aFleX Tutorial: Scripting Tool for Thunder Products
What is aFlex?
aFleX is a scripting tool that is built into the Thunder Application Delivery Controller (ADC). aFleX is based on a standard scripting language, TCL, enabling the load balancer to perform Layer 7 deep-packet inspection (DPI). Information in the header or data portion of the packet can then be erased, changed or manipulated as needed, or the packet can be dropped or redirected based on the information.
- aFleX is a powerful and flexible Thunder feature that you can use to manage your traffic and provide enhanced benefits and services.
- aFleX uses industry-standard Tcl (Tools Command Language) based syntax.
- Standard Tcl commands
- Special set of extensions provided by the Thunder device
- aFleX allows:
- Content inspection (headers / data)
- Actions on traffic
- Block traffic
- Redirect traffic to a specific service group (pool) or server (node)
- Modify traffic content
Introduction to aFlex Scripting
Advantages of using aFleX
aFleX policies allow you to exercise more granular control of packet inspection and traffic load balancing. The benefits can be, but are not limited to:
- Higher Availability
- Provide an unavailable/sorry page when all servers or applications are not responding or are down.
- Redirect end-users to the backup data center if all servers or applications are not responding or are down.
- Higher Security
- Block specific end-users and/or specific client traffic.
- Higher Flexibility
- Transparently convert an HTTP web application to HTTPS
- Provide persistency for a specific application
- Forward specific end-users and/or specific client traffic to a specific pool of servers or specific server in a pool
- Transparently add a new hostname to an existing Web site
- Higher Performance
- Improve end-users’ browser cachability for web site static content
Elements of an aFleX Script
- aFleX scripts are made up of three basic elements:
- aFleX commands
- aFleX scripts are event-driven, which means the aFleX script is triggerd when the specified event occurs.
- HTTP_REQUEST event occurs when an HTTP request is received.
- CLIENT_ACCCEPTED event occurs when a client has established a connection.
- Standard Tcl operators Note: Tcl tutorial
- Relational operators: contains, matches, equals, starts_with, ends_with, matches_regex
- Logical operators: not, and, or
- Used to query for data, manipulate data, or specify a traffic destination. These may be grouped into three main categories:
- Statement commands
Example: pool directs traffic to the named load balancing pool.
- Commands that query or manipulate data
- IP::remote_addr returns the remote IP address of a connection.
- HTTP::header remove removes the last occurrence of the named header from a request or response.
- Utility commands – useful for parsing and manipulating content
Example: decode_uridecodes the named string using HTTP URI encoding and returns the result.
- Statement commands
Note: aFleX is extensible. In future Thunder software releases, additional aFleX events and aFleX commands will be added.
The list of supported Events, Operators, and Commands is available in the Thunder Series aFleX Reference.
aFleX configuration is done in 2 steps:
- Place the aFleX script on the Thunder device.
- Using the CLI
- Use a computer with any text editor to write an aFleX script and save it as a file.
- Use the import aflex command to import the aFleX file from the computer to the Thunder device.
- aFleX CLI syntax check: aflex check script-name
- Using the WebUI
- With the Thunder’s web interface, you can directly type in aFleX scripts and save them on the Thunder device. In the Thunder WebUI, navigate to Config Mode > Service > aFleX.
- Using the aFleX Editor
- The aFleX Editor is a separate PC application you can use to download/upload aFleX scripts from/to the Thunder device. Moreover, the aFleX Editor can do syntax checking. As an editor, it also has syntax highlighting, keyword auto-completion, etc.
- Using the CLI
- Assign the aFleX script to VIP port
- Using the WebUI: Config Mode > Service > SLB > Virtual Server > Port
Thunder(config)# slb virtual-server name [ipaddr]
Thunder(config-slb vserver)# port N tcp
Thunder(config-slb vserver-vport)# aflex script-name
aFleX statistics are available in the WebUI or CLI:
- WebUI: Monitor Mode > Service > aFleX
- CLI: Thunder# show aflex script-name
- What is aFleX?
- aFleX Advanced Scripting
- aFleX Examples
- aFleX Scripting Language Optimization
- aFleX Scripting Language Troubleshooting
aFleX Scripting Language and Layer 7 Deep-packet Inspection
aFleX is a powerful and flexible scripting language that you can use to manage your traffic and provide enhanced benefits and services. It’s built into the Thunder® Application Delivery Controller (ADC), a high-performance load balancing solution that enables your applications to be highly secure, available, and accelerated.Learn More