k8s-bigip-ctlr: Endless Warnings About "Overwriting existing entry for backend"

Setup Details

CIS Version : 2.0.0 Build: f5networks/k8s-bigip-ctlr:latest BIGIP Version: Big IP 15.1.0.1 AS3 Version: 3.19.1 Agent Mode: AS3 Orchestration: K8S Orchestration Version: 1.15.11 Pool Mode: NodePort Additional Setup details: Flannel (host-gw)

Description

Our F5 CIS is continuously overwriting entries on the F5 for no apparent reason. I don’t understand what is causing the warning. This is causing sync issues between our active/passive F5 setup because it happens every few seconds.

Here is a copy of the logs:

2020/06/12 20:59:25 [WARNING] [CORE] Overwriting existing entry for backend {ServiceName:XXX ServicePort:80 Namespace:ZZZ} and resource ingress_10-xxx-xxx-xxx_443
2020/06/12 20:59:26 [WARNING] [CORE] Overwriting existing entry for backend {ServiceName:YYY ServicePort:80 Namespace:ZZZ} and resource ingress_10-xxx-xxx-xxx_443
2020/06/12 20:59:30 [WARNING] [CORE] Overwriting existing entry for backend {ServiceName:XXX ServicePort:80 Namespace:ZZZ} and resource ingress_10-xxx-xxx-xxx_443
2020/06/12 20:59:34 [WARNING] [CORE] Overwriting existing entry for backend {ServiceName:YYY ServicePort:80 Namespace:ZZZ} and resource ingress_10-xxx-xxx-xxx_443

Here is what our CIS deployment looks like:

ame:                   bigip-ctlr
Namespace:              XXX
CreationTimestamp:      Fri, 12 Jun 2020 08:17:18 -0700
Labels:                 app=bigip-ctlr

Annotations:            deployment.kubernetes.io/revision: 6
                        fluxcd.io/sync-checksum: a3fbbc7910037692411a03e41b1451784ec03231
Selector:               app=bigip-ctlr
Replicas:               1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy:  1 max unavailable, 1 max surge
Pod Template:
  Labels:           app=bigip-ctlr
  Service Account:  bigip-ctlr
  Containers:
   bigip-ctlr:
    Image:      f5networks/k8s-bigip-ctlr:2.0.0
    Port:       <none>
    Host Port:  <none>
    Command:
      /app/bin/k8s-bigip-ctlr
    Args:
      --credentials-directory=/var/run/secrets/credentials
      --bigip-url=XXXXX
      --pool-member-type=nodeport
      --bigip-partition=$(BIGIP_PARTITION)
      --default-ingress-ip=$(BIGIP_DEFAULT_INGRESS_IP)
      --insecure=true
    Limits:
      cpu:     100m
      memory:  256Mi
    Requests:
      cpu:     100m
      memory:  256Mi
    Environment Variables from:
      bigip-ctlr-cluster-config  ConfigMap  Optional: false

      ...

Steps To Reproduce

  1. Unknown.

Expected Result

Fewer rewrites unless something changes, unless I’m misconfiguring or misunderstanding how the controller works.

Actual Result

Endless warnings and rewrites.

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 17 (9 by maintainers)

Most upvoted comments

One last thing I want to mention is we moved away from using this tool as our ingress-controller. Instead we are using it to populate the F5 with our nodes and sending traffic to an nginx-ingress, which was our ultimate goal in the first place.

+1
AMoghrabi on Jun 18, 2020
Read more comments on GitHub
← k8s-bigip-ctlr: CIS nodepoller doesn't work and stop do the arps process If there is one node in the cluster which the Vtep MAC cannot be obtained
k8s-bigip-ctlr: [Enhancement]vxlan manager only use node internal IP for fdb endpoint IP cause wrong FDB in bigip →