Using VPC Endpoints with Cloud Failover Extension
Introduction
Have you heard of the new F5 Cloud Failover Extension? Well if you haven’t, I encourage you to go out and read about this new feature. CFE is an iControl LX extension that provides L3...
Published Apr 27, 2020
Version 1.0
Noof
Employee
EmployeeNoofEmployee
Employee
TJ_Vreugdenhil
Cirrus
CirrusHi Noof - I followed the whole procedure, but I am getting a "Recovery operations are empty" error. Any recommendations?
[root@ip-10-10-8-28:Standby:In Sync] config # tail -f /var/log/restnoded/restnoded.log
Mon, 04 May 2020 21:04:17 GMT - info: [f5-cloud-failover] Performing failover - execute
Mon, 04 May 2020 21:04:17 GMT - warning: [f5-cloud-failover] Performing Failover - recovery
Mon, 04 May 2020 21:04:17 GMT - severe: [f5-cloud-failover] Recovery operations are empty, advise reset via the API Error: Recovery operations are empty, advise reset via the API
at FailoverClient._getRecoveryOperations (/var/config/rest/iapps/f5-cloud-failover/nodejs/failover.js:373:19)
at _getDeviceObjects.then.then.then (/var/config/rest/iapps/f5-cloud-failover/nodejs/failover.js:124:33)
at tryCatcher (/usr/share/rest/node/node_modules/bluebird/js/release/util.js:16:23)
at Promise._settlePromiseFromHandler (/usr/share/rest/node/node_modules/bluebird/js/release/promise.js:512:31)
at Promise._settlePromise (/usr/share/rest/node/node_modules/bluebird/js/release/promise.js:569:18)
at Promise._settlePromise0 (/usr/share/rest/node/node_modules/bluebird/js/release/promise.js:614:10)
at Promise._settlePromises (/usr/share/rest/node/node_modules/bluebird/js/release/promise.js:693:18)
at Async._drainQueue (/usr/share/rest/node/node_modules/bluebird/js/release/async.js:133:16)
at Async._drainQueues (/usr/share/rest/node/node_modules/bluebird/js/release/async.js:143:10)
at Immediate.Async.drainQueues (/usr/share/rest/node/node_modules/bluebird/js/release/async.js:17:14)
at runCallback (timers.js:794:20)
at tryOnImmediate (timers.js:752:5)
at processImmediate [as _immediateCallback] (timers.js:729:5)
The Following JSON declartion is successful from both F51 and F52.
{
"class": "Cloud_Failover",
"environment": "aws",
"externalStorage": {
"scopingTags": {
"f5_cloud_failover_label": "bigip-nonprod"
}
},
"failoverAddresses": {
"enabled": true,
"scopingTags": {
"f5_cloud_failover_nic_map_eth1": "NonProd-eth1-external",
"f5_cloud_failover_nic_map_eth2": "NonProd-eth2-internal",
"f5_cloud_failover_nic_map_eth3": "NonProd-eth3-internal2"
},
"failoverRoutes": {
"enabled": true,
"scopingTags": {
"f5_cloud_failover_label": "bigip-nonprod-prod"
},
"scopingAddressRanges": [
{
"range": "10.10.116.0/24, 10.10.117.0/24, 10.200.116.0/24, "
}
],
"defaultNextHopAddresses": {
"discoveryType": "static",
"items": [
"10.200.116.105",
"10.200.116.116",
"10.10.116.88",
"10.10.116.56",
"10.10.117.94",
"10.10.117.232"
]
}
},
"controls": {
"class": "Controls",
"logLevel": "silly"
}
}
}And the dig does return a valid internal IP of the S3 Endpoint:
[root@ip-10-10-8-10:Standby:In Sync] config # dig ec2.us-east-2.amazonaws.com
hmac_link.c:350: FIPS mode is 1: MD5 is only supported if the value is 0.
Please disable either FIPS mode or MD5.
; <<>> DiG 9.11.8 <<>> ec2.us-east-2.amazonaws.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63858
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ec2.us-east-2.amazonaws.com. IN A
;; ANSWER SECTION:
ec2.us-east-2.amazonaws.com. 60 IN A 10.200.116.158
;; Query time: 3 msec
;; SERVER: 10.10.112.2#53(10.10.112.2)
;; WHEN: Mon May 04 16:05:47 CDT 2020
;; MSG SIZE rcvd: 61