search

F5Networks / terraform-provider-bigip

Terraform resources that can configure F5 BIG-IP products
https://registry.terraform.io/providers/F5Networks/bigip/latest/docs
Mozilla Public License 2.0
102 stars 119 forks source link

bigip_as3 returns Successful deployment when AS3 actually fails and does NOT deploy. #1000

Closed thepowercoders closed 1 week ago

thepowercoders commented 1 month ago

Environment

Summary

The AS3 API occasionally returns a "200 OK" when a declaration is sent to the /mgmt/shared/appsvcs/declare endpoint using the bigip_as3 resource. However, in the response body. there has actually been a failure and a multi-response is returned. However, the terraform provider does not pick up on this and assumes the declaration had loaded successfully when it has not - so a Terraform apply returns a successful response. If a Terraform plan is then performed again, the `bigip_as3 resource reports that the same updates are needed - but again it fails and does not realize - so is stuck forever planning changes which it thinks applies successfully, but which don't.

Steps To Reproduce

Steps to reproduce the behavior:

  1. Create a declaration where you are updating multiple partitions - typically /Common as well as your own partition. This can be done if you are using options like shareAddresses in the Service_HTTPS class or shareNodes in the PoolMember class.

  2. Ensure there is an error in the configuration in your main partition (in the below example I am trying to create an address list as the source address of my virtual server but my virtual server name is too long - this problem is detailed here) :

  3. Observe a 200 OK Response with an embedded failure:

{
    "id": "eef21e09-fdef-4b8d-b03c-c2c82d16c2a0",
    "results": [
        {
            "code": 200,
            "message": "success",
            "lineCount": 58,
            "host": "localhost",
            "tenant": "Common",
            "runTime": 16803,
            "declarationId": "autogen_f04adf34-3830-484f-91e2-453a29479bb5"
        },
        {
            "code": 422,
            "message": "declaration failed",
            "response": "01071529:3: The traffic_matching_criteria name (/myPartition/myApp/vs-uks-vm002-tsp-myendpoint-env01-tcp443_VS_TMC_OBJ) cannot be longer than 64 characters.",
            "host": "localhost",
            "tenant": "myPartition",
            "runTime": 15556,
            "declarationId": "autogen_f04adf34-3830-484f-91e2-453a29479bb5"
        },
        {
            "code": 200,
            "message": "success",
            "lineCount": 60,
            "host": "localhost",
            "tenant": "Common",
            "runTime": 10547,
            "declarationId": "autogen_f04adf34-3830-484f-91e2-453a29479bb5"
        }
    ],
(continues with copy of declaration in body)
  1. Observe the Terraform Apply completes successfully even though the declaration has failed.
  2. If you run a Terraform Plan again, it will propose the same change again, which fails again.

Expected Behavior

The bigip_as3 resource should detect that the AS3 declaration has failed and report the failure back to Terraform.

Actual Behavior

Terraform apply returns a successful response. If a Terraform plan is then performed again, the `bigip_as3 resource reports that the same updates are needed - but again it fails and does not realize - so is stuck forever planning changes which it thinks applies successfully, but which don't.

pgouband commented 1 month ago

Hi,

Thanks for reporting. Added to the backlog and internal tracking ID for this request is: INFRAANO-1616.

prateekramani commented 3 weeks ago

Hi @thepowercoders I am unable to reproduce this issue. Could you provide an example of the declaration you used?

prateekramani commented 1 week ago

Hi @thepowercoders

Since we haven't received any updates from you, we will close the issue for now. Please feel free to reopen it anytime if you encounter the problem again.

Thanks