Failover not occurring

[dimitrd4]

Do you already have an issue opened with F5 support? Yes

Github Issues are consistently monitored by F5 staff, but should be considered as best effort only and you should not expect to receive the same level of response as provided by F5 Support. Please open an case with F5 if this is a critical issue.

Description

Describe the problem you're having or the enhancement you'd like to request.

Failover does not occur on virtual NICs on both F5 units:

• Error from active and standby units:

2019-06-25T12:27:27.770Z error: Error during failover: {"message":"Error: Command failed: /usr/bin/tmsh list sys file ssl-key /CloudLibsLocal/cloudLibsLocalPrivate\n01020036:3: The requested Certificate Key File (/CloudLibsLocal/cloudLibsLocalPrivate) was not found.\n:01020036:3: The requested Certificate Key File (/CloudLibsLocal/cloudLibsLocalPrivate) was not found.\n","stack":"Error: Error: Command failed: /usr/bin/tmsh list sys file ssl-key /CloudLibsLocal/cloudLibsLocalPrivate\n01020036:3: The requested Certificate Key File (/CloudLibsLocal/cloudLibsLocalPrivate) was not found.\n:01020036:3: The requested Certificate Key File (/CloudLibsLocal/cloudLibsLocalPrivate) was not found.\n\n at childProcess.exec (/config/cloud/azure/node_modules/@f5devcentral/f5-cloud-libs-azure/node_modules/@f5devcentral/f5-cloud-libs/lib/util.js:808:33)\n at ChildProcess.exithandler (child_process.js:282:5)\n at emitTwo (events.js:126:13)\n at ChildProcess.emit (events.js:214:7)\n at maybeClose (internal/child_process.js:925:16)\n at Process.ChildProcess._handle.onexit (internal/child_process.js:209:5)"} 2019-06-25T12:27:27.771Z error: Failover failed: Error: Command failed: /usr/bin/tmsh list sys file ssl-key /CloudLibsLocal/cloudLibsLocalPrivate 01020036:3: The requested Certificate Key File (/CloudLibsLocal/cloudLibsLocalPrivate) was not found. :01020036:3: The requested Certificate Key File (/CloudLibsLocal/cloudLibsLocalPrivate) was not found.

Template

For bugs, enter the template with which you are experiencing issues below. https://github.com/F5Networks/f5-azure-arm-templates/tree/develop/supported/failover/same-net/via-api/n-nic/existing-stack/byol

Severity Level

For bugs, enter the bug severity level. Do not set any labels.

Severity: 2

Severity level definitions:

1. Severity 1 (Critical) : Defect is causing systems to be offline and/or nonfunctional. immediate attention is required.
2. Severity 2 (High) : Defect is causing major obstruction of system operations.
3. Severity 3 (Medium) : Defect is causing intermittent errors in system operations.
4. Severity 4 (Low) : Defect is causing infrequent interuptions in system operations.
5. Severity 5 (Trival) : Defect is not causing any interuptions to system operations, but none-the-less is a bug.

[mikeshimkus]

Hi, thanks for opening this. Working this issue via F5 support will provide the fastest resolution, but I have one question. Were these BIG-IP devices upgraded from a previous version of BIG-IP?

[dimitrd4]

Thanks Mike! I’ve opened a case with F5 and will work with their engineer later today! Indeed, I have upgraded to version 14.1.0, but I can revert to version 12 if it is necessary. Is there any updated working template version for BYOL Active/Standby scenario?

Thank you and have a nice day!

Denislav Dimitrov Network Security Engineer, Information Technology PPD Sofia, Bulgaria denislav.dimitrov2@ppdi.commailto:denislav.dimitrov2@ppdi.com

From: Mike Shimkus notifications@github.com Sent: Wednesday, June 26, 2019 4:41 PM To: F5Networks/f5-azure-arm-templates f5-azure-arm-templates@noreply.github.com Cc: Denislav Dimitrov Denislav.Dimitrov2@ppdi.com; Author author@noreply.github.com Subject: Re: [F5Networks/f5-azure-arm-templates] Failover not occurring (#132)

This email originated outside PPD. Please use caution before clicking links.

---

Hi, thanks for opening this. Working this issue via F5 support will provide the fastest resolution, but I have one question. Were these BIG-IP devices upgraded from a previous version of BIG-IP?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/F5Networks/f5-azure-arm-templates/issues/132?email_source=notifications&email_token=AK33EU4BGOUXTHTIROX7DG3P4NWXTA5CNFSM4H3RG5I2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYTR2OY#issuecomment-505879867, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AK33EUZTX6JILGHVME2CKC3P4NWXTANCNFSM4H3RG5IQ.

This email transmission and any documents, files or previous email messages attached to it may contain information that is confidential or legally privileged. If you are not the intended recipient or a person responsible for delivering this transmission to the intended recipient, you are hereby notified that you must not read this transmission and that any disclosure, copying, printing, distribution or use of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify the sender by telephone or return email and delete the original transmission and its attachments without reading or saving in any manner.

[mikeshimkus]

Hi Denislav, yes, we have updated templates for failover via-api, but they aren't helpful if you need to do an upgrade. You would need to create a new deployment with the new template and migrate the configuration over to it, which is a cleaner way to go if you're amenable to it.

We also just published steps on how to do an upgrade and include all the necessary files to enable failover to work: https://github.com/F5Networks/f5-azure-arm-templates/tree/master/supported/failover/same-net/via-api/n-nic/existing-stack/byol#post-deployment-configuration-steps

You'd want to do one device at a time to verify that things work as expected before completing the upgrade. Mike

[shyawnkarim]

Closing. Please reopen if you still need assistance.