Running bigip to terraform resources

Question

Hi,Posting here in the hopes someone finds this useful.&nbsp; This is not a product, it's a small open source tool that I've made to help manage our BigIPs.TL;DR: Running BigIP to Terraform resources:&nbsp;https://github.com/schibsted/bigip-to-terraformWe recently started speaking about managing our BigIP in a more DevOpsy way at work.&nbsp; We have been using the web GUI most of the time and recently it has become more and more tricky to do transformations on the config text file to do large scale changes.We use terraform for AWS and some other things and I've not used it much myself so I thought I'd give terraform for BigIP a go.After looking at the docs and comparing with our running config and speaking to some different colleagues I found I wanted to see a terraform representation of our running config to see how new resources could be configured.So I wrote a script to dump our running config to terraform resources. It uses the python API to extract VIPs, pools and attendant nodes, writes a skeleton resource file and then "terraform import"s each resource.&nbsp; After that it uses "terraform show" with some light processing to generate a complete and valid terraform .tf file for all the resources found.There is one specific bug in the BigIP plugin to terraform (see the "issues" on github) that stops me from getting a complete automatic extract in our environment.&nbsp; And also for our full configuration (once I've removed the VIP resources that causes problems) "terraform plan" takes between 15 and 25 minutes. So I made a option to extract just VIPs matching a string or RE pattern, as well as their attendant pools and nodes.&nbsp; I've been able to "terraform apply" these back to a BigIP.The README file is quite complete, basically do `./runner` to get it all or `./runner -v 'pattern'` for a substring match in the VIP name, full path or IP number.This is not a migration tool since it does not extract or handle iRules, policies and such at all, they have to exist in the target environment already.

buulam · Answer

This is really cool&nbsp;niclan&nbsp;! This post might belong in the CodeShare. Will check with the other mods

liefzimmerman · Answer

Yep - perfect candidate for CodeShare. I will nominate it to be moved.

niclan · Answer

I should mention that this script keeps making the terraform bigip plugin crash. Two issues I reported were fixed in 1.16.2 but another one cropped up.&nbsp; ... I've opened a new support case.

Forum Discussion

Running bigip to terraform resources

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

BIG-IP Terraform Resources

DevCentral Resources

F5 Distributed Cloud, from manual configuration to Terraform automation

F5 Distributed Cloud Site Lab on Proxmox VE with Terraform

Streamlining BIG-IP Next Deployments: Automate with CI/CD Pipelines Using Terraform Cloud and GitHub

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS