Setting VLAN on a virtual server

I don't see anything that stands out actually, aside from that you've left off the kwargs - I put this in and it works (pretty much a copy/paste of your code above):

 

Showing code in the main post from now on - the new format is too hard to read IMO

 

In [51]: v.get_vlan(['irules-nextgen-demo'])

 

Out[51]:

 

[(Common.VLANFilterList){

 

state = "STATE_ENABLED"

 

vlans[] =

 

"vlan_21",

 

}]

 

 

In [54]: vlan_filter_list = v.typefactory.create('Common.VLANFilterList')

 

In [55]: enabled_state = v.typefactory.create('Common.EnabledState')

 

In [56]: vlan_filter_list.vlans = ['vlan_20']

 

In [57]: vlan_filter_list.state = enabled_state.STATE_ENABLED

 

In [59]: v.set_vlan(virtual_servers = ['irules-nextgen-demo'],vlans=[vlan_filter_list])

 

 

Check to see if it worked.

 

In [60]: v.get_vlan(['irules-nextgen-demo'])

 

Out[60]:

 

[(Common.VLANFilterList){

 

state = "STATE_ENABLED"

 

vlans[] =

 

"vlan_20",

 

}]

 

End code

 

 

Give that a try and post back. Also, you can set debug=True when you setup the object so it'll dump the request/response traffic. That often helps track stuff like this down.

 

HTH,

 

-Matt Cauthorn

Hi Matt,

Here is the output:

cowboy:vip_provision mhite$ python
Python 2.6.1 (r261:67515, Feb 11 2010, 00:51:29) 
[GCC 4.2.1 (Apple Inc. build 5646)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import vip_provision
>>> import pycontrol.pycontrol as pc
>>> b = pc.BIGIP(hostname="s0-bigip-lb2", username="tuna", password="slurpee", wsdls=['LocalLB.VirtualServer'], fromurl=True, debug=True)
>>> v = b.LocalLB.VirtualServer
>>> vip_provision.set_active_partition("s0-bigip-lb2", "tuna", "slurpee", "tuna")
DEBUG:suds.client:sending to (https://s0-bigip-lb2/iControl/iControlPortal.cgi)
message:

   
   
      
         tuna
      
   

DEBUG:suds.client:headers = {'SOAPAction': u'"urn:iControl:Management/Partition"', 'Content-Type': 'text/xml'}
DEBUG:suds.client:http succeeded:






>>> v.get_vlan(["tuna-devasdfsao2o-tcp-80-s0-bigip-lb2-vs"])
DEBUG:suds.client:sending to (https://s0-bigip-lb2/iControl/iControlPortal.cgi)
message:

   
   
      
         
            tuna-devasdfsao2o-tcp-80-s0-bigip-lb2-vs
         
      
   

DEBUG:suds.client:headers = {'SOAPAction': u'"urn:iControl:LocalLB/VirtualServer"', 'Content-Type': 'text/xml'}
DEBUG:suds.client:http succeeded:





STATE_DISABLED







[(Common.VLANFilterList){
   state = "STATE_DISABLED"
   vlans[] = 
 }]
>>> vlan_filter_list = v.typefactory.create('Common.VLANFilterList')
>>> enabled_state = v.typefactory.create('Common.EnabledState')
>>> vlan_filter_list.vlans = ["external"]
>>> vlan_filter_list.state = enabled_state.STATE_ENABLED
>>> v.set_vlan(virtual_servers = ["tuna-devasdfsao2o-tcp-80-s0-bigip-lb2-vs"], vlans = [vlan_filter_list])
DEBUG:suds.client:sending to (https://s0-bigip-lb2/iControl/iControlPortal.cgi)
message:

   
   
      
         
            tuna-devasdfsao2o-tcp-80-s0-bigip-lb2-vs
         
         
            
               STATE_ENABLED
               
                  external
               
            
         
      
   

DEBUG:suds.client:headers = {'SOAPAction': u'"urn:iControl:LocalLB/VirtualServer"', 'Content-Type': 'text/xml'}
ERROR:suds.client:

   
   
      
         
            tuna-devasdfsao2o-tcp-80-s0-bigip-lb2-vs
         
         
            
               STATE_ENABLED
               
                  external
               
            
         
      
   

DEBUG:suds.client:http failed:


500 Internal Server Error

Internal Server Error
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator,
 support@f5.com and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.
More information about this error may be available
in the server error log.

Apache Server at s0-bigip-lb2 Port 443


Traceback (most recent call last):
  File "", line 1, in 
  File "/Library/Python/2.6/site-packages/suds/client.py", line 539, in __call__
    return client.invoke(args, kwargs)
  File "/Library/Python/2.6/site-packages/suds/client.py", line 598, in invoke
    result = self.send(msg)
  File "/Library/Python/2.6/site-packages/suds/client.py", line 633, in send
    result = self.failed(binding, e)
  File "/Library/Python/2.6/site-packages/suds/client.py", line 684, in failed
    r, p = binding.get_fault(reply)
  File "/Library/Python/2.6/site-packages/suds/bindings/binding.py", line 231, in get_fault
    faultroot = sax.parse(string=reply)
  File "/Library/Python/2.6/site-packages/suds/sax/parser.py", line 136, in parse
    sax.parse(source)
  File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/xml/sax/expatreader.py", line 107, in parse
    xmlreader.IncrementalParser.parse(self, source)
  File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/xml/sax/xmlreader.py", line 123, in parse
    self.feed(buffer)
  File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/xml/sax/expatreader.py", line 211, in feed
    self._err_handler.fatalError(exc)
  File "/System/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/xml/sax/handler.py", line 38, in fatalError
    raise exception
xml.sax._exceptions.SAXParseException: :1:49: syntax error
>>> 
 

And just for clarification, here is the set_active_partition function I am calling from vip_provision.py:

 
def set_active_partition(ltm, user, pw, partition):
    """Switch a user's management context to a specific partition.
    
    Uses the F5 API to switch a user's management context to a specific
    partition.
    
    Args:
        ltm: IP address or hostname or BIG-IP; for example, 10.10.10.5.
        user: Username used to authenticate to the BIG-IP device.
        pw: Password credentials used to authenticate to the BIG-IP device.
        partition: Management context for user's subsequent API calls.
        
    Returns:
        n/a
        
    Raises:
        n/a
    """
    p = pc.BIGIP(hostname=ltm, username=user, password=pw, 
                 wsdls=['Management.Partition'], fromurl=True)
    p.Management.Partition.set_active_partition(partition)

So I guess the F5 is falling over?

I don't see evidence of a failover here; you'd have to confirm that on the system. So here's an almost literal copy paste, minus your provision stuff (don't have time to test that at the moment):

 

 

In [30]: v = b.LocalLB.VirtualServer

 

In [31]: v.get_list()

 

Out[31]: [test-vs-deleteme, irules-nextgen-demo]

 

 

In [32]: v.get_vlan(['test-vs-deleteme'])

 

Out[32]:

 

[(Common.VLANFilterList){

 

state = "STATE_DISABLED"

 

vlans[] =

 

}]

 

 

 

In [35]: vlan_filter_list = v.typefactory.create('Common.VLANFilterList')

 

In [36]: enabled_state = v.typefactory.create('Common.EnabledState')

 

In [37]: vlan_filter_list.vlans = ["external"]

 

In [38]: vlan_filter_list.vlans = ["vlan_21"]

 

 

In [39]: v.set_vlan(virtual_servers =['test-vs-deleteme'],vlans =[vlan_filter_list])

 

 

In [40]: v.get_vlan(['test-vs-deleteme'])

 

Out[40]:

 

[(Common.VLANFilterList){

 

state = "STATE_DISABLED"

 

vlans[] =

 

"vlan_21",

 

}]

 

 

...which leads me to believe that something's wacky with the state of your system. I'd restart apache at the very least, and maybe the whole thing. Obviously, tread lightly in prod :)

 

 

-Matt

Sorry, I meant "falling over," ie. crashing, vs. "failing over."

We basically see a bunch of SOAP Portal restarts. Seems to be crashing it.

 
 [root@s0-bigip-lb2:Active] log  zgrep -B1 SOAP ltm.1.gz  
 Mar 31 22:26:20 local/s0-bigip-lb2 debug iControlPortal.cgi[17614]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 22:26:20 local/s0-bigip-lb2 debug iControlPortal.cgi[10274]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 22:28:25 local/s0-bigip-lb2 debug iControlPortal.cgi[10274]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 22:28:25 local/s0-bigip-lb2 debug iControlPortal.cgi[10277]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 22:34:18 local/s0-bigip-lb2 debug iControlPortal.cgi[10277]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 22:34:18 local/s0-bigip-lb2 debug iControlPortal.cgi[10305]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 22:35:19 local/s0-bigip-lb2 debug iControlPortal.cgi[10305]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 22:35:19 local/s0-bigip-lb2 debug iControlPortal.cgi[10306]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 22:40:03 local/s0-bigip-lb2 debug iControlPortal.cgi[10306]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 22:40:03 local/s0-bigip-lb2 debug iControlPortal.cgi[10313]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 22:57:41 local/s0-bigip-lb2 debug iControlPortal.cgi[10313]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 22:57:41 local/s0-bigip-lb2 debug iControlPortal.cgi[10330]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 23:11:01 local/s0-bigip-lb2 debug iControlPortal.cgi[10330]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 23:11:01 local/s0-bigip-lb2 debug iControlPortal.cgi[10425]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 23:20:08 local/s0-bigip-lb2 debug iControlPortal.cgi[10425]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 23:20:08 local/s0-bigip-lb2 debug iControlPortal.cgi[10436]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 23:27:01 local/s0-bigip-lb2 debug iControlPortal.cgi[10436]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 23:27:01 local/s0-bigip-lb2 debug iControlPortal.cgi[10445]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 23:27:05 local/s0-bigip-lb2 debug iControlPortal.cgi[10445]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 23:37:01 local/s0-bigip-lb2 debug iControlPortal.cgi[10477]: icontrol_portal:iControl SOAP Portal starting ... 
 -- 
 Mar 31 23:45:13 local/s0-bigip-lb2 debug iControlPortal.cgi[10477]: LocalLB:VirtualServer::set_vlan ( ) called by user "fish" 
 Mar 31 23:45:13 local/s0-bigip-lb2 debug iControlPortal.cgi[10486]: icontrol_portal:iControl SOAP Portal starting ... 
  
  
 Tried restarting Apache. Also tried it on another load balancer. No luck. üòû 
  
 What version of the BIG-IP o/s are you using in your tests? What model LB?

We also see this in the logs:

 

 

Apr 1 19:51:36 local/s0-bigip-lb1 err httpd[6558]: [error] [client 10.7.241.216] FastCGI: incomplete headers (0 bytes) received from server "/usr/local/www/iControl/iControlPortal.cgi"

 

Apr 1 19:51:36 local/s0-bigip-lb1 warning fcgi-[6509]: [warn] FastCGI: server "/usr/local/www/iControl/iControlPortal.cgi" (pid 6513) terminated due to uncaught signal '11' (Segmentation fault)

 

Apr 1 19:51:36 local/s0-bigip-lb1 warning fcgi-[6509]: [warn] FastCGI: server "/usr/local/www/iControl/iControlPortal.cgi" restarted (pid 6771)

Question: do you see this on *all* of the systems you're running against? That would be a useful bit of data. Either way I'd open a case on this - a segfault isn't normal behavior at all with the iControl portal app. One thing you may do to help with the case is to enable debugging on the BigIP, which will hopefully help shed light on what is going on. But open a case either way. I'm testing on a 3900 with 10.2.1 by the way.

 

 

Here's how to set debug on the LTM - this will put information into /var/log/ltm on your iControl calls (also restart apache after this):

 

bigpipe db iControl.LogLevel debug

 

 

*Note: disable this after you're done by setting it back to "none"

 

 

Also, you'll definitely want to have a look at the apache error logs. Have a look in /var/log/httpd/httpd_errors.

 

 

-Matt

Hi L4L7 Matt,

 

 

Thanks for all your help. We can definitely see fast_cgi/icontrol crashing. Unfortunately F5 refuses to accept support tickets for iControl. They told me to go post in devcentral.

That's very odd, as I've seen several tickets related to iControl come in over the years. I would re-open this, and cite fast_cgi crashes (as opposed to iControl calls) as the reason for the ticket. Open it via web support and send the case number over to this thread if you don't mind.

 

 

One last question: do you see this same behavior on both systems in the pair? What version is this? I'll do some digging internally as well.

 

 

Thanks!

 

 

-Matt

If it's a potential bug in iControl, then F5 Support should open a case and try to diagnose the issue. If you have a case number to reference I can try to explain this to the support engineer.

 

 

Aaron