For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

deangelj's avatar
deangelj
Icon for Nimbostratus rankNimbostratus
Mar 23, 2015

Health monitor for a virtual server using an iRule

Hi,

 

I have a virtual server that essentially uses an iRule to connect at runtime to an external URL. For example, say I'm connecting to an Amazon Web Service called fred.aws.com. In my iRule I do a DNS lookup of fred.aws.com and then connect to the first IP address returned.

 

Now I want a health monitor to know when the connection to fred.aws.com is unavailable. How do I get the monitor to send the GET string to "fred.aws.com"? Is it enough to do this:

 

Send String: GET /health/health.html HTTP/1.1\r\nHost: fred.aws.com\r\nConnection: Close\r\n\r\n

 

thanks

 

6 Replies

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 23, 2015

    Now I want a health monitor to know when the connection to fred.aws.com is unavailable. How do I get the monitor to send the GET string to "fred.aws.com"?

    you do not have fred.aws.com pool, do you? where will you assign the monitor to?

    although, you can create dummy pool and assign the monitor to, you need static ip for fred.aws.com pool member unless you use node fqdn which is introduced in 11.6.0 (so, you do not need your current irule logic which resolves fqdn on-the-fly).

    Populate pools by FQDN

This release includes the ability to configure a BIG-IP system with nodes and pool members that are identified with fully-qualified domain names (FQDNs). When configuring pool members with FQDN, addresses dynamically follow DNS changes. Fully dynamic DNS-managed pools may even be created.

    Release Note: BIG-IP LTM and TMOS 11.6.0

    https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-6-0.html
  • deangelj's avatar
    deangelj
    Icon for Nimbostratus rankNimbostratus
    Mar 23, 2015

    Ok - I see your point... thanks.

     

    Perhaps I can use another method... I have a GTM wide-ip that client systems use to connect to the VIP. Perhaps I could add the health monitor to the GTM pool?

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 24, 2015

    I have a GTM wide-ip that client systems use to connect to the VIP. Perhaps I could add the health monitor to the GTM pool?

     

    how does gtm get the same ip of fred.aws.com as ltm?

     

    couldn't it be easier to use LB_FAILED event or check response status using HTTP::status on ltm?

     

  • deangelj's avatar
    deangelj
    Icon for Nimbostratus rankNimbostratus
    Mar 24, 2015

    Wouldn't the GTM health monitor use the VIP's iRule to check the health? (as you can see I'm still learning about F5 technology!)...

     

    The issue with checking the response status in the iRule (which I do already) is that I'd like to be pro-active with knowing when the service is down.

     

    thanks again for your help.

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Mar 24, 2015

    Wouldn't the GTM health monitor use the VIP's iRule to check the health? (as you can see I'm still learning about F5 technology!)...

     

    i am not much familiar with gtm but i do not think so.

     

  • deangelj's avatar
    deangelj
    Icon for Nimbostratus rankNimbostratus
    Sep 17, 2015

    Solved this one by creating a virtual server in front of the one with the irule. This vsrv's pool has one member, the one with the irule. In the first vsrv's pool, I added a health monitor to do the http GET. Works well!