FortiADC
FortiADC enhances the scalability, performance, and security of your applications whether they are hosted on premises or in the cloud.
shafiq23
Staff
Staff
Article Id 244601
Description This article describes how to configure FortiADC health check for VMware NSX Manager with additional string.
Scope FortiADC and FortiADC VM.
Solution

In some cases, certain web application requires an additional header to provide the correct response or status code.

 

For example, VMware NSX Manager is a monitoring system where it monitors its logical components' services' health.

When multiple NSX managers are configured in a real server pool, FortiADC can poll real server pool members to determine which real server is available.

 

According to VMware NSX Manager requirements to monitor its health, it is required to define additional headers such as Authorization, Content-Type, and Accept.

 

Header1
Name: Authorization
Value: Basic <Base64 Value>

Note: <Base64 Value> is Username:Password encoded in Base64.
Example: Zm9ydGluZXQ6Zm9ydGluZXQxMjM=\ is Base64 encoded of fortinet:fortinet123

 

Header2
Name: Content-Type
Value: application/json

 

Header3
Name: Accept
Value: application/json

 

A GET request must be sent to /api/v1/reverse-proxy/node/health and NSX Manager would respond to API call as below:

 

"healthy" : true

 

Based on the requirement, it is possible for FortiADC to configure an additional header with the ‘Additional String’ option.

 

From GUI:
1) Go to Shared Resources -> Health Check.
2) Select 'Create New'.
3) Define service port: 443.
4) Specify a health check name.
5) Select HTTPS type.
6) Method type : HTTP GET.
7) Send String : /api/v1/reverse-proxy/node/health
8) Receive String : "healthy" : true.
9) Match Type : Match String
10) Additional String : Authorization: Basic Zm9ydGluZXQ6Zm9ydGluZXQxMjM=\r\nContent-Type: application/json\r\nAccept: application/json\r\n

 

FortiADC GUI Health Check configuration sample:

 

HC screenshot.PNG

 

From CLI:

Create Health Check as below:

 

# config system health-check
    edit "NSX-HC"
        set type https
        set port 443
        set additional-string Content-Type: application/json\\r\\nAccept: application/json\\r\\nAuthorization: Basic YWRtaW46Vk13YXJlMSEg\\r\\n
        set method-type http_get

        set send-string /api/v1/reverse-proxy/node/health

        set receive-string \"healthy\" : true

        set match_type match_string

    next
end

 

Steps to verify.


From GUI:
1) Go to Shared Resources -> Health Check.
2) Select Health Check Monitor.
3) Input IP address.
4) Select created Health Check.
5) Specify port.
6) Select Start.
7) Review Information column.
a. Successful health check will show as ‘UP’.
b. Unsuccessful health check will show ‘DOWN’.

 

FortiADC Health Check Monitor sample.

 

HC_monitor screenshot 1.PNG

 

Refer to the below documentation for more information on health checks:
https://docs.fortinet.com/document/fortiadc/7.1.1/handbook/38121/configuring-health-checks

 

VMware NSX Manager health check requirement documentation:
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-AAA6AB26-1D77-46CF-9F1E-...

Contributors