Forum Discussion

jonathan_106468's avatar
jonathan_106468
Icon for Nimbostratus rankNimbostratus
Feb 16, 2010

External Commands thru iRules

Good Morning,

 

 

I have a small question on the usage of iRules in GTM.

 

 

What we want to achieve is that if an Active Pool Member in GTM is unavailable and GTM tries to switch to the secondary pool, I would like to execute some unix commands on a remote server (being monitored by LTM) and then enable all traffic to be directed to the new pool member.

 

 

i.e

 

Steps

 

1. GTM sending traffic to 1 pool member (Active Site)

 

2. GTM detects that Pool member is unavailable

 

3. GTM starting to try the Standby Pool Member but before it sends traffic it does the following

 

a. Login to the remote Application server (being monitored by LTM)

 

b. Run a Unix command on the remote Application server

 

4. GTM starts sending traffic to the new Pool Member (previously Standby) when the Unix command results in a Success.

 

 

According to my research, I was hoping to achieve this by using iRules (using LB_FAILED API)

 

when LB_FAILED

 

{

 

execute Unix command on Remote Server

 

pool New-Pool (Previously Standby)

 

 

}

 

 

 

Do you think this will work?

 

Which API enables executing remote commands?

 

 

Thanks for your help.

 

 

Jon

 

application delivery
dev
devops
iRules

2 Replies

  • The_Bhattman's avatar
    The_Bhattman
    Icon for Nimbostratus rankNimbostratus
    Feb 17, 2010
    Hi Jon,

     

    The one thing you can't do is run unix commands through an iRule. However, what you asked can be possible triggered by a custom monitor. The custom script woud monitor the Active Pool members and upon discovering it's unavailable it would log into the remote APP server and run a command and once that is done it would would then officially report back the system is down thereby informing the GTM to fail over.

     

     

    For example let's say the the GTM is monitoring a vip connected to a pool on the LTM in active site and monitoring a vip on site B (Passive). The LTM is using a custom monitor to check say DNS on the pool members

     

     

    The script would look something like the following:

     

     

     
 !/bin/sh 
  these arguments supplied automatically for all external monitors: 
  $1 = IP (nnn.nnn.nnn.nnn notation or hostname) 
  $2 = port (decimal, host byte order) -- not used in this monitor, assumes default port 53 
  $3 = name to be looked up 
  $4 = string in expected response 
  
 node_ip=`echo $1 | sed 's/::ffff://'` 
  
 pidfile="/var/run/`basename $0`.$node_ip..$2.pid" 
 if [ -f $pidfile ] 
 then 
    kill -9 `cat $pidfile` > /dev/null 2>&1 
 fi 
 echo "$$" > $pidfile 
  
 dig @${node_ip} ${3} | egrep -v '^$|^;' | grep ${4} > /dev/null 2>&1 
  
  For AAAA lookups, use this instead 
  dig @${node_ip} ${3} AAAA| egrep -v '^$|^;' | grep ${4} > /dev/null 2>&1 
  
 status=$? 
 if [ $status -eq 0 ] 
 then 
     echo "UP" 
 else  
  here is the code that would remotely log in and execute the unix command 
 fi  
  
 rm -f $pidfile

     

     

    What would happen is that if the script failed it would first run the remote command before reporting back to the GTM to fail over to the standby system

     

     

    Of course this is all theory so you are definitely going to need to test it

     

     

    I hope this helps

     

     

    Bhattman

     

  • Techgeeeg's avatar
    Techgeeeg
    Icon for Nimbostratus rankNimbostratus
    Oct 21, 2014

    Hi Bhattman,

     

    I have a similar requirement but I need to understand the above code can you pls give some input as to what each line of code is doing here?? I already have a monitor in place and I need to execute the commands on remote machine if the monitor fails.

     

    Regards,