Big-IQ bulk trust, discovery and import of Big-IP using REST API

Problem this snippet solves: Attached is a link to github which provides the user with an comprehensive example of how to discover and import many BIGIP device via BIGIQ CM REST API. Script bulkD...
Updated 3 years ago
Version 2.0
BIG-IQ
devops
iControlREST
vmathur_234249's avatar
vmathur_234249
Historic F5 Account
9 years ago

A new version of this script is available on https://downloads.f5.com/esd/product.jsp?sw=BIG-IQ&pro=big-iq_CM

( BIG-IQ Centralized Management , Release 5.2 with following functionality )

[root@bigiq2:Active:Standalone] images ./bulkDiscovery.pl -h

Program: bulkDiscovery.pl Version: v2.2.0

Discover or rediscover multiple BIG-IP devices. If the csv file does not exist and the -m option is passed, the script will generate a file based on the existing discovered BIG-IPs on the BIG-IQ. This new csv file can then be edited and used for subsequent re-discoveries and re-imports.

Additional important notes:

The -l option must be included when performing initial trust, discovery and import of services.

The -m option must be used for re-discovery if any BIG-IP requires a framework upgrade.

The -n option can be used to skip service import, this is recommended if there are outstanding changes to be deployed

If a framework upgrade is required for any device, that device requires the administrator and root credentials passed either in the CSV file or using the -a and -r options.

If a failure is encountered, the script logs the error and continues. If conflicts are detected, the BIG-IQ version is selected by default, the CSV and -o option can override this. For the Access module re-import, the 'Device specific configuration' option will be used.

Allowed command line options: -h Help

    -c      Path to CSV file with all BIG-IP devices - REQUIRED, if it doesn't exist and -m is used, a new one is generated.

    -q      BIG-IQ admin credentials in form admin:password - REQUIRED if not using default

    -a      Admin credentials for every BIG-IP (such as admin:admin) - overrides any creds in CSV

    -r      Root credentials for every BIG-IP (such as root:default) - overrides root creds in CSV

    -u      Update framework if needed, CSV value overrides this value if CSV value is not null

    -g      access group name if needed, not required for re-discovery

    -l      Discover LTM, this must be included for initial discovery and import of services

    -p      Discover APM

    -s      Discover ASM

    -f      Discover AFM

    -d      Discover DNS

    -v      Verbose screen output

    -m      Perform a re-discovery and re-import, do not perform trust operation. Also include with -c to generate a new file.

    -o      USE_BIGIP for conflict resolution for any module conflict def: USE_BIGIQ, CSV value overrides this value if CSV value is not null

    -n      Do not import the service, only discover the service, the service import will be done manually

CSV file format: ip, user, pw, cluster-name, framework-action, root-user, root-pw, resolution

ip: ip address of the BIG-IP to discover. user, pw: username & password of the BIG-IP. Will be overridden if -a is specified on the command line.

cluster-name: the cluster name that will group the BIG-IP DSC cluster pair framework-action: upgrade - upgrade framework if needed, skip - skip framework update check, blank - do not attempt to update root-user, root-password: only needed for framework update of 11.5.x through 11.6.x devices. Will be overridden if -r is specified on the command line conflict resolution: can either be USE_BIGIQ or USE_BIGIP, defaults to USE_BIGIP if '-o' option is specified else USE_BIGIQ

example lines:

1.2.3.4

1.2.3.4, admin, pw

1.2.3.4, admin, pw, cluster-name

1.2.3.4,,, cluster-name,,,, USE_BIGIP

1.2.3.4, admin, pw,, skip,,, USE_BIGIP

1.2.3.4, admin, pw,, upgrade, root, root-pw

1.2.3.4, admin, pw,, upgrade, root, root-pw, USE_BIGIP