In case you are using remote auth, you can retrieve an auth token to perform REST API requests.
This will save a lot of latency and CPU load versus running single tmsh commands.
To check the CPU and latency impact when using the iControl REST API you can modify the following python script (username, passphrase, device, cycles, latency [see Bug ID 1108181]:
# python script: pyapitest.10.py
# version: 0.10 (2022-06-29)
# author: Stephan Manthey
# purpose:
# retrieve auth token
# list example pool configruation with token based auth via inband management IP (self IP)
# use configurable delay between token generation and token usage
# module requests required (installed via Python PIP):
# su -c 'yum install python-pip'
# su -c 'sudo pip2 install requests'
# su -c 'sudo pip3 install requests'
# or:
# su -c 'yum install python-requests'
# su -c 'yum install python3-requests'
# usage:
# python pyapitest.10.py
# notes:
# tested with python 2.7 and python 3.6
import sys
import time
import json
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
# specify username
username = '<your username here>'
# specify passphrase
password = '<your passphrase here>'
# specify BIG-IP self IP address (inband management IP) or
# specify BIG-IP mgmt IP address (out of band management IP)
bigipdev = '10.131.131.162'
# using a sample pool provided automatically by the API
# (do not change or insert an existing pool)
# poolname = '~Common~pool_apitest'
poolname = 'example'
# specify latency in milliseconds
# (delay between auth token generation and delay for retry)
sleep_ms = 0
# specify number of loops
loop_count = 100
authpath = 'https://{}/mgmt/shared/authn/login'.format(bigipdev)
conthead = {'Content-Type': 'application/json'}
authdata = {'username': username, 'password': password}
exectime = 0
errorcnt = 0
session = requests.Session()
for loop in range(1,loop_count + 1):
authtime = time.time()
tokenrequest = session.post(url=authpath,data=json.dumps(authdata),headers=conthead,verify=False)
# print('getting auth token: {:f}'.format(time.time() - authtime))
if tokenrequest.status_code == 200:
tokendata = tokenrequest.json()
xauthhead = {'X-F5-Auth-Token': tokendata['token']['token'], 'Content-Type': 'application/json'}
querypath = 'https://{}/mgmt/tm/ltm/pool/{}'.format(bigipdev,poolname)
# print('sleeping: {} millisecond(s)'.format(sleep_ms))
time.sleep(sleep_ms / 1000.0)
poolcheck = session.get(url=querypath,headers=xauthhead,verify=False)
if poolcheck.status_code == 200:
pooldata = poolcheck.json()
elif poolcheck.status_code == 401:
errorcnt += 1
print('pool list 1st auth error ({}), counting error in loop {}:'.format(poolcheck.status_code,loop))
else:
print('pool list error ({}), stopping in loop {}'.format(poolcheck.status_code,loop))
break
tokendelpath = 'https://{}/mgmt/shared/authz/tokens/{}'.format(bigipdev,tokendata['token']['token'])
tokendelete = session.delete(url=tokendelpath,headers=xauthhead,verify=False)
print('deleting auth token: {:f}'.format(time.time() - authtime))
if tokendelete.status_code != 200:
print('token delete error ({}); continuing in loop {}'.format(tokendelete.status_code,loop))
else:
print('getting token auth error ({}), stopping in loop {}'.format(tokenrequest.status_code,loop))
break
exectime = exectime + time.time() - authtime
if errorcnt > 0:
print('auth error count: {}'.format(errorcnt))
print('loop count: {} (average: {:.2f} milliseconds)'.format(loop,exectime / loop * 1000))