Some customers use external load balancers rather than use PAM's load balancer functionality. When a cluster member becomes unavailable, either functionally or administratively, the external load balancer needs some way to know this, in order to avoid directing users to a device that is not available to them. With 2.8.2 a health check was introduced. The load balancer can add /health.php to the url for a specific PAM instance, for example https://<your ip address>/health.php. A health PAM instance will return 200 OK. Initally, there was no way to inform the load balancer that the PAM instance was in Maintenance Mode, administratively unavailable. With 3.1.1 the health check was enhanced, with 503 returned when PAM under the following conditions:
This should enable you to prevent your users from being sent, by your external load balancer, to a cluster member that is not available.
@ voged01 , We have a F5 LB in our setup, LB team is unable to setup the health monitor, They are asking for Send and Receive String, Would it be possible for you to share that, please.
We have CA PAM version 18.104.22.168
Hi Asif, this is not a PAM question, but a question for F5 configuration. From the PAM side all you need is the URL. F5 setup is discussed for example at https://devcentral.f5.com/questions/health-check-via-url. The send string would be GET /health.php …., and the receive string would be something like "HTTP/1.1 200 OK”. We don't want to get into details as the syntax used in F5 configuration may change out of our control.
Thanks Ralf, Let me try this and see if it works.
This is the exact String which needs to be added to make the health check work, Hope this helps our fellow co
SEND : HEAD /health.php HTTP/1.1\\r\\nHost:\\r\\n\\r\\n
RECEIVE :HTTP/1.(0|1) 200 OK