Bug 1459388 - F5 ocp router fails when being deployed against v11 BIG-IP
F5 ocp router fails when being deployed against v11 BIG-IP
Status: CLOSED CURRENTRELEASE
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking (Show other bugs)
3.5.0
Unspecified Unspecified
unspecified Severity high
: ---
: ---
Assigned To: Rajat Chopra
Meng Bo
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-06 22:49 EDT by Ryan Howe
Modified: 2017-06-19 10:46 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-06-19 10:45:26 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ryan Howe 2017-06-06 22:49:02 EDT
Description of problem:

We get http 400 errors with v11 when the overlay address is created or being created due to invalid  json pair is \"addressSource\":\"from-user\"."

https://github.com/openshift/origin/blob/release-1.5/pkg/router/f5/f5.go#L532

Version-Release number of selected component (if applicable): OCP 3.5 and BIG-IP 11.6.1


How reproducible:
100%

Steps to Reproduce:
1. Deploy f5 router 

or

2. Test will curl command

# curl -v -u USER:PASSWORD -H "Content-Type:=application/json" -k -X POST  https://10.123.4.5/mgmt/tm/net/self -d '{"Name":"10.1.2.3/14","Partition":"Common","Address":"10.1.2.3/14","AddressSource":"from-user","Floating":"disabled","InheritedTrafficGroup":"false","TrafficGroup":"/Common/traffic-group-local-only","Unit":"0","Vlan":"/Common/vxlan5000","AllowService":"all"}'


Actual results:

W0530 16:37:25.385310       1 f5.go:262] Strict certificate verification is *DISABLED*
error: Encountered an error on POST request to URL https://10.123.4.5/mgmt/tm/net/self: HTTP code: 400; error from F5: Found unexpected json pair at configuration item /net/self/~Common~10.1.2.3~14. The json pair is "addressSource":"from-user".

Expected results:

To skip on 400 error not just 409 error if its already added
or
To configure the overlay address 


Additional info:

AddressSource might be a v12 Big-IP value that is not present in v11


http://clouddocs.f5.com/containers/v1/openshift/kctlr-use-bigip-openshift.html#assign-an-openshift-overlay-address-to-the-big-ip-device
Comment 1 hongli 2017-06-07 01:33:26 EDT
BIG-IP v11.6 is not supporting native VxLAN integration. 
If using OCP3.5 and F5 v12.1.x, the tunnel vxlan5000 and self IP (--external-host-vxlan-gw) will be created when starting F5 router pod.
Comment 2 Ryan Howe 2017-06-07 11:54:17 EDT
If this is the case then this is more of a docs bug where we should explain that F5 Native Integration can only be used with a BIP-IP 12.1.x appliance. 

https://docs.openshift.com/container-platform/3.5/install_config/router/f5_router.html#setting-up-f5-native-integration-with-openshift

For BIG-IP 11.6 a ramp node is needed.
Comment 3 Rajat Chopra 2017-06-14 15:18:46 EDT
Fixed with https://github.com/openshift/openshift-docs/pull/4581
Comment 4 Eric Paris 2017-06-19 10:45:26 EDT
closing as the docs PR has merged.

Note You need to log in before you can comment on or make changes to this bug.