Forum Discussion

Martin_Sharratt's avatar
Martin_Sharratt
Icon for Nimbostratus rankNimbostratus
Nov 12, 2014

F5 Failover

Apologies for what is probably a really basic question but I've just inherited this with minimal handover. Anyway, here goes:

 

We have two F5 LTM's in a Sync-Failover pair. They're load balancing some critical production services. They are automatically sync'ed We need to power one (the current primary) down to physically move it in a rack. Management is very twitchy about risks to live services as there have been a few unplanned outages (not the F5's) in recent weeks.

 

As far as I can see from the documentation, powering the primary down automatically fails over to the secondary. What is not clear is if there is any loss of service during the failover. One document says no another says there might be. It's also not clear whther it's better to manually fail the service over to the secondary before powring off the primary.

 

So I have two questions. 1. Should I just power off the primary or manually fail the service over and then power it off? 2. In either case what is the risk of any service outage?

 

Martin Sharratt Univeristy of the West of England

 

3 Replies

  • R_Eastman_13667's avatar
    R_Eastman_13667
    Historic F5 Account

    I would manually set the primary F5 to standby and then verify that the new primary F5 is processing all the traffic. I would then set the former primary F5, the current standby F5 to "Offline". Setting it to offline will tell the new primary to not failover because the standby is "Offline". Turn off the F5, move it, then power it back up. Bring it "Online" and verify that it can communicate with the primary F5.

     

  • I would fail the appliance over to the standby prior to powering down. If there is a chance that you have an issue with the standby, you'd rather find that out before powering the primary down.

     

    There are too many variables to say whether there will be any service outages. If all of your applications are HTTP/HTTPS, you have proper persistence in place, and that persistence is being mirrored if necessary, you shouldn't see a service outage as these are short lived services. If you have long lived services, such as FTP, that have sessions in flight and session and persistence mirroring are enabled, you shouldn't see a service outage.

     

    If all/most of your applications are HTTP/HTTPS, and you are using cookie persistence, you should be in good shape.

     

    Eric

     

  • Even with persistence any SSL termination on the F5 will result in those sessions being renegotiated. SSL persistence is not mirrored/persisted as of yet. non-ssl services should be able to failover