For some reason the code block was seen as spam here is the configuration:
TMSH-VERSION: 13.0.0
ltm node /Common/10.0.112.193 {
address 10.0.112.193
monitor /Common/tomcat_8080
}
ltm node /Common/10.0.112.199 {
address 10.0.112.199
monitor /Common/tomcat_8080
}
ltm node /Common/10.0.112.239 {
address 10.0.112.239
monitor /Common/tomcat_8080
}
ltm pool /Common/tomcat-1884 {
description tomcat-embeded-mqtt
load-balancing-mode least-connections-member
members {
/Common/10.0.112.193:1884 {
address 10.0.112.193
}
/Common/10.0.112.199:1884 {
address 10.0.112.199
}
/Common/10.0.112.239:1884 {
address 10.0.112.239
}
}
monitor /Common/tcp
}
ltm pool /Common/tomcat-8080 {
description "tomcat9 servers"
members {
/Common/10.0.112.193:8080 {
address 10.0.112.193
}
/Common/10.0.112.199:8080 {
address 10.0.112.199
}
/Common/10.0.112.239:8080 {
address 10.0.112.239
}
}
monitor /Common/tomcat_8080
service-down-action reselect
}
ltm rule /Common/tomcat-mqtt {
when HTTP_REQUEST {
if { ([HTTP::uri] starts_with "/mqtt") } {
HTTP::cookie insert name "APPCLIENT" value [HTTP::cookie value "APPCLIENT" ]
use pool tomcat-1884
}
}
}
ltm virtual /Common/acme-e7 {
destination /Common/10.0.112.243:80
fallback-persistence /Common/dest_addr
fallback-persistence-type destination-address
ip-protocol tcp
mask 255.255.255.255
persist {
/Common/ACME {
default yes
}
}
pool /Common/tomcat-8080
profiles {
/Common/apm-forwarding-client-tcp { }
/Common/http { }
}
rules {
/Common/tomcat-mqtt
}
source 0.0.0.0/0
source-address-translation {
type automap
}
translate-address enabled
translate-port enabled
}
ltm virtual-address /Common/10.0.112.243 {
address 10.0.112.243
arp enabled
mask 255.255.255.255
traffic-group /Common/traffic-group-local-only
}
ltm monitor http /Common/tomcat_8080 {
adaptive disabled
defaults-from /Common/http
description "tomcat port 8080"
destination *:8080
interval 5
ip-dscp 0
recv none
recv-disable none
send "GET /e7/\r\n"
time-until-up 0
timeout 16
}
ltm persistence cookie /Common/ACME {
app-service none
defaults-from /Common/cookie
}
ltm persistence cookie /Common/ACME-Cookie {
always-send enabled
app-service none
cookie-encryption disabled
cookie-name APPCLIENT
defaults-from /Common/cookie
expiration 0
httponly enabled
method insert
override-connection-limit disabled
secure enabled
}
ltm persistence cookie /Common/cookie {
always-send enabled
app-service none
cookie-encryption disabled
cookie-name APPCLIENT
expiration 0
hash-length 0
hash-offset 0
httponly enabled
method insert
mirror disabled
override-connection-limit disabled
secure enabled
}
ltm profile websocket /Common/acme-websockets {
app-service none
defaults-from /Common/websocket
masking selective
}