search

F5Networks / f5-appsvcs-templates

F5 BIG-IP Application Service Templates (FAST)
Apache License 2.0
32 stars 14 forks source link

Infoblox IPAM settings #107

Open himalayanBuddy opened 2 years ago

himalayanBuddy commented 2 years ago

Environment

Summary

Getting error message while trying to deploy VIP using simple UDP application with IPAM template

Failed to submit application:
Failed to get data from /mgmt/shared/fast/applications: 400 Bad Request
request failed with null exception

Steps To Reproduce

List the steps to reproduce the behavior:

  1. Create and Save IPAM settings Name: lab Host: 10.10.10.10 Username: user Password: xxxxxxx API Version: 2.9 Network Name: 10.50.10.0/24

  2. Use simple UDP application with IPAM template to deploy VIP.

  3. Provide Parameters

  4. Hit Deploy

  5. The error message mentioned above gets generated.

Expected Behavior

A clear and concise description of what you expected to happen.

IP from Infoblox is reserved for VIP and VIP is created.

Actual Behavior

Error message mentioned above is generated on GUI.

restnoded log

Wed, 25 May 2022 16:59:33 GMT - info: FAST Worker [247]: Entering gathering config data
Wed, 25 May 2022 16:59:33 GMT - info: FAST Worker [247]: Exiting gathering config data
Wed, 25 May 2022 16:59:33 GMT - fine: FAST Worker [247]: gathering config data took 0ms to complete
Wed, 25 May 2022 16:59:33 GMT - info: FAST Worker [247]: Entering fetching address from IPAM provider: lab
Wed, 25 May 2022 16:59:33 GMT - info: FAST Worker [247]: Exiting fetching address from IPAM provider: lab
Wed, 25 May 2022 16:59:33 GMT - fine: FAST Worker [247]: fetching address from IPAM provider: lab took 4ms to complete
Wed, 25 May 2022 16:59:33 GMT - info: FAST Worker [247]: sending response after 140ms
shyawnkarim commented 2 years ago

Thanks for reporting this issue. We are now tracking it internally with ID MYSTIQUE-680.

shyawnkarim commented 2 years ago

@himalayanBuddy, engineering was not able to reproduce this error, however, was able to reproduce some other issues by misconfiguring the generic IPAM settings. Do you have any issues when using this curl command (replace xxxxxx with your password)?

curl -v http://10.10.10.10/wapi/v2.9/fixedaddress?_return_as_object=1&_return_fields=ipv4addr -d {"ipv4addr":"func:nextavailableip:network/10.50.10.0/24","mac":"00:00:00:00:00:00","comment":"Created by F5 Application Services Templates"} -X POST -H 'content-type:application/json' -u user:xxxxxxx

If this isn't an Infoblox server, can you try testing with the generic IPAM type? If it doesn't work, can you provide the response you get? Again, please use your own password in place of xxxxxx.

curl -v http://10.10.10.10/nextavailableip -u user:xxxxxxx

Can you also provide us with the error in the GUI if it is different when using the generic IPAM type?

Additionally, can you provide us with with a QKView and/or more information about your Infoblox config along with a tarball or /var/log/restnoded directory?

I can be reached directly at s.karim@f5.com.

shyawnkarim commented 2 years ago

Hi @himalayanBuddy, our engineer now believes that there has been a misconfiguration and that you will need to get everything after "network/" in the output of the following command (after changing user:xxxxxxx to the real credentials) and then update the Network Name field in your Infoblox provider, configured in the FAST Global Settings:

curl -vk -u user:xxxxxxx -H 'content-type:application/json' https://10.10.10.10/wapi/v2.4/network

Here is an example, what was returned from the engineer's Infoblox server:(ZG5zLm5ldHdvcmskMTAuNTAuMTAuMC8yNC8w:10.50.10.0/24/default in the last object's _ref attribute is what was used for the Network Name):

{
    "_ref": "network/ZG5zLm5ldHdvcmskMTAuMC4wLjAvMjQvMA:10.0.0.0/24/default", 
    "network": "10.0.0.0/24", 
    "network_view": "default"
}, 
{
    "_ref": "network/ZG5zLm5ldHdvcmskMTAuMTkyLjc1LjExMi8zMC8x:10.192.75.112/30/test", 
    "network": "10.192.75.112/30", 
    "network_view": "test"
}, 
{
    "_ref": "network/ZG5zLm5ldHdvcmskMTAuMTkyLjEyNS4zMi8yOC8y:10.192.125.32/28/production", 
    "network": "10.192.125.32/28", 
    "network_view": "production"
}, 
{
    "_ref": "network/ZG5zLm5ldHdvcmskMTAuNTAuMTAuMC8yNC8w:10.50.10.0/24/default", 
    "network": "10.50.10.0/24", 
    "network_view": "default"
}
himalayanBuddy commented 2 years ago

@shyawnkarim I tried the network settings though still running into same issue. Can you provide me the correct configuration details for Infoblox FAST settings on F5 BIG-IP so i can configure similar.

host: <> API Version: <> Network Name: <>

shyawnkarim commented 2 years ago

@himalayanBuddy can you run the command, from my previous message, and let us know what the output is? That should provide the name of the network.

The api version shouldn't make a difference and host is the IP, and possibly the port, that you should have.

himalayanBuddy commented 2 years ago

I took packet capture on the BIG-IP. The BIG-IP using FAST is failing handshake with the IPAM. BIG-IP sends FIN during SSL handshake process.

I get expected results using curl from the same BIG-IP.

shyawnkarim commented 2 years ago

At this point, we do not have enough information to investigate your issue. Can you provide us with the output from this command?

curl -vk -u user:xxxxxxx -H 'content-type:application/json' https://10.10.10.10/wapi/v2.4/network