we are running 4 AppServer behind an F5 Load-Balancer.
The LB checks the port of the Authetication-Server to determine if the App-Server is online.
In order to do maintenance on one of the App-Servers, we are looking for a mechanism to take them out of the LoadBalancing.
I know ideally we would do that on the LB, but as those are managed by a completely different team, it is complicated to do that this way.
An idea i have would be to disable the Authentication-Service on an AppServer.
The theory is, that this would stop the LB from pointing sessions to these Console-Servers, while the already authenticated users would stay connected. Once their Session-Credentials is expired, the need to re-authenticate and will end up on another server.
So is there any way to do that ?
Block the port on the appservers w/ a host-based firewall.
Uuhhh...Great idea :-)