f5-aws-cloudformation icon indicating copy to clipboard operation
f5-aws-cloudformation copied to clipboard

Published 20 hours ago verified publisher icon F5Networks

AWS cluster deployment depending on healthy "F5.com" (ping)?

Open amolari opened this issue 4 years ago • 3 comments

Do you already have an issue opened with F5 support?

yes (1-6754713589)

Description

For whatever reason, F5.com was unreachable by ping. I've noticed it when having a cluster provisioning stucked and then timed-out (stack deployment timeout).

2020-08-07T14:57:47.821Z debug: [pid: 15930] [lib/bigIp.js] create localhost /tm/util/ping {"command":"run","utilCmdArgs":"f5.com -c 1"}
2020-08-07T14:57:57.868Z debug: [pid: 15930] [lib/bigIp.js]  {"kind":"tm:util:ping:runstate","command":"run","utilCmdArgs":"f5.com -c 1","commandResult":"PING f5.com (104.219.110.168) 56(84) bytes of data.\n\n--- f5.com ping statistics ---\n1 packets transmitted, 0 received, 100% packet loss, time 0ms\n\n"}
2020-08-07T14:57:57.869Z verbose: [pid: 15930] [lib/bigIp.js] Ping received 0 packet(s).
2020-08-07T14:57:57.869Z silly: [pid: 15930] [lib/util.js] tryUntil: got error
2020-08-07T14:57:57.870Z silly: [pid: 15930] [lib/util.js] typeof err undefined
2020-08-07T14:57:57.870Z verbose: [pid: 15930] [lib/util.js] tryUntil error:  tries left: 67

Question: does it makes sense to have a (successful) provisioning depending on some "third-party"/uncontrollable infrastructure?

Template

For bugs, enter the template with which you are experiencing issues below. AWS v5.7.0 autoscale 1nic bigiq

Severity Level

For bugs, enter the bug severity level. Do not set any labels.

Severity: 5

amolari avatar Aug 07 '20 15:08 amolari

this is silly, but for the older CF templates I jump onto the devices as soon as they are provisioned and add an /etc/hosts entry for f5.com to the devices' local private ip address, and then that icmp check works.

cixelsyd avatar Aug 12 '20 18:08 cixelsyd

This dependency on a ICMP ping also prohibits the deployment in an environment without NATGW or IGW (Internet reachable only through a webproxy)

amolari avatar Oct 19 '20 09:10 amolari

A ticket to look into this has been created and it is being tracked internally with ID ESECLDTPLT-2341.

shyawnkarim avatar Nov 11 '20 22:11 shyawnkarim

Closing due to age. These legacy templates are now in maintenance mode and are being replaced by our next-generation templates available in the Cloud Templates 2.0 GitHub repo.

shyawnkarim avatar Nov 11 '22 22:11 shyawnkarim