Forum Discussion

PhilK_293657's avatar
PhilK_293657
Icon for Nimbostratus rankNimbostratus
Sep 30, 2016

Using iRules to separate applications and components across a large server environment.

I am a developer, not an f5 expert (just learning up on iRules...).

 

Problem today: 15 of our internal applications are all hosted on the same set of application servers. We have 3 load balanced application servers under F5 that have the same configuration and code deployed to them. The web services and websites that support those applications are hosted under individual virtual directories under wwwroot.

 

Today we have a VIP called http://prod01 and that points to the pool that has these 3 servers under it. The problem is that if we realize one of the services is a resource hog. We end up creating a 4th server and that server now needs all services that support all 15 applications on it.

 

What we want to do: We want to create separate VIPs for each application and sub component. This will allow us to put each applications services on an appropriate of servers required to support it. One service could be on just two servers and another on 5 servers. The naming convention we want is something like this:

 

environment-instance-tier-application-subcomponent

 

An example of this would be: dev-01-web-app1-component1

 

F5 Implementation Create one VIP, pools per app & component, and then use the iRule to decide which pool to use. There would be about 30-40 pools per environment. We have about 20 environments. The iRule would be similar to this..

 

when HTTP_REQUEST {
   switch [string tolower [HTTP::host]]
   {
      "dev-01-web-app1-component1" { 
        pool Dev-01-web-app1-component1-80 
       }
      " dev-01-web-app1-component2" {
       pool Dev-01-web-app1-component2-80
       }

…. and so on for about 40 more entries.

 

Questions:

 

  1. Our internal F5 team thinks this is quite a bit of work. I think its worth the benefit this gives us. What do you think?

     

  2. Does this seem like a reasonable thing to do? Or is this not what F5 is designed for?

     

1 Reply

  • Hi Phil,

    1.) Our internal F5 team thinks this is quite a bit of work. I think its worth the benefit this gives us. What do you think?

    I think the F5 team should support the APP teams as required. If there is a strong enough bussiness case to distribute your applications on independend backend systems then it should be done.

    2.) Does this seem like a reasonable thing to do? Or is this not what F5 is designed for?

    The F5 is capable to handle multiple independent web sites on a single virtual server and then even spread individual URIs to different backend applications. There is basically no limit involved.

    You can route the request as needed via

    [switch]
    based iRules (good for <50 sites or URIs), via data-group (aka.
    [class]
    command) driven iRules (good for >50 sites or URIs) or by using the GUI based LTM Policies (less flexible but on the other hand much more performant than iRules for hostname/uri parsings and pool assigments).

    Cheers, Kai