iApp Config updates not applying
Morning all...
Been a while since I've posted on here... :)
I've got a couple of pairs of 11.6.0 F5 devices, which appear to have developed a rather strange issue with applying iApp template updates.
We've got various in-house iApp templates that we've written and use to deploy our various services. The majority of these services are delivered over HTTPS.
Recently, we've implemented some changes to allow the client-ssl Parent profile to be selected when deploying/updating services. This is in order to disable of SSLv3.
This functionality works fine when creating a new service, and the correct parent profile gets applied.
However when we try and update an existing service with the new template version, it doesn't work as expected. The client-ssl config in the GUI and TMSH correctly shows the new parent client-ssl profile.
However the new client-ssl config isn't applied to the running config, as I can still use SSLv3 against the virtual server.
I've raised this with F5 support, and they initially came up with a work-around of opening the parent client-ssl profile, and clicking the update button without changing anything on screen. This appears to trigger a full config reread and the new client-ssl config gets applied to the virtual server.
Unfortunately, that's about as much use as F5 support have been, as they've now pulled the 'you're using a custom iApp, we don't support those' card, and are unwilling to even exercise the possibility that this is a bug :(
So, has anyone seen this behaviour before? Any ideas on possible fixes, short of telling users to 'update the service, and then click update on the parent client-ssl profile'?
Thanks in advance.
Gavin