Forum Discussion
Andrew_Husking
Cirrus
CirrusUsing iRules to edit datagroups
Hi Guys,
Is there a way that you can use an iRule to edit a datagroup? either creating new entries or just editing the values?
If not, is there a way that you can dynamically store the information that will persist after reboot or an upgrade.
Cheers
4 Replies
- nitass
Employee
Is there a way that you can use an iRule to edit a datagroup? either creating new entries or just editing the values?i do not think there is.
If not, is there a way that you can dynamically store the information that will persist after reboot or an upgrade.what about sending data to remote server (e.g. http) and read it back using sideband?
Sideband connection HTTP example by Aaron
https://devcentral.f5.com/wiki/irules.sideband-connection-http-example.ashx
Populating Tables With CSV Data Via Sideband Connections by George
https://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1088515/Populating-Tables-With-CSV-Data-Via-Sideband-Connections.aspx 
Andrew_HuskingWe've used sideband connections to get data from HTTP sources before, we were looking at something that was purely on the F5 and not requiring another server.
thanks for the links, i'll have a closer look at the CSV link.
Do tables persist after a reboot or a version upgrade?- nitassWe've used sideband connections to get data from HTTP sources before, we were looking at something that was purely on the F5 and not requiring another server. i was thinking to use log command to write data to custom (log) file and then use user_alert.conf to import (or update) external data group. anyway, i thought it seems not efficient.
Acton on Log - using the alertd deamon
https://devcentral.f5.com/wiki/advdesignconfig.Acton-on-Log-using-the-alertd-deamon.ashx
Do tables persist after a reboot or a version upgrade?i understand table data is mirrored to peer unit, so rebooting may be fine but i think it might not work well in upgrading (since version can be so different). anyway, i do not think table is a good candidate because it stores data in memory.
The session table is mirrored to the standby, and this cannot be disabled.
v10.1 - The table Command - The Fine Print by Spark
https://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=2382 - Kevin_StewartThere's any number of ways to manage the values in a datagroup, but ultimately it comes down to immediacy.
Do you need the data available in or near real time? If so then a table structure is probably more viable. As stated, the session table is mirrored across peers, so it'd likely survive a reboot, but probably not an upgrade.
To update a datagroup, you could:
1. use the Syslog method as noted by Nitass.
2. use a sideband call to some (potentially custom) service on the BIG-IP that can touch the datagroup from the management shell. I've used netcat, a mini web server, and a few other options in this regard.
3. add entries to a table and create an internal service VIP that a monitor can periodically poll for new data to record to the datagroup.
There are of course many other options, but all have one important thing in common: peril...
Datagroups are only writable from the management shell, so any attempt to access them from TMOS means you have to build a connector from an area of live user traffic to an otherwise secure untouchable platform. You must then take measures to secure that connector so that it can't be manipulated beyond what is intended. There's also only one management kernel compared to potentially many TMM cores, so it would never scale to handle massive user traffic loads.
Option 3 above is perhaps one of the better options (IMHO). You can access the table for real time data, but also allow it to be archived indefinitely in a datagroup.
