Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DO does not configure mirror-ip and mirror-secondary-ip, because it does not remove slash and netmask suffix from IP-address. #360

Open
joebride opened this issue Aug 1, 2023 · 3 comments
Open

DO does not configure mirror-ip and mirror-secondary-ip, because it does not remove slash and netmask suffix from IP-address. #360

joebride opened this issue Aug 1, 2023 · 3 comments
Labels
bug Something isn't working

Comments

@joebride
Copy link

joebride commented Aug 1, 2023

Environment

  • Declarative Onboarding Version: 1.39.0
  • BIG-IP Version: 17.1.0.1

Summary

We are trying to onboard a device that should be added to a DSC-cluster.
But DO does not configure mirror-ip correctly.
DO does not ignore the netmask after the slash as it did it for configsync-ip and FailoverUnicast!

The impact is that we cannot prepare device-parameter correctly to add it to DSC-cluster.

Steps To Reproduce

Steps to reproduce the behavior:

  1. Submit the following declaration:
{
    "schemaVersion": "1.38.0",
    "class": "Device",
    "async": true,
    "label": "Onboard BIG-IP into an DSC cluster",
    "controls": {
        "class": "Controls",
        "dryRun": false,
        "trace": false,
        "traceResponse": false
    },
    "Common": {
        "class": "Tenant",
        "myDbVariables": {
            "class": "DbVariables",
            "provision.extramb": 500
        },
       "HA-01": {
            "class": "SelfIp",
            "address": "1.1.1.1/24",
            "vlan": "RD_000_VLAN_SYN_4090",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "HA-02": {
            "class": "SelfIp",
            "address": "2.2.2.1/24",
            "vlan": "RD_000_VLAN_SYN_4091",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "RouteDomain-10": {
            "class": "RouteDomain",
            "id": 10,
            "vlans": [
                "VLAN504"
            ]
        },
        "failoverUnicastMgmt": {
            "class": "FailoverUnicast",
            "addressPorts": [
                {
                    "address": "/Common/HA-01/address"
                },
                {
                    "address": "/Common/HA-02/address"
                }
            ]
        },
        "ConfigSync": {
            "class": "ConfigSync",
            "configsyncIp": "/Common/HA-01/address"
        },
        "myMirror": {
            "class": "MirrorIp",
            "primaryIp": "/Common/HA-01/address",
            "secondaryIp": "/Common/HA-02/address"
        }
    }
}
  1. Observe the following error response:
{
    "id": "1ce9a0b8-24a4-4991-86af-7f0a5da8aad9",
    "selfLink": "https://localhost/mgmt/shared/declarative-onboarding/task/1ce9a0b8-24a4-4991-86af-7f0a5da8aad9",
    "code": 422,
    "status": "ERROR",
    "message": "invalid config - rolled back",
    "errors": [
        "Invalid IP address: \"1.1.1.1/24\"",
        "Invalid IP address: \"1.1.1.1/24\""
    ],
    "result": {
        "class": "Result",
        "code": 422,
        "status": "ERROR",
        "dryRun": false,
        "message": "invalid config - rolled back",
        "errors": [
            "Invalid IP address: \"1.1.1.1/24\"",
            "Invalid IP address: \"1.1.1.1/24\""
        ]
    },
    "declaration": {
        "schemaVersion": "1.38.0",
        "class": "Device",
        "async": true,
        "label": "Onboard BIG-IP into an DSC cluster",
        "controls": {
            "class": "Controls",
            "dryRun": false,
            "trace": false,
            "traceResponse": false
        },
        "Common": {
            "class": "Tenant",
            "myDbVariables": {
                "class": "DbVariables",
                "provision.extramb": 500
            },
            "HA-01": {
                "class": "SelfIp",
                "address": "1.1.1.1/24",
                "vlan": "RD_000_VLAN_SYN_4090",
                "allowService": "default",
                "trafficGroup": "traffic-group-local-only"
            },
            "HA-02": {
                "class": "SelfIp",
                "address": "2.2.2.1/24",
                "vlan": "RD_000_VLAN_SYN_4091",
                "allowService": "default",
                "trafficGroup": "traffic-group-local-only"
            },
            "RouteDomain-10": {
                "class": "RouteDomain",
                "id": 10,
                "vlans": [
                    "VLAN504"
                ],
                "connectionLimit": 0,
                "strict": true
            },
            "failoverUnicastMgmt": {
                "class": "FailoverUnicast",
                "addressPorts": [
                    {
                        "address": "/Common/HA-01/address",
                        "port": 1026
                    },
                    {
                        "address": "/Common/HA-02/address",
                        "port": 1026
                    }
                ]
            },
            "ConfigSync": {
                "class": "ConfigSync",
                "configsyncIp": "/Common/HA-01/address"
            },
            "myMirror": {
                "class": "MirrorIp",
                "primaryIp": "/Common/HA-01/address",
                "secondaryIp": "/Common/HA-02/address"
            }
        }
    }
}

Expected Behavior

The mirror-ip + mirror-secondary-ip should be configured correctly.

cm device lb01.test {
    active-modules { "xxx|Best Bundle, r2800" }
    base-mac 14:a9:d0:30:b8:8c
    build 0.0.4
    cert dtdi.crt
    chassis-id xxx
    configsync-ip 1.1.1.1
    edition "Point Release 1"
    failover-state active
    hostname lb01.test
    key dtdi.key
    management-ip 25.96.225.173
    marketing-name "BIG-IP Tenant"
    mirror-ip 1.1.1.1
    mirror-secondary-ip 2.2.2.1
    optional-modules { "xxx "VPN Users" }
    platform-id Z101
    product BIG-IP
    self-device true
    time-limited-modules { "IP Intelligence, 1xxx|SUBSCRIPTION" }
    time-zone Europe/Berlin
    unicast-address {
        {
            effective-ip 1.1.1.1
            effective-port 1026
            ip 1.1.1.1
        }
        {
            effective-ip 2.2.2.1
            effective-port 1026
            ip 2.2.2.1
        }
    }
    version 17.1.0.1
}

Actual Behavior

The mirror-ip + mirror-secondary-ip are not configured.

cm device lb01.test {
    active-modules { "xxx|Best Bundle, r2800" }
    base-mac 14:a9:d0:30:b8:8c
    build 0.0.4
    cert dtdi.crt
    chassis-id xxx
    configsync-ip 1.1.1.1
    edition "Point Release 1"
    failover-state active
    hostname lb01.test
    key dtdi.key
    management-ip 25.96.225.173
    marketing-name "BIG-IP Tenant"
    mirror-ip none
    mirror-secondary-ip none
    optional-modules { "xxx "VPN Users" }
    platform-id Z101
    product BIG-IP
    self-device true
    time-limited-modules { "IP Intelligence, 1xxx|SUBSCRIPTION" }
    time-zone Europe/Berlin
    unicast-address {
        {
            effective-ip 1.1.1.1
            effective-port 1026
            ip 1.1.1.1
        }
        {
            effective-ip 2.2.2.1
            effective-port 1026
            ip 2.2.2.1
        }
    }
    version 17.1.0.1
}
@joebride joebride added bug Something isn't working untriaged Issue needs to be reviewed for validity labels Aug 1, 2023
@joebride joebride changed the title DO does not configure mirror-ip correctly. VLAN-assignment is missing! DO does not configure mirror-ip and mirror-secondary-ip, because it does not remove slash and netmask suffix from IP-address. Aug 1, 2023
@joebride
Copy link
Author

joebride commented Aug 8, 2023

DO was performed on TenantOS v17.1.0.1 running on LTMr2000-series (F5OS-A v1.5.0).

@vsnine
Copy link

vsnine commented Aug 9, 2023

I worked around this when using a Jinja2 template as follows:

    "myMirror": {
        "class": "MirrorIp",
        "primaryIp": "{{ int_self_ip.split('/')[0] }}",
        "secondaryIp": "any6"
    },

@dstokesf5
Copy link
Contributor

Thank you for your feedback. I have added this to the internal product backlog as AUTOTOOL-3954.

@dstokesf5 dstokesf5 removed the untriaged Issue needs to be reviewed for validity label Jan 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vsnine @dstokesf5 @joebride