Introduction: The document will walk you through the setup of a custom F5 BIG-IP Health Monitor for use with Omnissa Access appliances when acting as nodes in a cluster.
Background:
In previous versions of documentation from Omnissa and F5 which discussed clustering of Omnissa Access with F5 BIG-IP load balancers, it was suggested to use the http_head_f5 health monitor. However, due to security updates within Omnissa Access 2.8 and higher, the use of the aforementioned F5 BIG-IP health monitor is no longer a viable option. Because of this, many customers were using the gateway_icmp F5 health monitor as a temporary workaround. Unfortunately, this would allow the F5 BIG-IP to see a node as good even though it may only be responding to a ping, resulting in traffic failures and web pages failing to load for end users. Therefore, a better health monitor needed to be used.
Solution: Working together, Omnissa and F5 come up with a validated custom health monitor using built-in Omnissa Access APIs to determine if the node (or appliance) in question is properly responding.
The basic F5 health monitor information is as follows:
Send String: GET /SAAS/API/1.0/REST/system/health/heartbeat HTTP/1.1rnHost: rnConnection: Closernrn
Receive String: ok$
Receive Disable String:
404
Creation Procedure: Here is how to create this within the F5 BIG-IP.
Login as administrator to your F5 BIG-IP appliance.
Browse to Monitors under the Local Traffic tab in the left hand menu.
Click the CREATE button in the upper left to start the creation of a new health monitor.
Give it a name such as ViDM_Monitor or something similar and provide a description as needed.
Select HTTPS as type. This will set the parent monitor to https and open up the "Configuration" screen with options for Send String, Receive String, and Receive Disable String among the many shown.
Use the following for the Send String. GET /SAAS/API/1.0/REST/system/health/heartbeat HTTP/1.1rnHost: rnConnection: Closernrn
Use the following for the Receive String. ok$
Use the following as the Receive Disable String. 404
Leave the rest of the fields as their default settings.
Click the FINISHED button.
Now you need to assign this to the Omnissa Access Pool for the F5 BIG-IP virtual server to utilize. NOTE: Make sure you do this part during off-hours or scheduled down time.
Assuming you are already logged in from above, browse to Local Traffic > Virtual Servers > Pools and select your pool of Omnissa Access appliances.
Edit the Health Monitors section to remove previous active health monitors and assign your new health monitor you just created above.
Click the UPDATE button when ready.
Validate the new health monitor works properly and as expected by viewing the pool members status and Virtual Server status within the F5 BIG-IP admin console.
Conclusion: Now you can rest assured the F5 BIG-IP is properly monitoring your Omnissa Access cluster to determine which nodes are live and which are not!
Acknowledgements: Big thanks to F5's Matt Mabis for helping us work through these settings and to Omnissa's Michael Almond and Karen Zelenko for guidance and support in testing this.