OpenBSD Journal

hostated - host status daemon

Contributed by sean on from the failing with class dept.

On Saturday December 16, 2006 a new daemon called hostated was imported into the OpenBSD base system. To this end Pierre-Yves writes:
Import hostated, the host status daemon.  This daemon will monitor remote hosts and 
dynamically alter pf(4) tables and redirection rules for active server load balancing.  
The daemon has been written by Pierre-Yves Ritschard (pyr at spootnik.org) and was 
formerly known as "slbd".

The daemon is fully functional but it still needs some work and cleanup so we don't link 
it to the build yet.  Some TODOs are a partial rewrite of the check_* routines (use 
libevent whenever we can), improvement of the manpages, and general knf and cleanup.

Now that the afore-mentioned partial rewrite is done, testing will be needed in order 
to get it linked to the build in time for 4.1.
A more detailed introduction to this facinating new tool is given by Pierre-Yves at this site:
http://spootnik.org/hostated/hostated_presentation.html

NOTE: If you want a head start on this you'll have to compile it yourself (src/usr.sbin/hostated) since it is not linked into the default build on current.

(Comments are closed)


Comments
  1. By Anonymous Coward (24.37.236.100) on

    I can think of a few ways of combining this with CARP, ifstated (maybe pfsync too, depending on situation) and WOW! I can't wait to see this stock in OpenBSD, truly awesome stuff!!!

    Great work!

  2. By arthurb (arthurb) arthurb@ihug.com.au on

    This is cool! It looks like it took the syntax from keepalived or similar, which will make moving configurations a lot easier ;)
    Fantastic work!

  3. By Chris Snell (chrissnell) chris.snell@gmail.com on http://chrissnell.com

    Great work, everyone! I'm very excited about this. There are many potential uses for this where I work, places where a USD$30,000 Foundry layer 7 load balancer would be overkill or not warranted by budget.

    Can PF be configured to select a host from the pool based on the number of active connections to that host (leastconns)?

    I'm looking forward to SMTP, IMAP, POP3, LDAP and FTP checks.

    Thanks again, guys!

    Comments
    1. By Anonymous Coward (74.115.21.120) on

      > Can PF be configured to select a host from the pool based on the number of active connections to that host (leastconns)?

      No.

  4. By OpenBSD becoming the failover platform of choice (62.212.121.150) on

    Wow, the load balancing and failover tool set is getting awesome !

    Given trunk, pfsync, carp, sasync, ifstated and now hoststated, OpenBSD can pretend to be one of the best platform for critical services.

    Comments
    1. By Anonymous Coward (212.247.200.68) on

      Does anyone know how to make pf keep state on the different clients, so that if one client's request is sent to $web_server1, the next request from the same client goes to the save $web_server1 ?

      Comments
      1. By Pierre-Yves Ritschard (pyr) on http://spootnik.org

        > Does anyone know how to make pf keep state on the different clients, so that if one client's request is sent to $web_server1, the next request from the same client goes to the save $web_server1 ?
        >
        >

        as of today you can specify ``sticky-address'' in a service section which accomplishes that.

  5. By Anonymous Coward (dspiteri) dspiteri@gmail.com on

    Cool, it just gets better and better.

  6. By Lars Hansson (203.65.246.6) lars@unet.net.ph on

    Now if it only did UDP and preferably DNS loadbalancing it would be a perfect fit for me.

    Comments
    1. By Anonymous Coward (195.29.148.251) on

      > Now if it only did UDP and preferably DNS loadbalancing it would be a perfect fit for me.
      >


      exactly, but in the meantime you can alter, say, <dns-servers> table using your custom shell script which checks availability of dns services (via amap, nmap, nc, etc.) and issues pfctl for adding and deleting entries from this table.

      not so flexible as hostated, but will help you till implemented in hostated.

    2. By Pierre-Yves Ritschard (pyr) pyr@spootnik.og on http://spootnik.org

      > Now if it only did UDP and preferably DNS loadbalancing it would be a perfect fit for me.
      >

      UDP support will be available, there is no reason not too include it, In what scenario would you want to load balance DNS servers though ?

      Comments
      1. By Anonymous Coward (195.29.148.251) on

        > > Now if it only did UDP and preferably DNS loadbalancing it would be a perfect fit for me.
        > >
        >
        > UDP support will be available, there is no reason not too include it, In what scenario would you want to load balance DNS servers though ?

        In my case, I would like to build two DNS groups with one group handling requests for NS1 and the other for handling requests for NS2. With this setup, my users don't have to wait for DNS server timeout (CARP and hostated ensure request always returns), and also addition of new DNS server(s) doesn't require new NS record(s) because everything is obfuscated in two already registered NS IP addresses.

        Comments
        1. By Pierre-Yves Ritschard (pyr) on http://spootnik.org

          > > > Now if it only did UDP and preferably DNS loadbalancing it would be a perfect fit for me.
          > > >
          > >
          > > UDP support will be available, there is no reason not too include it, In what scenario would you want to load balance DNS servers though ?
          >
          > In my case, I would like to build two DNS groups with one group handling requests for NS1 and the other for handling requests for NS2. With this setup, my users don't have to wait for DNS server timeout (CARP and hostated ensure request always returns), and also addition of new DNS server(s) doesn't require new NS record(s) because everything is obfuscated in two already registered NS IP addresses.

          It seems sensible in this case.
          There won't be a specific DNS health checker though, ICMP would seem to be the way to go (before user supplied scripts are supported, of course).

          Comments
          1. By Anonymous Coward (195.29.148.251) on

            > There won't be a specific DNS health checker though, ICMP would seem to be the way to go (before user supplied scripts are supported, of course).

            And are there any good estimates that user supplied scripts will be supported on time in upcoming OpenBSD 4.1 ?

            Comments
            1. By Pierre-Yves Ritschard (pyr) on http://spootnik.org

              > > There won't be a specific DNS health checker though, ICMP would seem to be the way to go (before user supplied scripts are supported, of course).
              >
              > And are there any good estimates that user supplied scripts will be supported on time in upcoming OpenBSD 4.1 ?

              yes, I think I'll have them done by then.

          2. By Lars Hansson (203.65.246.12) lars@unet.net.ph on

            > It seems sensible in this case.
            > There won't be a specific DNS health checker though, ICMP would seem to be the way to go (before user supplied scripts are supported, of course).

            It would actually be better with a DNS health checker since it is possible for the DNS resolver service to be unavailable even though the host itself is up.

      2. By Lars Hansson (203.65.246.12) lars@unet.net.ph on

        > > Now if it only did UDP and preferably DNS loadbalancing it would be a perfect fit for me.
        > >
        >
        > UDP support will be available, there is no reason not too include it, In what scenario would you want to load balance DNS servers though ?

        My bad, I didnt mean dns content servers (which are naturally load balanced) but dns resolvers. Being able to load balanace DNS would give me a simple way to load balance a large number of resolvers.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]