f5-appsvcs-extension
f5-appsvcs-extension copied to clipboard
F5Networks
Dry-run succeeds but deploy fails when declaration is missing virtualPort
Environment
- Application Services Version: f5-appsvcs 3.53.0
- BIG-IP Version: BIG-IP 17.1.1.3
Summary
When POSTing a declaration that is missing the virtualPort key in the Service_Generic class with action: dry-run the returned result is:
"code": 200,
"message": "success",
However, when POSTing the same declaration with action: deploy the result is:
"code": 422,
"message": "declaration failed",
"response": "\\\\\\"/as3-common-partition/10.0.0.1:undefined\\\\\\" contains invalid or ambiguous service undefined",
The failing declaration also passes JSON schema validation based on the latest schema.
The combination of the above can lead to failed deployments despite the dry-run result indicating that they will succeed.
Steps To Reproduce
Steps to reproduce the behavior:
- Submit the following declaration:
{
"$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/refs/heads/main/schema/latest/as3-schema-3.53.0-7.json",
"class": "AS3",
"action": "dry-run",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.53.0",
"id": "services_test.yaml_2025-02-28T08:58:03.266930",
"label": "services_test.yaml",
"remark": "Generated F5 AS3 declaration document",
"updateMode": "selective",
"as3-common-partition": {
"class": "Tenant",
"app_acme": {
"class": "Application",
"acme_http": {
"class": "Service_Generic",
"virtualAddresses": [
"10.0.0.1"
],
"pool": "pool_acme_http",
"persistenceMethods": []
},
"pool_acme_http": {
"class": "Pool",
"monitors": [],
"members": [
{
"servicePort": 80,
"serverAddresses": [
"192.168.1.1",
"192.168.1.2"
]
}
],
"loadBalancingMode": "round-robin"
}
}
}
}
}
- Observe the following non-error response:
{
"code": 200,
"message": "success",
"dryRun": true,
"lineCount": 30,
"host": "localhost",
"tenant": "as3-common-partition",
"runTime": 3616,
"declarationId": "services_test.yaml_2025-02-28T08:58:03.266930"
}
- Post the same declaration but change action to
deploy
{
"$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/refs/heads/main/schema/latest/as3-schema-3.53.0-7.json",
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.53.0",
"id": "services_test.yaml_2025-02-28T09:00:46.667356",
"label": "services_test.yaml",
"remark": "Generated F5 AS3 declaration document",
"updateMode": "selective",
"as3-common-partition": {
"class": "Tenant",
"app_acme": {
"class": "Application",
"acme_http": {
"class": "Service_Generic",
"virtualAddresses": [
"10.0.0.1"
],
"pool": "pool_acme_http",
"persistenceMethods": []
},
"pool_acme_http": {
"class": "Pool",
"monitors": [],
"members": [
{
"servicePort": 80,
"serverAddresses": [
"192.168.1.1",
"192.168.1.2"
]
}
],
"loadBalancingMode": "round-robin"
}
}
}
}
}
- Observe the following error response:
{
"code": 422,
"message": "declaration failed",
"response": "\\\\\\"/as3-common-partition/10.0.0.1:undefined\\\\\\" contains invalid or ambiguous service undefined",
"host": "localhost",
"tenant": "as3-common-partition",
"runTime": 4727,
"declarationId": "services_test.yaml_2025-02-28T09:00:46.667356"
}
Expected Behavior
Expected dry-run to perform the same checks as deploy and provide an early warning failure message.
Actual Behavior
dry-run succeeds but deploy later fails.
That's expected behavior.
AS3 dry-run performs a syntactic and structural validation — it checks: JSON structure, Schema compliance, Required fields at a high level. But it does not validate runtime dependencies (like missing virtualPort in Service_Generic) or try to deploy config to BIG-IP.
Whereas Deploy action attempts to apply the configuration to the BIG-IP system -- it checks: all required fields are fully validated, deployment-specific rules are enforced, missing mandatory fields like virtualPort in a Service_Generic service cause an error.
