Agent-Check for Windows Server Service

HADude · October 25, 2021, 9:47am

Hey my Dudes,

Currently i’m facing a little problem with haproxy an adfs.

I would like to check our backend adfs WAP Servers. Therefore is use the /adfs/probe.
Since we you full https / tls, i can not test with an http-check on /adfs/probe.

So i created a little workaround with powershell (invoke-webrequest), local Firewall port 443 on the Server.

If the adfs service is not running, the /adfs/probe site wont be reachable, the skript gets an error and blocks incoming 443 traffic.

On my haproxy i check on tcp port.

Throughout my searches i read about the possibility of using agent-checks.
Buz unfortunatly i dont know how to program or script one agent for windows servers.
Do you guys have some How-To’s / tutorials?

TL;DR
I’m searching for a guide on agent-checks and on how to create an agent for windows servers.

Thanks in advanced
HADude

lukastribus · October 28, 2021, 8:36pm

Hold on, what does “full https” mean, and why do you think you cannot health check with a HTTPS backend?

Please provide your configuration.

Even if you are running transparent TCP mode and passing through SSL as is, you can still make health checks in SSL and actual HTTPS. Refer to check-ssl and httpchk configuration keywords.

Here’s the documentation:
https://cbonte.github.io/haproxy-dconv/2.2/configuration.html#5.2-agent-check

It’s basically an ASCII string returned on a TCP port.

However I don’t think you need that, I think you are unnecessarily over-engineering your setup.

Topic		Replies	Views
Windows Server 2019 AD FS problems Help!	4	2935	April 3, 2020
Check health on backend TLS sites that requires SNI Help!	1	442	June 5, 2020
HAProxy 1.8.14 and ADFS 4.0 Help!	15	6070	October 7, 2019
Http health check with SSL backend Help!	1	5612	October 6, 2016
Do we need any special steps for haproxy(https) forward to backend(https) servers Help!	0	279	December 13, 2020

Agent-Check for Windows Server Service

Related Topics