You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CIS Version : 2.12.1
BIGIP Version: Big IP 17.1.0.1
AS3 Version: 3.25
Agent Mode: AS3
Orchestration: K8S
Pool Mode: Cluster
Description
hostGroup and VirtualServerName attributes cannot be used at the same time.
Some ideas:
Could we fix this so that the VirtualServerName field is ignored if hostGroup is used, or throw an error if both exist?
or could you add this note to the documentation to say that hostGroup and VirtualServerName should not be used at the same time?
Or log entries in CIS to make it more obvious if this is quiety ignored?
Steps To Reproduce
Create 2x VirtualServers as below. Define BOTH hostGroup and VirtualServerName.
Apply and observe logs on CIS do not give you much info (even with DEBUG level) but /var/log/restnoded/restnoded.log will tell you:
severe: [appsvcs] {"message":"Declaration failed: 01070333:3: Virtual Server /kubernetes/Shared/hello_world_vs2_443 illegally shares destination address, source address, service port, ip-protocol, and vlan with Virtual Server /kubernetes/Shared/hello_world_vs_443.","level":"error"}
apiVersion: "cis.f5.com/v1"kind: VirtualServermetadata:
name: hello-world-virtual-servernamespace: nginx-ingresslabels:
f5cr: "true"spec:
host: demo.my-f5.comhostGroup: miketlsProfileName: hello-world-tlsvirtualServerAddress: "20.96.103.238"virtualServerName: demo ### <--- this line should not be used if hostGroup is being used for multiple VS resources.httpTraffic: allowpools:
- path: /service: nginx-ingressservicePort: 80monitor:
type: httpinterval: 10timeout: 31send: "/"recv: ""apiVersion: "cis.f5.com/v1"kind: VirtualServermetadata:
name: hello-world-virtual-server2namespace: nginx-ingresslabels:
f5cr: "true"spec:
host: demo2.my-f5.comhostGroup: miketlsProfileName: hello-world-tls2virtualServerAddress: "20.96.103.238"virtualServerName: demo2 ### <--- this line should not be used if hostGroup is being used for multiple VS resources.httpTraffic: allowpools:
- path: /service: nginx-ingress2servicePort: 80monitor:
type: httpinterval: 10timeout: 31send: "/"recv: ""
Expected Result
I expected I could use the above VS definitions to create 2x VS that share the same IP address, even if I left the VirtualServerName attribute in them.
Actual Result
I need to remove the VirtualServerName attribute from both before this will work.
Diagnostic Information
<Configuration files, error messages, logs>
Note: Sanitize the data. For example, be mindful of IPs, ports, application names and URLs
Note: The following F5 article outlines the information required when opening an issue.
https://support.f5.com/csp/article/K60974137
Observations (if any)
The text was updated successfully, but these errors were encountered:
Also experiencing this, can anything be included to edit the description of sorts? Easiest way for me to understand what the virtual server is processing is the policy it creates.
Setup Details
CIS Version : 2.12.1
BIGIP Version: Big IP 17.1.0.1
AS3 Version: 3.25
Agent Mode: AS3
Orchestration: K8S
Pool Mode: Cluster
Description
hostGroup and VirtualServerName attributes cannot be used at the same time.
Some ideas:
Steps To Reproduce
Expected Result
I expected I could use the above VS definitions to create 2x VS that share the same IP address, even if I left the VirtualServerName attribute in them.
Actual Result
I need to remove the VirtualServerName attribute from both before this will work.
Diagnostic Information
Observations (if any)
The text was updated successfully, but these errors were encountered: