Symptoms

When a Cloud Auto Scaling deployment is set up using F5's Auto Scale Template, and ASM Live Update is configured with Automatic Download enabled, Live Update configuration may be overwritten during a scale out event when a new host joins the sync cluster. This is caused by a config sync from the new device to the master device, before the master has a chance to sync the configuration to the new device, causing the configuration in the master device to be overwritten.

Impact

Live Update configuration of all devices in the Auto Scale group is overwritten.

Conditions

-- Using F5's Auto Scaling template. -- Auto Scale script is configured with --block-sync (which is the default). -- ASM Live Update is configured with Automatic Download enabled. -- A scale out event occurs. -- New ASU is automatically downloaded by Live Update at the new host.

Workaround

Disable ASM Live Update Automatic Download. This can be done by disabling the liveupdate.autodownload DB variable using the onboard.js script, and adding '-d liveupdate.autodownload:disable'. For example: /usr/bin/f5-rest-node /config/cloud/aws/node_modules/@f5devcentral/f5-cloud-libs/scripts/onboard.js --log-level silly --signal ONBOARD_DONE -o /var/log/cloud/aws/onboard.log --host localhost --port 8443 -d tm.tcpudptxchecksum:software-only -d liveupdate.autodownload:disable --ping -d tm.tcpudptxchecksum:software-only -d liveupdate.autodownload:disable In order to still have automatic updates for the group, the db variable can be enabled for the master device. Then this setting will be applied on every new host after joining the group and receiving the initial sync from the master.

Fix Information

Automatic downloads are quietly synced and do not have an impact on the device group sync status.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips