Forum Discussion
Deploy an application Service from an iApp template via tmsh
I've seen a couple of refernces to how to do this but nothing fully fledged out so here is my attempt to do so.
The actual man page of the command can be viewed by issuing the following from within tmsh.
help /sys application service
First off Deploying an iApp from tmsh is not like deploying it from the gui. It is not interactive. So all of the questions that the template wizard will ask you need to be answered at once. The 'iApp' itself is actually a few different components which I won't go into great detail on because it's explained much better in other places. One of these components however is a script that is executed once you are done filling out the wizard and hit 'Finished.' The answers that you provided in the gui are passed to the script as variables and then the script executes. Deploying an iApp with tmsh essentially starts at this point.
So in order to deploy an iApp you have to figure out the variables to pass and their values. The simplest way to do this is to deploy it through the gui and then view it via TMSH with the list command.
list /sys application service testAppToDeploy.app/testAppToDeploy
As you can see the app gets It’s own directory (testAppToDeploy.app/) and then you reference the name within it (testAppToDeploy) so I recomment using tab completion to discover the actual app name.
The output should look something like this.
sys application service testAppToDeploy.app/testAppToDeploy {
description none
device-group somegroup
inherited-devicegroup true
inherited-traffic-group true
lists none
metadata none
partition Common
strict-updates enabled
tables {
basic__snatpool_members {
column-names none
rows none
}
optimizations__hosts {
column-names none
rows none
}
server_pools__servers {
column-names { port connection_limit addr }
rows {
{
row { 80 0 10.1.1.1 }
}
{
row { 80 0 10.1.1.2 }
}
}
}
}
template f5.http
template-modified no
template-prerequisite-errors none
traffic-group traffic-group-1
variables {
basic__addr {
value 192.168.200.9
}
basic__create_redir {
value Yes
}
basic__need_snatpool {
value No
}
basic__redir_port {
value 80
}
basic__secure_port {
value 443
}
basic__snat {
value No
}
basic__using_ntlm {
value No
}
optimizations__lan_or_wan {
value WAN
}
server_pools__create_new_monitor {
value "Create New Monitor"
}
server_pools__create_new_pool {
value "Create New Pool"
}
server_pools__lb_method_choice {
value least-connections-member
}
server_pools__monitor_http_version {
value "Version 1.0"
}
server_pools__monitor_interval {
value 30
}
server_pools__monitor_recv {
value OK
}
server_pools__monitor_send {
value "GET /"
}
server_pools__tcp_request_queuing_enable_question {
value No
}
ssl_encryption_questions__cert {
value /Common/CopyOfDefault.crt
}
ssl_encryption_questions__key {
value /Common/CopyOfDefault.key
}
ssl_encryption_questions__offload_ssl {
value Yes
}
}
}
The parts you need to pay the most attention to are variables, tables and lists. For this app we have only Tables and Variables so I'm going to take those sections and copy them somewhere else and modify the settings for my new deployment. you will also need to add the verb 'add' 'modify' or 'replace-all-with' before the first parenthesis. Also if you're pasting this into tmsh shell mode don't forget to remove all your newlines so that the comand becomes a single line.
So for this example tables becomes
tables add { basic__snatpool_members { column-names none rows none } optimizations__hosts { column-names none rows none } server_pools__servers { column-names { port connection_limit addr } rows { { row { 80 0 10.1.1.1 } } { row { 80 0 10.1.1.2 } } } } }
Then just tack these modified sections on to the create command with any other options specified. In the end you should have something that looks roughly like this.
create /sys application service aNewApplicationServiceName template f5.http description "This is my description" tables add { basic__snatpool_members { column-names none rows none } optimizations__hosts { column-names none rows none } server_pools__servers { column-names { port connection_limit addr } rows { { row { 80 0 10.1.1.1 } } { row { 80 0 10.1.1.2 } } } } } variables add { basic__addr { value 192.168.200.11 } basic__create_redir { value Yes } basic__need_snatpool { value No } basic__redir_port { value 80 } basic__secure_port { value 443 } basic__snat { value No } basic__using_ntlm { value No } optimizations__lan_or_wan { value WAN } server_pools__create_new_monitor { value "Create New Monitor" } server_pools__create_new_pool { value "Create New Pool" } server_pools__lb_method_choice { value least-connections-member } server_pools__monitor_http_version { value "Version 1.0" } server_pools__monitor_interval { value 30 } server_pools__monitor_recv { value OK } server_pools__monitor_send { value "GET /" } server_pools__tcp_request_queuing_enable_question { value No } ssl_encryption_questions__cert { value /Common/CopyOfDefault.crt } ssl_encryption_questions__key { value /Common/CopyOfDefault.key } ssl_encryption_questions__offload_ssl { value Yes } }
Hopefully this helps. Please let me know of any innacuracies or typos.
-Aaron
RBS_79242Nimbostratus
Hi Aaron,
After doing a:
modify /sys application service ...How does one "redeploy" the iApp from tmsh?
At the moment I have found it necessary to make the changes via the cli, and then load the GUI, select "Reconfigure" against the iApp and select "Finished"
Thanks
Thomas_Schocka1Altocumulus
I second that question. :) How does one do the "Click Reconfigure tab on the iApp and press Finished" using tmsh only?
lostinberlin_11Just in case anyone lands here and is still looking for an answer. See:
https://community.f5.com/t5/technical-forum/reconfigure-application-service-iapp-via-tmsh/m-p/55094
Quote from Fred:
This is the command line equivalent of the iApp "Finished" button:
modify sys application service my_app.app/my_app execute-action definition- Can this command line by triggered via a REST Call (POST with a particular payload)?
- Ben_Novak
Employee
I know this is an old thread, but I've been digging through this thread for other details and found the right api call to redeploy an app. Might be useful to someone at some point. 🙂
{ "url": "/mgmt/tm/sys/application/service/~Common~tstApp.app~tstApp", "method": "PATCH", "body": { "execute-action": "definition" } }
- lostinberlin_11This is the command for the tmsh meaning it is possible to run the command on the machine or through ssh ("ssh myBigIpUser@myBigIpServer '....' " ). There are other REST implmentations out there though. Maybe best taking a look at iControl - https://devcentral.f5.com/s/articles/icontrol-rest-101-getting-started
Well, being a tmsh command, it MAY be invokable via REST :) Cannot figure out the needed payload and correct URI though.
Here is a rest example:
curl -ku \ $username:$password \ https://$device/mgmt/tm/sys/application/service \ -H "Content-Type: application/json" -X POST \ -d '{"partition":"Common","template":"tempatename","inheritedTrafficGroup":"false","name":"deployment", "variables":[ {"name":"configuration__provision","encrypted":"no","value":"yes"}, {"name":"configuration__aws_log_stream","encrypted":"no","value":"something"} ], "tables":[{"name":"configuration__destination","columnNames":[ "ip", "port", "mode", "backendmembers", "monitoruser", "monitorpass", "monitoruri", "monitorexpect", "asmtemplate", "l7ddos", "ipintel", "caching", "tcpoptmode", "fqdns", "oneconnect", "sslcert", "sslkey", "sslchain", "correctforbugblank" ],"rows":[{ "row":[ "something", "80", "http", "something", "", "", "/test.html", "", "something", "yes", "yes", "yes", "wanlan", "something", "yes", "", "", "", "correctforbugblank" ]},{"row":[ "something", "443", "sslhttp", "something", "", "", "/test/monitor.html", "", "something",, "yes", "yes", "yes", "wanlan", "something", "yes", "something", "something", "something", "correctforbugblank" ]}]}]}'For put updates to execute the deployment of the iApp
Add “execute-action":"definition” to your JSON
Path to put should be /mgmt/tm/sys/application/service/~Common~appname.app~appname/
You can also pass new app definitions along with the execure-action within that same call i.e. what is in the post above.
The only thing I'd add to the original tmsh command is to put it into context - use /Common for the Common partition, and if there are other partitions, use those contexts as required.
Also keep in mind that some templates use quite a diverse number of options. Go through the template carefully to use only those you need.
- Wand_97484
Hi,
here is a example curl for the f5.http iApp (11.6 HF4) with basic settings (not sure if trafficgroup value and devicegroup value can be ommited:
curl -k -u user:password https://bigip/mgmt/tm/sys/application/service -H "Content-Type: application/json" -X POST -d '{"kind":"tm:sys:application:service:servicestate","name":"UNIQUEID1234","partition":"Common","deviceGroup":"/Common/device-group-failover-33e71314eb96","inheritedDevicegroup":"true","inheritedTrafficGroup":"true","strictUpdates":"enabled","template":"/Common/f5.http","templateModified":"no","trafficGroup":"/Common/traffic-group-1","tables":[{"name":"basic__snatpool_members"},{"name":"net__snatpool_members"},{"name":"optimizations__hosts"},{"name":"pool__hosts","columnNames":["name"],"rows":[{"row":["hostname1.domain.tld"]},{"row":["hostname2.domain.tld"]}]},{"name":"pool__members","columnNames":["addr","port","connection_limit"],"rows":[{"row":["10.0.0.1","80","0"]},{"row":["10.0.0.2","80","0"]},{"row":["10.0.0.3","80","0"]}]},{"name":"server_pools__servers"}],"variables":[{"name":"client__http_compression","encrypted":"no","value":"/create_new"},{"name":"monitor__monitor","encrypted":"no","value":"/create_new"},{"name":"monitor__response","encrypted":"no","value":"myupstatus"},{"name":"monitor__uri","encrypted":"no","value":"/mycheckpage"},{"name":"net__client_mode","encrypted":"no","value":"wan"},{"name":"net__server_mode","encrypted":"no","value":"lan"},{"name":"pool__addr","encrypted":"no","value":"1.1.1.3"},{"name":"pool__pool_to_use","encrypted":"no","value":"/create_new"},{"name":"pool__port","encrypted":"no","value":"80"},{"name":"ssl__mode","encrypted":"no","value":"no_ssl"},{"name":"ssl_encryption_questions__advanced","encrypted":"no","value":"no"},{"name":"ssl_encryption_questions__help","encrypted":"no","value":"hide"}]}'Had to query an Application created from the f5.http iApp in the firstplace and walk through the definition:
curl -k -u user:password https://bigip/mgmt/tm/sys/application/service/~Common~UNIQUEID1234.app~UNIQUEID1234BR JP
gamal_mohie_305i am using this example to deploy the IIS template to configure the server app using tmsh via template i have followed this example.
i have an error Syntax Error: incomplete command
can anyone help ?
- gamal_mohie_305
this is the used command
tmsh create /sys application service cloud_test template description "This is my description" lists add { irules__irules { } net__client_vlan { value { /Common/Client-VLAN /Common/FailOver_Vlan /Common/SERVER-VLAN /Common/VIP-BIGIP } } } tables add { basic__snatpool_members { } net__snatpool_members { } optimizations__hosts { } pool__hosts { column-names { name } rows { { row { testcloud.tvtc.gov.sa } } } } pool__members { column-names { addr port connection_limit } rows { { row { 192.192.193.3 80 0 } } { row { 192.192.193.4 80 0 } } } } server_pools__servers { } } variables add { client__http_compression { value "/create_new" } client__standard_caching_without_wa { value "/do_not_use" } client__tcp_wan_opt { value "/create_new" } monitor__anonymous { value yes } monitor__frequency { value 30 } monitor__http_method { value GET } monitor__http_version { value http11 } monitor__monitor { value "/create_new" } monitor__response { } monitor__uri { value / } net__client_mode { value wan } net__route_to_bigip { value no } net__same_subnet { value no } net__server_mode { value lan } net__snat_type { value automap } net__vlan_mode { value enabled } pool__addr { value 192.192.192.5 } pool__http { value "/create_new" } pool__lb_method { value least-connections-member } pool__mask { } pool__mirror { value disabled } pool__persist { value "/cookie" } pool__pool_to_use { value "/create_new" } pool__port_secure { value 443 } pool__redirect_port { value 80 } pool__redirect_to_https { value yes } pool__use_pga { value no } pool__xff { value yes } server__ntlm { value "/do_not_use" } server__oneconnect { value "/create_new" } server__slow_ramp_setvalue { value 300 } server__tcp_lan_opt { value "/create_new" } server__tcp_req_queueing { value no } server__use_slow_ramp { value yes } ssl__cert { value /Common/Cert_2014.crt } ssl__client_ssl_profile { value "/create_new" } ssl__key { value /Common/Key_2014.key } ssl__mode { value client_ssl } ssl__use_chain_cert { value "/do_not_use" } ssl_encryption_questions__advanced { value yes } ssl_encryption_questions__help { value hide } stats__analytics { value "/do_not_use" } stats__request_logging { value "/do_not_use" } }
- gamal_mohie_305
i am using this example to deploy the IIS template to configure the server app using tmsh via template i have followed this example.
i have an error Syntax Error: incomplete command
this is the command
tmsh create /sys application service cloud_test template description "This is my description" lists add { irules__irules { } net__client_vlan { value { /Common/Client-VLAN /Common/FailOver_Vlan /Common/SERVER-VLAN /Common/VIP-BIGIP } } } tables add { basic__snatpool_members { } net__snatpool_members { } optimizations__hosts { } pool__hosts { column-names { name } rows { { row { testcloud.tvtc.gov.sa } } } } pool__members { column-names { addr port connection_limit } rows { { row { 192.192.193.3 80 0 } } { row { 192.192.193.4 80 0 } } } } server_pools__servers { } } variables add { client__http_compression { value "/create_new" } client__standard_caching_without_wa { value "/do_not_use" } client__tcp_wan_opt { value "/create_new" } monitor__anonymous { value yes } monitor__frequency { value 30 } monitor__http_method { value GET } monitor__http_version { value http11 } monitor__monitor { value "/create_new" } monitor__response { } monitor__uri { value / } net__client_mode { value wan } net__route_to_bigip { value no } net__same_subnet { value no } net__server_mode { value lan } net__snat_type { value automap } net__vlan_mode { value enabled } pool__addr { value 192.192.192.5 } pool__http { value "/create_new" } pool__lb_method { value least-connections-member } pool__mask { } pool__mirror { value disabled } pool__persist { value "/cookie" } pool__pool_to_use { value "/create_new" } pool__port_secure { value 443 } pool__redirect_port { value 80 } pool__redirect_to_https { value yes } pool__use_pga { value no } pool__xff { value yes } server__ntlm { value "/do_not_use" } server__oneconnect { value "/create_new" } server__slow_ramp_setvalue { value 300 } server__tcp_lan_opt { value "/create_new" } server__tcp_req_queueing { value no } server__use_slow_ramp { value yes } ssl__cert { value /Common/Cert_2014.crt } ssl__client_ssl_profile { value "/create_new" } ssl__key { value /Common/Key_2014.key } ssl__mode { value client_ssl } ssl__use_chain_cert { value "/do_not_use" } ssl_encryption_questions__advanced { value yes } ssl_encryption_questions__help { value hide } stats__analytics { value "/do_not_use" } stats__request_logging { value "/do_not_use" } }
