Forum Discussion
NimbostratusFetching content from external source
NimbostratusWe route requests to destination servers based upon a value they have in an LDAP server. In order to do this with F5, we created a lookup script which will return the pertinent values in a header. The iRule then parses this header and will route based upon which application the web service is intended for. Upon testing it, we figured out that the default HTTP:retry was not sending the original payload. In order to fix this, we had to append the original payload to the original headers. I have pasted the iRule below, has anyone else seen this issue or know of another way to get around it?
when CLIENT_ACCEPTED {
set flag to control logical flow. 1 means lookup is pending.
set lookup 1
}
when HTTP_REQUEST {
HTTP::version "1.0"
set param "ID"
set search_string "Portal"
set default_pod "p_webservice_default"
if {$lookup eq 1} {
set OID [HTTP::header $ID]
if {OID ne "" } {
log local0. "LookUp Log: ID found: $OID"
save the payload, trigger collection for up to 1MB of data
if {[HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] <= 1048576}{
set content_length [HTTP::header "Content-Length"]
} else {
decide what to do here, throw soap fault maybe?
drop
}
Check if $content_length has been set and is not set to 0
if { [info exists content_length] && $content_length > 0} {
HTTP::collect $content_length
}
save original request headers
set origRequest [HTTP::request]
log local0. "LookUp Log: Original Request is: $origRequest"
HTTP::header replace "ID" $OID
inject lookup URI in place of original request
HTTP::uri "/lookup.php"
Route to the lookup service
node x.x.x.x 80
}
} else {
try to route to appropriate pod
if {![catch {pool p_webservice_$resolved_pod}]} {
log local0. "Web Service Log: Routing finally to p_webservice_$resolved_pod"
} else {
let the request go to default pod
log local0. "Web Service Log: Routing to default pod (reason was $resolved_pod)"
pool $default_pod
}
}
}
when HTTP_REQUEST_DATA {
if {($lookup eq 1) and ($OID ne "")}{
save the payload
set originalPayload [HTTP::payload]
HTTP::release
}
}
when HTTP_RESPONSE {
HTTP::version "1.0"
if {($lookup eq 1) and ($OID ne "") }{
set lookup 0
log local0. "LookUp Log: Response from lookup received, LBGroup: [HTTP::header LBGroup], OID: [HTTP::header OID_Sent]"
set full_header [HTTP::header LBGroup]
switch -glob $full_header {
"ERROR" {
ERROR CONDITIONS AND RESPONSES
}
default {
set resolved_pod [findstr $full_header $search_string 11 ";"]
log local0. "LookUp Log: Routing to resolved pod: $resolved_pod, and length is [string length $resolved_pod]"
Make sure this OrgOID has a POD for this product ($search string)
if {[string length $resolved_pod] > 0} {
verify pool exists and has members
if {![catch [pool p_webservice_$resolved_pod]]}{
Retry with the original request
log local0. "LookUp before retry Log: Original Payload is: $originalPayload"
append origRequest $originalPayload
log local0. "LookUp before retry Log: Request + Payload is: $origRequest"
HTTP::retry $origRequest
} else {
POD is invalid or was not defined in F5 pools
log local0. "Lookup Log Critical Error PODNOTFOUNDINF5: OrgID is $ADP_ORGOID has a valid RG $resolved_pod with no F5 pool defined"
set soapFaultPodNotFound "Inv...de>Invalid Resource GroupLDAP Search failedWeb Tier F5 Gateway"
HTTP::header replace "Content-Type" "text/xml"
HTTP::payload replace 0 [HTTP::header value Content-Length] $soapFaultPodNotFound
}
} else {
this is odd ball case where lookup would not return a pod or know error code
review if we need it or we can reject request here
set resolved_pod "INVALIDCODE"
append origRequest $originalPayload
HTTP::retry $origRequest
}
}
}
}
}
when HTTP_RESPONSE_DATA {
set lookup 0
}
when LB_SELECTED {
log local0. "*** Web Service Log: Selected [LB::server name]:[LB::server port]"
}
