Forum Discussion
Redirecting part of a URL
Right that's how everything else we have is setup. For this situation though right now they're just using LTMs in separate datacenters. There is an A record that points to a VIP in the datacenter that is active and for a disaster recovery situation DNS would be changed to point the record to the VIP in the other datacenter. The DNS records are wildcarded *.datacenter.domain.com to 1.1.1.1 and that resolved to a VIP with the openshift routers as the pool members. Based on the application.something part of the URL Openshift knows where to route the traffic.
For this they want the developers to have a singular URL for their apps that wouldn't have to be changed in a true disaster or just a disaster recovery exercise so that would be their application.gtm.domain.com. There would be a separate WIP for each. So in a disaster situation we would just disable the pool member on the GTM for the datacenter that they weren't running out of.
The openshift configuration needs to have a route configured to know which application is being called. Right now thats the application.something.datacenter.domain.com and those engineers don't want to have to add another route (the gtm.domain.com) for each application. This is all internal traffic not exposed to the internet.
It isn't going to be a hot/hot scenerio but we wanted the developers to have one URL, traffic to know which datacenter based on the pool member enabled on the wide IP but then when it gets to the VIP on the LTM change the URL ending so that openshift still see the route and knows where to send the traffic.
When we do disaster recovery exercises not all of the applications do it at the same time so we need to be able to send some traffic to one datacenter or the other.
SteveD1979 The following is what you should have for each application.
*** DNS Auth for example.com ***
application.example.com
*** DNS on GTM ***
application.gtm.example.com
Having the above configuration for each application will provide you the flexibility of being able to failover each application without much complexity on the GTM side of things. I believe it is possible to create a data-group with every application and a value of 0 or 1 and then configure an iRule to reference the data-group to check each application and it's value and failover based on that but that adds unneaded complexity to the GTM configuration.
- SteveD1979Oct 06, 2023Cirrostratus
That's how we have every other application configured that have their own dedicated static VIPs on the LTMs. For this since there are so many applications hitting the same VIP and not all can be moved I thought it would be easier if i could just redirect part of the URL. I'm not sure how to do that with the datagroups but are you saying redirecting part of a URL isn't possible? I tried a policy and several irules to look for contains and replace in the URL but it wasn't working.
- PauliusOct 06, 2023MVP
SteveD1979 The issue here is that you have 2 different pieces handling two different parts of your request.
1. The GTM will resolve all DNS requests it is sent.
2. After you have DNS resolve you then have your request directly to the destination IP that the GTM pointed you to for lets say application1.example.com. This part of the request is not something the GTM would see because it is an application request and not a DNS request. The GTM doesn't change the original FQDN that you are attempting to resolve a destination for.- SteveD1979Oct 06, 2023Cirrostratus
Right i wanted to put an irule or policy on the VIP on the LTMs to redirect it from the gtm.domain.com name to the datacenter.domain.com name that it's expecting but keep the part of the URL that is wildcarded so that openshift would know where to send it.
DNS record currently *.datacenter.domain.com = VIP on LTM for openshift router with several applications hitting it.
DNS record desired for developers to use = theirapplication.gtm.domain.com
Route currently openshift is configured to recognize = theirapplication.datacenter.domain.com
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com