Forum Discussion

AhmedBaig's avatar
AhmedBaig
Icon for Nimbostratus rankNimbostratus
Jun 10, 2019

modify/edit irule using ansible

Hi,   My question is how to edit/modify existing irule using ansible automatically. Please help me by pointing to code or module to do so.   I have existing irules which are needed to be ed...
Stefan_Engel's avatar
Stefan_Engel
Icon for Cirrus rankCirrus
Jun 06, 2021

Hi,

I've had a similar challenge and used a combination of REST and Ansible modules, but everything called from Ansible.

In our case its imply to append an additional line to an existing irule for redirects of short names.

 - name: Test F5
  hosts: localhost
  gather_facts: no
  become_method: runas
 
  vars:
    provider:
      user: '{{ f5_username }}'
      password: '{{ f5_password }}'
      server: '{{ f5_server }}'
      server_port: 443
      validate_certs: no
    irule_add: 'vanitytestxx05'
    irule_add_content: "if { ([HTTP::host] eq \"{{ irule_add }}\")} {\n  HTTP::redirect https://test.com\n }\n}"
 
  tasks:
  - name: Request F5 token
    uri:
      url: "https://{{provider.server}}/mgmt/shared/authn/login"
      method: POST
      force_basic_auth: yes
      return_content: yes
      body_format: json
      body:
        username: "{{ provider.user }}"
        password: "{{ provider.password }}"
        loginProviderName: "tmos"
      validate_certs: no
    register: token
    until: token is success
 
  - name: Get current irule content
    uri:
      url: "https://{{provider.server}}/mgmt/tm/ltm/rule/~Common~VANITY_irule"
      method: GET
      return_content: yes
      headers:
          X-F5-Auth-Token: "{{ token.json.token.name }}"
          Content-Type: "application/json"
      validate_certs: no
    register: irule_current
    until: irule_current is success
 
  - name: List irule content
    set_fact:
      irule_current_content: "{{ irule_current.json.apiAnonymous | regex_replace('}$', '')}}"
    # list content of irule "apiAnonymous" and remove last } in order to append new content
 
  - name: Add content to current irule
    set_fact:
      irule_combined_content: '{{ irule_current_content }} {{ irule_add_content }}'
 
  - name: ADD iRules to F5
    bigip_irule:
      provider: "{{item}}"
      module: "ltm"
      name: "VANITY_irule"
      content: "{{ irule_combined_content }}"

Additionally you could use REST for updating the irule instead of the bigip_irule module.

- name: Update irule
     uri:
       url: "https://{{provider.server}}/mgmt/tm/ltm/rule/~Common~VANITY_irule"
       method: PATCH
       return_content: yes
       headers:
           X-F5-Auth-Token: "{{ token.json.token.name }}"
           Content-Type: "application/json"
       body_format: json
       body: ' {"apiAnonymous":{{ irule_combined_content|to_json }}} '
       validate_certs: no

Hope this helps.