f5-declarative-onboarding
f5-declarative-onboarding copied to clipboard
F5Networks
DO does not configure Route-Domain correctly. VLAN-assignment is missing!
Environment
- Declarative Onboarding Version: 1.39.0
- BIG-IP Version: 17.1.0.1
Summary
We are trying to onboard a device that has single route domain. But DO does not configure Route-Domain correctly. The VLAN-assignment is missing!
The impact is that we cannot add route-domains successfully and assign self-IPs and floating-IPs to these route-domains like below.
"VLAN504-SelfIPv4": {
"class": "SelfIp",
"address": "172.5.4.88%10/24",
"vlan": "VLAN504",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"VLAN504-FloatingIPv4": {
"class": "SelfIp",
"address": "172.5.4.86%10/24",
"vlan": "VLAN504",
"allowService": "none",
"trafficGroup": "traffic-group-1"
},
"VLAN504-SelfIPv6": {
"class": "SelfIp",
"address": "2001:6f8:1ce1:21f8::88%10/64",
"vlan": "VLAN504",
"allowService": "none",
"trafficGroup": "traffic-group-local-only"
},
"VLAN504-FloatingIPv6": {
"class": "SelfIp",
"address": "2001:6f8:1ce1:21f8::86%10/64",
"vlan": "VLAN504",
"allowService": "none",
"trafficGroup": "traffic-group-1"
},
Steps To Reproduce
Steps to reproduce the behavior:
- Submit the following declaration:
{
"schemaVersion": "1.38.0",
"class": "Device",
"async": true,
"label": "Onboard BIG-IP into an DSC cluster",
"controls": {
"class": "Controls",
"dryRun": false,
"trace": false,
"traceResponse": false
},
"Common": {
"class": "Tenant",
"myDbVariables": {
"class": "DbVariables",
"provision.extramb": 500
},
"HA-01": {
"class": "SelfIp",
"address": "1.1.1.1/24",
"vlan": "RD_000_VLAN_SYN_4090",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"HA-02": {
"class": "SelfIp",
"address": "2.2.2.1/24",
"vlan": "RD_000_VLAN_SYN_4091",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"RouteDomain-10": {
"class": "RouteDomain",
"id": 10,
"vlans": [
"VLAN504"
]
},
"failoverUnicastMgmt": {
"class": "FailoverUnicast",
"addressPorts": [
{
"address": "/Common/HA-01/address"
},
{
"address": "/Common/HA-02/address"
}
]
},
"ConfigSync": {
"class": "ConfigSync",
"configsyncIp": "/Common/HA-01/address"
},
"myMirror": {
"class": "MirrorIp",
"primaryIp": "1.1.1.1",
"secondaryIp": "2.2.2.1"
}
}
}
- Observe the following response:
{
"id": "a4d9c205-fffa-478b-9d50-ef535083a43b",
"selfLink": "https://localhost/mgmt/shared/declarative-onboarding/task/a4d9c205-fffa-478b-9d50-ef535083a43b",
"result": {
"class": "Result",
"code": 200,
"status": "OK",
"dryRun": false,
"message": "success",
"warnings": []
},
"declaration": {
"schemaVersion": "1.38.0",
"class": "Device",
"async": true,
"label": "Onboard BIG-IP into an DSC cluster",
"controls": {
"class": "Controls",
"dryRun": false,
"trace": false,
"traceResponse": false
},
"Common": {
"class": "Tenant",
"myDbVariables": {
"class": "DbVariables",
"provision.extramb": 500
},
"HA-01": {
"class": "SelfIp",
"address": "1.1.1.1/24",
"vlan": "RD_000_VLAN_SYN_4090",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"HA-02": {
"class": "SelfIp",
"address": "2.2.2.1/24",
"vlan": "RD_000_VLAN_SYN_4091",
"allowService": "default",
"trafficGroup": "traffic-group-local-only"
},
"RouteDomain-10": {
"class": "RouteDomain",
"id": 10,
"vlans": [
"VLAN504"
],
"connectionLimit": 0,
"strict": true
},
"failoverUnicastMgmt": {
"class": "FailoverUnicast",
"addressPorts": [
{
"address": "/Common/HA-01/address",
"port": 1026
},
{
"address": "/Common/HA-02/address",
"port": 1026
}
]
},
"ConfigSync": {
"class": "ConfigSync",
"configsyncIp": "/Common/HA-01/address"
},
"myMirror": {
"class": "MirrorIp",
"primaryIp": "1.1.1.1",
"secondaryIp": "2.2.2.1"
}
}
}
}
Expected Behavior
The route-domain should be configured correctly (with VLAN-assignment).
net route-domain RouteDomain-10 {
id 10
vlans {
VLAN504
}
}
Actual Behavior
The route-domain is not configured correctly (there is no VLAN-assignment).
net route-domain RouteDomain-10 {
id 10
}
DO was performed on TenantOS v17.1.0.1 running on LTMr2000-series (F5OS-A v1.5.0).
Did you manage to have a workaround for this issue ? I've encountered it also.
I didn't find a workaround with DO. As a pure WA, you can use "tmsh create net route-domain <RouteDomain-name> vlans add { <VLAN-name/s> } id