Forum Discussion
seamlessfirework
Cirrus
CirrusCreating device trust / trust-domain through iControl REST Call(s)
Hey there Currently I try to implement basic configuration through iControl REST calls. A personal deadend is building a device trust. The API tells me how to do that: https://clouddocs.f5.com/api/...
Hi,
I don't use Postman (I use cURL instead).
You just need to send a REST API call to BIG-IP 1 to add the peer unit (BIGIP-2) to the existing root trust domain:
curl -sk -u <ADMIN USERNAME>:<ADMIN PASSWORD> -H "Content-Type: application/json" -X PATCH -d \ '{"addDevice":{"deviceIp":"<BIGIP-2 MGMT IP ADDRESS>","deviceName":"<BIGIP-2 HOSTNAME>","username":"<ADMIN USERNAME>","password":"<ADMIN PASSWORD>"}}' \ https://<BIGIP-1 MGMT IP>/mgmt/tm/cm/trust-domain/Root
whisperer
MVP
MVPMany things in the API are broken. F5 NEXT will correct these due to being API first driven. For now, I use TMSH commands for many many workarounds with iControl, Ansible collection usage, etc. Another idea would be to use iRules LX and imperative calls using that API. I reserve imperative for base config like setting up HA and declarative framework for setting up VIPs and associated objects.
seamlessfireworkCirrus
CirrusThank you for sharing your findings and thoughts. It feels broken sometimes for me, too. But sending tmsh commands through the API is a solution for me.
As I understood AS3 deploys the config within individual partitions for every "tenant". Could you outline how you mix imperative commands with you declarative approach configuring VS etc.? Do you use git as your single source of truth for IaaC?