shyawnkarim
commented
1 year ago Thanks for submitting this issue. We are not tracking it internally with ID, EC-297.
Closed ghost closed 1 year ago
shyawnkarim
commented
1 year ago Thanks for submitting this issue. We are not tracking it internally with ID, EC-297.
joelkeener
commented
1 year ago Hello @grf5, can we please see the configuration of the monitor (specifically the type it was based on) as well as the rendered template -- which you can see in the last tab under the Debug section at the bottom of the template?
joelkeener
commented
1 year ago You should just have to change your references in the monitors array to point at the bigip, like this:
"monitors": [
{{#monitor_names}}
{ "bigip": {{ . }} },
{{/monitor_names}}
]I first thought the problem was that you are referencing an array named monitors_name in the template section of your yaml file, but the property's actual name is monitor_names.
Also, you have a single colon(:) before the array type specification, and it needs to be a double-colon(::); I get this error when validating the template:
$ npx fast validate test.yaml
failed to load template
Error: Failed to find the specified schema: array (name, monitors_name:array)
at parsed.reduce.type (/Users/keener/Development/FAST/mystique/node_modules/@f5devcentral/f5-fast-core/lib/template.js:359:27)
at Array.reduce (<anonymous>)
at Template._handleParsed (/Users/keener/Development/FAST/mystique/node_modules/@f5devcentral/f5-fast-core/lib/template.js:353:31)
at Template._parametersSchemaFromTemplate (/Users/keener/Development/FAST/mystique/node_modules/@f5devcentral/f5-fast-core/lib/template.js:664:39)
at /Users/keener/Development/FAST/mystique/node_modules/@f5devcentral/f5-fast-core/lib/template.js:919:22I was able to load your templateset after fixing that [and a few other changes that made it a standalone template], and then install it in my lab, to reproduce the issue, with this template configuration:
contentType: application/json
title: TEST GitHub issue #134
description: TESTING Custom Monitor
definitions:
monitor_names:
title: Monitors
description: Hold the *control* key to select multiple https Monitors to attach to the virtual server.
type: array
uniqueItems: true
items:
type: string
enumFromBigip: ltm/monitor/https
default: []
template: |
{
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"{{tenant_name}}": {
"class": "Tenant",
"fast_{{app_name}}_app": {
"class": "Application",
"fast_{{app_name}}_service": {
"class": "Service_HTTPS",
"virtualAddresses": [
"192.168.1.10"
],
"pool": { "use": "fast_{{app_name}}_pool" },
"Server_TLS": { "bigip": "/Common/clientssl" },
"Client_TLS": { "bigip": "/Common/serverssl" }
},
"fast_{{app_name}}_pool": {
"class": "Pool",
"monitors": {{monitors_name::array}}
}
}
}
}
}I was able to see the same error when I deployed the template with a custom https monitor in /Common:
/asdf/fast_asdf_app/fast_asdf_pool/monitors/0: should be equal to one of the allowed values ["http","https","http2","icmp","tcp-half-open","tcp"]
Then I changed the property name in the template from monitors_name to monitor_names and it worked; here is your template with the monitors referencing objects that already exist on the device, with the bigip pointer:
contentType: application/json
bigipHideTemplate: true
definitions:
monitor_names:
title: Monitors
description: Hold the *control* key to select multiple https Monitors to attach to the virtual server.
type: array
uniqueItems: true
items:
type: string
enumFromBigip: ltm/monitor/https
default: []
template: |
{
"class": "AS3",
"action": "deploy",
"persist": true,
"declaration": {
"class": "ADC",
"{{tenant_name}}": {
"class": "Tenant",
"fast_{{app_name}}_app": {
"class": "Application",
"fast_{{app_name}}_pool": {
"class": "Pool",
"monitors": [
{{#monitor_names}}
{ "bigip": {{ . }} },
{{/monitor_names}}
]
}
}
}
}
}
stardad3
commented
1 year ago I have tried to deploy a test VIP and I get the following error
"Cannot read property 'properties' of undefined"
Here is the Rendered output from the Debug View
WARNING: The below declaration is only for inspection and debug purposes. Submitting the below ouput to AS3 directly can result in loss of tenants and applications. Please only submit this declaration through FAST.
{ "class": "ADC", "schemaVersion": "3.0.0", "id": "urn:uuid:a858e55e-bbe6-42ce-a9b9-0f4ab33e3bf7", "UPT_Galaxy": { "class": "Tenant", "fast_uso_int_testvip.use.ucdp.net_https_app": { "class": "Application", "template": "generic", "fast_uso_int_testvip.use.ucdp.net_https_vs": { "class": "Service_HTTPS", "virtualAddresses": [ "192.168.100.101" ], "virtualPort": 443, "redirect80": true, "persistenceMethods": [], "serverTLS": "fast_uso_int_testvip.use.ucdp.net_https_clientssl", "clientTLS": { "bigip": "/Common/serverssl" }, "pool": { "use": "fast_uso_int_testvip.use.ucdp.net_https_pool" }, "iRules": [], "policyEndpoint": [], "profileHTTP": { "use": "fast_uso_int_testvip.use.ucdp.net_https_http" }, "profileMultiplex": { "use": "fast_uso_int_testvip.use.ucdp.net_https_oneconnect" }, "snat": "auto", "profileTCP": { "ingress": { "bigip": "/Common/tcp-wan-optimized" }, "egress": { "bigip": "/Common/tcp-lan-optimized" } } }, "fast_uso_int_testvip.use.ucdp.net_https_clientssl": { "class": "TLS_Server", "certificates": [ { "certificate": "fast_uso_int_testvip.use.ucdp.net_https_client_ssl_cert" } ], "cipherGroup": { "bigip": "/Common/secure_cipher_group" } }, "fast_uso_int_testvip.use.ucdp.net_https_client_ssl_cert": { "class": "Certificate", "certificate": { "bigip": "/Common/default.crt" }, "privateKey": { "bigip": "/Common/default.key" }, "chainCA": { "bigip": "/Common/ComodoCA-Bundle.crt" } }, "fast_uso_int_testvip.use.ucdp.net_https_pool": { "class": "Pool", "members": [ { "adminState": "enable", "hostname": "usor8dtst01", "serverAddresses": [ "10.18.75.180" ], "servicePort": 443, "shareNodes": true }, { "adminState": "enable", "hostname": "usor8dtst02", "serverAddresses": [ "10.18.75.181" ], "servicePort": 443, "shareNodes": true } ], "loadBalancingMode": "round-robin", "minimumMonitors": "all", "minimumMembersActive": 0, "monitors": [ { "bigip": "/Common/galaxy_8079" }, { "bigip": "/Common/https" } ] }, "fast_uso_int_testvip.use.ucdp.net_https_http": { "class": "HTTP_Profile", "xForwardedFor": true, "viaRequest": "preserve", "viaResponse": "preserve", "hstsInsert": true, "hstsPeriod": 31536000, "hstsIncludeSubdomains": true }, "fast_uso_int_testvip.use.ucdp.net_https_oneconnect": { "class": "Multiplex_Profile", "sourceMask": "255.255.255.255" } } } }
joelkeener
commented
1 year ago Hello @stardad3, it looks like the pool's monitor section of your declaration is valid, if those monitors exist, but there are 9 things that must already exist on your bigip device for this declaration to work.
When I removed all of those things, except two monitors and the default client-ssl profile, the AS3 declaration deployed successfully.
The issue you are having is specific to the configuration on your device, and/or the resulting AS3 declaration, not with the FAST template that builds the rendered declaration.
Please let us know if you have any questions about how, instead of a FAST bug, there were only errors with your custom template - which I have identified and corrected for your FAST health monitor subTemplate - or if you still are unable to use an existing health monitor.
Here is the modified AS3 declaration you posted last -- which doesn't use pre-existing custom objects except for the health monitor -- but is otherwise identical to your rendered FAST template, having fully preserved the pool and monitor section:
{
"class": "ADC",
"id": "urn:uuid:a858e55e-bbe6-42ce-a9b9-0f4ab33e3bf7",
"schemaVersion": "3.0.0",
"UPT_Galaxy": {
"class": "Tenant",
"fast_uso_int_testvip.use.ucdp.net_https_app": {
"class": "Application",
"fast_uso_int_testvip.use.ucdp.net_https_http": {
"class": "HTTP_Profile",
"hstsIncludeSubdomains": true,
"hstsInsert": true,
"hstsPeriod": 31536000,
"viaRequest": "preserve",
"viaResponse": "preserve",
"xForwardedFor": true
},
"fast_uso_int_testvip.use.ucdp.net_https_oneconnect": {
"class": "Multiplex_Profile",
"sourceMask": "255.255.255.255"
},
"fast_uso_int_testvip.use.ucdp.net_https_pool": {
"class": "Pool",
"loadBalancingMode": "round-robin",
"members": [
{
"adminState": "enable",
"hostname": "usor8dtst01",
"serverAddresses": [
"10.18.75.180"
],
"servicePort": 443,
"shareNodes": true
},
{
"adminState": "enable",
"hostname": "usor8dtst02",
"serverAddresses": [
"10.18.75.181"
],
"servicePort": 443,
"shareNodes": true
}
],
"minimumMembersActive": 0,
"minimumMonitors": "all",
"monitors": [
{
"bigip": "/Common/dnsTest_monitor"
},
{
"bigip": "/Common/https"
}
]
},
"fast_uso_int_testvip.use.ucdp.net_https_vs": {
"class": "Service_HTTPS",
"iRules": [],
"persistenceMethods": [],
"policyEndpoint": [],
"pool": {
"use": "fast_uso_int_testvip.use.ucdp.net_https_pool"
},
"profileHTTP": {
"use": "fast_uso_int_testvip.use.ucdp.net_https_http"
},
"profileMultiplex": {
"use": "fast_uso_int_testvip.use.ucdp.net_https_oneconnect"
},
"redirect80": true,
"serverTLS": {
"bigip": "/Common/clientssl"
},
"snat": "auto",
"virtualAddresses": [
"192.168.100.101"
],
"virtualPort": 443
},
"template": "generic"
}
}
}And here is the command I have tested this with:
curl -vku <username>:<password> https://<mgmt_ip>:8443/mgmt/shared/appsvcs/declare -H 'Content-Type: application/json' -d '{ "class": "ADC", "id": "urn:uuid:a858e55e-bbe6-42ce-a9b9-0f4ab33e3bf7", "schemaVersion": "3.0.0", "UPT_Galaxy": { "class": "Tenant", "fast_uso_int_testvip.use.ucdp.net_https_app": { "class": "Application", "fast_uso_int_testvip.use.ucdp.net_https_http": { "class": "HTTP_Profile", "hstsIncludeSubdomains": true, "hstsInsert": true, "hstsPeriod": 31536000, "viaRequest": "preserve", "viaResponse": "preserve", "xForwardedFor": true }, "fast_uso_int_testvip.use.ucdp.net_https_oneconnect": { "class": "Multiplex_Profile", "sourceMask": "255.255.255.255" }, "fast_uso_int_testvip.use.ucdp.net_https_pool": { "class": "Pool", "loadBalancingMode": "round-robin", "members": [ { "adminState": "enable", "hostname": "usor8dtst01", "serverAddresses": [ "10.18.75.180" ], "servicePort": 443, "shareNodes": true }, { "adminState": "enable", "hostname": "usor8dtst02", "serverAddresses": [ "10.18.75.181" ], "servicePort": 443, "shareNodes": true } ], "minimumMembersActive": 0, "minimumMonitors": "all", "monitors": [ { "bigip": "/Common/dnsTest_monitor" }, { "bigip": "/Common/https" } ] }, "fast_uso_int_testvip.use.ucdp.net_https_vs": { "class": "Service_HTTPS", "iRules": [], "persistenceMethods": [], "policyEndpoint": [], "pool": { "use": "fast_uso_int_testvip.use.ucdp.net_https_pool" }, "serverTLS": { "bigip": "/Common/clientssl" }, "profileHTTP": { "use": "fast_uso_int_testvip.use.ucdp.net_https_http" }, "profileMultiplex": { "use": "fast_uso_int_testvip.use.ucdp.net_https_oneconnect" }, "redirect80": true, "snat": "auto", "virtualAddresses": [ "192.168.100.101" ], "virtualPort": 443 }, "template": "generic" } } }'
stardad3
commented
1 year ago I was able to deploy a VIP using the new template without errors. Seems like everything is working.
Thanks!
shyawnkarim
commented
1 year ago Closing. Please a message here if you would like a additional help and we can reopen the issue.
Environment
Summary
Error when choosing a custom monitor in FAST ... validation requires strict values.
/myTenant/fmyApp/myPool/monitors/0: should be equal to one of the allowed values ["http","https","http2","icmp","tcp-half-open","tcp"]This is very similar to an issue that was resolved in 1.12.0: #64 - Error when choosing custom persistence profile
Steps To Reproduce
Create a custom monitor in /Common on the BIG-IP. Create a FAST template that allows for multiple monitors:
Attempt to deploy the application to see the error.
Expected Behavior
All monitors specified should be recognized by FAST.
Actual Behavior
The submissioin is rejected:
/myTenant/fmyApp/myPool/monitors/0: should be equal to one of the allowed values ["http","https","http2","icmp","tcp-half-open","tcp"]