Friday, October 7, 2016

Netscaler URL Transform

The aim of this exercise was to direct user requests to separate PROD and UAT server based on the request URL.

e.g. Users access the following URLs.
1. https://service.company.com/prod
2. https://service.company.com/uat

The netscaler will then direct these requests to the relevant internal server.
1. http://prod.company.internal
2. http://uat.company.int

................................

Summarized steps are as follows;

1.  In Traffic Management > Load Balancing > Servers, define the internal servers (UAT/PROD) providing the service.
2. Then create the HTTP services for these servers.
3. In Load Balancing > Virtual Servers, create a lb_vs for each service with the IP address set to non-addressable.
4. In Load Balancing > Content Switching, create a new content switching virtual server with protocol SSL and set an IP.
4. Create 2 content switching policies with the details below.

Name: Policy_prod
Domain: service.company.com
URL: /prod

Name: Policy_UAT
Domain:service.company.com
URL:/uat

5. Associate the 2 content switching policies with the content switching virtual server. Select the target load balancing virtual server for created in step 3. This will ensure that requests for PROD and UAT traffic is sent to the correct server.

6. Next we need to ensure that requests sent to the back end servers do not have the external Hostname and URL. This is achieved by using a URL transform rule. In AppExpert >  Rewrite > URL Transformation, create two profiles with the following transform actions.

Name: acct-prod-transform
Priority: 100
Request URL From: https://service.company.com/prod
Request URL Into: http://prod.company.internal
Response URL Into: http://prod.company.internal
Response URL From: https://service.company.com/prod

Similarly, create another profile for UAT

7. Create a Transform Policy with the following expression and the profile above.

Expression: HTTP.REQ.URL.PATH_AND_QUERY.CONTAINS("/prod")

8. Associate the URL transformation policy with the Load Balanced VIP

9. Now the requests to the external address should be transformed to the internal server address and the reponses transformed back to the external address.





No comments: