Kenny_Lussier_5
Jun 13, 2011Nimbostratus
Tracking triggers in an iRule
Hi All,
I have the following iRule which checks a data group to see if the server is marked as online or off-line. If it is marked as online, traffic passes as normal, if it is off-line, it sends back a 503. If the proxy is online, but the back end pool is unavailable (using LB_FAILED), it sends back a 502. The pool is actually a single node, so there is no need for LB::reselect (which I don't think would work anyway). I have a tcp profile assigned to the virtual server that sets max syn retry to 1 so that LB_FAILED is immediate.
This has worked fairly well so far, except that LB_FAILED is being triggered intermittently, and I don't know why. One request will get a 502, while another request, received within milliseconds, goes through. If I were using a built-in health check, there would be logging on member up/down, and failures to select pools. But since I am doing passive checking, there isn't much info that I can find. Is there a way to see what is causing the failures from the LTMs point of view?
Thanks,
Kenny
when RULE_INIT {
log local0.info "proxystatushttp v1.0 $static::tcl_platform(os) $static::tcl_platform(osVersion)"
set static::DEBUG 0
set static::offlineFlag "offline"
set static::proxyStatus proxystatus
if { $static::DEBUG } { log local0.debug "$static::proxyStatus:\n[class get $static::proxyStatus]" }
set static::privateNetworkAddresses private_net
set static::externalMonitoringAddresses external_monitoring_addresses
if { $static::DEBUG } { log local0.debug "$static::privateNetworkAddresses:\n[class get $static::privateNetworkAddresses]" }
if { $static::DEBUG } { log local0.debug "$static::externalMonitoringAddresses:\n[class get $static::externalMonitoringAddresses]" }
}
when HTTP_REQUEST {
if { [class lookup $static::offlineFlag $static::proxyStatus] } {
if { (not [class match [IP::client_addr] equals $static::externalMonitoringAddresses]) &&
(not [class match [IP::client_addr] equals $static::privateNetworkAddresses]) } {
set response "ForbiddenNOTICE: Service unavailable at this time."
HTTP::respond 503 content $response noserver "Connection" "close" "Content-Length" [string length $response]
if { $static::DEBUG } { log local0.debug "Sent HTTP Status Code 503 due to proxy status offline to [IP::client_addr]" }
log -noname local0. "[virtual name] MyIP=[IP::local_addr] SrcIP=[IP::client_addr] - - \[[clock format [clock seconds] -format "%d/%b/%Y:%H:%M:%S %z"]\] - \"[HTTP::method] [HTTP::uri] HTTP/[HTTP::version]\" 503 [HTTP::payload length]"
return
}
else {
if { $static::DEBUG } { log local0.debug "Processing HTTP request with proxy status offline from [IP::client_addr]" }
}
}
}
when LB_FAILED {
set response "Server ErrorNOTICE: Site has experienced an error."
HTTP::respond 502 content $response noserver "Connection" "close"
log -noname local0. "[virtual name] MyIP=[IP::local_addr] SrcIP=[IP::client_addr] - - \[[clock format [clock seconds] -format "%d/%b/%Y:%H:%M:%S %z"]\] - \"[HTTP::method] [HTTP::uri] HTTP/[HTTP::version]\" 502 [HTTP::payload length]"
}