For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

pirusti's avatar
pirusti
Icon for Nimbostratus rankNimbostratus
Jul 27, 2018

Bigiq 6.0 or ansible

We've decided to do orchestration&automation of deployment of creation/modify/delete of virtual services, and we were using iWorkflow. Since F5 does not support anymore iworkflow we are about going ...
BIG-IQ
devops
iWorkflow
Andy_McGrath's avatar
Andy_McGrath
Icon for Cumulonimbus rankCumulonimbus
Jul 27, 2018

Last time I used BIG-IQ was 5.0 or 5.1 so cannot base my opinion on BIG-IQ 6.0 but I have been looking into DevOps/NetOps with Ansible.

 

Here is my opinion based on my experience for far.

 

BIG-IQ is a centralised management platform which provides centralised analytics, logs and auditing as well as configuration and application templates.

 

Ansible is a Configuration Management system that allows for configuration to be simplified and shared to create configuration templates as well as the ability to treat this configuration like code, with version control etc. F5 also has very good support for Ansible and a strong development community.

 

So Ansible by its self is good for automating configuration tasks and ensuring configuration between similar environments but it really comes into it own when used with centralised version control (GitHub/GitLab/Gerrit etc.) and with Continuous Integration/Continuous Delivery (CI/CD) (Jenkins/goCD/GitLab etc.)

 

Back to BIG-IQ I found the management of F5 devices mostly straight forward as web based and it was very quick to get up and running. I liked the application templates where you could create iApp style services and almost remove the Application configuration from the Device configuration/management however back in 5.0/5.1 had issues keeping it working correctly (hopefully working better these days) and took some time to map them all out. Like Ansible can be used to keep configuration the same between environments. However, configuration is limited to F5 only (as far as I know).

 

If you already are using iWorkflow I would say you could move over to BIG-IQ without to much difficulty and find the interface you and your team are working with very similar (assuming you're using the web gui) and you get the benefits of central management.

 

If you are managing your configuration with version control and have CI/CD within your organisation then I would take a look at Ansible as an addition to BIG-IQ or if looking to save license cost instead of BIG-IQ (if configuration management is your sole concern)

 

In the end I think it comes down to personal preference, why not trial both options, get a trial F5 BIG-IQ license and setup a small Ansible system (a small Linux VM is all you need).