BIG-IP Report
Problem this snippet solves:
Overview
This is a script which will generate a report of the BIG-IP LTM configuration on all your load balancers making it easy to find information and get a comprehensive overview of virtual servers and pools connected to them.
This information is used to relay information to NOC and developers to give them insight in where things are located and to be able to plan patching and deploys. I also use it myself as a quick way get information or gather data used as a foundation for RFC's, ie get a list of all external virtual servers without compression profiles.
The script has been running on 13 pairs of load balancers, indexing over 1200 virtual servers for several years now and the report is widely used across the company and by many companies and governments across the world.
It's easy to setup and use and only requires auditor (read-only) permissions on your devices.
Demo/Preview
Interactive demo
http://loadbalancing.se/bigipreportdemo/
Screen shots
The main report:
The device overview:
Certificate details:
How to use this snippet:
Installation instructions
BigipReport REST
This is the only branch we're updating since middle of 2020 and it supports 12.x and upwards (maybe even 11.6).
- Downloads:
https://loadbalancing.se/downloads/bigipreport-v5.7.13.zip - Documentation, installation instructions and troubleshooting: https://loadbalancing.se/bigipreport-rest/
Docker support
https://loadbalancing.se/2021/01/05/running-bigipreport-on-docker/
Kubernetes support
https://loadbalancing.se/2021/04/16/bigipreport-on-kubernetes/
BIG-IP Report (Legacy)
Older version of the report that only runs on Windows and is depending on a Powershell plugin originally written by Joe Pruitt (F5)
BIG-IP Report (only download this if you have v10 devices):
https://loadbalancing.se/downloads/bigipreport-5.4.0-beta.zip
iControl Snapin
https://loadbalancing.se/downloads/f5-icontrol.zip
Documentation and Installation Instructions
https://loadbalancing.se/bigip-report/
Upgrade instructions
Protect the report using APM and active directory
Written by DevCentral member Shann_P:
https://loadbalancing.se/2018/04/08/protecting-bigip-report-behind-an-apm-by-shannon-poole/
Got issues/problems/feedback?
Still have issues? Drop a comment below. We usually reply quite fast. Any bugs found, issues detected or ideas contributed makes the report better for everyone, so it's always appreciated.
---
Join us on Discord: https://discord.gg/7JJvPMYahA
Code :
BigIP Report
Tested this on version:
12, 13, 14, 15, 16
Dear all
I got an email from Docker-hub today that they will discontinue the automatic builds due to too many people abusing the service.
I'm not yet sure how this will affect the service. Since we don't build the application that often it might work if the manual build is still free.
Either way, I have applied for the bigipreport project to be approved as an Open Source account. If manual builds won't work and the application is denied we'll have to take it from there.
This is only relevant for those running the report using Docker and I will update here once I know more.
Kind regards,
Patrik
Hi Ben
Glad it helped. I added a feature request for you on Github. You can go here:
https://github.com/net-utilities/BigIPReport/issues/69
and then watch it for updates.
I'm afraid I can't give any timelines since both me and Tim does this on our spare time. I normally try to squash bugs pretty fast but features happens when time permits. :)
/Patrik
- BenTAltocumulus
That got it. Thanks!
Have you looked at port-lists and/or policies? For port-lists, the VIPs aren't contained in the virtual, but are in a traffic-matching-criteria object instead. I don't know how difficult it would be to add the logic to show the VIPs for those in bigipreport or any associated policies.
Here is an example config for the port-lists.
net port-list /Common/web_443-8443-8080_ports { description web_443-8443-8080_ports ports { 443 { } 8080 { } 8443 { } } }ltm pool /Common/pool_vip_portlist_example { load-balancing-mode least-connections-node members { /Common/172.1.2.5:0 { address 172.1.2.5 } /Common/172.1.2.6:0 { address 172.1.2.6 } } monitor /Common/https_basic_443 } ltm traffic-matching-criteria /Common/vip_portlist_example_VS_TMC_OBJ { destination-address-inline 1.2.3.4 destination-port-list /Common/web_443-8443-8080_ports protocol tcp source-address-inline 0.0.0.0 } ltm virtual /Common/vip_portlist_example { ip-protocol tcp pool /Common/pool_vip_portlist_example profiles { /Common/fastL4 { } } serverssl-use-sni disabled source-address-translation { type automap } traffic-matching-criteria /Common/vip_portlist_example_VS_TMC_OBJ translate-address enabled translate-port enabled vlans { /Common/proxy-vlan } vlans-enabled }
Maybe I should have been more clear that I updated something... ;)
/Patrik
Strange. I downloaded the file after updating the build job and I can see the modules just fine:
Please confirm that this is the link you're using?
https://loadbalancing.se/downloads/bigipreport-v5.5.9.zip
/Patrik
- BenTAltocumulus
I've tried a few times over the last few hours, the zip sizes are identical and the modules folder isn't in the zip.
Please try to download it again?
/Patrik
Hi Ben
Apologies, been out enjoying the sun in the afternoon.
Thanks for reporting, will fix the script that creates deploy and get back to you.
/Patrik
- BenTAltocumulus
Modules directory is missing from the zip file.
Line |
2255 | . .\modules\Get-ExpiredCertificates.ps1
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| The term '.\modules\Get-ExpiredCertificates.ps1' is not recognized as a name of a cmdlet, function, script
| file, or executable program. Check the spelling of the name, or if a path was included, verify that the path is
| correct and try again.
New release v5.5.9. Well done Tim!
I've updated the Kubernetes containers with the new code and also triggered the :latest tag for you Cowboys who likes to use that. :)
Got questions/feedback/an insatiable lust for nerd talk? Join us on Discord:
https://discord.gg/W2y2cFX7
Kind regards,
Patrik