Bug 1287062

Summary: F5 router failed to delete pool during removing Pod because it is in use by a policy action
Product: OpenShift Container Platform Reporter: Kenjiro Nakayama <knakayam>
Component: NetworkingAssignee: Ram Ranganathan <ramr>
Networking sub component: router QA Contact: zhaozhanqi <zzhao>
Status: CLOSED INSUFFICIENT_DATA Docs Contact:
Severity: low    
Priority: low CC: aos-bugs, bbennett, clasohm, eparis
Version: 3.1.0   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-12 19:14:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Kenjiro Nakayama 2015-12-01 12:19:50 UTC 
When we try to delete Pod, F5 router failed to delete BIGIP's pool with error messages below

~~~
[root.com ~]# oc logs router-1-yilp0
E1130 01:34:19.783032       1 controller.go:99] Encountered an error on DELETE request to URL https://172.30.62.90/mgmt/tm/ltm/pool/openshift_aaaaa-xxx1_yyy: HTTP code: 400; error from F5: 01070265:3: The Pool (/Common/openshift_xxxxxx-yyyyy_zzzz) cannot be deleted because it is in use by a policy action (/Common/openshift_insecure_routes openshift_route_xxxxxx-yyyyy_zzzz 0).
E1130 01:35:49.499131       1 controller.go:83] Encountered an error on POST request to URL https://172.30.62.90/mgmt/tm/ltm/virtual/XXXXXX-443/profiles: HTTP code: 400; error from F5: 0107149c:3: Virtual server /Common/XXXXXX-443 has more than one clientssl/serverssl profile but none of them is default for SNI.
~~~
Comment 1 Ram Ranganathan 2015-12-02 20:34:09 UTC 
@knakayam did the route have just a single pod / endpoint? For a single pod case, the error is benign in that we try to delete the pool if the number of endpoints is 0 (when a route which has a single pod and the pod is deleted). The same action is also done when a route is deleted, so the pool will be cleaned up when the route gets deleted (if it does).

The reason we do the delete on the last endpoint is because a pool may not be associated with a route (only a service exists) and we don't want the pool hanging around as will never get deleted if there is no route. 
Ref: https://github.com/openshift/origin/blob/master/plugins/router/f5/plugin.go#L245