terraform-provider-bigip icon indicating copy to clipboard operation
terraform-provider-bigip copied to clipboard

Published 20 hours ago verified publisher icon F5Networks

Changes to a custom PARENT profile values and not pushed on to CHILD profile

Open soumik612 opened this issue 5 years ago • 5 comments

We have a use case where in we build custom PARENT profiles for different applications/setup. These parent profiles are then inherited by CHILD profiles, which are applied to VIPs.

OBSERVED ISSUE: Whenever a custom resource attribute is changed from default value using TF provider, this causes all the check-boxes in the LTM GUI to be set. Ideally only the custom value that is changed should have the check-box ticked.

For e.g. I built a custom profile "PFL_FL4_OBO_EVAL" which inherits config from another custom PARENT PROFILE "PFL_FL4_OBO_PARENT"

image

This is how the config looks like in LTM GUI,

image

If you notice, the "CUSTOM" check-box is selected for all the parameters. F5 recommends that only values that need to be changed/modified from the custom values should be set with a check mark. Having all boxes check affects performance as well.

For my use case, since "PFL_FL4_OBO_EVAL" is inheriting attributes from custom PARENT PROFILE "PFL_FL4_OBO_PARENT", the config should look like this,

image

Another issue observed, is that the change in parent profile does not reflect in the CHILD, if all the custom attributes are "CHECKED"

For , e.g. I change the idle_timeout value to chage from "300" to 301. Resource config and TF plan output below

image image

Changes are applied on the LTM, however, "idle_timeout" value is not inherited by the child profile.

image

image ` If remove the custom checkbox manually in GUI, I see that the attribute has been inherited.

image

soumik612 avatar Jun 08 '20 14:06 soumik612

It's observed in other profiles too( fasthttp,http2), but in some profiles ( like tcp, ssl ) custom attributes are checked only in parent , not in child with the proper inheritance.

papineni87 avatar Jun 24 '20 13:06 papineni87

It is important to keep in mind that Terraform itself is declarative, so the concept of having a parent objective drive inheritance can cause some anti-patterns.

Tracking via multiple backlog items TER.

focrensh avatar Jul 07 '20 14:07 focrensh

with v1.3.2, the resource bigip_ltm_profile_fastL4 is fixed. We will keep working on the different profiles over the following releases

nmenant avatar Sep 04 '20 07:09 nmenant

Over the last few releases we have fixed several other resources:

v.1.6.0 bigip_ltm_persistence_profile_srcaddr bigip_ltm_persistence_profile_cookie

v1.5.0 bigip_ltm_profile_oneconnect bigip_ltm_profile_httpcompress

v1.4.0 bigip_ltm_profile_http2 bigip_ltm_profile_tcp

nmenant avatar Jan 08 '21 10:01 nmenant

looks like in v1.6.0 bigip_ltm_profile_client_ssl is also fixed

wojtek0806 avatar Jan 27 '21 11:01 wojtek0806