-
Notifications
You must be signed in to change notification settings - Fork 194
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tls_irule fails if pool has no active members #3570
Comments
@ryanmilne-digicert , Please share the VS definition for further debugging. |
This is virtual server manifest:
|
After more investigation, I think I can explain more what is going wrong. Since I do not have a defaultPool defined and when the other pool does not have any active members then the iRule execution reaches the instruction to return a 503 status code.
|
Created [CONTCNTR-4951] for internal tracking. |
@ryanmilne-digicert Could you please verify the above issue with this build |
@vidyasagar-m I will test this and report back. |
Setup Details
CIS Version : 2.18.0
Build: f5networks/k8s-bigip-ctlr:2.18.0
BIGIP Version: Big IP 17.1.1
AS3 Version: 3.5
Agent Mode: AS3/CCCL
Orchestration: K8S
Orchestration Version: 1.27.15
Pool Mode: Cluster
Additional Setup details: Rancher RKE2 w/ Canal
Description
I created a virtual server and pool for an application which runs in a remote cluster. The virtual server and pool are created and work correctly unless none of the pods in the pool are active. In this case the connecting client receives a
Connection reset by peer
. Looking at the logs from the BigIP I can see that the IRule associated with the virtual server is failing.It's clear failing when trying to execute
HTTP::respond 503
, but I am unsure why.Steps To Reproduce
Expected Result
I expect to receive a 503 status code when there are no active members of a pool.
Actual Result
Instead the tcp connection is reset and the following is logged by the BigIP.
The text was updated successfully, but these errors were encountered: