terraform-provider-bigip icon indicating copy to clipboard operation
terraform-provider-bigip copied to clipboard

Published 20 hours ago verified publisher icon F5Networks

Determine which is active in HA pair

Open foreverblue62 opened this issue 6 years ago • 5 comments

One of the challenges we face for any automation is that we run our F5s as an active passive pair it would be good if there was a way using a data resource to capture the active passive - its available through

curl -s -k -u user:passwd https://F5-name/mgmt/tm/shared/bigip-failover-state

returns:

{"isEnabled":true,"pollCyclePeriodMillis":3600000,"nextPollTime":"2019-02-26T09:57:08.067+0000","networkFailoverDeviceGroup":"device-group-failover","failoverState":"active","generation":0,"lastUpdateMicros":0}

or/

{"isEnabled":true,"pollCyclePeriodMillis":3600000,"nextPollTime":"2019-02-26T09:56:24.724+0000","networkFailoverDeviceGroup":"device-group-failover","failoverState":"standby","generation":0,"lastUpdateMicros":0}

This could then be used to then drive the provider choice for subsequent activities.

foreverblue62 avatar Feb 26 '19 09:02 foreverblue62

we have a similar configuration, but configuration changes can be apllied on either the active or passive node since they sync each other, it's what we do and we don't have any issue with that.

What is your concern?

dannyk81 avatar Feb 26 '19 12:02 dannyk81

We don't run our F5's in production with automatic sync, instead we trigger a sync once all the changes are applied.

foreverblue62 avatar Feb 26 '19 13:02 foreverblue62

I see, well... even if you had this data source I don't think you can use that, since terraform provider configuration section doesn't support interpolation.

how did you want to take advantage of this?

dannyk81 avatar Feb 26 '19 13:02 dannyk81

FYI, this PR will allow you to get the list of devices in the cluster. You'll have to then look at the FailoverState attribute to see if it's active or standby: https://github.com/f5devcentral/go-bigip/pull/22

pescetto avatar Apr 25 '19 19:04 pescetto

potentially, the provider may query for the active device before each CRUD operation and determine which device to use for the actual CRUD API call.

This would however make things a bit ambiguous, as you would be putting one address in provider and instead it would go to another (also need to consider Standalone configuration).

Additional issue is that some resources are not "sync-able" and need to be defined on each device, i.e. Vlan and local Self IPs (maybe others - not sure).

we currently use provider aliases to set these up on each device as required.

dannyk81 avatar Apr 25 '19 19:04 dannyk81

Hi, closing this request now. Please re-open if required or send an email to [email protected]. Thanks!

KrithikaChidambaram avatar Feb 21 '23 11:02 KrithikaChidambaram