f5-appsvcs-extension
f5-appsvcs-extension copied to clipboard
F5Networks
named node (pool member) IP address is not changed
Environment
- Application Services Version: 3.35.0
- BIG-IP Version: 16.1.2.1
Summary
Deployment of the new LTM configuration (with named nodes) based on AS3 rest call is working correctly. But another POST (or PATCH) call changes all required objects correctly, except IP address of existing named pool member (named node). In other words, it is not possible change IP address of the (named) pool member when this pool member (node) exists.
This issue is connected to new feature - named pool members (added in f5-appsvcs v3.35.0)
Steps To Reproduce
- Submit the following declaration:
{
"$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/master/schema/3.35.0/as3-schema.json",
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.35.0",
"id": "testid",
"label": "pat declaration v1.0",
"updateMode": "selective",
"test-as3-issue": {
"class": "Tenant",
"defaultRouteDomain": 5,
"Shared": {
"class": "Application",
"template": "shared",
"sf_pool1": {
"class": "Pool",
"remark": "AS3>Shared",
"minimumMonitors": "all",
"minimumMembersActive": 1,
"members": [
{
"remark": "AS3>Shared",
"servicePort": 8080,
"adminState": "enable",
"serverAddresses": [
"10.0.9.1",
"10.0.9.2"
],
"servers": [
{
"name": "rserver1",
"address": "10.0.0.1"
},
{
"name": "rserver2",
"address": "10.0.0.2"
}
]
}
]
}
}
}
}
}
Everything is deployed correctly. See bigip.conf:
# cat bigip.conf
#TMSH-VERSION: 16.1.2.1
ltm node /test-as3-issue/10.1.0.1%5 {
address 10.1.0.1
}
ltm node /test-as3-issue/10.1.0.2%5 {
address 10.1.0.2
}
ltm node /test-as3-issue/rserver1 {
address 10.0.0.1
}
ltm node /test-as3-issue/rserver2 {
address 10.0.0.2
}
ltm pool /test-as3-issue/Shared/sf_pool1 {
description AS3>Shared
members {
/test-as3-issue/10.1.0.1%5:8080 {
address 10.1.0.1
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/10.1.0.2%5:8080 {
address 10.1.0.2
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/rserver1:8080 {
address 10.0.0.1
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/rserver2:8080 {
address 10.0.0.2
description AS3>Shared
metadata {
source {
value declaration
}
}
}
}
min-active-members 1
}
- Submit another declaration with changed IP addresses (marked):
{
"$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/master/schema/3.35.0/as3-schema.json",
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.35.0",
"id": "testid",
"label": "pat declaration v1.0",
"updateMode": "selective",
"test-as3-issue": {
"class": "Tenant",
"defaultRouteDomain": 5,
"Shared": {
"class": "Application",
"template": "shared",
"sf_pool1": {
"class": "Pool",
"remark": "AS3>Shared",
"minimumMonitors": "all",
"minimumMembersActive": 1,
"members": [
{
"remark": "AS3>Shared",
"servicePort": 8080,
"adminState": "enable",
"serverAddresses": [
"10.0.9.1",
"10.0.9.22" << change
],
"servers": [
{
"name": "rserver1",
"address": "10.0.0.1"
},
{
"name": "rserver2",
"address": "10.0.0.22" << change
}
]
}
]
}
}
}
}
}
Response to this POST (I'm trying also PATCH) is correct (code 200 with correct declaration response):
{
"results": [
{
"code": 200,
"message": "success",
"lineCount": 24,
"host": "localhost",
"tenant": "test-as3-issue",
"runTime": 8730
}
],
"declaration": {
"test-as3-issue": {
"class": "Tenant",
"defaultRouteDomain": 5,
"Shared": {
"class": "Application",
"template": "shared",
"sf_pool1": {
"class": "Pool",
"remark": "AS3>Shared",
"minimumMonitors": "all",
"minimumMembersActive": 1,
"members": [
{
"remark": "AS3>Shared",
"servicePort": 8080,
"adminState": "enable",
"serverAddresses": [
"10.1.0.1",
"10.1.0.22"
],
"servers": [
{
"name": "rserver1",
"address": "10.0.0.1"
},
{
"name": "rserver2",
"address": "10.0.0.22"
}
]
}
]
}
}
},
"class": "ADC",
"schemaVersion": "3.35.0",
"id": "testid",
"label": "pat declaration v1.0",
"updateMode": "selective",
"controls": {
"archiveTimestamp": "2022-03-28T12:55:27.767Z"
}
}
}
Above change is applied correctly - it is possible to confirm by GET https://{{bigip_mgmt}}/mgmt/shared/appsvcs/declare/test-as3-issue, but bigip configuartion is not changed (IP address of 'rserver2' is not changed):
# cat bigip.conf
#TMSH-VERSION: 16.1.2.1
ltm node /test-as3-issue/10.1.0.1%5 {
address 10.1.0.1
}
ltm node /test-as3-issue/10.1.0.22%5 {
address 10.1.0.22
}
ltm node /test-as3-issue/rserver1 {
address 10.0.0.1
}
ltm node /test-as3-issue/rserver2 {
address 10.0.0.2
}
ltm pool /test-as3-issue/Shared/sf_pool1 {
description AS3>Shared
members {
/test-as3-issue/10.1.0.1%5:8080 {
address 10.1.0.1
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/10.1.0.22%5:8080 {
address 10.1.0.22
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/rserver1:8080 {
address 10.0.0.1
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/rserver2:8080 {
address 10.0.0.2
description AS3>Shared
metadata {
source {
value declaration
}
}
}
}
min-active-members 1
}
- (Workaround) When name of named pool member is changed, IP address is also changed:
{
"$schema": "https://raw.githubusercontent.com/F5Networks/f5-appsvcs-extension/master/schema/3.35.0/as3-schema.json",
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"schemaVersion": "3.35.0",
"id": "testid",
"label": "pat declaration v1.0",
"updateMode": "selective",
"test-as3-issue": {
"class": "Tenant",
"defaultRouteDomain": 5,
"Shared": {
"class": "Application",
"template": "shared",
"sf_pool1": {
"class": "Pool",
"remark": "AS3>Shared",
"minimumMonitors": "all",
"minimumMembersActive": 1,
"members": [
{
"remark": "AS3>Shared",
"servicePort": 8080,
"adminState": "enable",
"serverAddresses": [
"10.0.9.1",
"10.0.9.33" <<< new ip
],
"servers": [
{
"name": "rserver1",
"address": "10.0.0.1"
},
{
"name": "rserver3", <<< new name
"address": "10.0.0.33" <<< new ip
}
]
}
]
}
}
}
}
}
bigip.conf is now correcly changed:
# cat bigip.conf
#TMSH-VERSION: 16.1.2.1
ltm node /test-as3-issue/10.0.9.1%5 {
address 10.0.9.1
}
ltm node /test-as3-issue/10.0.9.33%5 {
address 10.0.9.33
}
ltm node /test-as3-issue/rserver1 {
address 10.0.0.1
}
ltm node /test-as3-issue/rserver3 {
address 10.0.0.33
}
ltm pool /test-as3-issue/Shared/sf_pool1 {
description AS3>Shared
members {
/test-as3-issue/10.0.9.1%5:8080 {
address 10.0.9.1
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/10.0.9.33%5:8080 {
address 10.0.9.33
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/rserver1:8080 {
address 10.0.0.1
description AS3>Shared
metadata {
source {
value declaration
}
}
}
/test-as3-issue/rserver3:8080 {
address 10.0.0.33
description AS3>Shared
metadata {
source {
value declaration
}
}
}
}
min-active-members 1
}
Expected Behavior
Expected behavior is that IP address of named pool member change without the need for renaming.
Actual Behavior
IP address of the named pool member is not changed. In this case is IP address change possibly only two ways:
- (two steps workaround) first delete pool member, then create it with new IP address, or
- (one step workaround) pool member re-create with the new name
UPDATE after discussion with f5 support.
Long story short: The problem is connected with 'design' of NODE. POOL MEMBERS are referenced to NODE. With legacy tools (GUI or tmsh) is not possible to change IP address of the NODE, because it's 'by design'. Explanation: If it were possible to change IP address of NODE, it would affect many other referenced objects (Pools/Pool Members).
This 'design' is here for many years. We can discuss if it's good or not. I think no.
My point of view:
AS3 is declarative model. In other words - what I want (to configure), I will get (configured). In this case it's not valid. Requested change (with named Nodes/Pool Members) is not configured. Moreover, it's confusing because response from the device is code: 200 (OK), message: success and it's not true (all objects - except named nodes are configured).
In this situation, is new feature for naming nodes coming with f5-appsvcs v3.35.0 strongly unusable in NetOps process (automation gets response 200 ok, but it's not true and declarative model is not 'declarative' in this case).
It would be good to make a change:
- Cosmetic change: Update documentation and inform users, that declarative change of nodes with names is not declarative,
- At first: response from device can't be '200 success', but something other with explanation that the objects (named nodes) are not configured.
- Then (preferred and final): change please 'the design' of NODEs with possibility to change IP address. Sure, change will affect other referenced objects, but:
- this change may be desirable for lot of administrators (in 'legacy world'),
- declarative model remains declarative.
Thank you for your feedback. I agree that we should be able to provide a more declarative experience in this case. In fact AS3 already provides many declarative layers over these kinds of tmsh limitations by deleting and recreating resources in an atomic fashion. This has been added to our internal product backlog as AUTOTOOL-3098.
There is also an outstanding bug for config-sync issues and named nodes... https://support.f5.com/csp/article/K16592 BZ ID 382040
Hi @mkyrc, please reach out to us at [email protected] in order for us to get more information and prioritize. Thanks.
