Forum Discussion

visi10_150385's avatar
visi10_150385
Icon for Nimbostratus rankNimbostratus
Apr 09, 2014

Forwarded health check

Hi All,

 

I have application configured in the way: Users -> f5 -> server[1,2]_apache -> server[1,2]_app . On load balancer there is pool with nodes:

 

server1_apache:port

 

server2_apache:port

 

There is standard http monitor assigned to the pool. The server_apache is doing only forwarding of requests. Nodes cannot be changed to server_app due some firewall settings. It makes some issues, in a case that application is down the apache still works fine and requests are send to not working application server.

 

Is it possible to setup monitor for the pool that it will check server_app through server_apache? For example check could monitor http response from server1_apache:port/app_page which will return data from server_app.

 

Thanks

 

application delivery
application health monitoring
LTM
management
  • Cory_50405's avatar
    Cory_50405
    Apr 10, 2014

    If there's some content on server1_apache:port/app_page that can be used to determine the health of the application server, then this could be done. So for example if you setup a page on your app server as /app_page/health and populate it with something that accurately reflects the health of your application, then you could use an HTTP monitor to run a GET /app_page/health and set an appropriate receive string.

     

  • jgranieri's avatar
    jgranieri
    Icon for Nimbostratus rankNimbostratus
    Apr 09, 2014

    If I understand this correctly you will want to setup an additional monitor for the App server directly and then apply this to the pool member. so basically you perform your http check against apache server and also perform a app healthcheck against the app server and have these two healthchecks required for the apache node to be marked up.

     

    this way even is apache is up but your app is down the F5 will mark the apache server down due to the Healtcheck requirement that both monitors be successful.

     

  • visi10_150385's avatar
    visi10_150385
    Icon for Nimbostratus rankNimbostratus
    Apr 09, 2014

    Hi, this is not a solution. I can not access the app server directly( firewall).

     

  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    Apr 09, 2014

    Sounds like you have two real options:

     

    1. Modify firewall rules to permit health checking from your LTM to the app server(s).
    2. Institute some type of health checking between your Apache tier and your application server tier.

    If the LTM can't directly query your application servers, then it isn't going to be able to do so through the Apache servers without an external monitor that logs into your Apache servers and then initiates some kind of test communication from there to your application servers. Just thinking out loud, but this may not even be feasible. Seems like both options one and two above would be easier approaches.

     

  • visi10_150385's avatar
    visi10_150385
    Icon for Nimbostratus rankNimbostratus
    Apr 10, 2014

    Hi, it dose not look good for me :(. To be sure, it means that there is no option to setup monitor against:

     

    server1_apache:port/app_page

     

    The app_page is accesable by users via LTM.

     

  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    Apr 10, 2014

    If there's some content on server1_apache:port/app_page that can be used to determine the health of the application server, then this could be done. So for example if you setup a page on your app server as /app_page/health and populate it with something that accurately reflects the health of your application, then you could use an HTTP monitor to run a GET /app_page/health and set an appropriate receive string.