Forum Discussion

ChetanAr_315803's avatar
Mar 28, 2019

Changing member priority in GTM using i-rule

Hi, We have a requirement of changing the pool member priority in GTM for global availability based on the status of pool member of another pool. How can we accomplish it? We can check the active_members status of the pool but what command can be used to change the priority of pool in question? We are currently running 11.6.0 version

 

  • Hi

     

    Could you please clarify what you want to achieve ? the pools you are talking about are wideip pool or regular ltm pool ? why do you want to change the priority since you'are using the Global availability lb method?

     

    many thanks,

     

    • ChetanAr_315803's avatar
      ChetanAr_315803
      Icon for Cirrus rankCirrus

      We want to monitor public WAF of our AWS environment covering primarily two use cases: 1) To shift traffic on backup cname of WAF in case any bug hits set of primary ones (as they are running in sync, so entire set will be gone in case of bug) 2) To check traffic in staggered way (10, 20 and so on...)once patching is done in order to check if everything is fine with the new patch. To acheive it, we have added the cname as LTM pool member and mapped the same in GTM and applied the i-rule as below:

       

      when DNS_REQUEST { if {[active_members <primary waf pool name>] >= 1}{ cname "<primary waf name>" } else { cname "<backup-waf name>" } }

       

      It is helpful for 1 but we are still figuring out the way for 2. One option which we could think of is changing the ratio in 'Ratio' LB method through i-rule (Any idea if this is achiveable?) Priority one is not required anymore as 1 is achieved :-)

       

  • Karim's avatar
    Karim
    Icon for Cirrostratus rankCirrostratus

    Hi

     

    Could you please clarify what you want to achieve ? the pools you are talking about are wideip pool or regular ltm pool ? why do you want to change the priority since you'are using the Global availability lb method?

     

    many thanks,

     

    • We want to monitor public WAF of our AWS environment covering primarily two use cases: 1) To shift traffic on backup cname of WAF in case any bug hits set of primary ones (as they are running in sync, so entire set will be gone in case of bug) 2) To check traffic in staggered way (10, 20 and so on...)once patching is done in order to check if everything is fine with the new patch. To acheive it, we have added the cname as LTM pool member and mapped the same in GTM and applied the i-rule as below:

       

      when DNS_REQUEST { if {[active_members <primary waf pool name>] >= 1}{ cname "<primary waf name>" } else { cname "<backup-waf name>" } }

       

      It is helpful for 1 but we are still figuring out the way for 2. One option which we could think of is changing the ratio in 'Ratio' LB method through i-rule (Any idea if this is achiveable?) Priority one is not required anymore as 1 is achieved :-)

       

  • You can use a command in user_alert.conf to do when the status of the member change you execute a command to change the other.

    For example, I did this to delete all connections when a failover occurs (particularity of an environment that uses MBLB)

    alert local-FAILOVER "010c0052:5: Standby for traffic group /Common/traffic-group-1" {    
        exec command="tmsh delete sys connection all"
    }