Forum Discussion

ASNETWORK's avatar
ASNETWORK
Icon for Nimbostratus rankNimbostratus
Sep 08, 2020

iRule sorry/maintenance page on pool with one node

Hi,

 

 

I want to create an iRule for a pool with one node. (SSL offloading)

 

When the node health check failed for some reason i want to display a Sorry Page down.

When i set the node to Force disabled i want to display a maintenance page.

 

 

Is this possible in 1 irule?

 

I tried.. but only the page down displayed.

 

when HTTP_REQUEST {

if { [LB::status node x.x.x.x] eq "session_disabled" } {

log local0.info "Server marked down, maintenance page enabled"

HTTP::respond 302 content {

<html>

<title>System Maintenance</title>

<article>

  <h1>System is Temporarily unavailable.</h1>

  <div>

    <br>

    <p>System is undergoing maintenance at this moment.</p>

    <p>Apologies for the inconvenience.</p>

  </div>

</article>

</html>

}

} elseif { [LB::status node x.x.x.x] eq "down" } {

log local0.info "Server down, offline page enabled"

HTTP::respond 503 content {

<html>

<title>System Down</title>

<article>

  <h1>System is currently not available/offline</h1>

  <div>

    <br>

    <p>System is experiencing technical difficulties at the moment.</p>

    <br>

    <p>We're working on getting the site up and running again as quickly as possible</p>

  </div>

</article>

</html>

    }

  }

}

 

Kind regards,

 

AS Networks

3 Replies

  • The problem is you are checking the node and not the pool member. Change LB::status node x.x.x.x to LB::status pool pool_name member x.x.x.x port for better results. For example:

    if { [LB::status pool ssloffload_pool member 172.16.20.1 443] eq "session_disabled" } {
        ....
    } elseif { [LB::status pool ssloffload_pool member 172.16.20.1 443] eq "down" } {
        ....
    }

    Important! session_disabled is returned only if the pool member is manually disabled (not forced offline). If you force the pool member offline, the the LB::status command returns down rather than session disabled, same as what it does if a monitor marks the pool member down. In other words, with LB::status, there is no way to differentiate between the two causes: "down manually by an administrator" or "down by a monitor."

    • ASNETWORK's avatar
      ASNETWORK
      Icon for Nimbostratus rankNimbostratus

      Thank you for the fast reply and good explanation.

       

      I adjusted the iRule, but still only the "down" page is showing.

      The node in the pool is really down at the moment, so the Down page is as expected.

       

      When i set the node to Disabled, i expect the maintenance page.

      But still the down page is showing. (also tried with incognito browser, cache disabled)

       

       

      ---------------------------------------------------------------------------

       

       

      Okay,

       

      Replied to fast.

       

      I was disabling the node itself instead of the member of the pool.

      Down page and Maintenance page is working now.

       

      If i disable the member of the pool, the maintenance page is showed. Great!

      If i disconnect the LAN interface from the webserver, the down page is showed. Great!

       

      But...

       

      I disabled the member of the pool, the maintenance page is showed.

      Then i restart the member of the pool for example because of windows updates, for the F5 the member is down instead of disabled and the maintenance page is replaced by the down page.

       

      How can i manage this small problem?

  • When you restart the pool member (server), it is almost certain that the health monitor that is checking that member will fail and mark the pool member as down. The monitor down takes precedence over the manual disable and for good reason. The BIG-IP system does not want to send any traffic to a pool member that is truly down (e.g. being restarted). When you manually disable a pool member, new connections are not allowed, but persistent connections are. If the server is restarting, you do not want to direct a persistent connection to the server; you want the connection load balanced to another server. Manual disable is designed to gracefully remove traffic from a particular server so that it can eventually be taken offline for maintenance. But offline, whether by a monitor or a manual Force Offline, results in the same pool member LB::status from the iRule's perspective: down.