Forum Discussion

JCMATTOS_41723's avatar
JCMATTOS_41723
Icon for Nimbostratus rankNimbostratus
Jun 10, 2008

Sitedown Conditional Maintenance?

We have a pair of LTM's 9.4.2 and wanted to create an irule that can help to solve an issue with our daily maintenance of pools. We have seen many sitedown irules and wanted to utilize this into our routine w/ a few additions/modifications:

 

 

1) Activate the sitedown irule on a condition that a keepalive page is present/up/dwn on the legs? (admin/dev may add/rename the sites to activate this irule automatically)

 

 

2) When this sitedown irule is activated it only allows internal users to still access the VIP normally but external or public users are now sent to the sitedown page (IP list of somekind). (To allow developers to still test the LB app internally, thru the LTM before letting the public access the site).

 

 

What we see happening in a typical maintenance window, admins would rename a status page on both legs. The irule would then be activated, to allow normal internal testing to users but external users would get issued a sitedown page/link. Once the testing is complete the status page is put back and traffic is resumed back to normal.

 

 

We understand that there are probably better/easier ways to address this, but when asked if this is possible with an irule im curious myself if this can be done...Any help would be greatly appreciated. Thx!

 

 

 

 

application delivery
dev
devops
iRules
  • JCMATTOS_41723's avatar
    JCMATTOS_41723
    Icon for Nimbostratus rankNimbostratus
    Jun 10, 2008
    I was finally able to collectively put something together that works great, but have one final piece to make it complete. I now have granularity on the sitedown thru datagroup list, but haven't figured out a way to also check for sometype of keepalive/status page in addition to the matchclass statement.

     

     

    if { (not [ matchclass [IP::client_addr] equals $::TrustedIP ] ) } and {??????

     

     

    For example, in addition to the matchclass statement if a url/monitor is not available then redirect accordingly...

     

     

    when HTTP_REQUEST {

     

    set host [HTTP::host]

     

    set uri [HTTP::uri]

     

    sets the timer to return client to host URL

     

    set sectime 10

     

     

    switch $uri {

     

    "/maintenance" {

     

    HTTP::respond 200 content \

     

    "Maintenance page\

     

     

    Sorry Dude! This site is down for maintenance.

     

    " "Content-Type" "text/html"

     

    return

     

    }

     

    }

     

     

    if { (not [ matchclass [IP::client_addr] equals $::TrustedIP ] ) } {

     

    HTTP::redirect "http://$host/maintenance"

     

    return

     

    } else {

     

    return

     

    }

     

    }