Bug 1326711 - Passthrough route cannot be sync to F5 server
Summary: Passthrough route cannot be sync to F5 server
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 3.2.0
Hardware: All
OS: All
high
medium
Target Milestone: ---
: ---
Assignee: Ram Ranganathan
QA Contact: zhaozhanqi
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-04-13 10:57 UTC by zhaozhanqi
Modified: 2022-08-04 22:20 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-20 23:46:27 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description zhaozhanqi 2016-04-13 10:57:48 UTC 
Description of problem:
Given F5 router is running. Create passthrough route. Check the " Policies : Policy List  ››  openshift_secure_routes", the route did not be synced.

Version-Release number of selected component (if applicable):
# oc version
oc v3.2.0.13
kubernetes v1.2.0-36-g4a3f9c5
registry.qe.openshift.com/openshift3/ose-f5-router                 v3.2.0.13           0259cb3c04de        4 days ago 

How reproducible:
always

Steps to Reproduce:
1. Create F5 router
2. Create passthrough route
   oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/passthough/route_pass.json
3. Check in the F5 side


Actual results:
the route did not be synced to F5 side ( " Policies : Policy List  ››  openshift_secure_routes")

Expected results:
should be synced successfully.

Additional info:
Comment 1 Ram Ranganathan 2016-04-19 18:05:47 UTC 
@zhaozhanqi  do you have an environment where this is can be reproduced? Anything in the router logs? Thx
Comment 4 Ram Ranganathan 2016-04-20 23:46:27 UTC 
So I reset the F5 vserver https-ose-vserver and it looks good now. Since this is a passthrough route, you should not be looking at policies but you should see an entry
in the datagroups ssl_passthrough_{route,servername}_dg in the F5 management console.
Breadcrumb to ui path: 
   Local Traffic  ››  iRules : Data Group List  ››  ssl_passthrough_route_dg


You can try this by recreating the route ala:
$ oc delete -f  https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/passthough/route_pass.json
$ oc create -f https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/routing/passthough/route_pass.json

And observing the changes on the F5 end.

Also note, I turned on more verbose logging on the openshift-f5-router. This was just for me to debug/check the errors. You can reset this back by just re-creating the f5 router.


In case, you don't already know, you can turn on more verbose logging by just editing
the router deployment config and changing the container command line to pass and
extra --loglevel=<level> parameter.

   $ oadm router ...
   $ oc edit dc/router -o json
   $ # and add  "command": [ "/usr/bin/openshift-f5-router", "--loglevel=4" ]
   $ #  at the same level as where the f5 router container image is at. 

Example config output snippet:
               "containers": [
                    {
                        "name": "router",
                        "image": "registry.qe.openshift.com/openshift3/ose-f5-router:v3.2.0.13",
                        "command": [
                            "/usr/bin/openshift-f5-router",
                            "--loglevel=4"
                        ],

Closing this bugz out as not a problem (it was a config/usage issue).
Note You need to log in before you can comment on or make changes to this bug.