Versions before NSX 6.2.0
Problem description
A proper health check is mandatory to guarantee a reliable application availability. From case to case the service monitor needs to check a special URL which contains special characters (&). In NSX versions before 6.2.0 you had to escape these characters via "\"
Upgrade to version after 6.2.0
In February 2017, I've started to upgrade from 6.1.5 to 6.2.5. Everything step went fine, but after the Edge re-deployment, several health checks failed.
Trouble shooting
The trouble shooting analysis turned out, that the escape characters were now written in the haproxy.conf.
lb01.lab.local-0> show configuration loadbalancer monitor SM-test.maerz-pro.de_index
-----------------------------------------------------------------------
vShield Edge Loadbalancer Config:
{
"healthMonitors" : {
"type" : "http",
"extension" : "--header=\"Host: test.maerz-pro.de\" --header=\"X-Forwarded-Proto: https\"",
"interval" : 5,
"method" : "GET",
"maxRetries" : 3,
"send" : null,
"name" : " SM-test.maerz-pro.de_index",
"url" : "\"/index.php?target=Main\\&action=statusCheck\"",
"expected" : "200",
"timeout" : 2,
"receive" : "OK"
}
}
The pool status were down with failure reason "Return code of 127 is out of bounds - plugin may be missing".
lb01.lab.local-0> show service loadbalancer pool VP-test.maerz-pro.de_index
-----------------------------------------------------------------------
Loadbalancer Pool Statistics:
POOL VP-test.maerz-pro.de_index
| LB METHOD ip-hash
| LB PROTOCOL L7
| Transparent disabled
| SESSION (cur, max, total) = (0, 0, 0)
| BYTES in = (0), out = (0)
+->POOL MEMBER: VP-test.maerz-pro.de_index /SG-TAG-LBP-test.maerz-pro.de_index _x.x.x.x, STATUS: DOWN
| | HEALTH MONITOR = MONITOR SERVICE, SM-test.maerz-pro.de_index:CRITICAL
| | | LAST STATE CHANGE: 2017-02-01 13:26:59
| | | LAST CHECK: 2017-02-01 13:27:09
| | | FAILURE DETAIL: (Return code of 127 is out of bounds - plugin may be missing)
| | SESSION (cur, max, total) = (0, 0, 0)
| | BYTES in = (0), out = (0
Outcome
It turned out, that VMware missed to document these change in their changelog. VMware confirmed that since 6.2.0 it is not needed anymore to escape special characters like "&" in my request in the table above.
Kommentar schreiben