Forum Discussion
Creating device trust / trust-domain through iControl REST Call(s)
- Nov 28, 2023
Hi,
I don't use Postman (I use cURL instead).
You just need to send a REST API call to BIG-IP 1 to add the peer unit (BIGIP-2) to the existing root trust domain:
curl -sk -u <ADMIN USERNAME>:<ADMIN PASSWORD> -H "Content-Type: application/json" -X PATCH -d \ '{"addDevice":{"deviceIp":"<BIGIP-2 MGMT IP ADDRESS>","deviceName":"<BIGIP-2 HOSTNAME>","username":"<ADMIN USERNAME>","password":"<ADMIN PASSWORD>"}}' \ https://<BIGIP-1 MGMT IP>/mgmt/tm/cm/trust-domain/Root
Many things in the API are broken. F5 NEXT will correct these due to being API first driven. For now, I use TMSH commands for many many workarounds with iControl, Ansible collection usage, etc. Another idea would be to use iRules LX and imperative calls using that API. I reserve imperative for base config like setting up HA and declarative framework for setting up VIPs and associated objects.
Thank you for sharing your findings and thoughts. It feels broken sometimes for me, too. But sending tmsh commands through the API is a solution for me.
As I understood AS3 deploys the config within individual partitions for every "tenant". Could you outline how you mix imperative commands with you declarative approach configuring VS etc.? Do you use git as your single source of truth for IaaC?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com