Multiple GSLB Services configured with site persistence can have same GSLB pool members (Avi Load Balancer virtual service). Multiple site persistence pools can also be associated with a single virtual service.
The following diagram shows that the pools (SP-pool-GS-1, SP-pool-GS-2) are now associated with multiple virtual services.
For this functionality to work effectively, all the GSLB leaders and followers must have version greater than or equal to 22.1.3.
You can now create different PKI profiles for the GLSB Services configured with site persistence. Prior to this feature, only one PKI profile was used among all federations when GSLB service with site persistence was used.
Associating GSLB Service with a PKI profile
To configure PKI profile, navigate to CREATE.
and clickIn the creation dialog box, select the Is Federated check box and add Certificate Authority/Certificate Revocation list as required.
Click Save.
Debug and Logs
-
The following significant logs are observed when a virtual service with more than 1 site persistence pool receives a request with a cookie which does not have any gs_info or has a gs_info which does not match the GS attached to it.
Use the debug virtualservice <virtual service name> command to enable debug logs for the virtual service. The debug logs are available in the /opt/avi/log/glog/ directory on the SE.
The following show commands are useful in troubleshooting GSLB persistence issues.
Use the show gslbservice <GSLB service name> command to check various attributes of the GSLB service.
domain_names - FQDN list.
members - List of participating virtual services
pki_profile_ref - Reference to the associated PKI profile.
Use the show virtualservice <virtualservice name> to check the various attributes of the virtual service.
sp_pool_refs - References to the associated SP pools
Use the show pool <SP poolname> command to check the various attributes of the site persistence pool.
application_persistence_profile_ref - Reference to the associated application persistence profile.
Note:Both PKI profile and application persistence profile must be configured to enable site persistence.
Additional Notes:
Multiple site persistence feature requires Service Engine groups to be of a version greater than or equal to 22.1.3.
When there are multiple site persistence pools attached to a virtual service, the virtual service must be accessed through the FQDN, failing which the cookie returned will not be valid for site persistence operations (not proxied).
A cookie generated on a higher version Service Engine is not supported on a lower version SE. However, a cookie generated on lower version Service Engine is supported on higher versions.
The maximum value of supported FQDN length is 128 bytes. If the FQDN length is greater than 128, only the first 128 bytes is stored in the cookie, and used for matching.