For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

wesweber_98132's avatar
wesweber_98132
Icon for Nimbostratus rankNimbostratus
Sep 12, 2013

How to Force Failover to Second Node

I have a VIP with an irule that reads the destination port and forwards the traffic to the appropriate pool. if the traffice is going to port 80 then use pool1, if traffic is going to 8081, then use pool2 and if the traffic is going to 873, use pool3. All three pools have node1 and node2 as members. In pool1 both nodes are monitored with a custom monitor that looks at a html file that returns a text string.

 

What I need is a way to failover node1 to node2 in all pools when the custom monitor marks the node1 down.

 

Any ideas would be great.

 

6 Replies

  • JG's avatar
    JG
    Icon for Cumulonimbus rankCumulonimbus
    Sep 12, 2013

    An external monitor can be used to monitor anything, and does not have to monitor the pool member it is attached to. In other words, you can apply a monitor for pool2 and pool3 that actually does the same thing as the monitor for pool1; you may actually be able to use the same monitor of pool1, depending on how you script it.

     

  • StephanManthey's avatar
    StephanManthey
    Icon for Nacreous rankNacreous
    Sep 12, 2013

    You may also create port specific monitors (alias port definition) and assign them on node level. By default the 'availability requirements' is set to 'all'. So if one monitor fails, the node will be marked down. The node acts as parent object in all pools and you will observe a failover to node. 

    [root@bigip_a11:Active:Disconnected] config  tmsh modify cli global-settings service number
[root@bigip_a11:Active:Disconnected] config  tmsh list ltm monitor http monitor_port_80
ltm monitor http monitor_port_80 {
    defaults-from http
    destination *:80
    interval 5
    send "GET /\\r\\n"
    time-until-up 0
    timeout 16
}
[root@bigip_a11:Active:Disconnected] config  tmsh list ltm monitor http monitor_port_8081
ltm monitor http monitor_port_8081 {
    defaults-from http
    destination *:8081
    interval 5
    send "GET /\\r\\n"
    time-until-up 0
    timeout 16
}
[root@bigip_a11:Active:Disconnected] config  tmsh list ltm monitor http monitor_port_873
ltm monitor http monitor_port_873 {
    defaults-from http
    destination *:873
    interval 5
    send "GET /\\r\\n"
    time-until-up 0
    timeout 16
}
[root@bigip_a11:Active:Disconnected] config  tmsh list ltm node node25
ltm node node25 {
    address 10.131.131.25
    monitor monitor_port_80 and monitor_port_8081 and monitor_port_873
    session monitor-enabled
    state checking
}

    Are you looking for a pure HA setup?

    I.e. all traffic is generally balanced to one node only, sticks there and reselection only applies if it fails and from now everything should stick to the alternative node?

    In this case you can use priorities and combine it with 'destination address affinity'.

    Even if this sounds a bit odd, but it works fine. The persistence table will show a single entry with target of virtual IP and selected poolmember. In case of reselection this single entry changes accordingly.
  • wesweber_98132's avatar
    wesweber_98132
    Icon for Nimbostratus rankNimbostratus
    Sep 13, 2013

    The HA is only for the nodes. I can add a pre-defined http monitor to a node, but can I add a custom monitor that looks for output from a URI on port 80 to a node? Haven't been able to do that in the GUI.

     

  • wesweber_98132's avatar
    wesweber_98132
    Icon for Nimbostratus rankNimbostratus
    Sep 13, 2013

    After playing with this all day, I've made no progress. The docs say you can create a custom monitor and apply to a node. Then if the node is in mulitple pools and the monitor marks the node as down, it's show as down in all the pools. The monitor I created is a http type and is doing a GET /rotation.html\r\n and looking for a text string, "PONG!". The monitor is in the same partition as the node. When I try to add the monitor to the node it's not in the list, the list only contains what looks like default monitors in the common partition. This is all being done in the GUI. So do I need to do this from the cli like the second reponse to the initial post implies?

     

    • JG's avatar
      JG
      Icon for Cumulonimbus rankCumulonimbus
      Sep 13, 2013
      Can't tell if the monitor is really not applied. But did you test your monitor with a command line tool, such as curl or telnet? Some Web servers will not work if protocol version is missing. So the send string should be "GET /rotation.html HTTP/1.0\r\n\r\n" instead. Apply this on the pool level first and edit the file to make sure it works at all.
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Sep 14, 2013

    +1 for Stephen's answer. When you create the monitor you must give it an alias port to be able to use it at the node level. The condition of the the monitor for that node will therefore affect every pool that the node is in.