best way to check amazon ec2 instance's availability
list Deepak Deore
As ec2 instances by default doesn't respond icmp and I dont want to enable
icmp and ssh access to xymon server, what could be the best way to check
the instance's availability.
Currently in my env i m doing following to check the availability:
1. Created server ext script which connects to bastion host and from there
it checks the ssh connection to the server.
ssh -n bastion_host "nc -w 5 -vz ec2_instance 22" 2>&1
if [ $? -eq 0 ]; then
COLOR=green
else
COLOR=red
fi
2. hosts.conf has "1.2.3.4 ec2_instance # noconn ext_script ...."
It works well but it has single point of failure i.e. if bastion host has
some problem then all the instances will start alerting.
The other thing in my mind is use amazon api for checking server status.
Anybody has any suggestion here?
list Thomas Vachon
We opened ICMP echo, but if you don't want to do that, you can monitor the monitor from some place else. You could also poll the api but they are horribly slow, so use the new python cli tools unless you are polling naively. My only problem with the API's is they are "eventually consistent" at best and if they have nay issues, you get tons of pages. You could also maybe ttim down your purple time and use that as the check of up/down, or use another remote check like http? -- Thomas Vachon user-bd0daa6991dc@xymon.invalid
▸
On Fri, Nov 1, 2013 at 7:49 AM, deepak deore <user-7b03b2a1ee70@xymon.invalid>wrote:
As ec2 instances by default doesn't respond icmp and I dont want to enable
icmp and ssh access to xymon server, what could be the best way to check
the instance's availability.
Currently in my env i m doing following to check the availability:
1. Created server ext script which connects to bastion host and from there
it checks the ssh connection to the server.
ssh -n bastion_host "nc -w 5 -vz ec2_instance 22" 2>&1
if [ $? -eq 0 ]; then
COLOR=green
else
COLOR=red
fi
2. hosts.conf has "1.2.3.4 ec2_instance # noconn ext_script ...."
It works well but it has single point of failure i.e. if bastion host has
some problem then all the instances will start alerting.
The other thing in my mind is use amazon api for checking server status.
Anybody has any suggestion here?
list Jeremy Laidman
▸
On Nov 1, 2013 10:50 PM, "deepak deore" <user-7b03b2a1ee70@xymon.invalid> wrote:
As ec2 instances by default doesn't respond icmp and I dont want to enable icmp and ssh access to xymon server, what could be the best way to check the instance's availability.
Can you attempt a connection on an unused port (eg 443 or 25) and see if you get an "ICMP port unavailable" message indicated by a "connection refused" result in netcat? That should be as effective as a ping.
▸
Currently in my env i m doing following to check the availability:
1. Created server ext script which connects to bastion host and from
there it checks the ssh connection to the server.
ssh -n bastion_host "nc -w 5 -vz ec2_instance 22" 2>&1
if [ $? -eq 0 ]; then
COLOR=green
else
COLOR=red
fiPerhaps if the ssh fails to connect to the bastion you can set the color to "clear", and just make sure you bastion host is monitored. J
list Deepak Deore
Great! will implement the solution to set the color to green if bastion host is not available. BTW .... all the hosts i m monitoring are inside amazon vpc and xymon is outside of vpc. So xymon cant reach to the clients, it has to go through bastion host, so i cant do the netcat to any clients other than bastion.
▸
On Fri, Nov 1, 2013 at 8:44 PM, Jeremy Laidman <user-71895fb2e44c@xymon.invalid>wrote:
On Nov 1, 2013 10:50 PM, "deepak deore" <user-7b03b2a1ee70@xymon.invalid> wrote:As ec2 instances by default doesn't respond icmp and I dont want to enable icmp and ssh access to xymon server, what could be the best way to check the instance's availability.Can you attempt a connection on an unused port (eg 443 or 25) and see if you get an "ICMP port unavailable" message indicated by a "connection refused" result in netcat? That should be as effective as a ping.Currently in my env i m doing following to check the availability: 1. Created server ext script which connects to bastion host and from there it checks the ssh connection to the server. ssh -n bastion_host "nc -w 5 -vz ec2_instance 22" 2>&1 if [ $? -eq 0 ]; then COLOR=green else COLOR=red fiPerhaps if the ssh fails to connect to the bastion you can set the color to "clear", and just make sure you bastion host is monitored. J