Forum Discussion
Will_Longo
Altostratus
AltostratusCreating VIPs - having problems with profiles
Hello all, im new to this community and have only been working with F5s for about 4 months. In my workplace we frequently deploy massive numbers of servers that require load balancing. Due to the increase in time savings from using icontrol i have written some scripts to do this for us based on csv input files. Everything works great if I use the same VIP profiles every time. My issue is that we need to be able to leave a blank in the CSV and provide a none/null value to a particular profile depending on the requirement.
below is some code im working with but it is not working as intended. In my first example, i can selectively set the profiles for my VIP but the script ignores other fields in the CSV. In my second example, i can access all fields and assign a "none" value to a profile but in the case where i WANT a profile set, it ignores it. Any help would be greatly appreciated!
Note: I have truncated the script to the relevant portion.
First Example:
Function VIP{
$vipINFILE = Import-Csv $vipCSV
foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i})
{
$vipdefinition = New-Object -TypeName iControl.CommonVirtualServerDefinition;
$vipdefinition.name = $vipset.VIPName;
$vipdefinition.address = $vipset.VIPIP;
$vipdefinition.port = $vipset.VIPPort;
$vipdefinition.protocol = $vipset.Protocol;
$vipdefinitions = (, $vipdefinition);
$wildmasks = (, "255.255.255.255");
$resource = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerResource;
$resource.type = "RESOURCE_TYPE_POOL";
$resource.default_pool_name = $poolset.PoolName;
$resources = (, $resource);
$vippersistence = New-object -TypeName iControl.LocalLBVirtualServerVirtualServerPersistence;
$vippersistence.profile_name = $vipset.vippersistence
$vippersistence.default_profile = $null
$profileINFILE = import-csv $profileCSV
foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i})
{
$vipprofilehttp = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
$vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
$vipprofilehttp.profile_name = $profileset.http;
$vipprofilessl = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
$vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT";
$vipprofilessl.profile_name = $profileset.SSLClient;
$vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile;
$vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL";
$vipprofileoneconnect.profile_name = $profileset.OneConnect;
}
$vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect);
$vipprofileAofA = (, $vipprofileA);
(Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$vipprofileAofA)
if($vipset.snat -eq "AutoMAP"){(Get-F5.iControl).LocalLBVirtualServer.set_snat_automap((, $vipset.VIPName))}
(Get-F5.iControl).LocalLBVirtualServer.Add_persistence_profile((,$vipset.VIPName),(,$vippersistence))
write-host $vipset.VIPName " created..."
}
} Second example
$vipINFILE = Import-Csv vip.csv
foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i})
{
$vipdefinition = New-Object -TypeName iControl.CommonVirtualServerDefinition;
$vipdefinition.name = $vipset.VIPName;
$vipdefinition.address = $vipset.VIPIP;
$vipdefinition.port = $vipset.VIPPort;
$vipdefinition.protocol = $vipset.Protocol;
$vipdefinitions = (, $vipdefinition);
$wildmasks = (, "255.255.255.255");
$resource = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerResource;
$resource.type = "RESOURCE_TYPE_POOL";
$resource.default_pool_name = $poolset.PoolName;
$resources = (, $resource);
$vippersistence = New-object -TypeName iControl.LocalLBVirtualServerVirtualServerPersistence;
$vippersistence.profile_name = $vipset.vippersistence
$vippersistence.default_profile = $null
$profileINFILE = import-csv profiles.csv
foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i})
{
If(!$profileset.http){
$vipprofilehttp = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1
}else{
$vipprofilehttp = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[]" 1
$vipprofilehttp[0] = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
$vipprofilehttp[0].profile_context = "PROFILE_CONTEXT_TYPE_ALL";
$vipprofilehttp[0].profile_name = $profileset.http;
}
if(!$profileset.sslclient){
$vipprofilessl = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1
}else{
$vipprofilessl = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[]" 1
$vipprofilessl[0] = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
$vipprofilessl[0].profile_context = "PROFILE_CONTEXT_TYPE_CLIENT";
$vipprofilessl[0].profile_name = $profileset.sslclient;
}
if(!$profileset.OneConnect){
$vipprofileoneconnect = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1
}else{
$vipprofileoneconnect = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile[]" 1
$vipprofileoneconnect[0] = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile"
$vipprofileoneconnect[0].profile_context = "PROFILE_CONTEXT_TYPE_ALL";
$vipprofileoneconnect[0].profile_name = $profileset.OneConnect;
}
$vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect);
$profilecount = $vipprofileA.count
$vipprofileAofA = (, $vipprofileA[$profilecount]);
(Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$vipprofileAofA)
write-host $vipset.VIPName " created..."
}I can see
PS > $vipprofileA
profile_context profile_name
--------------- ------------
PROFILE_CONTEXT_TYPE_ALL http
PROFILE_CONTEXT_TYPE_ALL oneconnectPS > $vipprofileA.count 3
Yet when I view the vip no profiles are assigned. I verified that these profile names exist.
4 Replies
The issue I see with the first example is that you are looping over the
$profileINFILE = import-csv $profileCSV foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i}) { $vipprofilehttp = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile; $vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL"; $vipprofilehttp.profile_name = $profileset.http; $vipprofilessl = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile; $vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT"; $vipprofilessl.profile_name = $profileset.SSLClient; $vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile; $vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL"; $vipprofileoneconnect.profile_name = $profileset.OneConnect; Shouldn't the previous entries be saved here or they get overwritten in the next iteration... } $vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect); $vipprofileAofA = (, $vipprofileA);You are looping over all the entries, but are just overwriting all the variables for each entry in the CSV. The last time through the loop the variable are set to the last entry and then written to the array. That's likely why you are missing entries.
I'm going to have to take a longer look at the second script to find out what's going on in there...
-Joe
Will_LongoFull code that works with the limitation of not being able to bring in every field from the CSV.
< F5 Script Author: Will Longo Design & Build - Clinical > load Snapin if ( (Get-PSSnapin | Where-Object { $_.Name -eq "iControlSnapIn"}) -eq $null ){ Add-PSSnapIn iControlSnapIn} Function Browse(){ [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") |Out-Null [System.Windows.Forms.Application]::EnableVisualStyles() $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog $OpenFileDialog.initialDirectory = (get-location).path $OpenFileDialog.filter = "CSV (*.csv)|*.csv|All files (*.*)|*.*" $loop = $true while($loop) { if ($OpenFileDialog.ShowDialog() -eq "OK") { $loop = $false } else { $res = [System.Windows.Forms.MessageBox]::Show("You clicked Cancel. Try again or return to main form?", "Choose a directory", [System.Windows.Forms.MessageBoxButtons]::RetryCancel) if($res -eq "Cancel") { End script return } } } $OpenFileDialog.filename } Function ConfigSave{ $saveyn = read-host "Do you wish to sync your configuration? (Y/N)" if($saveyn -eq "Y"){(Get-F5.iControl).SystemConfigSync.synchronize_configuration(1)} else{write-host "Completed";return;} } Function VIP{ $vipINFILE = Import-Csv $vipCSV foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i}) { $vipdefinition = New-Object -TypeName iControl.CommonVirtualServerDefinition; $vipdefinition.name = $vipset.VIPName; $vipdefinition.address = $vipset.VIPIP; $vipdefinition.port = $vipset.VIPPort; $vipdefinition.protocol = $vipset.Protocol; $vipdefinitions = (, $vipdefinition); $wildmasks = (, "255.255.255.255"); $resource = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerResource; $resource.type = "RESOURCE_TYPE_POOL"; $resource.default_pool_name = $poolset.PoolName; $resources = (, $resource); $vippersistence = New-object -TypeName iControl.LocalLBVirtualServerVirtualServerPersistence; $vippersistence.profile_name = $vipset.vippersistence $vippersistence.default_profile = $null $profileINFILE = import-csv $profileCSV foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i}) { $vipprofilehttp = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile; $vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL"; $vipprofilehttp.profile_name = $profileset.http; $vipprofilessl = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile; $vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT"; $vipprofilessl.profile_name = $profileset.SSLClient; $vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile; $vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL"; $vipprofileoneconnect.profile_name = $profileset.OneConnect; } $vipprofileA = ($vipprofilehttp, $vipprofilessl, $vipprofileoneconnect); $vipprofileAofA = (, $vipprofileA); (Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$vipprofileAofA) if($vipset.snat -eq "AutoMAP"){(Get-F5.iControl).LocalLBVirtualServer.set_snat_automap((, $vipset.VIPName))} (Get-F5.iControl).LocalLBVirtualServer.Add_persistence_profile((,$vipset.VIPName),(,$vippersistence)) write-host $vipset.VIPName " created..." } } Function Pool{ $poolINFILE = Import-Csv $poolCSV foreach ($poolset in $poolINFILE | where-object {$_.Sequence -eq $i}) { if($poolset.LoadBalanceMethod -eq "Round Robin"){$LBMethod = "LB_METHOD_ROUND_ROBIN"} elseif($poolset.LoadBalanceMethod -eq "Observed (member)"){$LBMethod = "LB_METHOD_OBSERVED_MEMBER"} elseif($poolset.LoadBalanceMethod -eq "Least Connections (member)"){$LBMethod = "LB_METHOD_LEAST_CONNECTION_MEMBER"} elseif($poolset.LoadBalanceMethod -eq "Ratio (member)"){$LBMethod = "LB_METHOD_RATIO_MEMBER"} elseif($poolset.LoadBalanceMethod -eq "Predictive (member)"){$LBMethod = "LB_METHOD_PREDICTIVE_MEMBER"} else{Write-Host "Unknown Load Balance Method"} $jPPortDefList = New-Object -TypeName iControl.CommonIPPortDefinition[] $MemberList.Length; for($j=0; $j -lt $MemberList.Length; $j++) { $jPPortDefList[$j] = New-Object -TypeName iControl.CommonIPPortDefinition; $jPPortDefList[$j].address = $MemberList[$j]; $jPPortDefList[$j].port = $poolset.MemberPort; } (Get-F5.iControl).LocalLBPool.create( (,$poolset.PoolName), (,$LBMethod), (,$jPPortDefList)) $monitor_association = New-Object -TypeName iControl.LocalLBPoolMonitorAssociation; $monitor_association.pool_name = $poolset.PoolName; $monitor_association.monitor_rule = New-Object -TypeName iControl.LocalLBMonitorRule; $monitor_association.monitor_rule.type = "MONITOR_RULE_TYPE_SINGLE"; $monitor_association.monitor_rule.quorum = 0; $monitor_association.monitor_rule.monitor_templates = (, $poolset.PoolHealthMonitor); (Get-F5.iControl).LocalLBPool.set_monitor_association((, $monitor_association)) write-host $poolset.PoolName " created..." VIP; } } Function Node{ $nodeINFILE = Import-Csv $nodeCSV foreach ($nodeset in $nodeINFILE) { (Get-F5.iControl).LocalLBNodeAddress.create( (,$nodeset.NodeIP), (,0) ) (Get-F5.iControl).LocalLBNodeAddress.set_screen_name( (,$nodeset.NodeIP), (,$nodeset.NodeName ) ) $nodeaddress = New-Object -TypeName iControl.LocalLBMonitorIP; $nodeaddress.address_type = "ATYPE_STAR_ADDRESS" $nodeaddress.ipaddress = $nodeset.NodeIP $monitor_association2 = New-Object -TypeName iControl.LocalLBNodeAddressMonitorAssociation; $monitor_association2.node_Address = $nodeaddress $monitor_association2.monitor_rule = New-Object -TypeName iControl.LocalLBMonitorRule; $monitor_association2.monitor_rule.type = "MONITOR_RULE_TYPE_SINGLE"; $monitor_association2.monitor_rule.quorum = 0; $monitor_association2.monitor_rule.monitor_templates = (, $nodeset.HealthMonitor); (Get-F5.iControl).LocalLBNodeAddress.Set_Monitor_Association((,$monitor_association2)) write-host $nodeset.NodeName " created..." } $i=1 $ilimiter=read-host "How many Pools are you creating? (Enter a value)" while($i -le $ilimiter) { foreach ($poolmember in $nodeINFILE | where-object {$_.Sequence -eq $i}) { [array]$memberlist += $poolmember.NodeIP } Pool; Remove-variable memberlist $i++ } ConfigSave; } Start $BigIP = read-host "What is the IP of your F5 Big-IP Device" connect Initialize-F5.iControl -HostName $Bigip -Credentials (Get-Credential); $host.ui.RawUI.WindowTitle = "Will's F5 Script - Node" $actorpass = (Get-F5.iControl).SystemFailover.get_failover_state() if($actorpass -ne "FAILOVER_STATE_ACTIVE"){write-host "This is not the Active F5, Please re-run this script" -ForegroundColor Yellow -BackgroundColor Red;return} INPUT write-host "select your Node CSV" $nodeCSV = Browse write-host "select your Pool CSV" $poolCSV = Browse write-host "select your VIP CSV" $vipCSV = Browse write-host "select your Profiles CSV" $profileCSV = Browse if (!$nodecsv){$cancel=$true} if (!$poolcsv){$cancel=$true} if (!$vipcsv){$cancel=$true} if (!$profilecsv){$cancel=$true} if ($cancel){write-host "Cancelled by User!" -ForegroundColor Yellow -BackgroundColor Red;return} start Node;- Will_Longo
I resolved this by providing a null profile value during vip creation and assigning profiles afterwards. Hopefully this will help someone 🙂
$vipINFILE = Import-Csv $vipCSV foreach ($vipset in $vipINFILE | Where-object {$_.Sequence -eq $i}) { $vipdefinition = New-Object "iControl.CommonVirtualServerDefinition" $vipdefinition.name = $vipset.VIPName; $vipdefinition.address = $vipset.VIPIP; $vipdefinition.port = $vipset.VIPPort; $vipdefinition.protocol = $vipset.Protocol; $vipdefinitions = (, $vipdefinition); $wildmasks = (, "255.255.255.255"); $resource = New-Object "iControl.LocalLBVirtualServerVirtualServerResource" $resource.type = "RESOURCE_TYPE_POOL"; $resource.default_pool_name = $poolset.PoolName; $resources = (, $resource); $profiles = new-object "iControl.LocalLBVirtualServerVirtualServerProfile[][]" 1 (Get-F5.iControl).LocalLBVirtualServer.create($vipdefinitions,$wildmasks,$resources,$profiles) if($vipset.snat -eq "AutoMAP"){(Get-F5.iControl).LocalLBVirtualServer.set_snat_automap((, $vipset.VIPName))} $profileINFILE = import-csv $profileCSV foreach ($profileset in $profileINFILE | where-object {$_.Sequence -eq $i}) { if($profileset.http){ $vipprofilehttp = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile" $vipprofilehttp.profile_context = "PROFILE_CONTEXT_TYPE_ALL"; $vipprofilehttp.profile_name = $profileset.http; (Get-F5.iControl).LocalLBVirtualServer.Add_profile((,$vipset.VIPName),(,$vipprofilehttp)) write-host "Added an HTTP profile" } if($vipset.vippersistence){ $vippersistence = New-object "iControl.LocalLBVirtualServerVirtualServerPersistence" $vippersistence.profile_name = $vipset.vippersistence $vippersistence.default_profile = $null (Get-F5.iControl).LocalLBVirtualServer.Add_persistence_profile((,$vipset.VIPName),(,$vippersistence)) write-host "Added a Persistence profile" } if($profileset.SSLClient){ $vipprofilessl = New-Object "iControl.LocalLBVirtualServerVirtualServerProfile" $vipprofilessl.profile_context = "PROFILE_CONTEXT_TYPE_CLIENT"; $vipprofilessl.profile_name = $profileset.SSLClient; (Get-F5.iControl).LocalLBVirtualServer.Add_profile((,$vipset.VIPName),(,$vipprofilessl)) write-host "Added an SSL Client profile" } if($vipprofileoneconnect){ $vipprofileoneconnect = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerProfile; $vipprofileoneconnect.profile_context = "PROFILE_CONTEXT_TYPE_ALL"; $vipprofileoneconnect.profile_name = $profileset.OneConnect; (Get-F5.iControl).LocalLBVirtualServer.Add_profile((,$vipset.VIPName),(,$vipprofileoneconnect)) write-host "Added a OneConnect profile" } if($profileset.irulename){ $vipirule = New-Object -TypeName iControl.LocalLBVirtualServerVirtualServerRule $vipirule.rule_name = $profileset.irulename $vipirule.priority = $profileset.irulepriority (Get-F5.iControl).LocalLBVirtualServer.add_rule( (,$vipset.VIPName), (,$vipirule) ) write-host "Added an iRule" } } write-host $vipset.VIPName " created..." } 
Eddy_161863Nimbostratus
Hi Will,
How can we run these script? I'm new to using it and would like some help on this?
Many Thanks.
