Forum Discussion
Kevin_Stewart
Nov 08, 2012Employee
I'd suggest 3 options, in order of preference:
1. Cron-managed data group management script - the manipulation of pool data is generally a manual process, so there's probably no reason to make the lookup mechanism real time either. The beauty of this is that you can create a monitor script attached to a "phantom" pool and have a monitor daemon-controlled mechanism that'll save in a config backup; and a process that diligently maintains a list of all IP-pool mapping that's a very fast lookup in your iRule.
2. Convert your HTTP class to a data group and add the HTTP logic to your iRule for more control over the process.
3. If you absolutely, positively must have this data in real time (even though the pool manipulation isn't), you can spin up a persistent netcat (or other) listener in the shell and use a sideband call in your iRule to call a system self-IP. You must absolutely make sure that your netcat script can only perform specific functions, and absolutely understand the security, performance, and supportability implications of this approach.