iRule Help for Web front end and Backend Database server traffic to failover at same time

bob3 · ‎15-Mar-2023

Hello,

I am looking to create an iRule for Web front end and Backend Database server traffic to failover at same time. The current topology is 2 Front end web servers and 2 back end database servers call them Web01 & Web02, and Database01 and Database02. In this build the 01's talk to the 01's and the 02's only talk to the 02's. The only traffic between the 01 and 02 servers is that the data from Database01 sync's to Database 02, but users would only talk to the 01 servers Primarily and if there was a failure then the users would be failed over to the 02/Standby. We have a Priority group in place that all user traffic is pointed to the 01 servers. The problem at hand is if the Web01 server were to go down because of diaster scenario and the Database01 server were still online by default the F5 would redirect the traffic to the Web02 server but the traffic would still be directed to the Database01 server because still online in which doesn't work with how users access the application. We would need something that the F5 would redirect all traffic if either of the 01 servers were to be down and stop traffic from going to any 01 servers and make it only go to the 02 servers until we were to find resolution of why either of the 01 servers went down. Any help on what syntax to use for the irule would be extremel helpful or any other recommendations as well.

Paulius · ‎15-Mar-2023

What is the mechanism on the database server that makes it so web1 has to speak with db1 and web2 has to speak with db2? Typically you don't have a hard link between web and db servers because of the obvious downside such as yours. I'm not aware of how to do this with priority group activation but if you created 2 pools for web and 2 for db you could have the following logic.

*** Web irule ***
if pool-web1 active members <= 0 forward traffic to pool-web2 else forward to pool-web1

*** DB irule ***
if pool-db1 active members <= 0 and pool-web1 active member <=0 forward to pool-db2 else forward to pool-db1

bob3 · ‎16-Mar-2023

Paulius,

Thank you for your feedback. The two database servers do sync there data together. However, in normal operations certain users, clients, and devices access the data directly to the database server. So in the event of a Web failure we want those users and clients to be directed to the 02 web and 02 database server. Yes, it's a different approach on the server topology, unfortnately we are at the mercy of the application/database owners. Hope that clears you question up.

Daniel_Wolf · ‎15-Mar-2023

Hi @bob3,

you can achieve this without iRules but with a good combination of health check monitors and priority group activation.

Create two pools, lets call them pl_web and pl_sql. Add the web servers to pl_web and the db servers to pl_sql. Use priority group activation, to make sure all the traffic goes to the 01 server.
Do not add a monitor to the pool.
Create four health check monitors, one for each server.
You can do this by specifing the Alias Address in each monitor. This way the monitor will only check the server with the IP specified in the alias field.
Add the monitors to the pool members like this:
Web server 01 will have the monitor for itself and DB server 01
DB server 01 will have the monitor for itself and web server 01
Web server 02 will have the monitor for itself and DB server 02
DB server 02 will have the monitor for itself and web server 02
Go to Local Traffic ›› Pools : Pool List ›› pl_web. Click on the Members tab. Click on the first member.
Add member specific monitors as described above, two per server. Make sure Availability Requirement is All (default).
Repeat this for all four servers in the two pools.

With this configuration the web server 01 will go down if either itself or the DB server 01 fails. With priority group activation you make sure all the goes only to either one pair or to the other. And priority group activation will also ensure that the failback works.

KR
Daniel

bob3 · ‎16-Mar-2023

Thank you Daniel. We will try your recommendations.

bob3 · ‎16-Mar-2023

Daniel,

Actually another question. What if wanted to put a thresold for this. Example if the Web01 is down but we don't want to it to failover till maybe 10 minutes later? In the case we can resolve the issue before fully failing over.

Paulius · ‎16-Mar-2023

@bob3 I believe the only option you have for that is to increase the interval and timeout of the health monitor to accomodate a 10 minute failover. Is this because you expect the server to come back online with a 10 minute window if it does fail a health monitor?

bob3 · ‎16-Mar-2023

Paulius,

Yes. We are trying to iron out the logistics on the timing and comfortablity of the SLA in an on and off hour scenario. During the day we have staff that can monitor the web and database servers in which may require a simple reboot to fix and get everything back up and running, whereas in a off hour scearnio we would want it to failover almost immediatetly and troubleshoot when we have the proper resources online.

Is there a way to have almost a time frame when either the on or off hour scenarios could occur. Say from 8 am to 5 pm the 10 minute wait applies, and from 5 pm to 8 am the automatically failover occurs?

Paulius · ‎16-Mar-2023

@bob3 I'm not aware of a way to make the health monitor depending on time of day but I'm sure you could make this work in some form using an iRule but not with normal health monitors. The safest bet here would be to failover without waiting any additional time and if you can fix the server that's great but allow the F5 to balance traffic to the new destiantion in order to reduce overall downtime to your site.

bob3 · ‎16-Mar-2023

Thank you for all your input.

DevCentral

iRule Help for Web front end and Backend Database server traffic to failover at same time

Khoros Kudos Award 2022