enabling/disabling maintenance page IRULE remotely from browser or Script without having to login to the LTM

A couple of other options for allowing the server admins to control which pool members receive connections (from a related post):

 

 

http://devcentral.f5.com/Default.aspx?tabid=53&view=topic&postid=1168252&ptarget=1145129

 

 

You could configure a monitor that checks each server for a specific page and content within that page. When the server admins want to take a server down, they could change or remove the page being monitored, reboot the member, wait for the services to come up fully and then restore the monitor page. The downside to this approach is that when they change/rename the monitor page, all existing sessions will be broken.

 

 

If you did want to do this with connections drained off gracefully, you could create a simple iControl-based script run from the pool member(s) themselves that disables the node, checks for no connections to the node, reboots, and then re-enables itself in the pool once it's services have come up. The mechanism for disabling a pool member should be fairly simple with iControl.

 

 

There are a few related examples in the iControl Codeshare:

 

http://devcentral.f5.com/wiki/default.aspx/iControl.CodeShare

 

 

If you did opt for the maintenance iRule, it would be ideal to restrict access to the "admin" functions of the rule using source IP addresses. You could do this by creating an address datagroup containing the allowed client IP addresses and then checking in the iRule to see if the client IP is a member of the admin datagroup before taking any action.

 

 

Aaron