You can validate the response of a server while troubleshooting the reasons for a marked-down server. Ensure that the test is from a specific NSX Advanced Load Balancer Service Engine, using the same tenant, network, and IP address.
SEs have multiple network stacks, one for the control plane which uses Linux, and a second for the data plane. Simply logging into an SE and pinging a server will go out the management port and IP address, which can route through a different infrastructure than the SE data plane.
Prerequisites
The following are the prerequisites to validate server health.
Determine the IP address of the Service Engine hosting the virtual service.
SSH into the NSX Advanced Load Balancer Controller.
Log into the NSX Advanced Load Balancer shell.
shell
Validating Server Health of VMware - No Tenants
The following are the steps to validate server health of VMware in no tenants option:
Connect to a Service Engine's Linux shell as follows:
: > attach serviceengine 10.10.25.28
Validate the current namespace as follows:
admin@10-10-25-28:~$ ip netns
The usual output is
avi_ns1
, which is the default namespace.Execute a static health check from this namespace.
VMware - Multiple Tenants
For multiple tenants on VMware, NSX Advanced Load Balancer does not create VRFs/namespaces by default.
The following are the steps to validate the server health of VMware in multiple tenants option:
Attach to the Service Engine Linux shell as follows:
: > attach serviceengine 10.10.25.28
Execute a static health check.
Multiple Tenants with VRF (Provider Mode)
The following are the steps to validate the server health of multiple tenants in VRF:
Find the namespace/VRF for the pool server as follows:
: > show pool p1 detail | grep vrf_id | vrf_id | 2
In this case, the vrf_id is 2, and the namespace is avi_ns2.This information can also be obtained using the following CLI command:
: > show serviceengine 10.10.25.28 vnicdb
If there are multiple SEs, find the vrf-id on the specific SE:
show pool p1 detail | filter disable_aggregate se se_ref 10.10.25.28 | vrf_id | 2
Attach to the Service Engine Linux shell as follows:
: > attach serviceengine 10.10.25.28
Execute a static health check from this namespace.
Bare Metal/Linux Cloud
For bare-metal Linux clouds, there are no namespaces, reducing the necessary steps. The following are the steps to validate server health of bare metal/Linux cloud:
Attach to the Service Engine Linux shell as follows:
: > attach serviceengine 10.10.25.28
Execute a static health check.
Validating Common Manual-Server Checks
Ping — The following are the steps to validate server health of ping health monitor:
root@test-se2:~# sudo ip netns exec avi_ns1 ping 10.90.15.62 PING 10.90.15.62 (10.90.15.62) 56(84) bytes of data. 64 bytes from 10.90.15.62: icmp_seq=1 ttl=64 time=26.8 ms
Curl — The following are the steps to validate server health of curl option:
root@test-se2:~# sudo ip netns exec avi_ns1 curl 10.90.15.62 curl: Failed to connect to 10.90.15.62 port 80: Connection refused root@test-se2:~# sudo ip netns exec avi_ns1 curl 10.90.15.62:8000Welcome - Served from port 80!
This step is not necessary when the SE is on a Docker and bare-metal setup and the Docker container itself exists in a namespace.