Forum Discussion

svoll's avatar
svoll
Icon for Nimbostratus rankNimbostratus
Jan 31, 2019

using iRule for health monitor type information for decisions

OK I'm not sure where to look. my Google-fu is not working.

 

I have a health monitor setup to look at the URL and if it comes back systemstatus=OK the node is up.

 

if it's missing the server is down and I can do a redirect based on no pool members. So far so good.

 

Now I have a new requirement.

 

if url systemstatus=test, open it up to the testers, but still redirect to a down page for normal users.

 

I can't figure out what object I would use in an iRule to check the URL for content match. If I could get that, the rest I have.

 

Can someone direct me in the right direction?

 

Thanks

 

devops
iRules
LTM

3 Replies

Sort By
  • Rico's avatar
    Rico
    Icon for Cirrus rankCirrus
    Jan 31, 2019

    The easiest way to do this would be to simply keep your monitor in its working configuration and use an iRule to filter out the users. This would make it so if the iRule is applied, only tester IP ranges can navigate to the page and everyone else gets redirected. The iRule would look something like this.

     

    when HTTP_REQUEST
{
    if {![class match [IP::client_addr] eq "TesterList"]}
    {
        HTTP::redirect https://example.com/redirect_page
    }
}

     

    If you want to trigger a change from a remote server that would limit users, you are most likely going to have to write an iControl script. Here is a link to information on iControl so you can research further if you please.

  • Rico_368208's avatar
    Rico_368208
    Icon for Nimbostratus rankNimbostratus
    Jan 31, 2019

    The easiest way to do this would be to simply keep your monitor in its working configuration and use an iRule to filter out the users. This would make it so if the iRule is applied, only tester IP ranges can navigate to the page and everyone else gets redirected. The iRule would look something like this.

     

    when HTTP_REQUEST
{
    if {![class match [IP::client_addr] eq "TesterList"]}
    {
        HTTP::redirect https://example.com/redirect_page
    }
}

     

    If you want to trigger a change from a remote server that would limit users, you are most likely going to have to write an iControl script. Here is a link to information on iControl so you can research further if you please.

     

  • Andy_McGrath's avatar
    Andy_McGrath
    Icon for Cumulonimbus rankCumulonimbus
    Feb 01, 2019

    I would setup a duplicate pool with a duplicate HTTP monitor only looking for the response systemstatus=true then use an iRule or Policy to identify testing and set the pool to be the duplicate test pool.

    This way normal users still hit the default pool and get redirected if all members are down while testers hit another pool.

    I think this is best open as monitors are boolean, either up or down and do not hold any custom logic/data that you can use in an iRule.

    Here is a simple example iRule for the solution but you should also do this in a Policy. You will need to create a Datagroup of type IP listing the IP hosts and/or subnets of testers or update the code to identify testers in some other way.

     

    when HTTP_REQUEST {
   Get default pool, as configured on virtual server
  set selectedPool [LB::server pool]

   Get client IP address (removing % if Route Domains are in use) and check against Data Group 'testersDG'
  if {[class match [getfield [IP::client_addr] "%" 1] eq "testersDG"]} {
     Request is from a test user, using testerPool
    selectedPool testerPool
  }

  if {active_members $selectedPool < 1} {
    HTTP::redirect https://someApp.com/sorrypage.html
  }
}