Forum Discussion

shadow82's avatar
shadow82
Icon for Cirrus rankCirrus
May 16, 2023
Solved

How to create custom monitor

Hi!

Recently I got a request to change my pool monitoring.
I have a pool of 2 nodes listening for http connections on port 8080
So my pool monitor was http on port 8080

Recently admins have changed this and asked me to monitor like this:
http://10.0.10.11:8080/stats
http://10.0.10.12:8080/stats

And I got confused

After reading few DevCentral questions and articles:

https://community.f5.com/t5/technical-forum/http-monitor-on-different-port/td-p/305314
https://community.f5.com/t5/technical-forum/how-to-create-standard-custom-http-monitor/td-p/216967
https://community.f5.com/t5/technical-forum/trouble-with-http-200-ok-monitor/td-p/191292
https://my.f5.com/manage/s/article/K2167

I prepared 2 node monitors (1 of them as example below):

And attached 1 monitor to 1 node accordingly...
But it keep showing red, so probably I'm doing something wrong.

Could anyone take a look if this approach is ok and what should I correct if necessary?

application delivery
custom monitor
  • Paulius's avatar
    Paulius
    May 16, 2023

    shadow82 If your pool member is listening on port 8080 you do not have to define the Alias Service Port in the health monitor because it will inherit the port from the pool member when the health monitor is performed. Now as far as the send string is concerned, I would use HTTP 1.0 instead of 1.1 since you aren't really defining an appropriate Host value. The reason for the "HEAD" rather than a "GET" is because it doesn't seem as though you are interested in anything from the body of the page so no need to query anything but the HTTP header. In addition to that, your receive string is incorrect and should use an escape \ after the HTTP in the response.

    Send String: HEAD /stats HTTP/1.0\r\nConnection: Close\r\n
    Receive String: HTTP\/1\.(0|1) 200 OK

    Realistically if they would like for this to be an HTTP 1.1 connection they shoud provide you with an appropriate host header value rather than the IP of the pool member you are balancing traffic to. If they decide to use HTTP 1.1 and they provide you the appropriate Host value your health monitor should look similar to the following.

    Send String: HEAD /stats HTTP/1.1\r\nHost: www.example.com\r\nConnection: Close\r\n\r\n
    Receive String: HTTP\/1\.(0|1) 200 OK

    Now if you wanted to know why the health monitor is failing you should be able to perform the following tcpdump and replacing the information where the <> are less the <> to filter the tcpdump a bit further.

    tcpdump -nnvvvi 0.0 host <f5_selfIP_closest_to_destination> and host 10.0.10.11 and port 8080

    This should show you the response from the pool members in relatively plain text so you can see what the server is responding back with. The following is a curl command you can enter on the F5 CLI in bash to see what the pool member is responding with.

    *** No Host header value ***
    curl -Ivk "http://10.0.10.11:8080/stats"

    *** Host header value ***
    curl -IvkH 'Host: <your_fqdn>' "http://10.0.10.11:8080/stats"

3 Replies

Sort By
  • Stefan_Klotz's avatar
    Stefan_Klotz
    Icon for Cumulonimbus rankCumulonimbus
    May 16, 2023

    Normally you don't need to specify "Alias Address" or "Alias Service Port" in the monitor configuration, because these values will be taken automatically from the poolmember. These two values are only required, if you need to monitor something else, other then the poolmember itself.

    But I don't understand the issue in your post at all, means what was your previous configuration (monitor and poolmembers) and what has been changed? From what you are describing it should normally become green with default settings. Alternativelly you could run a tcpdump on the CLI to verify what's the reason for the monitor becoming red.

    Regards Stefan 🙂

  • Paulius's avatar
    Paulius
    Icon for MVP rankMVP
    May 16, 2023

    shadow82 If your pool member is listening on port 8080 you do not have to define the Alias Service Port in the health monitor because it will inherit the port from the pool member when the health monitor is performed. Now as far as the send string is concerned, I would use HTTP 1.0 instead of 1.1 since you aren't really defining an appropriate Host value. The reason for the "HEAD" rather than a "GET" is because it doesn't seem as though you are interested in anything from the body of the page so no need to query anything but the HTTP header. In addition to that, your receive string is incorrect and should use an escape \ after the HTTP in the response.

    Send String: HEAD /stats HTTP/1.0\r\nConnection: Close\r\n
    Receive String: HTTP\/1\.(0|1) 200 OK

    Realistically if they would like for this to be an HTTP 1.1 connection they shoud provide you with an appropriate host header value rather than the IP of the pool member you are balancing traffic to. If they decide to use HTTP 1.1 and they provide you the appropriate Host value your health monitor should look similar to the following.

    Send String: HEAD /stats HTTP/1.1\r\nHost: www.example.com\r\nConnection: Close\r\n\r\n
    Receive String: HTTP\/1\.(0|1) 200 OK

    Now if you wanted to know why the health monitor is failing you should be able to perform the following tcpdump and replacing the information where the <> are less the <> to filter the tcpdump a bit further.

    tcpdump -nnvvvi 0.0 host <f5_selfIP_closest_to_destination> and host 10.0.10.11 and port 8080

    This should show you the response from the pool members in relatively plain text so you can see what the server is responding back with. The following is a curl command you can enter on the F5 CLI in bash to see what the pool member is responding with.

    *** No Host header value ***
    curl -Ivk "http://10.0.10.11:8080/stats"

    *** Host header value ***
    curl -IvkH 'Host: <your_fqdn>' "http://10.0.10.11:8080/stats"

  • shadow82's avatar
    shadow82
    Icon for Cirrus rankCirrus
    May 19, 2023

    Thanks Gents for your help!

    Both of you have solved my problem in minutes!