Forum Discussion
MrMunchkin_6416
Nimbostratus
NimbostratusPassing member state to a web GUI?
I've been looking around the forums for awhile, but haven't been able to find anything specific to what I need.
Basically, my team has 1400 servers. What we are trying to accomplish is this: We want a web site that displays the current state of every pool member, what their IP address is, what the member name is and what pool they are a member of, and this list to be updated every 30 minutes or so.
How does one go about passing this information to a site?
Larry_Dalton_53Try making it an RSS feed, let the newsreader fetch it, and decide if a change has happened.
MrMunchkin_6416As much as I could do that, I'd rather not.
I want it to pass directly to a web pool. As for scheduling it every 30 minutes, I could easily just make the script run as a scheduled task.- Larry_Dalton_53If you can wait 30 minutes to see a status change, it doesn't sound that important. If you have to see it immediate, make an iRule to send you an email, or the webserver the update.
Krzysztof_KozloWhat do you mean, "pass directly to a web pool?"
If what you are trying to do is create a web dashboard that displays the state of all your pool members, there's a bunch of ways you could do that, but you'll need a way of keeping their state.
Polling every F5 in your plant for the status of 1400 servers is not a good idea. Your data will invariably be stale, and not very useful. It's also somewhat abusive to the F5s, which for all their magnificent manageability can be a bit rickety in this department if the user is not careful.
Basically, you want the F5 to tell you when the state of a service has changed. This can be done in a number of ways:
1) log events. The F5s will log pool member state changes. By pointing them to a single syslog server, you have a nice, central place to capture state change data.
2) SNMP traps. A number of commercial and open-source network management systems can be configured to receive state change data from the device. Many of these will even provide you with a dashboard view of this data in a web page out of the box.
3) iControl. I haven't experimented with this personally, but from what I recall iControl has some facility for event handlers that could do whatever your heart desires -- if you can code it.
Option 1 is by far the easiest. All you need to do is cobble together a little Perl script that watches the log, and saves any updates in a file (a tied hash, for instance) which could in turn be read by a CGI to produce a basic status page, which will always be accurate to a few seconds and incur no additional resource cost or stability risk on your F5 plant.- MrMunchkin_6416That's exactly what I was looking for, thanks Kozlowc.
The only problem I'm faced with in option 1, is the members that are already in the DOWN state. I suppose that I could flip them real quick to in-service and immediately pull them back out of service, so that the event fires to the syslog server.
I got stuck in the mindset of pulling member state instead of thinking of logging states instead, which makes ALOT more sense, considering pinging the devices I have for all of their member states takes an extreme amount of cycles from the devices.
Thanks for the responses! - Krzysztof_KozloYou could either populate the state machine with an initial poll of the pool member state, or trigger a state change somehow. You could do a 'bigstart restart' on the standby F5, for instance -- this will cause the monitoring daemons to restart, check every service, and output its status to syslog, where you can pick it up.
I recommend taking a closer look at the syslog-ng documentation. It is not only what the F5 runs natively to log locally and send events out, it's a great way to collect data from many systems into an aggregation syslog-ng server, which can automatically organize the data hierarchically for you. There are a lot of nice products you can then implement on top of this centralized log server to do indexing, alerting, and integration with other enterprise systems.
For instance, we use Splunk, which provides a Google-like interface to all of our logs, as well as fairly sophisticated alerting that is triggered based on individual events or combinations of events from the logs collected by syslog-ng from our various infrastructure components and application servers. Splunk is a commercial product, but inexpensive enough for what it provides.
Whatever you end up doing, good luck, and keep us posted. - MrMunchkin_6416I actually hadn't thought of this before, but we have syslog pushing events to our OnePoint (Microsoft Operations Manager 2005) database.
It wouldn't at all be hard to make a web GUI to display specific syslog events from the OnePoint database, it would just be a simple SQL query. And better yet, it wouldn't put any more load on the devices than what it's currently at.
Thanks for you idea!