search

F5Networks / f5-appsvcs-extension

F5 BIG-IP Application Services 3 Extension
Apache License 2.0
163 stars 52 forks source link

AS3 Declaration Fails to Update IP Addresses for Pool Members in F5 Configuration #846

Open ppieprzycki opened 2 weeks ago

ppieprzycki commented 2 weeks ago

Environment

Summary

Unable to change IP address for backend pool with AS3 declaration.

Steps To Reproduce

Steps to reproduce the behavior:

  1. Submit the following declaration:

    {
    "test-tenant1": {
        "APP_inttest1": {
            "POOL_inttest1": {
                "class": "Pool",
                "members": [
                    {
                        "priorityGroup": 20,
                        "servers": [
                            {
                                "address": "10.11.11.10",
                                "name": "nodes.webserver1.networks.intern.ipv4"
                            },
                            {
                                "address": "10.11.11.11",
                                "name": "nodes.webserver2.networks.intern.ipv4"
                            }
                        ],
                        "servicePort": 80
                    }
                ],
                "monitors": [
                    {
                        "bigip": "/Common/tcp"
                    }
                ]
            },
            "SA_inttest1": {
                "arpEnabled": true,
                "class": "Service_Address",
                "icmpEcho": "enable",
                "routeAdvertisement": "always",
                "spanningEnabled": false,
                "trafficGroup": "none",
                "virtualAddress": "10.10.1.1"
            },
            "SRV_inttest1": {
                "class": "Service_HTTPS",
                "label": "inttest1",
                "pool": "POOL_inttest1",
                "profileHTTP": {
                    "bigip": "/Common/http"
                },
                "serverTLS": {
                    "bigip": "/Common/test_cert"
                },
                "snat": "none",
                "virtualAddresses": [
                    {
                        "use": "SA_inttest1"
                    }
                ],
                "virtualPort": 443
            },
            "class": "Application",
            "label": "inttest1",
            "template": "generic"
        },
        "class": "Tenant",
        "defaultRouteDomain": 0
    },
    "schemaVersion": "3.50.0"
}

  2. Then submit the following change to use different IP addresses for pool members:

    ~ as3_json = jsonencode(
    ~ {
        ~ declaration = {
            ~ test-tenant1 = {
                ~ APP_inttest1 = {
                    ~ POOL_inttest1 = {
                        ~ members = [
                            ~ {
                                ~ servers = [
                                    ~ {
                                        ~ address = "10.11.11.10" -> "10.11.21.10"
                                        name = "nodes.webserver1.networks.intern.ipv4"
                                    },
                                    ~ {
                                        ~ address = "10.11.11.11" -> "10.11.21.11"
                                        name = "nodes.webserver2.networks.intern.ipv4"
                                    },
                                ]
                            },
                        ]
                    }
                }
            }
        }
    }
)

  3. Observe the following error response: No error visible for update.

Declaration on the device shows new IP addresses values for backend pools. However, this is not reflected in the F5 configuration: https://loadbalancer/mgmt/shared/appsvcs/declare/test-tenant1

Expected Behavior

IP addresses for pool members should be changed.

Actual Behavior

IP addresses in F5 configuration still point to old values. IP addresses should be updated or member recreated.

mivsmirnov commented 1 week ago

Got the same issue...