Forum Discussion
Nimbostratusiapp help with pool creation for fqdn autopopulate enabled
I am needing some help with iapp syntax to make sure the newly created pool is created with fqdn & autopopulate enabled. I am using the default http iapp, the newly created pool is created correctly; however, autopopulate for the pool is disabled. How can I set the pool to always be created with fqdn & autopopulate enabled when it creates the new pool as the iapp will only be used for a FQDN node. I would think I would set it somewhere below, just not sure how.
1,0 { [iapp::conf create ltm pool ${app}_pool \ [iapp::substa pool_ramp_pga_arr($advanced,$do_slow_ramp,$do_pga)] \ [iapp::substa pool_lb_queue_arr($advanced,$lb_lcm_licensed,$tcp_queuing)] \ [iapp::substa monitor_arr($new_pool,$new_monitor,$advanced)] \ [iapp::pool_members $::pool__members]] \ translate-address enabled } 0,0 { [expr { $::net__server_mode ne "tunnel" ? \ $::pool__pool_to_use : $::pool__pool_to_use_wom }] \ translate-address enabled } * { none translate-address disabled } }
- Jason_Adams
Employee
So, this was quite the challenge; I spent some time looking into how to accomplish this task, and it's not straight-forward.
The command used to generate the pool members syntax is:
in the[iapp::pool_members $::pool__members]]
section of the iApp.Implementation
is a table generated by thepool__members
section of the iApp.Presentation
is a tcl procedure (similar to a python function) called from theiapp::pool_members
package.iapp 1.0.3The
procedure is written in a way that does not account for the syntax required to addiapp::pool_members
.fqdn { autopopulate enabled }So this solution requires modifying several steps:
- Update the presentation template to include an 'autopopulate' option.
- Update Update the iapp utility package to read the variable created by autopopulate and write-out the appropriate pool member syntax.
Let's Begin
-
Copy the Presentation, Implementation and HTML Help templates from the default iApp to your favorite text editor:
TMUI -> iApps -> Templates ->
-
Update the Presentation Template in the following ways:
a. Update the pool members table and add
.choice autopopulate... table members { optional (( ssl_encryption_questions.legacy_advanced == "yes" || ssl_encryption_questions.advanced == "yes" ) && use_pga == "yes" ) { string priority default "0" required validator "NonNegativeNumber" display "small" } choice autopopulate <<<--------< Add this line } optional ( ssl_encryption_questions.help == "max" ) { message members_max } ...b. In the 'Text' section, add
section which will provide a 'None, Yes, No' set of options in TMUI when creating the pool member(s).pool.members.autopopulate... pool.members.port_secure "Port" pool.members.autopopulate "Autopopulate" { <<<--------< Add these lines "None" => "", <<<--------< Add these lines "Yes" => "enabled", <<<--------< Add these lines "No" => "disabled" <<<--------< Add these lines } <<<--------< Add these lines pool.members.connection_limit "Connection limit" ... -
Remount /usr as Read-Write (rw) so we can make changes.
mount -o remount,rw /usr -
Create a copy of the iapp.1.3.0.tcl package so we can customize it without modifying the original:
cp /usr/share/tcl8.5/iapp/iapp.1.3.0.tcl /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl -
Update the new package so it knows it provides iapp 1.3.0.1 package.
sed -i 's/package provide iapp 1.3.0/package provide iapp 1.3.0.1/g' /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl -
Tell scriptd that the new package exists by adding an entry to /usr/share/tcl8.5/iapp/pkgIndex.tcl
echo 'package ifneeded iapp 1.3.0.1 [list source [file join $dir iapp.1.3.0.1.tcl]]' >> /usr/share/tcl8.5/iapp/pkgIndex.tcl -
Change to /usr/share/compat-tcl8.4/iapp/ directory and add a new symlink:
cd /usr/share/compat-tcl8.4/iapp/ ln -s /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl iapp.1.3.0.1.tcl -
Edit /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcl to account for the new
property (Step 2):pool.members.autopopulatevim /usr/share/tcl8.5/iapp/iapp.1.3.0.1.tcla. Add
to thefqdn autopopulate
array:fieldsproc ::iapp::pool_members { args } { Set defaults. array set fields { address addr port port port-secure port_secure connection-limit connection_limit priority-group priority ratio ratio fqdn autopopulate <<<--------< Add this line }b. Update this foreach loop:
FROM: Transfer non-port fields from the table to the tmsh string. foreach name $nonport_fields { if { [info exists columns($fields($name))] } { append members " $name $columns($fields($name))" } } TO: Transfer non-port fields from the table to the tmsh string. foreach name $nonport_fields { if { [info exists columns($fields($name))] } { if { $name == "fqdn" } { if { $columns($fields($name)) != "" } { append members " fqdn \{ autopopulate $columns($fields($name)) \}" } } else { append members " $name $columns($fields($name))" } } } -
Exit the text editor (:wq) and remount /usr as Read-Only (ro)
mount -o remount,ro /usr -
In the Presentation Template and Implementation Template, make the following changes:
NOTE: There are over 50 references; make sure you get them all; I suggest a search/replace function in your text editor.
FROM: package require iapp 1.3.0 TO: package require iapp 1.3.0.1 -
Create a new, custom iApp Template using the modified Implementation and Presentation templates and the unmodified HTML Help section:
- TMUI -> iApps -> Templates -> Templates ->
'Create'click - Provide a name for your new template.
- Minimum BIG-IP Version == 11.5.0
- Copy the 'Implementation Template',
'Presentation Template', and 'HTML Help' section into the appropriateModified - Click 'save'
- TMUI -> iApps -> Templates -> Templates ->
-
Deploy a new iApp using the customized template.
TMUI -> iApps -> Application Services -> Applications ->
'Create'clickNOTE: The FQDN 'ltm node' object must have already been created with 'fqdn { autopopulate enabled }', otherwise you will observe the following error:
01070734:3: Configuration error: Cannot enable pool member to autopopulate: node (/Common/example.com) has autopopulate set to disabled.
Robert_BoothJason,
My apologies for just now responding to your response on Oct 26th. After I posted my additional questions on Oct 16th, I ended up opening an F5 support case due to business & project pressures and worked with that F5 engineer who was in touch with development for well over a week looking for any solution and it was the engineer who pointed out that you had responded to my 16th post. I want to express my sincere thanks for your detailed step-by-step response / instructions with how to handle our dilemma with creating pools within the iapp so that they are created with autopopulate enabled. Although the instructions contained a small amount of steps; I'm certain you spent some time developing and testing the solution which I can't express enough how your support is appreciated. I am very happy to report that I finally was able to test everything which worked flawlessly and your instructions were very easy to understand and implement.Please do let me know if there is anyone I can contact to express our appreciation for your knowledge, professional support and assistance.
The last remaining item I have on my list to do within this iapp will be to enable HSTS when the http profile is created. I suspect if it is still not natively supported in the http iapp, your assistance here will be a guide of the similar steps I will need to look into.
Warmest Regards, Robert Booth Sr. Network Engineer Ventech Solutions | HIDS
