The "<ESD name>" _can_ collide with a neutron l7_policy name

F5Networks / f5-openstack-agent

The F5 Agent for OpenStack Neutron allows you to deploy BIG-IP services in an OpenStack environment.

http://clouddocs.f5.com/products/openstack/agent/latest

Apache License 2.0

14 stars 38 forks source link

The "<ESD name>" _can_ collide with a neutron l7_policy name #1077

Open zancas opened 6 years ago

zancas commented 6 years ago

ESD names, as described here:

https://devcentral.f5.com/articles/customizing-openstack-lbaasv2-using-enhanced-services-definitions-25681

can conflict with l7_policy names.

A simple fix is to prepend a magic string to all ESD names, e.g.:

= "f5_ESD_"

richbrowne commented 6 years ago

If a user creates a L7 policy that has the same name as an ESD, then the ESD will be applied. We have no way of determining what the user's intent is.

Perhaps some naming guidelines included in the documentation would be helpful

jgruber commented 6 years ago

Agreed.. we simply document this.

Don't forget that we are 'hand waving' many profile, iRule, and traffic policy collisions on the BIG-IP as well with the proviso that the provider which constructs the ESD needs to test them. We can not turn the agent in a 'rules engine' for validity of all possible TMOS functionality.