This is part of a basic Collection of Playbooks, specifically for generating and pushing F5 Declaritive Onboarding and F5 AS3 REST API based configurations, using Ansible to generate, and optionally push. There are also some Ansible playbooks to make specific changes as well. To aid in delivery of DO, AS3 declarations, or to prepare enviornments without ansible availble, some Postman API collections are included as well. EXAMPLE hosts file included, as well as EXAMPLE device variables (in CSV format).
To Use this the following are expected:
-
Create 'group_vars' and 'host_vars' accordingly for devices if needed. Can be YAML or INI formatted if desired, no examples given.
-
Update 'hosts.yml' accordingly for devices, this is YAML formmated example, can be swapped with INI formmated if desired. Most playbooks only need hostname to key in on, as IP will be taken from CSV file. There may be a few older playbooks still expecting IP (if hostname does not resolve in DNS). All other vlaues can (and are generally expected) to come from CSV parsing.
-
Update CSV variables file with detailed variables needed. New coulmns (variables) will automatically be detected (except in legacy folder playbooks, only kept for reference to alternative parsing method).
-
Update other various templates to change configuration behavior, mainly updates to DO (do_json_template.j2) and AS3 (as3_json_template.j2) files, or directly to logic in 'REST' imperative playbooks.
-
To perform operations on live network devices, management and run the ansible playbook (or playbooks) you wish with the ansible-playbook command , optionally with specific tags specified to only run part of a given playbook. Playbooks are organized under '/playbooks/<category>/<name_of_playbook>'
-
You may (likely) need to change the python interperter in the ansible.cfg file, you can try change from "interpreter_python = /usr/local/bin/python3" to maybe "interpreter_python = /usr/local/bin/python" or comment out to have system try and find the python installed.
|
Note
|
This can be used to perform live operations on devices, or offline to just create configuration files |
Requirements:
-
Python
-
Ansible
-
Ansible - url (builtin uri)
-
Ansible - Jinja2 (builtin Jinja2)
-
Ansible - f5networks.f5_bigip (only some playbooks , not core DO or AS3)
-
Ansible - f5networks.f5_modules (only some playbooks, not core DO or AS3)
Key operations of the Ansible Playbooks:
-
pb.do.test.yml and pb.as3.test.yml
Prompts for username / password (password is 'protected'/hidden from view) Using a static JSON file, test REST service on live device, Push to devices Files used are ./static_example/do.json and ./static_example/as3.json
-
pb.do.csv_based.yml and pb.as3.csv_based.yml
Prompts for username / password (password is 'protected'/hidden from view) Will generate configuration files, test REST service on live device, Push to devices, cleaning up all temp files once done (all generated files including completed JSON files) Can be used with tags to use offline (without device access)
-
pb.do.getconf.yml
Get Current DO Configuration Generally this should be current device configuration, but if device has not had a DO pushed before it will be empty. This can also be used to obtain ID of DO configuration. Can be safely used multiple times.
-
pb.do.wipeconf.yml (USE WITH CAUTION)
Wipes a DO configuration, does not delete configuration, just DO status, but can have long-term effects on future DO pushes. This effectivly will reset any DO, as if you have never configured device with DO before. This can be helpful to deal with configuration conflicts such as removing a vlan that previously existed (prior to first DO push). This will require entering the Configuration ID (will be prompted) as this is used in the DELETE message of the DO REST API. You can obtain the Configuration ID from the pb.do.getconf.yml
-
pb.do.status.yml
Allows for checking status of DO, specifically last DO push. Very important/useful when doing ASYNC DO pushes, which is the only official/supported way to perform DO pushes. Can be safely used multiple times.
Key Tags
-
tag test_files (available in csv_based playbooks)
Performs process to generate complete JSON files (DO or AS3) and leaves generated (and temp) files. Useful for running without live devices as no REST calls are made (URI module not used)
-
tag test_files_and_cleanup (available in csv_based playbooks)
Performs process to generate complete JSON files (DO or AS3) but then removes all files generated Useful for running without live devices as test, or to cleaup after other testing.
Detailed operations of these Ansible Playbooks:
pb.do.test.yml and pb.as3.test.yml
-
Start by prompting for user/password
-
Tests REST API GET using URL module
-
Pushes config with REST API POST using URL module and static JSON file
pb.do.csv_based.yml and pb.as3.csv_based.yml
-
Start by prompting for user/password
-
Pulls in CSV variables
-
Uses Jinja2 template to parse CSV out to a YAML vars file
-
Takes in YAML vars file
-
Uses Jinja2 template with vars to generate JSON output file
-
Tests REST API GET using URL module
-
Pushes config with REST API POST using URL module and generated JSON file
-
Cleans up by removing any generated files
-
Build out more templates for BIG-IQ
-
consider producing a better example an inventory file
-
expand documentation
-
Test additional playbooks with data taken in from JSON or YAML directly rather than CSV, although CSV form is primary goal of the project at this time
-
Build out modular playbooks and templates (playbooks and templates that build configuraiton based on other playbooks/templates)
The included basic Postman API Collections and Enviornments may help with:
-
Preparing of F5OS platforms using F5OS API
This API is not declarative. Collection of F5OS REST API calls to configure base F5OS system, install and provision tennants Tenants (BIG-IP NEXT or BIG-IP Classic).
-
Preparing of BIG-IP Classic using F5 (Classic) REST API
This API is not declarative. Instaling/Upgrading DO and/or AS3 packages on BIG-IP Classic. Performing any other initial configurations required.
-
Delivering ready to use DO Declarations
-
Delivering ready to use AS3 Declarations