- iRules are available in LTM, GTM, ASM appliances sold by Big-IP (As far as I know… the list may be big!!)
- iRules are written by users using TCL program(Which is C based) that can be assigned to VIP or Virtual Servers(Note: Not all TCL commands are supported by F5).
- iRules gets triggered by a said event. Like “mouse over” or “mouse click”, in LTM for Eg, when a new HTTP request or a response happens.
- iRules are pre-compiled as byte-code to provide super fast performance. (If someone @ your work place says that iRules will impact our appliance, its false!! unless otherwise very badly written)
- if you are beginner, and if you are adding iRules to your production applications, please have a look into logs for any TCL errors which might affect performance of your appliance and directly your applications running on that appliance.
- Where iRules,Internal Group Data, External Group Data are stored ?
iRules and Internal Group Data are stored in “/config/bigip.conf”.
External Data Group files are stored in default location “/config”.
Note: Always metadata about External Data Group files are stored in “/config/bigip.conf”.
External Data Group files are stored in default location “/config”.
Note: Always metadata about External Data Group files are stored in “/config/bigip.conf”.
- iRules allow us to handle events from network layer to application layer to the most possible extend.
- Basic Syntax to know, all events are always marked in UPPER CASE.
Order of iRule execution for a HTTP Request(I’m more familiar with this and so took this as an example)
1. RULE_INIT
2. CLIENT_ACCEPTED
3. CLIENTSSL_HANDSHAKE
4. CLIENTSSL_CLIENTCERT
5. CLIENT_DATA
6. HTTP_REQUEST | CACHE_REQUEST
7. HTTP_CLASS_FAILED | HTTP_CLASS_SELECTED
8. STREAM_MATCHED
9. HTTP_REQUEST_DATA
10. CLIENT_DATA | HTTP_REQUEST_DATA
11. LB_SELECTED | LB_FAILED
12. STREAM_MATCHED
13. SERVER_CONNECTED (Here is where the backend server is reached)
14. SERVER_SSL_HANDSHAKE
15. HTTP_REQUEST_SEND
16. SERVER_DATA (CACHE_RESPONSE | HTTP_RESPONSE)
17. HTTP_RESPONSE_DATA
2. CLIENT_ACCEPTED
3. CLIENTSSL_HANDSHAKE
4. CLIENTSSL_CLIENTCERT
5. CLIENT_DATA
6. HTTP_REQUEST | CACHE_REQUEST
7. HTTP_CLASS_FAILED | HTTP_CLASS_SELECTED
8. STREAM_MATCHED
9. HTTP_REQUEST_DATA
10. CLIENT_DATA | HTTP_REQUEST_DATA
11. LB_SELECTED | LB_FAILED
12. STREAM_MATCHED
13. SERVER_CONNECTED (Here is where the backend server is reached)
14. SERVER_SSL_HANDSHAKE
15. HTTP_REQUEST_SEND
16. SERVER_DATA (CACHE_RESPONSE | HTTP_RESPONSE)
17. HTTP_RESPONSE_DATA
- Event Order – TCP
1. RULE_INIT
2. CLIENT_ACCEPTED
3. CLIENT_DATA
4. STREAM_MATCHED
5. LB_FAILED | LB_SELECTED
6. SERVER_CONNECTED
7. SERVER_DATA
2. CLIENT_ACCEPTED
3. CLIENT_DATA
4. STREAM_MATCHED
5. LB_FAILED | LB_SELECTED
6. SERVER_CONNECTED
7. SERVER_DATA
- Always remember to assign priority(Lowest priority is the winner) to iRule to be sure of the execution order.
No comments:
Post a Comment