You create a service monitor to define health check parameters for a particular type of network traffic. When you associate a service monitor with a pool, the pool members are monitored according to the service monitor parameters

About this task

Five types of monitors are supported: ICMP, TCP, UDP, HTTP, and HTTPS.

Procedure

  1. Log in to the vSphere Web Client.
  2. Click Networking & Security and then click NSX Edges.
  3. Double-click an NSX Edge.
  4. Click Manage and then click the Load Balancer tab.
  5. In the left navigation panel, click Service Monitoring.
  6. Click the Add (Add icon.) icon.
  7. Enter a Name for the service monitor.

    Interval, Timeout, and Max Retries are common parameters for all types of health checks.

  8. Enter the Interval in seconds in which a server is to be tested.

    The interval is the period of time in seconds that the monitor sends requests to the backend server.

  9. Enter the Timeout. In each health check, the timeout value is the maximum time in seconds within which a response from the server must be received.
  10. Enter the Max Retries. This value is the number of times the server is tested before it is declared DOWN.

    For example, if Interval is set as 5 seconds, Timeout as 15 seconds, and Max Retries as 3, it means NSX load balancer will probe backend server every 5 seconds. In each probe, if the expected response is received from server within 15 seconds, then the health check result is OK. If not, then the result is CRITICAL. If the recent three health check results are all DOWN, the server is marked as DOWN.

  11. Select the way in which to send the health check request to the server from the drop-down menu. Five types of monitors are supported- ICMP, TCP, UDP, HTTP, and HTTPS. Three predefined monitors are embedded in the system: default_tcp_monitor, default_http_monitor, and default_https_monitor.
  12. If you select ICMP as the monitor type, then no other parameters are applicable. Leave other parameters empty.
  13. If you select TCP as the monitor type, three more parameters are available: Send, Receive, and Extension.
    1. Send (optional) - The string sent to the backend server after a connection is established.
    2. Receive (optional) Enter the string to be matched. This string can be a header or in the body of the response. Only when the received string matches this definition is the server considered UP.
    3. Extension- Enter advanced monitor parameters as key=value pairs in the Extension section.

      A sample extension, warning=10, indicates that if a server does not respond within 10 seconds, the status is set as warning.

      All extension items should be separated with a carriage return character.

      Table 1. Extensions for TCP Protocol

      Monitor Extension

      Description

      escape

      Can use \n, \r, \t, or \ in send or quit string. Must come before send or quit option. Default: nothing added to send, \r\n added to end of quit.

      all

      All expect strings need to occur in server response. Default is any.

      quit=STRING

      String to send to server to initiate a clean close of the connection.

      refuse=ok|warn|crit

      Accept TCP refusals with states ok, warn, or criti Default is crit.

      mismatch=ok|warn|crit

      Accept expected string mismatches with states ok, warn, or crit. Default is warn.

      jail

      Hide output from TCP socket.

      maxbytes=INTEGER

      Close connection once more than the specified number of bytes are received.

      delay=INTEGER

      Seconds to wait between sending string and polling for response.

      certificate=INTEGER[,INTEGER]

      Minimum number of days a certificate has to be valid. The first value is #days for warning and the second value is critical (if not specified - 0).

      warning=DOUBLE

      Response time in seconds to result in warning status.

      critical=DOUBLE

      Response time in seconds to result in critical status.

  14. If you select HTTP or HTTPS as the monitor type, perform the steps below.
    1. Expected (optional) - Enter the string that the monitor expects to match in the status line of HTTP response in the Expected section. This is a comma separated list.

      For example, 200,301,302,401.

    2. Method (optional) - Select the method to detect server status from the drop-down menu: GET, OPTIONS, or POST.
    3. URL (optional) - Enter the URL to GET or POST ("/" by default).
    4. If you select the POST method, enter the data to be sent in the Bold section.
    5. Enter the string to be matched in the response content in the Receive section. This string can be a header or in the body of the response.

      If the string in the Expected section is not matched, the monitor does not try to match the Receive content.

    6. Extension - Enter advanced monitor parameters as key=value pairs in the Extension section.

      A sample extension, warning=10, indicates that if a server does not respond within 10 seconds, the status is set as warning.

      All extension items should be separated with a carriage return character.

      Table 2. Extensions for HTTP/HTTPS Protocol

      Monitor Extension

      Description

      no-body

      Do not wait for document body: stop reading after headers. Note that this still does an HTTP GET or POST, not a HEAD.

      ssl-version=3

      Force SSL handshake using sslv3.

      sslv3 and tlsv1 are disabled in the health check option by default.

      ssl-version=10

      Force SSL handshake using tls 1.0.

      ssl-version=11

      Force SSL handshake using tls 1.1.

      ssl-version=12

      Force SSL handshake using tls 1.2.

      max-age=SECONDS

      Warn if document is more than SECONDS old. The number can also be in the form 10m for minutes, 10h for hours, or 10d for days.

      content-type=STRING

      Specify Content-Type header media type in POST calls.

      linespan

      Allow regex to span newlines (must precede -r or -R).

      regex=STRING or ereg=STRING

      Search page for regex STRING.

      eregi=STRING

      Search page for case-insensitive regex STRING.

      invert-regex

      Return CRITICAL if found, OK if not.

      proxy-authorization=AUTH_PAIR

      Username:password on proxy-servers with basic authentication.

      useragent=STRING

      String to be sent in HTTP header as User Agent.

      header=STRING

      Any other tags to be sent in HTTP header. Use multiple times for additional headers.

      onredirect=ok|warning|critical|follow|sticky|stickyport

      How to handle redirected pages. sticky is like follow but stick to the specified IP address. stickyport also ensures port stays the same.

      pagesize=INTEGER:INTEGER

      Minimum page size required (bytes) : Maximum page size required (bytes).

      warning=DOUBLE

      Response time in seconds to result in warning status.

      critical=DOUBLE

      Response time in seconds to result in critical status.

      expect = STRING

      Comma-delimited list of strings, at least one of them is expected in the first (status) line of the server response (default: HTTP/1. If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)

      string = STRING

      String to expect in the content.

      url = PATH

      URL to GET or POST (default: /).

      post = STRING

      URL to encode http POST data.

      method = STRING

      Set HTTP method (for example, HEAD, OPTIONS, TRACE, PUT, DELETE).

      timeout = INTEGER

      Seconds before connection times out (default is 10 seconds).

      Table 3. Extensions for HTTPS Protocol

      Monitor Extension

      Description

      certificate=INTEGER

      Minimum number of days a certificate has to be valid. Port defaults to 443. When this option is used the URL is not checked.

      authorization=AUTH_PAIR

      Username:password on sites with basic authentication.

      ciphers=’ECDHE-RSA-AES256-GCM-SHA384’

      Display ciphers used in HTTPS health check.

  15. If you select UDP as the monitor type, perform the steps below:
    1. Send (required): Enter the string to be sent to backend server after a connection is established.
    2. Receive (required): Enter the string expected to receive from backend server. Only when the received string matches this definition, is the server is considered as UP.
    Note:

    No extension is supported by UDP monitor.

  16. Click OK.

What to do next

Associate a service monitor with a pool.