Pools operating at a low capacity-f5-all

Pools operating at a low capacity-f5-all
0

Pools operating at a low capacity-f5-all

Vendor: f5

OS: all

Description:
indeni will alert if the the number of members available in the pool is too low, based on the percentage of members available out of the total.

Remediation Steps:
Log into the device and examine the status of the pool. Troubleshoot the application in case of failed monitors and verify that any disabled members is intentional.\nTroubleshooting steps for HTTP monitors:\n1. Log into the device through SSH.\n2. Issue the following command: echo -ne “” | nc .\n3. Make sure you get a response and that the response matches any receive string you have configured.\nExample:\necho -ne “GET / HTTP/1.1\r\nHost:myapplication.domain.local\r\nUser-agent: Mozilla/5.0 (Windows NT 6.1\r\n\r\n” | nc 10.10.10.1 8080\nTroubleshooting steps for HTTPS monitors:\n1. Log into the device through SSH.\n2. Issue the following command: curl -k https://:\n3. Make sure you get a response and that the response matches any receive string you have configured.\nNote: You might have to add additional header specified in the send string using --header.\nExample:\ncurl -vvv --header “Host:myapplication.domain.local” --header “User-agent:Mozilla/5.0 (Windows NT 6.1” https://10.10.10.1:443/\nTroubleshooting steps for TCP monitors with send strings:\n1. Log into the device through SSH\n2. Issue the following command: echo -ne “” | nc \n3. Make sure you get a response and that the response matches any receive string you have configured.\nExample:\necho -ne “info\r\nquit\r\n” | nc 10.10.10.1 8080\nTroubleshooting steps for TCP monitors without send strings:\n1. Log into the device through SSH\n2. Issue the following command: telnet \nExample\ntelnet 10.10.10.1 8080

How does this work?
This alert uses the iControl REST interface to extract the members available to process traffic compared to the total members of the pool.

Why is this important?
A pool that is not running with full capacity could cause slowness in the application, service disruption, or in worst case downtime. indeni tracks this by measuring the available members of the pool in percent.

Without Indeni how would you find this?
An administrator could manually check member availabilty by logging on to the web interface of the device and clicking on “Local Traffic” -> “Pools” -> “Statistics”. This would show the pool statistics for the active partition.

f5-rest-mgmt-tm-ltm-pool

name: f5-rest-mgmt-tm-ltm-pool
description: Determine pool member state, availability, capacity and action on service
    down
type: monitoring
monitoring_interval: 5 minutes
requires:
    vendor: f5
    product: load-balancer
    rest-api: 'true'
comments:
    lb-pool-member-availability:
        why: |
            A member marked as down by a monitor results in reduced pool capacity or in worst case, downtime. This metric would warn administrators when a member is marked as down.
        how: |
            This alert uses the iControl REST interface to extract the member statuses on the device.
        without-indeni: |
            Login to the device's web interface and click on "Local Traffic" -> "Pools" -> "Statistics". This would show a list of the pools, their members and their availability. In case the configuration is divided in multiple partitions changing to the "All [Read-only]" partition is recommended.
        can-with-snmp: true
        can-with-syslog: false
        vendor-provided-management: Unknown
    lb-pool-member-state:
        why: |
            A node disabled by an administrator results in reduced pool capacity or in worst case, downtime. Disabling nodes is common during ie. a maintenance but it is easily forgotten. This metric would warn administrators when a node is not ready to accept traffic.
        how: |
            This alert uses the iControl REST interface to extract the node states on the device.
        without-indeni: |
            Login to the device's web interface and click on "Local Traffic" -> "Pools" -> "Statistics". This would show a list of the pools, their members and their states. In case the configuration is divided in multiple partitions changing to the "All [Read-only]" partition is recommended.
        can-with-snmp: true
        can-with-syslog: false
        vendor-provided-management: Unknown
    lb-pool-capacity:
        why: |
            A pool that is not running with full capacity could cause slowness in the application, service disruption, or in worst case downtime. indeni tracks this by measuring the available members of the pool in percent.
        how: |
            This alert uses the iControl REST interface to extract the members available to process traffic compared to the total members of the pool.
        without-indeni: An administrator could manually check member availabilty by
            logging on to the web interface of the device and clicking on "Local Traffic"
            -> "Pools" -> "Statistics". This would show the pool statistics for the
            active partition.
    f5-default-action-on-service-down:
        why: |
            The default option is "None", which maintains connections to pool member even when the monitor fails, but does not create new connections. The better option in most cases however, is "Reject" which instead resets the existing connection and forces the client to establish a new one. This, coupled with good monitors ensures that the client has an optimal chance of connecting to a functioning pool member.
        how: |
            This alert uses the iControl REST interface to extract the option "Action On Service Down" for all configured pools.
        without-indeni: An administrator could manually check member availabilty by
            logging on to the web interface of the device and clicking on "Local Traffic"
            -> "Pools" and for each pool in the list verify the option "Action On
            Service Down".
steps:
-   run:
        type: HTTP
        command: /mgmt/tm/ltm/pool?expandSubcollections=true&$select=fullPath,serviceDownAction,membersReference/items/fullPath,membersReference/items/selfLink,membersReference/items/state,membersReference/items/session
    parse:
        type: JSON
        file: rest-mgmt-tm-ltm-pool.parser.1.json.yaml

f5_lb_pool_capacity

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.f5

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.NearingCapacityWithItemsTemplateRule
import com.indeni.server.rules.ThresholdDirection

/**
  *
  */
case class f5_lb_pool_capacity() extends NearingCapacityWithItemsTemplateRule(
  ruleName = "f5_lb_pool_capacity",
  ruleFriendlyName = "F5 Devices: Pools operating at a low capacity",
  ruleDescription = "indeni will alert if the the number of members available in the pool is too low, based on the percentage of members available out of the total.",
  usageMetricName = "lb-pool-capacity",
  threshold = 50.0,
  thresholdDirection = ThresholdDirection.BELOW,
  applicableMetricTag = "name",
  alertItemsHeader = "Affected Pools",
  alertDescription = "The pools listed below have members that are not able to process traffic due to either failed monitors or members being disabled. This means that the pools may not be able to handle the traffic load they are meant to.\n\nThis alert was added per the request of <a target=\"_blank\" href=\"https://se.linkedin.com/in/patrik-jonsson-6527932\">Patrik Jonsson</a>.",
  alertItemDescriptionFormat = "Only %.0f%% of pool members are available.",
  baseRemediationText = "Log into the device and examine the status of the pool. Troubleshoot the application in case of failed monitors and verify that any disabled members is intentional.\nTroubleshooting steps for HTTP monitors:\n1. Log into the device through SSH.\n2. Issue the following command: echo -ne \"<monitor send string>\" | nc <member ip> <member port>.\n3. Make sure you get a response and that the response matches any receive string you have configured.\nExample:\necho -ne \"GET / HTTP/1.1\\r\\nHost:myapplication.domain.local\\r\\nUser-agent: Mozilla/5.0 (Windows NT 6.1\\r\\n\\r\\n\" | nc 10.10.10.1 8080\nTroubleshooting steps for HTTPS monitors:\n1. Log into the device through SSH.\n2. Issue the following command: curl -k https://<member ip>:<member port><URI part of the monitor send string>\n3. Make sure you get a response and that the response matches any receive string you have configured.\nNote: You might have to add additional header specified in the send string using --header.\nExample:\ncurl -vvv --header \"Host:myapplication.domain.local\" --header \"User-agent:Mozilla/5.0 (Windows NT 6.1\" https://10.10.10.1:443/\nTroubleshooting steps for TCP monitors with send strings:\n1. Log into the device through SSH\n2. Issue the following command: echo -ne \"<monitor send string>\" | nc <member ip> <member port>\n3. Make sure you get a response and that the response matches any receive string you have configured.\nExample:\necho -ne \"info\\r\\nquit\\r\\n\" | nc 10.10.10.1 8080\nTroubleshooting steps for TCP monitors without send strings:\n1. Log into the device through SSH\n2. Issue the following command: telnet <member ip> <member port>\nExample\ntelnet 10.10.10.1 8080")()