search

F5Networks / f5-ipam-controller

The F5 IPAM Controller runs in an orchestration environment like Kubernetes to allocate IP addresses from an IPAM system to BIG-IP Virtual Servers. The purpose is to abstract complexity related to setting up BIG-IP from a networking perspective
Apache License 2.0
10 stars 16 forks source link

Unable to update IPAM (ipams.fic.f5.com not found) #92

Closed skenderidis closed 2 months ago

skenderidis commented 2 years ago

Setup Details

FIC Version : 0.1.6 CIS Version : 2.7.0
FIC Build: f5networks/f5-ipam-controller:0.1.6 CIS Build: f5networks/k8s-bigip-ctlr:2.7.0
BIGIP Version: Big IP 15.1
AS3 Version: 3.33
Orchestration: K8S
Orchestration Version: 1.20
Additional Setup details: Calico

Description

The IPAM doesn't provide an IP address. After update from 2.6.1 I came across this issue that IPs will not be provided by the IPAM controller.

Diagnostic Information

The logs from the IPAM controller show that IPAM controller is unable to update the "kube-system/f5cis.cis.ipam" as it is not found.

2022/01/18 05:12:11 [DEBUG] K8S Orchestrator Started
2022/01/18 05:12:11 [DEBUG] Starting Response Worker
2022/01/18 05:12:11 [DEBUG] Starting Custom Resource Worker
2022/01/18 05:12:11 [DEBUG] Processing Key: &{0xc00015c420 <nil> Create}
2022/01/18 05:12:11 [ERROR] Unable to Update IPAM: kube-system/f5cis.cis.ipam    Error: ipams.fic.f5.com "f5cis.cis.ipam" not found
2022/01/18 05:12:11 [DEBUG] Updated: kube-system/f5cis.cis.ipam with Status. With IP: 172.16.3.31 for Request: 
Hostname: test1.demo.com        Key:    IPAMLabel: test IPAddr:         Operation: Create

The object actually exists and has been created by CIS.

kostas@master:~$ kubectl get ipams -A
NAMESPACE     NAME             AGE
kube-system   f5cis.cis.ipam   10m

Describing it we can see that the Host Specs are defined by CIS

kostas@master:~$ kubectl describe ipams f5cis.cis.ipam -n kube-system
Name:         f5cis.cis.ipam
Namespace:    kube-system
Labels:       <none>
Annotations:  <none>
API Version:  fic.f5.com/v1
Kind:         IPAM
Metadata:
  Creation Timestamp:  2022-01-18T05:10:23Z
  Generation:          2
  Managed Fields:
    API Version:  fic.f5.com/v1
    Fields Type:  FieldsV1
    fieldsV1:
      f:spec:
        .:
        f:hostSpecs:
      f:status:
    Manager:         k8s-bigip-ctlr.real
    Operation:       Update
    Time:            2022-01-18T05:10:23Z
  Resource Version:  1001935
  UID:               4c93b89d-37b6-4bdb-b65e-3f6102c6ddfc
Spec:
  Host Specs:
    Host:        test1.demo.com
    Ipam Label:  test
Status:
Events:  <none>

Steps To Reproduce

I have included all manifests for both CIS,IPAM and VS deployments Deploy CIS first and then IPAM. Once both have been deployed, configure a virtualserver with ipamLabel: test (you can find it on the attached file vs.yaml)

Expected Result

Actual Result

Observations (if any)

skenderidis commented 2 years ago

ipam-crd.yml.txt volume.yml.txt ipam-ctlr.yml.txt cis-service-account.yml.txt cis-ctlr-cluster-crd.yml.txt cis-crd.yml.txt cis-cluster-role.yml.txt cis-cluster-role-binding.yml.txt

trinaths commented 2 years ago

created CONTCNTR-3105 for internal tracking.

skenderidis commented 2 years ago

The reason that this problem occurs is the IPAM CRD. For version 2.7.0 IPAM CRD is automatically create from CIS and therefore doesn't need to be created again. To resolve this issue please follow the following steps:

1) Delete IPAM CRD (no need to create it again) 2) Delete CIS controller Deployment (or scale it to 0) 3) Delete IPAM controller Deployment 4) Create CIS controller 5) Create IPAM controller

IPAM controller should be able to read/update the IPAM CR

vklohiya commented 2 months ago

Created the documentation task for same CONTCNTR-4772.