Irules when Upgrading

As far as I know there are no known upgrade issues from 9.2.3 to 9.4 with regards to iRules. The 4.x to 9.x jump was a big one as we switched languages but it's been pretty constant since 9.0 was released.

 

 

If you want to post your iRule I can load it into my 9.4 system to test it out for you.

 

 

-Joe

Joe,

 

 

Thanks as this is more than anticipated. I was wondering in the community if someone already went down this path, I really don't have a specific rule in mind as I am no where near as savy as the indiviuals on this forum. I really have very basic rules like if uri contain

 

uri equals

 

split then to a specific pool or memeber

 

If all nodes down then

 

Discard / reject packet

 

Of course redirects for http to https

 

Very simplistic rules

 

 

here are some ex's if you can't sleep:

 

when CLIENT_ACCEPTED {

 

if { [active_members mypool] == 0 } {

 

discard

 

}

 

}

 

when HTTP_REQUEST {

 

if { ([HTTP::uri] contains "/ESPP") or ([HTTP::uri] contains "/web1") } {

 

node 10.0.0.1 80

 

}

 

elseif { [string tolower [HTTP::uri]] contains "web2"} {

 

pool pool2

 

}

 

elseif { [string tolower [HTTP::uri]] contains "web3"} {

 

pool pool3

 

}

 

elseif { [string tolower [HTTP::uri]] contains "web4"} {

 

pool pool4

 

}

 

elseif { [string tolower [HTTP::uri]] contains "web5"} {

 

pool pool5

 

}

 

else {

 

pool default-pool

 

}

 

}when HTTP_REQUEST {

 

HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]

 

}

 

Stuff like that, I kind of figured I wasn't the only one going to upgrade from this version with the Time thing but doesn't seem to make sense when it's a pretty close process for patching as upgrading, just more risky!

 

 

 

 

 

No problem. I've got quite a collection of iRules on my system that I've built over the years and while I haven't upgraded directly from 9.2.3 to 9.4 (I've done iterum builds), the contents of the iRules are not modified as part of the upgrade process as they are backward compatible (well 99.99%, there's always the odd corner case of a method that is undocumented and then removed from future versions).

 

 

If you are just doing basic functionality and your iRule is working on 9.2.3, then upgrading to 9.4 shouldn't cause any issues with iRule incompatibility.

 

 

In the furture, if you have any specific concerns, post away and we'll have a look at them for you.

 

 

-Joe

If you do not have lab resources to test your upgrade and you are forced to do your proof of concept in production, there are some things you can do to minimize your downtime.

 

 

1) If you have an HA pair, upgrade only one unit, failover to it, if all things are working after a few days, upgrade the other unit. Note that you probably won't want to synchronize your pair during this time, and if you are mirroring connections, you might want to disable that as well.

 

 

2) If you don't have an HA pair, upgrade only 1 of the boot slots to the new version, that way if it fails, you can switchboot back to your current setup within minutes.

1) If you have an HA pair, upgrade only one unit, failover to it, if all things are working after a few days, upgrade the other unit. Note that you probably won't want to synchronize your pair during this time, and if you are mirroring connections, you might want to disable that as well.

 

 

Depending on the version you are going from and to, you can have a problem even keeping the units from going Active/Active - generally has only been an issue going between major versions in my experience, however (i.e. a v9.1.x unit with a v9.2.x, or v9.2.x with v9.4).

 

 

I've seen this several times in the lab, and at least a couple of times in the wild..

 

 

Any problems going from 9.1.x to 9.4.x?