search

F5Networks / k8s-bigip-ctlr

Repository for F5 Container Ingress Services for Kubernetes & OpenShift.
Apache License 2.0
357 stars 195 forks source link

VirtualServer with hostGroup and ipamLabel set returns the wrong vsAddress status #3126

Closed mikejoh closed 11 months ago

mikejoh commented 11 months ago

Setup Details

CIS Version : 2.14.0 Build: f5networks/k8s-bigip-ctlr:2.14.0 BIGIP Version: Big IP 15.1.7 Build 0.0.6 Final AS3 Version: 3.45.0-5.noarch Agent Mode: AS3 Orchestration: K8S Orchestration Version: 1.26.9 Pool Mode: Nodeport
Additional Setup details: IPAM controller running version v0.1.9 with an IPAM label set.

Description

For some reason when running the k8s-bigip-ctlr in nodeport mode, and creating two VirtualServers with hostGroup set to the same value and the same IPAM label to request an address from the F5 IPAM controller, one of the VirtualServer objects always set the status.vsAddress field to None. When switching to cluster mode this does not happen, and both objects get the status correctly updated to the same virtual server address.

Steps To Reproduce

1) Deploy v2.14.0 of the k8s-bigip-ctlr and v0.1.9 of the IPAM controller with an ip-range configured. F5 BIGIP Controller flags:

--credentials-directory=/tmp/creds
--bigip-partition=clusterA
--bigip-url=https://lb-url/
--custom-resource-mode=true
--http-client-metrics=true
--ipam=true
--log-as3-response=true
--log-level=DEBUG
--manage-ingress=false
--pool-member-type=nodeport

IPAM controller flags:

--orchestration=kubernetes
--ipam-provider=f5-ip-provider
--ip-range={"VIP":"10.10.10.0-10.10.10.128"}
--log-level=DEBUG

2) Create two VirtualServer objects sharing the same hostGroup and ipamLabel. 3) Observe the output of kubectl get vs -n <NAMESPACE> and the values in the IPAMVSADDRESS column.

Expected Result

We expect the see same VS address in the status.vsAddress field of both objects sharing the same hostGroup and ipamLabel.

Actual Result

One of the status.vsAddress fields will always be set to None.

Observations

We think we've found where this problem occurs in the code. When we swap a break with a continue in worker.go, see this commit in a branch (which in turn was branched off from the v2.14.0 tag): https://github.com/mikejoh/k8s-bigip-ctlr/commit/62f2d220e15a7294f2a9d7ef949f3d734f4797bb. With this small change, we consistently get the status.vsAddress populated with the correct IP in both VirtualServer objects.

trinaths commented 11 months ago

Created [CONTCNTR-4297] for internal tracking.

lavanya-f5 commented 11 months ago

@mikejoh please test with dev build: quay.io/f5networks/k8s-bigip-ctlr-devel:93128d0d22eec56c2beef094fba158c5e8f47132