irule trigger external script

If you're hell-bent on using an iRule, I'd probably configure one that did indeed send an HTTP request for the script.

the logic would only kick during failure of all pool members, but initiating it from irule will be the tricky part as the event may not be traffic originated i.e. I probably could not use the HTTP::retry method I've seen described previously to alter the client request and trigger a request to the server hosting the script as the event is triggered by failure of all pool members

 

Can you elaborate on what you're trying to accomplish and the overall scenario? Maybe we can provide you with some additional options with more info.

 

 

Aaron

sure, basically we have production servers in a pool that take all traffic normally, we also have some 'hot standby' servers/site that are normally down that will kick in if there is a major failure of all members of the production pool. The services in the standby cluster have some backend components that need to be brought online before traffic flows and the apps are up. The trigger for bringing them online is the failure of all members of the production environment, so I was thinking the F5 would trigger the event to fire a script on the standby cluster to bring the backend systems into play when all members are down in production, after which time the monitors on the standby cluster would come up and traffic would flow to the standby cluster.

 

hi 2cushty,

 

i have an ugly solution...

 

1.- in the irule use the log command to send a specific magic message to the syslog ltm:

 

log local0. "launch_my_script_xxx"

 

 

2.-in the LTM write a shell (myscript.sh) or perl script to create a pipe (/var/log/myscript.pipe) and read it waiting for the magic message

 

 

3.-in the LTM add this lines to the OS syslog configuration /etc/syslog-ng/syslog-ng.conf

 

filter my_magic_message {

 

match("launch_my_script_xxx");

 

};

 

destination d_myscript {

 

pipe("/var/log/myscript.pipe");

 

};

 

 

log {

 

source(s_syslog_pipe);

 

filter(f_local0);

 

filter(my_magic_message);

 

destination(d_myscript);

 

};

 

 

start your script and restart syslog-ng service

 

 

4.-when your script read the magic message on the pipe it must start the logic connecting via ssh to the stanby servers and sending the commands to start or stop any service necesary .

 

5.-in the LTM add your script to /etc/rc.local to startup after reboot the box

 

6.- excuse my english...

 

 

Juan, I like this idea. Just make sure that only a valid user could ever generate such a log message. Else, you could allow a malicious user to trigger the script illegitimately. You could reduce this risk by checking the rule name and log message in the syslog-ng match statement.

 

 

Aaron

thanks for the info guys, the logging solution sounds similar to one I've seen elsewhere on the forum where you can filter out from syslog-ng but using the user_alert.conf and add the script in there, it's an option but I didn't really want to drop out of the irule logic

 

 

I guess the other option would be to consider a HTTP::retry workaround I've seen listed here too, where a client request could be converted into the desired request to fire a script from a web service on an application...I'll continue my research...thanks again

 

2cushty,

 

HTTP:retry need a HTTP_RESPONSE or a HTTP_RESPONSE_DATA event, so you need a successful connection to the servers.

 

i think that the irule can modify the HTTP::uri (when the available members command on the main pool == 0 ) and HTTP::header replace Host "my.webservice.hostname" (if is necessary) to trigger the script in the first standby server and start backend components.

 

after that the HTTP_RESPONSE will be triggered and you can use HTTP::retry to complete your logic.

 

regards and excuse my english.