /var/lib/haproxy/stats mode 666
group admin users admin
user admin insecure-password SUPER_SECURE_PASSWORD
user stats insecure-password SUPER_SECURE_PASSWORD
stats refresh 60s
stats uri /
acl AuthOkay_ReadOnly http_auth(STATSUSERS)
acl AuthOkay_Admin http_auth_group(STATSUSERS) admin
stats http-request auth realm admin_page unless AuthOkay_ReadOnly
This configuration will do two important things:
- it will open a Linux socket in /var/lib/haproxy/stats where everyone will be able to read or write (you will need to play with security if you do not trust who logs into your system)
- it will open the port 9600 which it handles the HTTP page for HAProxy management
Next step is installing the HAProxy Nagios Plugins. It is published in the OKay RPM Repository, you can install it by typing yum install nagios-plugins-contrib-haproxy.
Some examples how to run the monitoring plugins are:
/usr/lib64/nagios/plugins/check_haproxy_stats -s /var/lib/haproxy/stats -w 90 -c 95
It will check through the unix socket and send a warning if 90% of the maximum allowed connections are reached and a critical if 95% is reached.
/usr/lib64/nagios/plugins/check_haproxy -u 'http://127.0.0.1:9600/;csv;norefresh' -U admin -P SUPER_SECURE_PASSWORD -w 2 -c 3
It will use the management page and send a warning if request times are 2 seconds or more, or a critical signal if request times are beyond 3 seconds or more.
Good luck!blog comments powered by Disqus