Forum Discussion

Omarsheriff1980's avatar
Omarsheriff1980
Icon for Nimbostratus rankNimbostratus
Jun 07, 2018

pool selection based on specific context path and certificate termination on each member server

I have a single LTM VIP with two pools, each pool has two member server. pool selection based on specific context path (/health/v1/* and /check/v2/* and certificate termination on each member server. how to configure it for https.

 

does below HTTP works? does irule changes based on device verzion?

 

when HTTP_REQUEST {

 

Check URI set to lower case with wildcard matching switch -glob [string tolower [HTTP::uri]] { "/health/v1/" { pool uat_pool } "/check/v2" { pool qa_pool } default_pool { pool general_pool } } }

 

application delivery
devops
iRules

2 Replies

Sort By
  • youssef1's avatar
    youssef1
    Icon for Cumulonimbus rankCumulonimbus
    Jun 07, 2018

    Hi,

    Be carefull you can't do pool redirection using irule if ssl termination is done in server backend...

    You have to set ssl termination on F5 then re-encrypt to backend server...

    No, Irule don't have to change regarding device version. You just keep in mind that you have to process ssl interception in order to manage http traffic and set an http profile:

    • use an ssl client profile
    • use an ssl server profile
    • use an http profile

    Then add your irule

    when HTTP_REQUEST {

    switch -glob [string tolower [HTTP::uri]] { 

"/health/v1/" { pool uat_pool } 
"/check/v2" { pool qa_pool } 
default_pool { pool general_pool } 

}

}

    regards

  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Jun 14, 2018

    If you want the default pool assigned in virtual server configuration is assigned in the switch default statement, you can store first after TCP handshake:

    when CLIENT_ACCEPTED { 
    set default_pool [LB::server pool]
}

when HTTP_REQUEST {
    switch -glob [string tolower [HTTP::uri]] { 
        "/health/v1/*" { pool uat_pool } 
        "/check/v2/*" { pool qa_pool } 
        default { pool $default_pool } 
    }
}