1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
|
conn-check
==========
conn-check allows for checking connectivity with external services.
You can write a config file that defines services that you need to
have access to, and conn-check will check connectivity with each.
It supports various types of services, all of which allow for
basic network checks, but some allow for confirming credentials
work also.
Configuration
-------------
The configuration is done via a yaml file. The file defines a list
of checks to do::
- type: tcp
host: localhost
port: 80
- type: tls
host: localhost
port: 443
disable_tls_verification: false
Each check defines a type, and then options as appropriate for that type.
Check Types
-----------
tcp
```
A simple tcp connectivity check.
host
The host.
port
The port.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
tls
```
A check that uses TLS (`ssl` is a deprecated alias for this type).
host
The host.
port
The port.
disable_tls_verification
Optional flag to disable verification of TLS certs and handshake. Default:
false.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
udp
```
Check that sending a specific UDP packet gets a specific response.
host
The host.
port
The port.
send
The string to send.
expect
The string to expect in the response.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
http
````
Check that a HTTP/HTTPS request succeeds (`https` also works).
url
The URL to fetch.
method
Optional HTTP method to use. Default: "GET".
expected_code
Optional status code that defines success. Default: 200.
proxy_url
Optional HTTP/HTTPS proxy URL to connect via, including protocol,
if set proxy_{host,port} are ignored.
proxy_host
Optional HTTP/HTTPS proxy to connect via.
proxy_port
Optional port to use with ``proxy_host``. Default: 8000.
headers:
Optional headers to send, as a dict of key-values. Multiple values can be
given as a list/tuple of lists/tuples, e.g.:
``[('foo', 'bar'), ('foo', 'baz')]``
body:
Optional raw request body string to send.
disable_tls_verification:
Optional flag to disable verification of TLS certs and handshake. Default:
false.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
allow_redirects
Optional flag to Follow 30x redirects. Default: false.
params
Optional dict of params to URL encode and pass in the querystring.
cookies
Optional dict of cookies to pass in the request headers.
auth
Optional `basic HTTP auth <https://en.wikipedia.org/wiki/Basic_access_authentication>`_
credentials, as a tuple/list: ``(username, password)``.
digest_auth
Optional `digest HTTP auth <https://en.wikipedia.org/wiki/Digest_access_authentication>`_
credentials, as a tuple/list: ``(username, password)``.
amqp
````
Check that an AMQP server can be authenticated against.
host
The host.
port
The port.
username
The username to authenticate with.
password
The password to authenticate with.
use_tls
Optional flag whether to connect with TLS. Default: true.
vhost
Optional vhost name to connect to. Default '/'.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
postgres
````````
Check that a PostgreSQL db can be authenticated against (`postgresql` also works).
host
The host.
port
The port.
username
The username to authenticate with.
password
The password to authenticate with.
database
The database to connect to.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
redis
`````
Check that a redis server is present, optionally checking authentication.
host
The host.
port
The port.
password
Optional password to authenticatie with.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
memcache
````````
Check that a memcached server is present (`memcached` also works).
host
The host.
port
The port.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
mongodb
```````
Check that a MongoDB server is present (`mongo` also works).
host
The host.
port
Optional port. Default: 27017.
username
Optional username to authenticate with.
password
Optional password to authenticate with.
database
Optional database name to connect to, if not set the ``test`` database will be used,
if this database does not exist (or is not available to the user) you will need to
provide a database name.
timeout
Optional connection timeout in seconds. Default: 10 (or value from ``--connect-timeout``).
Tags
----
Every check type also supports a ``tags`` field, which is a list of tags that
can be used with the ``--include-tags`` and ``--exclude-tags`` arguments to conn-check.
Example YAML::
- type: http
url: http://google.com/
tags:
- external
To run just "external" checks::
conn-check --include-tags=external ...
To run all the checks *except* external::
conn-check --exclude-tags=external
Buffered/Ordered output
-----------------------
conn-check normally executes with output to ``STDOUT`` buffered so that the output can be ordered,
with failed checks being printed first, grouping by destination etc.
If you'd rather see results as they available you can use the ``-U``/``--unbuffered-output`` option
to disable buffering.
Building wheels
---------------
To allow for easier/more portable distribution of this tool you can build
conn-check and all it's dependencies as `Python wheels <http://legacy.python.org/dev/peps/pep-0427/>`_::
make clean-wheels
make build-wheels
make build-wheels-extra EXTRA=amqp
make build-wheels-extra EXTRA=redis
The `build-wheels` make target will build conn-check and it's base
dependencies, but to include the optional extra dependencies for other
checks such as amqp, redis or postgres you need to use the
`build-wheels-extra` target with the `EXTRA` env value.
By default all the wheels will be placed in `./wheels`.
Automatically generating conn-check YAML configurations
-------------------------------------------------------
The `conn-check-configs <https://pypi.python.org/pypi/conn-check-configs>`_ package contains utilities/libraries
for generating checks from existing application configurations and environments, e.g. from Django settings modules
and Juju environments.
|