Forum Discussion
CirrusiRule send CPU utilization to 100%
We are running a Bigip LTM v11.4.1 (build 647 hf4).
I created an irule (shown below) to put up a system down page for one of my VIP's where the pool members were going to be down for some time. I understand that I can use a fallback host in my http profile, but I thought it would be quicker to have the irule create the page.
After I assigned the irule to the VIP, I tested and it worked. However, within about a minute or so, the CPU on the F5 shot up to 100%. The F5 Web interface was not responsive at this point and it failed over to the standby. It continued to failover to the primary and back to the standby many times. It stood that way until I went in through SSH and modified the bigip.conf file and removed the irule from the VIP.
The VIP is an HTTPS VIP with oneconnect, wan-optimized-compression, webacceleration and spdy profiles configured under "Acceleration". I list these settings because this is the only VIP (in our environment) that has these settings enabled. I don't understand enough about these settings to know if they are the culprit, but I'm hoping someone can help me to find the cause.
- Can someone take a look at the irule below and let me know what I did wrong?
- Can someone tell me if one of the profiles I listed above are to blame?
- Am I correct in thinking that the irule would put up the web page before any traffic was sent to any of the pool members? If this irule was to work right and was assigned to the VIP, would the pool members see any traffic? What does the F5 do after the irule executes? Does it forward any traffic to the pool members? Does it close the session from the client to the VIP and "exit"?
Here is the irule: when HTTP_REQUEST {
HTTP::respond 200 content {
"Site unavailable
System Maintenance
Argos is down for some emergency maintenance. We apologize for the inconvenience. At this time we expect Argos to be back up and running by 1 pm on Wednesday, January 28.
"
}
}
14 Replies
Michael_JenkinsCirrostratus
I don't know about the profiles, but see if this helps:
when HTTP_REQUEST { HTTP::respond 200 content { "Site unavailable System Maintenance Argos is down for some emergency maintenance. We apologize for the inconvenience. At this time we expect Argos to be back up and running by 1 pm on Wednesday, January 28. " } "Connection" "Close" event disable all return }
Danny_ArroyoThanks Micheal. Are you saying that the connection stays open after the irule runs? And that's why you added the "Connection" "Close" statement? Also, does "return" essentially "exit" the VIP? If so, what happens at the client? Will the system down page stay in the client's browser?
Thanks again
StephanMantheyNacreous
The "Connection Close" is a header to indicate the peer does not want to maintain a keep-alive connection and the connection will be closed gracefully. The "return" command will exit the current event and is explained in more detail in the wiki page: https://devcentral.f5.com/wiki/iRules.return.ashx The delivered payload will remain in the browser window even the tcp-connection is closed.- Michael_Jenkinsthe event disable command makes sure that no other I rule events are called. the connection close header tells the client to end the connection. the return command just exits the iRule.
- StephanManthey
Hi Danny,
I agree with Michael J. It´s probably the applied profile mix ... It may help to reproduce the issue (not on production system of course), to take a tcpdump and to watch the logs.
Regarding the iRule:
I would remove the quotes, add the doctype declaration to the content, replace the server header, add the content type header and do a connection close.
when HTTP_REQUEST { HTTP::respond 200 content { Site unavailable System Maintenance Argos is down for some emergency maintenance. We apologize for the inconvenience. At this time we expect Argos to be back up and running by 1 pm on Wednesday, January 28. } noserver Server Argos Connection Close Content-Type text/html return }Thanks, Stephan
- Danny_Arroyo
Thanks Michael and Stephan. Ill try these suggestions.
- Danny_Arroyo
And Ill report back
- Danny_Arroyo
The irule works now without spiking the CPU on the F5. Thanks for the help.
- Danny_Arroyo
As I mentioned the irule works now. However, we are noticing very inconsistent results from the different clients hitting the website. Some people get the "system down" page, others just get a spinning circle as firefox tries to load the site. We tried firefox, chrome and ie. We cleared the cache and cookies for each browser. What we found is that IE works 100% of the time. Firefox and Chrome don't work. Eventually after about 10 minutes, all the browsers get the systemdown page, but only IE works right away. I tried disabling persistence to see if that helps, but it did not. Any idea why the browsers would behave this way?
- StephanMantheyHi Danny, I noticed missing tags to close the table row and table data. I just added the closing tags in the rule above and the page loads fine in the other browsers as well. Btw, you may consider to modify the response code to 503. But this should be discussed with SEO folks. Thanks, Stephan
- Danny_Arroyo
Thanks, I'll try that.
Also, in the following line, what does "noserver Server Argos" do? I'm planning to reuse this irule with all of my VIPs, but it should not reference the Argos server. Is this just a comment?
"noserver Server Argos Connection Close Content-Type text/html"
- StephanMantheyHi Danny, by default the http-proxy will insert a Server header with the value "BigIP". The "noserver" parameter prevents to send this header. In addition I added a new Server header with the value "Argos". Please note, that I just updated the iRule once more to replace the single quotes by double quotes in the table related html tags. Thanks, Stephan
- Danny_Arroyo
Good info. Thanks again for all your help
- linjing
Employee
so the 100% CPU was caused by ? Any conclusion at last?
