iRule for redirecting requests

Hi Narendra,

Create pools that you have listed:

default pool members - 192.168.159.133:80 , 192.168.159.134:80

channel pool members - 192.168.159:133:8088 , 192.168.159:134:8088

space pool members - 192.168.159:133:8089 , 192.168.159:134:8089

gateway pool members - 192.168.159:133:8087 , 192.168.159:134:8087

The port translation on the Virtual Server is enabled by default, so you should not have to worry about that.

For the iRule try this:

when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"/api/channel/*" { pool channelpool }
"/api/space/*" { pool spacepool }
"/api/gateway/*" { pool gatewaypool }
default { pool defaultpool }
}
}

That's pretty much how I'd do it. You could do things with the node command and IP ranges and whatnot if you don't want to build the actual pools, but realistically you're probably better off just building the pools and using the pool command like Michael showed above. You'd get a lot better reporting and monitoring that way, and it's a heck of a lot easier. ;)

 

 

Colin

I have tried your above iRule with port translation but requests are being load balanced in round robin fashion for the subsytem pools so if any of the requests go to any other member ip address then our application fails to launch.

 

 

Thanks.

What persistence do you have set on the Virtual Server?

 

 

You could either set some type of persistence to pin the traffic to a specific node per client session, or configure your server pools in an Active / Standby setup using Priority Activation Groups. Doing this will however hold the load on one server at a time (similar to directing traffic to a specific node, but more fault / failure tolerant).

Persistence can be done but again when it can fail we will not know. For suppose if we apply IP based persistence and by chance any other subsystem is selected for that source ip then it will not launch the application.

 

 

Can i not do something like this in F5 that i can get the member's ip address from default_pool which has been selected by LB in round robin. If i get that ip address then i send the subsequent subsystem requests to that ip address only with port specified for each subsystem. Like 192.168.159.133:80 is selected then i will know 192.168.159.133 is the ip address and i will route the requests to this ip only with different ports (8087, 8088 & 8089).

 

 

Sorry if i am wrong here. Thanks.

Hi Narendra,

 

The IP persistence profile does contain several other options such as match across services, match virtual servers or match across pools.

 

 

I hope that helps

 

 

Bhattman

 

 

Thanks Bhattman i will try this approach.

I was to able to achieve the desired result for above scenario with IP Persistence and match across services. Thanks for the help.

Now i want to have an iRule for if any redirect comes from any subsystem service member then all the other subsequent requests of other subsystem services should be moved to other ip address (breaking IP persistence). For say suppose i access the application from port 80 one member is selected from the default pool (i.e. either 192.168.159.133:80 or 192.168.159.134:80). Now if 192.168.159.133:80 is selected subsystem requests will be going to 192.168.159.133:8087,8088 & 8089 with IP persistence and match across profile. Now suppose if 192.168.159:133:8087 subsystem sends a http 307 temporary redirect then the requests of all 192.168.159.133:80, 8088 & 8089 should be moved to new node i.e. like 192.168.159.134:80, 8087, 8088 & 8089 breaking source address affinity.

I have created and iRule like below but it doesn't seems to work.

when CLIENT_ACCEPTED { 
 set retries 0 
}

when HTTP_REQUEST {
set request [HTTP::request]
set uri [HTTP::uri]
switch -glob [string tolower $uri] {
"/api/channel*" { pool channel-pool }
        "/api/space*"   { pool space-pool }
        "/api/gateway*" { pool gateway-pool }
        default { pool default_pool }
  }
}

 when LB_SELECTED { 
   if { $retries > 0 } { 
persist none

switch -glob [string tolower $uri] {

"/api/channel*" { LB::reselect pool channel-pool member 192.168.159.134 8088 }

"/api/space*"   { LB::reselect pool space-pool   member 192.168.159.134 8089 }

"/api/gateway*" { LB::reselect pool gateway-pool member 192.168.159.134 8087 }

default { LB::reselect pool default_pool member 192.168.159.134 80 }

}
  }

} 

 when HTTP_RESPONSE {     
switch [HTTP::status] {
         307 {
incr retries 
persist none
HTTP::retry $request
         }
      }
 }

 

Can anybody help me on the above ?

Thanks.

Anybody?

 

 

Thanks.

What happens when it "doesn't work"? Can you add logging of the selected and connected pool member? You might also want to log when you're reselecting in LB_SELECTED and retrying in HTTP_RESPONSE.

when LB_SELECTED priority 501 {
   log local0. "[IP::client_addr]:[TCP::client_port]: Selected [LB::server]"
}
when SERVER_CONNECTED {
   log local0. "[IP::client_addr]:[TCP::client_port]: Connected [IP::server_addr:[TCP::server_port]"
}

Aaron