k8s-bigip-ctlr icon indicating copy to clipboard operation
k8s-bigip-ctlr copied to clipboard

Published 20 hours ago verified publisher icon F5Networks

alternateBackends with array of 1 causes crash

Open mikeoleary opened this issue 5 months ago • 3 comments
trafficstars

Setup Details

CIS Version : 2.19.1
Agent Mode: AS3
Orchestration: K8S

Description

"alternateBackends" requires 2 items; a single item causes CIS to crash

Steps To Reproduce

  1. Deploy a VirtualServer CRD using alternateBackends where there is only 1 item in the list

Expected Result

  1. I would prefer a more graceful error and have CIS reject the VirtualServer resource.

Actual Result

  1. CIS crashes with error:
E0515 20:59:09.973582       1 runtime.go:78] Observed a panic: runtime.boundsError{x:0, y:0, signed:true, code:0x0} (runtime error: index out of range [0] with length 0)
goroutine 394 [running]:
k8s.io/apimachinery/pkg/util/runtime.logPanic({0x23065a0, 0xc000000768})
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:74 +0xf4
k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x0})
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:48 +0xb6
panic({0x23065a0?, 0xc000000768?})
	/usr/local/go/src/runtime/panic.go:770 +0x136
github.com/F5Networks/k8s-bigip-ctlr/v2/pkg/controller.(*Controller).prepareVirtualServerRules(0xc0001c88c0, 0xc00050a008, 0xc000181688)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/pkg/controller/routing.go:168 +0xeca
github.com/F5Networks/k8s-bigip-ctlr/v2/pkg/controller.(*Controller).prepareRSConfigFromVirtualServer(0xc0001c88c0, 0xc000181688, 0xc00050a008, 0x0, {0x0, 0x0})
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/pkg/controller/resourceConfig.go:802 +0x13e8
github.com/F5Networks/k8s-bigip-ctlr/v2/pkg/controller.(*Controller).processVirtualServers(0xc0001c88c0, 0xc00050a008, 0x0)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/pkg/controller/worker.go:1572 +0x31f2
github.com/F5Networks/k8s-bigip-ctlr/v2/pkg/controller.(*Controller).processResources(0xc0001c88c0)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/pkg/controller/worker.go:381 +0x8285
github.com/F5Networks/k8s-bigip-ctlr/v2/pkg/controller.(*Controller).nextGenResourceWorker(0xc0001c88c0)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/pkg/controller/worker.go:80 +0x2e5
k8s.io/apimachinery/pkg/util/wait.BackoffUntil.func1(0xc000b51070)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:155 +0x39
k8s.io/apimachinery/pkg/util/wait.BackoffUntil(0xc000b51070, {0x25dfae0, 0xc000811bc0}, 0x1, 0xc000802d80)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:156 +0xbb
k8s.io/apimachinery/pkg/util/wait.JitterUntil(0xc000b51070, 0x3b9aca00, 0x0, 0x1, 0xc000802d80)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133 +0x76
k8s.io/apimachinery/pkg/util/wait.Until(0xc000b51070, 0x3b9aca00, 0xc000802d80)
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:90 +0x2d
created by github.com/F5Networks/k8s-bigip-ctlr/v2/pkg/controller.(*Controller).Start in goroutine 55
	/go/src/github.com/F5Networks/k8s-bigip-ctlr/pkg/controller/controller.go:484 +0x3b8
panic: runtime error: index out of range [0] with length 0 [recovered]
	panic: runtime error: index out of range [0] with length 0
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0xc6a087]

Diagnostic Information

<Configuration files, error messages, logs>
Note: Sanitize the data. For example, be mindful of IPs, ports, application names and URLs
Note: The following F5 article outlines the information required when opening an issue.
https://support.f5.com/csp/article/K60974137

Observations (if any)

mikeoleary avatar May 27 '25 21:05 mikeoleary

Created [CONTCNTR-5369] for internal tracking.

trinaths avatar May 28 '25 16:05 trinaths

Hi @mikeoleary. can you please share the VS CRD yaml

can you please confirm is CIS running in multiCluster or non-multiCluster environment?

charanm08 avatar Jun 05 '25 11:06 charanm08

@charanm08, for this customer, CIS was in non-multiCluster environment.

I cannot find the VirtualServer YAML that I used, sorry. But we cannot use alternateBackends anyway. We were trying to find a workaround for a requirement to have CIS add the IP's of some VM's from their environment.

We ended up requesting this feature via #3852

I will send you the logs that the customer received when they had an array of 1. Even if we cannot use it, you may still want to have a more friendly error message or explanation if multiple backends are a requirement.

mikeoleary avatar Jun 09 '25 01:06 mikeoleary

fixed with #3872

charanm08 avatar Jul 15 '25 05:07 charanm08