Forum Discussion
Nimbostratuspool selection based on specific context path and certificate termination on each member server
I have a single LTM VIP with two pools, each pool has two member server. pool selection based on specific context path (/health/v1/* and /check/v2/* and certificate termination on each member server. how to configure it for https.
does below HTTP works? does irule changes based on device verzion?
when HTTP_REQUEST {
Check URI set to lower case with wildcard matching switch -glob [string tolower [HTTP::uri]] { "/health/v1/" { pool uat_pool } "/check/v2" { pool qa_pool } default_pool { pool general_pool } } }
youssef1Cumulonimbus
Hi,
Be carefull you can't do pool redirection using irule if ssl termination is done in server backend...You have to set ssl termination on F5 then re-encrypt to backend server...
No, Irule don't have to change regarding device version. You just keep in mind that you have to process ssl interception in order to manage http traffic and set an http profile:
- use an ssl client profile
- use an ssl server profile
- use an http profile
Then add your irule
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] { "/health/v1/" { pool uat_pool } "/check/v2" { pool qa_pool } default_pool { pool general_pool } } }regards
Stanislas_Piro2If you want the default pool assigned in virtual server configuration is assigned in the switch default statement, you can store first after TCP handshake:
when CLIENT_ACCEPTED { set default_pool [LB::server pool] } when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/health/v1/*" { pool uat_pool } "/check/v2/*" { pool qa_pool } default { pool $default_pool } } }