BIG-IP : iControl LocalLBDataGroupFile.set_local_path()

Question

F5 BIG-IP LTM VE v11.4.0 on ESXi
iControl re-cache data-group operation : LocalLBDataGroupFile.set_local_path()
For a live prod BIG-IP cluster with a VIP iRule that is actively reading data from the data-group , is the above considered a risky operation ?  
e.g. attempt live-swap of data-group's data-file, fails due to locks or other systems-level issues, data-group now unavailable to iRule 
I've attempted live-update of a data-file's contents via BIG-IP browser admin ( copy/paste new contents and click “Update” ) and seen the corresponding data-group become unavailable to the iRule. The paranoid approach is to create a new data-group/file and a copy of the iRule modified to point to this new data-group , and then in the VIP’s iRule list swap old/new iRules – so that never actually update a “live” data-group.
So now I am concerned about performing similar operation via iControl LocalLBDataGroupFile.set_local_path() –- although apparently this API is not actually live-updating a cached data-file but rather re-pointing data-group to a new cached data-file ?

kevin_davies_40 · Answer

"...seen the corresponding data-group become unavailable to the iRule."&nbsp;
Really? Thats very surprising. Adding entries to a datagroup from the GUI should never take it offline.&nbsp;
"eg. attempt live-swap of data-group's data-file..."&nbsp;
Why would you need to do this? The F5 has a running config and a stored config. When you update a datagroup which points to a file you only need to update the file, then perform a config load to have that new files contents loaded into memory. It is also indexed at this time.&nbsp;

baltostar_12467 · Answer

Thanks for the response Kevin.
Please note that I am on BIG-IP v11. The data-group mechanisms you describe I believe apply to pre-v11.
New to v11, the operation LocalLBDataGroupFile.set_local_path() immediately reloads &amp; recaches an external data-group with the contents of the supplied data-file -- there's no need to trigger BIG-IP to reload its config.
It is not recommended to directly update the local data-files BIG-IP self-maintains for each external data-group ( if you could even locate the file currently being used ).  On create/update of an external data-group, BIG-IP auto-creates a new persistent data-file stored in a special directory. This data-file's name is constructed as the data-group name appended with a unique identifier and revision index to track history of changes.
My concerns are that on reload/recache of very large data-sets ( 1M+ rows ) something goes wrong and the data-group becomes unavailable to those iRules that reference it.

Forum Discussion

BIG-IP : iControl LocalLBDataGroupFile.set_local_path()

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

Automating Packet Captures on BIG-IP

Re: Welcome to the F5 BIG-IP Migration Assistant

Re: Mitigating OWASP API Security risks using BIG-IP

Ansible module to update BIG-IP root/admin passwords

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS