k8s-bigip-ctlr: CIS 2.2.1 now fails to complete AS3 declaration that worked with previous versions
Setup Details
CIS Version : 2.2.1
Build: f5networks/k8s-bigip-ctlr:latest
BIGIP Version: Big IP 15.1.0.4
AS3 Version: 3.20
Agent Mode: AS3
Orchestration: K8S/OSCP
Orchestration Version:
Pool Mode: Cluster
Additional Setup details: EKS
Description
With CIS 2.2.1, my AS3 declarations now get an error:
[/app1/helloworld/helloworld_pool/members/0: should have required property 'bigip'] message:declaration is invalid]
However if I take my AS3 declaration and POST it using Postman, I can create the application successfully. The declaration in the configmap appears to be valid.
This started happening with 2.2.1. I’ve tested the two previous versions (v2.2.0 and 2.1.1) and this was not a problem. The same AS3 declaration is fine.
Steps To Reproduce
-
I’ve used Terraform to deploy EKS and then install CIS and a demo app. This has worked for a few months but appears to have stopped working with the release of CIS 2.2.1
-
This is my ConfigMap in K8s
ubuntu@ip-10-0-0-36:~/aws-multisite-vpn-f5/4-eks_build_out$ kubectl get cm -o yaml
apiVersion: v1
items:
- apiVersion: v1
data:
template: |2-
{
"class": "AS3",
"declaration": {
"class": "ADC",
"schemaVersion": "3.10.0",
"id": "urn:uuid:33045210-3ab8-4636-9b2a-c98d22ab915d",
"label": "http",
"remark": "Simple HTTP application",
"app1": {
"class": "Tenant",
"helloworld": {
"class": "Application",
"template": "generic",
"helloworld_vs": {
"class": "Service_HTTP",
"virtualAddresses": [
"192.168.2.160"
],
"virtualPort": 80,
"remark":"ingress: better together demo app",
"pool": "helloworld_pool"
},
"helloworld_pool": {
"class": "Pool",
"monitors": [
"http"
],
"members": [
{
"servicePort": 80,
"serverAddresses": []
}
]
}
}
}
}
}
kind: ConfigMap
metadata:
creationTimestamp: "2020-12-07T21:07:13Z"
labels:
as3: "true"
f5type: virtual-server
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:template: {}
f:metadata:
f:labels:
.: {}
f:as3: {}
f:f5type: {}
manager: HashiCorp
operation: Update
time: "2020-12-07T21:07:13Z"
name: f5helloworld
namespace: default
resourceVersion: "7584"
selfLink: /api/v1/namespaces/default/configmaps/f5helloworld
uid: 17e973d0-71a2-4944-9cf3-5ffe93de0430
kind: List
metadata:
resourceVersion: ""
selfLink: ""
Expected Result
I expect CIS to send AS3 call to BIG-IP and for this app to be created on BIG-IP
Actual Result
These are the logs when I’ve used CIS 2.2.1 :
2020/12/07 21:07:12 [DEBUG] [CORE] Updated 0 of 0 virtual server configs, deleted 0
2020/12/07 21:07:12 [DEBUG] [CORE] Finished syncing virtual servers kube-system (18.316µs)
2020/12/07 21:07:13 [DEBUG] [CORE] Discovered members for service default/f5helloworld-service is [{10.0.2.232 8080 } {10.0.3.234 8080 } {10.0.3.239 8080 }]
2020/12/07 21:07:13 [DEBUG] [CORE] Updated 0 of 0 virtual server configs, deleted 0
2020/12/07 21:07:13 [DEBUG] [CORE] Finished syncing virtual servers default (13.054263ms)
2020/12/07 21:07:13 [DEBUG] [CORE] Updated 1 of 0 virtual server configs, deleted 0
2020/12/07 21:07:13 [DEBUG] [CORE] Finished syncing virtual servers default (11.366965ms)
2020/12/07 21:07:13 [DEBUG] [CORE] Updated 0 of 0 virtual server configs, deleted 0
2020/12/07 21:07:13 [DEBUG] [CORE] Finished syncing virtual servers f5helloworld default (12.815µs)
2020/12/07 21:07:13 [DEBUG] [AS3] Posting AS3 Declaration
2020/12/07 21:07:13 [DEBUG] [AS3] posting request to https://192.168.0.11/mgmt/shared/appsvcs/declare/
2020/12/07 21:07:14 [DEBUG] [CORE] Updated 0 of 0 virtual server configs, deleted 0
2020/12/07 21:07:14 [DEBUG] [CORE] Finished syncing virtual servers kube-system (200.483µs)
2020/12/07 21:07:14 [ERROR] [AS3] Big-IP Responded with code: 422
2020/12/07 21:07:14 [ERROR] [AS3] Raw response from Big-IP: map[code:422 declarationFullId: errors:[/app1/helloworld/helloworld_pool/members/0: should have required property 'bigip'] message:declaration is invalid]
Diagnostic Information
<Configuration files, error messages, logs>
Note: Sanitize the data. For example, be mindful of IPs, ports, application names and URLs
Note: The following F5 article outlines the information required when opening an issue.
https://support.f5.com/csp/article/K60974137
Observations (if any)
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 36 (28 by maintainers)
Commits related to this issue
- Merge pull request #1620 from sravyap135/CONTCNTR-2345 Fix configmap serviceport value for nodeport mode #1602 — committed to F5Networks/k8s-bigip-ctlr by sravyap135 3 years ago
@vincentmli @JoseManuelPS
declaration.members.0.serverAddresses: Invalid type. Expected: array, given: nullThe above error is observed when service endpoints cannot be fetched with the
servicePortvalue defined.Please check if servicePort value is matching with that in service definition.
Only for CIS release 2.2.1, AS3 configmap expects the
servicePortvalue to be equal to nodeport of service definition. However, this issue was fixed and from later releases, AS3 configmap expects service exposed port instead of nodeport value.@sravyap135 thank you for the verification. I will flag this issue as ready to close.
@JRaver we have a developer looking into this issue. Internal Issue is CONTCNTR-2325. We did make a update to the API in CIS 2.2.1 which might have caused this issue. Will have a update this week.
https://github.com/f5devcentral/f5-k8s-demo/blob/ocp4/ocp4/f5-server.yaml