Monit and VPNC

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Monit and VPNC

Patrick Baldwin
Hi, I'm experimenting with using VPNC to make a VPN connection to a client network via their Cisco router:  https://linux.die.net/man/8/vpnc

It needs to be at least somewhat reliable, so I'd like to manage it with Monit, but I'm having some challenges with getting it going.  It will start and successfully establish the VPN tunnel when I start it manually, but so far I can't get it to start via Monit.

Here's what I see on the Monit webmin:

Process status

ParameterValue
Namevpnc
Pid file/var/run/vpnc.pid
StatusExecution failed | Does not exist
Monitoring statusMonitored
Monitoring modeactive
On rebootstart
Start program'/home/myers/vpnc-wrapper' timeout 30 s
Stop program'/home/myers/vpnc-wrapper' timeout 30 s
Data collectedWed, 06 May 2020 13:42:11
ExistenceIf doesn't exist then restart


I verified the full path to VPNC:

12$ which vpnc

/usr/sbin/vpnc


Since VPNC doesn't make a pidfile, I created a wrapper script:

-rw-rw-rw-. 1 root  root  246 May  5 18:54 vpnc-wrapper

41$ cat vpnc-wrapper

#!/bin/bash


 case $1 in

    start)

       echo $$ > /var/run/vpnc.pid;

       exec 2>&1 /usr/sbin/vpnc 1>/tmp/vpnc.out

       ;;

     stop)

       kill `cat /var/run/vpnc.pid` ;;

     *)

       echo "usage: vpnc {start|stop}" ;;

 esac

 exit 0



And this is how I'm invoking it from my /etc/monitrc:

check process vpnc with pidfile /var/run/vpnc.pid

       start = "/home/myers/vpnc-wrapper"

       stop = "/home/myers/vpnc-wrapper"



Anyone have any thoughts for where I might be going wrong here?
Reply | Threaded
Open this post in threaded view
|

Re: Monit and VPNC

Szépe Viktor
Idézem/Quoting Patrick Baldwin <[hidden email]>:

> I verified the full path to VPNC:
>
> 12$ which vpnc
>
> /usr/sbin/vpnc
>
> Since VPNC doesn't make a pidfile, I created a wrapper script:

You must have a hard time battling with a nearly one decade-old software.

vpnc has a --pid-file option
see https://svn.unix-ag.uni-kl.de/vpnc/trunk/config.c

"store the pid of background process in <filename>"

If your goal is sustainability you must write a proper  
sysvinit/systemd init file
with process management, logging etc.

See for example https://github.com/mgorny/vpnc

I could help you write a sysvinit script.

All the best to you!


SZÉPE Viktor, webes alkalmazás üzemeltetés / Running your application
https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md
~~~
ügyelet/hotline: +36-20-4242498  [hidden email]  skype: szepe.viktor
Budapest, III. kerület





smime.p7s (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Monit and VPNC

Henning Bopp (boppy)
In reply to this post by Patrick Baldwin
(1) Your wrapper-file is not executable (chmod +x /home/myers/vpnc-wrapper).

(2) You missed to set the required first parameter to the wrapper.

More correct would be:

check process vpnc with pidfile /var/run/vpnc.pid
       start program = "/home/myers/vpnc-wrapper start"
       stop program = "/home/myers/vpnc-wrapper stop"

(3) Even more problematic: You are trying to use monit as process controller, what it isn't (and can't do either).

Your wrapper has to exit after a short amount of time (defaults to 30s). So you need something to control your daemons (or rewrite to your wrapper to send the daemon to background). Just saw that Viktor already answered with some more info, so I don't need to ;)

Yours

Henning


Am Mi., 6. Mai 2020 um 19:45 Uhr schrieb Patrick Baldwin <[hidden email]>:
Hi, I'm experimenting with using VPNC to make a VPN connection to a client network via their Cisco router:  https://linux.die.net/man/8/vpnc

It needs to be at least somewhat reliable, so I'd like to manage it with Monit, but I'm having some challenges with getting it going.  It will start and successfully establish the VPN tunnel when I start it manually, but so far I can't get it to start via Monit.

Here's what I see on the Monit webmin:

Process status

ParameterValue
Namevpnc
Pid file/var/run/vpnc.pid
StatusExecution failed | Does not exist
Monitoring statusMonitored
Monitoring modeactive
On rebootstart
Start program'/home/myers/vpnc-wrapper' timeout 30 s
Stop program'/home/myers/vpnc-wrapper' timeout 30 s
Data collectedWed, 06 May 2020 13:42:11
ExistenceIf doesn't exist then restart


I verified the full path to VPNC:

12$ which vpnc

/usr/sbin/vpnc


Since VPNC doesn't make a pidfile, I created a wrapper script:

-rw-rw-rw-. 1 root  root  246 May  5 18:54 vpnc-wrapper

41$ cat vpnc-wrapper

#!/bin/bash


 case $1 in

    start)

       echo $$ > /var/run/vpnc.pid;

       exec 2>&1 /usr/sbin/vpnc 1>/tmp/vpnc.out

       ;;

     stop)

       kill `cat /var/run/vpnc.pid` ;;

     *)

       echo "usage: vpnc {start|stop}" ;;

 esac

 exit 0



And this is how I'm invoking it from my /etc/monitrc:

check process vpnc with pidfile /var/run/vpnc.pid

       start = "/home/myers/vpnc-wrapper"

       stop = "/home/myers/vpnc-wrapper"



Anyone have any thoughts for where I might be going wrong here?
Reply | Threaded
Open this post in threaded view
|

Re: Monit and VPNC

Szépe Viktor
In reply to this post by Patrick Baldwin
Idézem/Quoting Patrick Baldwin <[hidden email]>:

> And this is how I'm invoking it from my /etc/monitrc:
>
> check process vpnc with pidfile /var/run/vpnc.pid
>
>        start = "/home/myers/vpnc-wrapper"
>
>        stop = "/home/myers/vpnc-wrapper"
>
>
> Anyone have any thoughts for where I might be going wrong here?
BTW the words "stop" and "start" are missing from Monit config.

check process vpnc with pidfile /var/run/vpnc.pid
        start program = "/home/myers/vpnc-wrapper start"
        stop program = "/home/myers/vpnc-wrapper stop"

See https://mmonit.com/monit/documentation/monit.html#SERVICE-METHODS



SZÉPE Viktor, webes alkalmazás üzemeltetés / Running your application
https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md
~~~
ügyelet/hotline: +36-20-4242498  [hidden email]  skype: szepe.viktor
Budapest, III. kerület





smime.p7s (6K) Download Attachment