The active health monitor is used to test whether a server is available. The active health monitor uses several types of tests such as sending a basic ping to servers or advanced HTTP requests to monitor an application health.

Servers that fail to respond within a certain time period or respond with errors are excluded from future connection handling until a subsequent periodic health check finds these servers to be healthy.

Active health checks are performed on server pool members after the pool member is attached to a virtual server and that virtual server is attached to a tier-1 gateway. The tier-1 uplink IP address is used for the health check.

Note: More than one active health monitor can be configured per server pool.
The load balancer on the tier-1 gateway performs health checks on server pool members.

Procedure

  1. From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
  2. Select Networking > Load Balancing > Monitors > Active > Add Active Monitor.
  3. Select a protocol for the server from the drop-down menu.
    You can also use predefined protocols; HTTP, HTTPS, ICMP, TCP, and UDP for NSX Manager.
  4. Select the HTTP protocol.
  5. Configure the values to monitor a service pool.
    You can also accept the default active health monitor values.
    Option Description
    Name and Description Enter a name and description for the active health monitor.
    Monitoring Port Set the value of the monitoring port.
    Monitoring Interval Set the time in seconds that the monitor sends another connection request to the server.
    Timeout Period Set the number of times the server is tested before it is considered as DOWN.
    Fall Count Set a value when the consecutive failures reach this value, the server is considered temporarily unavailable.
    Rise Count Set a number after this timeout period, the server is tried again for a new connection to see if it is available.
    Tags Enter tags to make searching easier.

    You can specify a tag to set a scope of the tag.

    For example, if the monitoring interval is set as 5 seconds and the timeout as 15 seconds, the load balancer send requests to the server every 5 seconds. In each probe, if the expected response is received from the server within 15 seconds, then the health check result is OK. If not, then the result is CRITICAL. If the recent three health check results are all UP, the server is considered as UP.
  6. To configure the HTTP Request, click Configure.
  7. Enter the HTTP request and response configuration details.
    Option Description
    HTTP Method Select the method to detect the server status from the drop-down menu, GET, OPTIONS, POST, HEAD, and PUT.
    HTTP Request URL Enter the request URI for the method.

    ASCII control characters (backspace, vertical tab, horizontal tab, line feed, etc), unsafe characters such as a space, \, <, >, {, }, and any character outside the ASCII character set are not allowed in the request URL and should be encoded. For example, replace a space with a plus (+) sign, or with %20.

    HTTP Request Version Select the supported request version from the drop-down menu.

    You can also accept the default version, HTTP_VERSION_1.

    HTTP Response Header Click Add and enter the HTTP response header name and corresponding value.

    The default header value is 4000. The maximum header value is 64,000.

    HTTP Request Body Enter the request body.

    Valid for the POST and PUT methods.

    HTTP Response Code Enter the string that the monitor expects to match in the status line of HTTP response body.

    The response code is a comma-separated list.

    For example, 200,301,302,401.

    HTTP Response Body If the HTTP response body string and the HTTP health check response body match, then the server is considered as healthy.
  8. Click Save.
  9. Select the HTTPS protocol from the drop-down list.
  10. Complete step 5.
  11. Click Configure.
  12. Enter the HTTP request and response and SSL configuration details.
    Option Description
    Name and Description Enter a name and description for the active health monitor.
    HTTP Method Select the method to detect the server status from the drop-down menu, GET, OPTIONS, POST, HEAD, and PUT.
    HTTP Request URL Enter the request URI for the method.

    ASCII control characters (backspace, vertical tab, horizontal tab, line feed, etc), unsafe characters such as a space, \, <, >, {, }, and any character outside the ASCII character set are not allowed in the request URL and should be encoded. For example, replace a space with a plus (+) sign, or with %20.

    HTTP Request Version Select the supported request version from the drop-down menu.

    You can also accept the default version, HTTP_VERSION_1.

    HTTP Response Header Click Add and enter the HTTP response header name and corresponding value.

    The default header value is 4000. The maximum header value is 64,000.

    HTTP Request Body Enter the request body.

    Valid for the POST and PUT methods.

    HTTP Response Code Enter the string that the monitor expects to match in the status line of HTTP response body.

    The response code is a comma-separated list.

    For example, 200,301,302,401.

    HTTP Response Body If the HTTP response body string and the HTTP health check response body match, then the server is considered as healthy.
    Server SSL Toggle the button to enable the SSL server.
    Client Certificate (Optional) Select a certificate from the drop-down menu to be used if the server does not host multiple host names on the same IP address or if the client does not support an SNI extension.
    Server SSL Profile (Optional) Assign a default SSL profile from the drop-down menu that defines reusable and application-independent client-side SSL properties.

    Click the vertical ellipses and create a custom SSL profile.

    Trusted CA Certificates (Optional) You can require the client to have a CA certificate for authentication.
    Mandatory Server Authentication (Optional) Toggle the button to enable server authentication.
    Certificate Chain Depth (Optional) Set the authentication depth for the client certificate chain.
    Certificate Revocation List (Optional) Set a Certificate Revocation List (CRL) in the client-side SSL profile to reject compromised client certificates.
  13. Select the ICMP protocol.
  14. Complete step 5 and assign the data size in byte of the ICMP health check packet.
  15. Select the TCP protocol.
  16. Complete step 5 and you can leave the TCP data parameters empty.
    If both the data sent and expected are not listed, then a three-way handshake TCP connection is established to validate the server health. No data is sent.

    Expected data if listed has to be a string. Regular expressions are not supported.

  17. Select the UDP protocol.
  18. Complete step 5 and configure the UDP data.
    Required Option Description
    UDP Data Sent Enter the string to be sent to a server after a connection is established.
    UDP Data Expected Enter the string expected to receive from the server.

    Only when the received string matches this definition, is the server is considered as UP.

What to do next

Associate the active health monitor with a server pool. See Add a Server Pool.