Forum Discussion

F5_LB_Eng's avatar
F5_LB_Eng
Icon for Cirrostratus rankCirrostratus
Jan 18, 2023

least 2 servers need to be UP in pool, only than VIP is marked as UP

Hi All,

i need a suggestion for this requirment

we have pool of 5 members ,client requirment  atleast 2 servers are UP in pool, only than VIP is marked as UP . 

how we can do this ? any irule ?

 

  • HI F5_LB_Eng , 
    You can achieveit without iRules , take a look below : 
    F5 Virtual server become UP if its assigned pool is UP "available" , So let’s play and adjust with Pool itself.
    I will Start with monitors of pool. 
    Let we say you have 5 pool_members with these ips : 
    ( 1.1.1.1:80 , 1.1.1.2:80 , 1.1.1.3:80 , 1.1.1.4:80 , 1.1.1.5:80 ) 
    - Create a specific monitor with Alias option for each pool member ip and port " 1.1.1.1 port 80 , and so on .. " , you should create 5 different monitors for each member , Like below snapshot : 

    - After Creating 5 monitors , open ( Local traffic >> pools >> select your pool >> select advanced under Configuration section ) , assign all 5 Specific monitors for this Pool , and change availabilty to " at least 3 " or " at least 2 " based on your needs , that means if you Configure the availability to " at least 2 " , it will marke the whole pool UP if only 2 monitors from 5 monitors successed and the other 3 monitors failed ,  also it will mark the whole pool down if one monitor from 5 monitors successeded and the other 4 monitors failed an so on ... 

    To configure the availability , Follow the below Snap shot : 

    > I didn’t modified any settings in Virtual server itself but adjusted so configuration in pool monitors so this will reflect with the status of pool at all and this will make you to control in virtual server status easly. 

    > Briefly , 
    you will control the virtual server status by a group of specific monitors alias and how many monitors will be available at a time.
    I played on pool itself as its status controls  virtual server’s Status. 

    > Look at the below Snapshots from my Lab , I believe it will help you to solve your concerns : 

    So I see the Key for your issue is monitors. 
    Try to understand what I mean and try to match it with your environment. 

    I hope this solve your inquiry. 

  • Hooni_L's avatar
    Hooni_L
    Jan 19, 2023

    Wouldn't there be a lot of HealthCheck packets?

  • Peter_Z's avatar
    Peter_Z
    May 25, 2023

    I don't think this is the right approach. It would allow you to control the pool/VIP state based on the number of available pool members but it could also allow 'failed' members to be marked as UP and being included in LB decisions resulting in connection issues for some clients.

    Suppose you have the monitor settings at pool member-level set to 'inherit from pool' which is default settings. All of the monitors on the pool will be ran against each pool member.

    1. Let's say you have pool members: 1.1.1.1:80 , 1.1.1.2:80 , 1.1.1.3:80 , 1.1.1.4:80 , 1.1.1.5:80.
    2. You create monitors with specific alias address and port for each.
    3. You assign all monitors to pool and you set the requirements to 'at least 2' to be successful
    4. if port 80 on member 1.1.1.1 becomes unavailable but works fine on other pool members/servers you will still meet the requirements of at least two successful monitors for each pool member, so the pool will keep all members UP incuding the failed one: 1.1.1.1
    5. clients who will be forwarded to pool member 1.1.1.1 will however see error/connection issues when the LB algorithm will choose this pool member.

     

  • i need like below

     

    if only one server is UP, VIP will be DOWN
    if TWO or more servers will be UP than VIP will be UP
    as one server is not able to handle all their traffic

  • F5_LB_Eng You can achieve this using an iRule assuming this is HTTP or HTTPS traffic decrypted at the F5. If you do not want to perform the specific HTTP response you can change that to something else or to just drop the traffic. I do not recommend dropping the traffic because then when the pool is down you might think the F5 is down as well where with the specific response at least you know the F5 is responding and the issue is most likely at the pool level.

    when HTTP_REQUEST priority 500 {
    
        if { [active_members [LB::server pool]] <= 1 } {
            HTTP::respond 503 content "Service Temporarily Unavailable"
        }
    
    }
  • HI F5_LB_Eng , 
    You can achieveit without iRules , take a look below : 
    F5 Virtual server become UP if its assigned pool is UP "available" , So let’s play and adjust with Pool itself.
    I will Start with monitors of pool. 
    Let we say you have 5 pool_members with these ips : 
    ( 1.1.1.1:80 , 1.1.1.2:80 , 1.1.1.3:80 , 1.1.1.4:80 , 1.1.1.5:80 ) 
    - Create a specific monitor with Alias option for each pool member ip and port " 1.1.1.1 port 80 , and so on .. " , you should create 5 different monitors for each member , Like below snapshot : 

    - After Creating 5 monitors , open ( Local traffic >> pools >> select your pool >> select advanced under Configuration section ) , assign all 5 Specific monitors for this Pool , and change availabilty to " at least 3 " or " at least 2 " based on your needs , that means if you Configure the availability to " at least 2 " , it will marke the whole pool UP if only 2 monitors from 5 monitors successed and the other 3 monitors failed ,  also it will mark the whole pool down if one monitor from 5 monitors successeded and the other 4 monitors failed an so on ... 

    To configure the availability , Follow the below Snap shot : 

    > I didn’t modified any settings in Virtual server itself but adjusted so configuration in pool monitors so this will reflect with the status of pool at all and this will make you to control in virtual server status easly. 

    > Briefly , 
    you will control the virtual server status by a group of specific monitors alias and how many monitors will be available at a time.
    I played on pool itself as its status controls  virtual server’s Status. 

    > Look at the below Snapshots from my Lab , I believe it will help you to solve your concerns : 

    So I see the Key for your issue is monitors. 
    Try to understand what I mean and try to match it with your environment. 

    I hope this solve your inquiry. 

    • Hooni_L's avatar
      Hooni_L
      Icon for Cirrus rankCirrus

      Wouldn't there be a lot of HealthCheck packets?

      • Paulius's avatar
        Paulius
        Icon for MVP rankMVP

        Hooni_L It absolutely would be in order to solve for F5_LB_Eng issue this is what would be required. Nothing wrong with health monitors if they are made to solve for a specific purpose such as this and they aren't too frequent.

    • Peter_Z's avatar
      Peter_Z
      Icon for Cirrus rankCirrus

      I don't think this is the right approach. It would allow you to control the pool/VIP state based on the number of available pool members but it could also allow 'failed' members to be marked as UP and being included in LB decisions resulting in connection issues for some clients.

      Suppose you have the monitor settings at pool member-level set to 'inherit from pool' which is default settings. All of the monitors on the pool will be ran against each pool member.

      1. Let's say you have pool members: 1.1.1.1:80 , 1.1.1.2:80 , 1.1.1.3:80 , 1.1.1.4:80 , 1.1.1.5:80.
      2. You create monitors with specific alias address and port for each.
      3. You assign all monitors to pool and you set the requirements to 'at least 2' to be successful
      4. if port 80 on member 1.1.1.1 becomes unavailable but works fine on other pool members/servers you will still meet the requirements of at least two successful monitors for each pool member, so the pool will keep all members UP incuding the failed one: 1.1.1.1
      5. clients who will be forwarded to pool member 1.1.1.1 will however see error/connection issues when the LB algorithm will choose this pool member.