Resolved Datapath v10.1 to v11 upgrade issue
1670491721675
After the upgrade of a particular customer from Datapath v10.1 to Datapath v11 we have uncovered a configuration edge case that caused the updated configuration to be pushed to the existing datapath before deployment of Datapath v11 (or v12) has completed.
This resulted in downtime because Datapath v10.1 is unable to apply a v11 (or v12) configuration.
The immediate resolution was to wait out the time to deploy the new datapath version (this could be up to 45 minutes depending on the region and how busy the resources in that region currently are at the time of the datapath change) or to rollback to Datapath v10.1 in the WAF-as-a-Service Portal (with almost immediate recovery).
To resolve this issue quickly, our Engineering team have added a 45 minute pause to the configuration automation pipeline that will stop any v11 (or v12) configuration changes made to applications in the account being pushed to the datapath until after the deployment of the new version has been completed.
Now we are aware of this configuration edge case, we will also be implementing additional checks in future datapath versions to prevent this issue from arising in future.
[BNWAS-3557]
Did you like this update?
Leave your name and email so that we can reply to you (both fields are optional):
