Forum Discussion
NimbostratusiRule queries in iCall scripts?
Starting with iCall and finding the documentation quite sparse. Can anyone tell me if iRule queries like "DNS::query" be used in iCall scipts?
If there is documentation regarding what iCall supports and in what format, please point me in the right direction. The Wiki tries to explain what iCall is but doesn't go into any detail. I have seen some of the code samples, none of the few smaller ones that I saw were of any help to me.
4 Replies
- boneyard
MVP
i recently heard that this is the best / only help out there (they also agreed documentation is quite lite still):
tmsh help sys icallhopefully you will be able to find it, else just try and report back π
what is the end goal? You might be able to make a restlike API with the vip where you could pass data from the iRule to an iCall script if the iCall script used exec to call the curl executable. Seems risky though, so perhaps if you can share what the goals are, we might be able to help with an alternative approach.
dmgeurts_23541JRahm, The end goal is to take action on the content of a DNS Express zone. We have anycast listeners that are up no matter the zone content. The desired behaviour is for the listeners to remain down (no tmm route) until the zone has managed a successful XFR.
The problem with iRules is that I'd like the code to run periodically, instead of traffic based. Icall can run periodically. Rather than looking at exact DNS queries I've explored the possibility of retrieving the number of records in a zone via tmsh::get_field, this works reliably and removes external triggers.
- dmgeurts_23541
For posterity sake. In TMOS 11.6.1 tmsh::get_field_value only shows specific resource record counts when the zone is populated, the total number of records is always shown via "db-rrs".
tmsh::get_field_value $obj "db-rrs"
Issuing show /ltm dns zone field-fmt shows the fields that are avaulable to get_field_value:
show /ltm dns zone field-fmt ... db-rrs 18 ... type-cnt.0.cnt 13 type-cnt.0.type A type-cnt.1.cnt 7 type-cnt.1.type NAPTR type-cnt.2.cnt 2 type-cnt.2.type NS type-cnt.3.cnt 1 type-cnt.3.type SOA type-cnt.4.cnt 1 type-cnt.4.type SRVThe type-cnt fields vary per zone and thus in coding it's important to find the right field first. I initially rewrote my code to compare db-rrs to a threshold, on the principle that if a zone is populated it must have more than 2 records (the standard two name-servers). I know that there are other options but did not want to do sideband or add extra VIPs etc. This worked for me, ymmv.
I then added more in depth checking on record types, this is how I retrieve the counters:
Clear index and counters set idx 0; set num_a_rec 0; set num_naptr_rec 0; set num_ns_rec 0; set num_soa_rec 0; set num_srv_rec 0 Find fields containing record counters while {[catch {tmsh::get_field_value $obj "type-cnt.${idx}.type"} rtype] == 0} { if { $rtype == "A" } { set num_a_rec [tmsh::get_field_value $obj "type-cnt.${idx}.cnt"] } elseif { $rtype == "NAPTR" } { set num_naptr_rec [tmsh::get_field_value $obj "type-cnt.${idx}.cnt"] } elseif { $rtype == "NS" } { set num_ns_rec [tmsh::get_field_value $obj "type-cnt.${idx}.cnt"] } elseif { $rtype == "SOA" } { set num_soa_rec [tmsh::get_field_value $obj "type-cnt.${idx}.cnt"] } elseif { $rtype == "SRV" } { set num_srv_rec [tmsh::get_field_value $obj "type-cnt.${idx}.cnt"] } incr idx }Also I changed to iCall which is best suited to running a script at a regular interval. It's powerful but has it's own limitations. Not all things irule are supported (tables for one) and I encountered a bug (proc can't be used in an iCall script on 11.6.1 - fixed in 12.0 apparently).
