search

F5Networks / f5-ansible-bigip

Declarative Ansible collection for managing F5 BIG-IP/BIG-IQ.
37 stars 17 forks source link

bigip_sslo_config_topology fails to set port #76

Closed cwise24 closed 7 months ago

cwise24 commented 11 months ago
COMPONENT NAME

bigip_sslo_config_topology

Environment

ANSIBLE VERSION
ansible [core 2.15.2]
  config file = /home/cwise/Project/sslo_ansible/ansible.cfg
  configured module search path = ['/home/cwise/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/cwise/.local/lib/python3.10/site-packages/ansible
  ansible collection location = /home/cwise/Project/sslo_ansible/collections
  executable location = /home/cwise/.local/bin/ansible
  python version = 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
BIGIP VERSION
SSLO- 7.6.17

[admin@ip-10-255-20-9:Active:Standalone] ~ # tmsh show sys version
Sys::Version
Main Package
  Product     BIG-IP
  Version     15.1.8.2
  Build       0.0.17
  Edition     Point Release 2
  Date        Thu Mar 16 03:44:11 PDT 2023
CONFIGURATION

[defaults] host_key_checking = False inventory = inventory log_path = ansible.log collections_paths = ./collections

OS / ENVIRONMENT
SUMMARY

When using this module to depploy topology, the supplied port is not accepted and defaults to 0

STEPS TO REPRODUCE
 - name: Create demo SSLO Topology
      tags: topo
      bigip_sslo_config_topology:
        name: "{{ sslo_topo }}"
        topology_type: "outbound_l3"
        dest: "10.10.10.10/32"
        port: 443
        ip_family: "ipv4"
        ssl_settings: "{{ sslo_ssl }}"
        security_policy: "{{ sslo_policy }}"
        vlans:
        - "/Common/{{ sslo_vlan }}"
        tcp_settings_client: /Common/f5-tcp-lan
        tcp_settings_server: /Common/f5-tcp-wan
EXPECTED RESULTS

Port set to 443

ACTUAL RESULTS

Port is set to 0

Name Protocol Source Address Destination Address Port Policy SSL
sslo_demo_l3_out-in-t-4 tcp 0.0.0.0%0/0 10.10.10.10%0 0 ssloP_demo_policy ssloT_demo2_ssl 

TASK [Create demo SSLO Topology] ****************************************************************************************************************************
task path: /Users/xxxx/Projects/Comcast/sslo_ansible/sslo-demo.yaml:44
redirecting (type: connection) ansible.builtin.httpapi to ansible.netcommon.httpapi
changed: [sslo-2] => {
    "changed": true,
    "dest": "10.10.10.10%0/32",
    "invocation": {
        "module_args": {
            "access_profile": null,
            "additional_protocols": null,
            "auth_profile": null,
            "dest": "10.10.10.10/32",
            "dns_resolver": null,
            "dump_json": false,
            "gateway": null,
            "gateway_list": null,
            "gateway_pool": null,
            "ip_family": "ipv4",
            "l7_profile": null,
            "l7_profile_type": null,
            "logging": null,
            "name": "demo_l3_out",
            "ocsp_auth": null,
            "pool": null,
            "port": 443,
            "primary_auth_uri": null,
            "profile_scope": null,
            "profile_scope_value": null,
            "protocol": null,
            "proxy_ip": null,
            "proxy_port": null,
            "security_policy": "demo_policy",
            "snat": null,
            "snat_list": null,
            "snat_pool": null,
            "source": null,
            "ssl_settings": "demo2_ssl",
            "state": "present",
            "tcp_settings_client": "/Common/f5-tcp-lan",
            "tcp_settings_server": "/Common/f5-tcp-wan",
            "timeout": 300,
            "topology_type": "outbound_l3",
            "verify_accept": null,
            "vlans": [
                "/Common/SSL_STUB"
            ]
        }
    },
    "ip_family": "ipv4",
    "port": 443,
    "proxy_type": "transparent",
    "rule": "Outbound",
    "security_policy": "ssloP_demo_policy",
    "ssl_settings": "ssloT_demo2_ssl",
    "tcp_settings_client": "/Common/f5-tcp-lan",
    "tcp_settings_server": "/Common/f5-tcp-wan",
    "topology": "outbound_l3",
    "vlans": [
        "/Common/SSL_STUB"
    ]
}
ghost commented 11 months ago

FWIW this was tested using SSLO v 7.6.17 on TMOS 15.1.8.2.

cwise24 commented 11 months ago

Thanks @grf5, I pasted version info inside comment block. Now fixed

cwise24 commented 11 months ago

Also happening in

SLLO: 9.3.41

Sys::Version
Main Package
  Product     BIG-IP
  Version     16.1.4.1
  Build       0.0.5
  Edition     Point Release 1
  Date        Wed Sep 13 07:36:20 PDT 2023

Same playbook/module

pgouband commented 9 months ago

Hi,

Thanks for reporting. Added to the backlog and internal tracking ID for this request is: INFRAANO-1399.

urohit011 commented 7 months ago

The fix has been merged now. Closing this issue.