cancel
Showing results for 
Search instead for 
Did you mean: 
Joel_Moses_4526
Nimbostratus
Nimbostratus

Problem this snippet solves:

Below is a quick method for allowing a user who only has Operator but not Administrator rights to enable a maintenance page via an iRule. An LTM administrative user with Operator rights has the ability to enable or disable nodes but does not have the ability to add, remove, or change an iRule that is attached to a particular VS. This is a common scenario -- for example, your NOC may have access to add and remove nodes as Operator, but the redirection logic of an iRule is needed to handle redirections to a maintenance page.

To solve this issue, we'll create a "fake" node and tie its status to the iRule in order to trigger the maintenance page.

First, create a NODE with the following parameters:

  • Address: 192.168.250.1 (could be anything, preferably non-routable - the LTM will not allow loopback addresses here, however)
  • Health Monitors: None
  • Name: vip_maintenance (or really, anything descriptive)

Then, augment your iRule with the following check:

How to use this snippet:

When you want to enable the maintenance page, all you have to do is find this node in the nodelist, and disable it. The iRule will pick this up and begin redirecting users. You will find that this works with a user who has Operator rights.

Code :

when HTTP_REQUEST {
      set ::maintenance_mode [LB::status node 192.168.250.1 session_disabled]

      if { ($::maintenance_mode) } {
             HTTP::redirect "http://alternate.site.com/maintenance.html"
      }

}
Comments
Samir_Jha_52506
Noctilucent
Noctilucent

Thanks Joel,

 

Please correct me if i am wrong. I believe no need to create fresh VIP for maintenance. This can be achieve with below iRule.

 

1) Create maintenance page and import to F5(irule--> iFile)

 

when HTTP_REQUEST { set ::maintenance_mode [LB::status node 192.168.250.1 session_disabled] if { ($::maintenance_mode) } { HTTP::respond 200 content [ifile get "/common/maintenance.html"] } }

2). Add HTML contents itself in irule

 

when HTTP_REQUEST { set ::maintenance_mode [LB::status node 192.168.250.1 session_disabled] if { ($::maintenance_mode) } { HTTP::respond 200 content "Maintenance page Sorry! This site is down for maintenance." "Content-Type" "text/html" } }

Samir, all three ways are completely reasonable. -Josh

 

Version history
Last update:
‎18-Mar-2015 15:34
Updated by:
Contributors