avinashchundu9
commented
2 weeks ago Also when namespace label is used primary and secondary CIS entering into split brain and posting declaration independently overriding each other.
Open avinashchundu9 opened 2 weeks ago
avinashchundu9
commented
2 weeks ago Also when namespace label is used primary and secondary CIS entering into split brain and posting declaration independently overriding each other.
trinaths
commented
2 weeks ago Created [CONTCNTR-4855] for internal tracking.
Setup Details
CIS Version : 2.17.1
Build: f5networks/k8s-bigip-ctlr:latest
BIGIP Version: Big IP v16.1.3.1 AS3 Version: 3.47
Agent Mode: AS3
Orchestration: K8S
Orchestration Version: v1.28.10
Pool Mode: Nodeport
Description
In multicluster CIS deployed in active-active mode with namespace-label defined in values files, we noticed that the Transport server only contains the pool member of the primary cluster. Removing the namespace-label works with out any issue.
Steps To Reproduce
1) Deploy CIS in active-active mode 2) Values file should include a namespace label 3) Create namespace with labels on both clusters 4) Try to create a Transport server and check for pool members.
Expected Result
The pool should have members from both clusters.
Actual Result
Pool members only have members from the primary cluster
values file: log_level: DEBUG namespace_label: "f5cis-enable=true" pool_member_type: auto insecure: true custom-resource-mode: true log-as3-response: true ipam : false multi-cluster-mode: primary extended-spec-configmap: f5-cis/global-spec-config as3-validation: true
Examples using namespace labels will also help the user community.