iRule and Cookie persistence
Hello DevCentral,
I am experiencing an issue where when my iRule is applied to my VS that has cookie persistence applied. Users are complaining that they are getting kicked out of their sessions randomly as they click through the web page. I believe what is happening is that when the the user establishes a connection with the VS, the iRule is not keeping track of which server in the pool the session was tied to. So when they click forward through the page the iRule will sometimes direct their request to the other pool member in the pool. How do I tell the iRule to make sure the user always hits the same server for the same session? Im reading about the "persist" option but am not quite sure how to write it into the iRule.
As a work around we disabled one of the web servers in the pool to guarantee all individual sessions go to the same pool member. Ive pasted the iRule syntax below. The iRule basically states "if the URI contains the word "resources" then send the request to the NGNX Pool (pool_atlprdngn170-a) , otherwise send it to the web pool (pool_atlprdweb170-a)."
Ive attached relevant configs below. Thanks:
ltm virtual virt_www.abc-xyz.com_443 {
destination 10.110.8.37:https
ip-protocol tcp
mask 255.255.255.255
persist {
encrypted_cookie {
default yes
}
}
pool pool_atlprdweb170-a
profiles {
http { }
prof_www.abc-xyz.com {
context clientside
}
tcp { }
}
rules {
irule_block_heartbeat_from_external_IPs
irule_abc_net_only_any_sso_call
irule_atlprdweb170-a
}
source 0.0.0.0/0
source-address-translation {
type automap
}
translate-address enabled
translate-port enabled
vs-index 114
ltm pool pool_atlprdweb170-a {
members {
atlprdweb17001:webcache {
address 10.110.14.186
session monitor-enabled
state up
}
atlprdweb17002:webcache {
address 10.110.14.187
session monitor-enabled
state down
ltm rule irule_atlprdweb170-a {
when HTTP_REQUEST {
if { [HTTP::path] matches_regex "^/resources/.*" } {
pool pool_atlprdngn170-a
} else {
pool pool_atlprdweb170-a
}