Forum Discussion

Dave_Noonan's avatar
Dave_Noonan
Icon for Cirrus rankCirrus
Jan 23, 2020
Solved

Modify local traffic policy from CLI or API

I recently got enjoy the GUI for local traffic policy management and determined that it's an abomination. You can't duplicate a policy so it's click-click-click all the way through to add eight near identical policies. You can't rename so that one where I forgot to update the name, delete and rebuild. Oh, and there's no true default policy so if you have one that's supposed to be the default you need to manually drag it to the end of the list.

 

The request boiled down to, if the URI starts with /A send it to A-pool, /B send to B-pool, etc. This is really tedious in the GUI.

 

Is there a better way to do it?

 

Please tell me there are CLI examples that I didn't find yesterday or that there's an API call I could have made to do this.

 

Thanks

BIG-IP
devops
LTM
  • Dave_Noonan's avatar
    Dave_Noonan
    Icon for Cirrus rankCirrus
    Jan 23, 2020

    Forgot to add that in olden times (6 years ago) I'd have done this with an iRule and updating it would have taken 5-10 minutes instead of an hour of click-click-click.

    • Dave_Noonan's avatar
      Dave_Noonan
      Icon for Cirrus rankCirrus
      Jan 23, 2020

      That sounds perfect. I found the list but didn't know how to get the modified config back into the F5. Was thinking maybe API could pass it in or something.

      • Dario_Garrido's avatar
        Dario_Garrido
        Icon for Noctilucent rankNoctilucent
        Jan 24, 2020

        As I said, you can do it with "merge" command.

        One example.

        1.- Take the current config of nodes with "tmsh list ltm node".

        # tmsh list ltm node
ltm node N-WEB1_172.16.100.1 {
    address 172.16.100.1
}

        2.- Use notepad to duplicate and modify this config.

        ltm node N-WEB2_172.16.100.2 {
    address 172.16.100.2
}
ltm node N-WEB3_172.16.100.3 {
    address 172.16.100.3
}
ltm node N-WEB4_172.16.100.4 {
    address 172.16.100.4
}

        3.- Verify that the config is well-written and valid (paste config after executing the command and press CTRL+D).

        # tmsh load sys config merge from-terminal verify 
Enter configuration. Press CTRL-D to submit or CTRL-C to cancel.
ltm node N-WEB2_172.16.100.2 {
    address 172.16.100.2
}
ltm node N-WEB3_172.16.100.3 {
    address 172.16.100.3
}
ltm node N-WEB4_172.16.100.4 {
    address 172.16.100.4
}
Validating configuration...

        4.- Finally apply configuration (paste config after executing the command and press CTRL+D).

        # tmsh load sys config merge from-terminal 
Enter configuration. Press CTRL-D to submit or CTRL-C to cancel.
ltm node N-WEB2_172.16.100.2 {
    address 172.16.100.2
}
ltm node N-WEB3_172.16.100.3 {
    address 172.16.100.3
}
ltm node N-WEB4_172.16.100.4 {
    address 172.16.100.4
}
Loading configuration...

        5.- Verify that the config was applied correctly.

        # tmsh list ltm node
ltm node N-WEB1_172.16.100.1 {
    address 172.16.100.1
}
ltm node N-WEB2_172.16.100.2 {
    address 172.16.100.2
}
ltm node N-WEB3_172.16.100.3 {
    address 172.16.100.3
}
ltm node N-WEB4_172.16.100.4 {
    address 172.16.100.4
}

        6. Save current config into the startup-config.

        # tmsh save sys config
Saving running configuration...
  /config/bigip.conf
  /config/bigip_base.conf
  /config/bigip_user.conf
Saving Ethernet mapping...done

        Let me know if this helps.

        KR,

        Dario.

    • Dave_Noonan's avatar
      Dave_Noonan
      Icon for Cirrus rankCirrus
      Jan 27, 2020

      Got to use this today. Much easier than the GUI. Thanks again.