Hello,
I'll preface saying we are very new to PAM. We have it stood up in a dev environment but it's a single server. We're trying to setup a PAM Domain Orchestrator cluster in a UAT environment. We followed the implementation specs and receive a Connection Reset error in our browser. I was wondering if anyone who's using F5 load balancing could chime in here an suggest where we may have gone wrong. I don't have access to modify the F5 config but have a network engineer who can alter it for me. We have a CA support case open and they've mentioned we need to perform a trace at the bipip layer, but our network engineer doesn't have the resources to do that at the moment.
Any advice is appreciated, screenshot of the setup below. This follows the unsecure simplified configuration. Once this is working we plan to move to a secured simplified configuration.
PAMPOOL and Nodes (PAM hasn't been installed on Node 2 yet as the F5 config is a pre-req)
PAMWSPOOL and Nodes
iRule
when SERVER_CONNECTED {
IP::idle_timeout 172800000
}
when HTTP_REQUEST {
set PAMPOOL "PAMSRVRPOOL"
set PAMWSPOOL "PAMJETTYPOOL"
set NODE1 "10.254.25.87"
set NODE2 "10.254.25.88"
set WSPORT "80"
switch -glob [HTTP::uri] {
"/jmx-console*" { pool $PAMPOOL }
"/web-console*" { pool $PAMPOOL }
"/c2orepository*" { pool $PAMPOOL }
"/c2orepository/oasisHelp*" { pool $PAMPOOL }
"/c2orepository/htmlFile/aboutUs/*" { pool $PAMPOOL }
"/c2orepository/htmlFile/language/*" { pool $PAMPOOL }
"/c2orepository/htmlFile/installation/*" { pool $PAMPOOL }
"/c2orepository/media*" { pool $PAMPOOL }
"/c2orepository/thirdParty*" { pool $PAMPOOL }
"/c2orepository/MainInstallerConfiguration.properties" { pool $PAMPOOL }
"/itpam*" { pool $PAMPOOL }
"/itpam/ServerConfigurationRequestServlet" { pool $PAMPOOL }
"/itpam/MirroringRequestProcessor*" { pool $PAMPOOL }
"/itpam/AgentConfigurationRequestServlet" { pool $PAMPOOL }
"/itpam/StartAgent*" { pool $PAMPOOL }
"/itpam/OasisPrimary" { pool $PAMPOOL }
"/itpam/JNLPRequestProcessor*" { pool $PAMPOOL }
"/itpam/JNLPRequestProcessor/installation" { pool $PAMPOOL }
"/itpam/clientproxy/c2oresourceaction" { pool $PAMPOOL }
"/itpam/clientproxy/c2oreportaction" { pool $PAMPOOL }
"/mirroringrepository*" { pool $PAMPOOL }
"/birt/*" { pool $PAMPOOL }
"/api/*" { pool $PAMPOOL }
"/ws/node1" { pool $PAMWSPOOL member $NODE1 $WSPORT }
"/ws/node1*" { pool $PAMWSPOOL member $NODE1 $WSPORT }
"/ws/node2" { pool $PAMWSPOOL member $NODE2 $WSPORT }
"/ws/node2*" { pool $PAMWSPOOL member $NODE2 $WSPORT }
"/*" { pool $PAMWSPOOL }
default { pool $PAMPOOL }
}
}
iRule statistics (Failure is logged each time I hit the URL, processautomation-qa.chq.ei/itpam)
Nodes
Node1 general properties
Virtual Server General Properties
Virutal Server configuration
Virtual Server Resources
Connection reset error
successful ping test