Cluster down-f5-all

Cluster down-f5-all

Vendor: f5

OS: all

Description:
Indeni will alert if a cluster is down or any of the members are inoperable.

Remediation Steps:
Review the cause for one or more members being down or inoperable.

How does this work?
This alert logs into the F5 device through SSH to verify that each traffic group has an active member.

Why is this important?
Tracking the state of a cluster is important. If a cluster which used to be healthy no longer is, it may be the result of an issue. In some cases, it is due to maintenance work (and so was anticipated), but in others it may be due to a failure in the members of the cluster or another component in the network.

Without Indeni how would you find this?
Problems with a cluster state is generally detected by that the units in question does not process traffic. An administrator could verify that each traffic group has an active member by logging into the device through SSH, entering TMSH and executing the command “show cm”. This would bring up details of the cluster state.

f5-show-cm

name: f5-show-cm
description: Get cluster information
type: monitoring
monitoring_interval: 5 minutes
requires:
    vendor: f5
    high-availability: 'true'
    product: load-balancer
    shell: bash
comments:
    known-devices:
        why: |
            To make it easier to add devices to indeni, the cluster members are extracted.
        how: |
            This alert logs into the F5 device through SSH and extracts the known cluster members.
        can-with-snmp: false
        can-with-syslog: false
    cluster-state:
        why: |
            Tracking the state of a cluster is important. If a cluster which used to be healthy no longer is, it may be the result of an issue. In some cases, it is due to maintenance work (and so was anticipated), but in others it may be due to a failure in the members of the cluster or another component in the network.
        how: |
            This alert logs into the F5 device through SSH to verify that each traffic group has an active member.
        can-with-snmp: true
        can-with-syslog: false
    cluster-member-active:
        why: |
            Tracking the state of a cluster member is important. If a cluster member which used to be the active member of the cluster no longer is, it may be the result of an issue. In some cases, it is due to maintenance work (and so was anticipated), but in others it may be due to a failure in the firewall or another component in the network.
        how: |
            This alert logs into the F5 device through SSH and retrieves the local member's state.
        can-with-snmp: true
        can-with-syslog: false
    cluster-config-synced:
        why: |
            It is normally desireable for clusters to have their configuration synced. Else, changes made on one node in a cluster might not be active in the event of a fail over. This might cause disruption.
        how: |
            This alert logs into the F5 device through SSH and retrieves the current state of the configuration synchronization.
        can-with-snmp: true
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: tmsh -q show cm
    parse:
        type: AWK
        file: tmsh-show-cm.parser.1.awk

cross_vendor_cluster_down_vsx

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_cluster_down_vsx.scala