F5 Per-App AS3 Part 1 How Share Tenant specific object
There are many references for configuring and using shared objects under the Common partition but what if each partition/tenant is customer specific and each customers wants an irule that can be shared between their apps?
Code version:
The code was tested on 17.1.5.3
AS3: 3.55
https://github.com/Nikoolayy1/fast-template-examples
The same way the /Shared objects can be configured under /Common can be done under a specific tenant and this is really useful if Per-App AS3 is enabled as each AS3 app will use separate declaration and all of them can use a customer iRule defined under /<Tenant>/Shared.
References for AS3 Declarative API:
https://www.youtube.com/watch?v=rrjrcnwAe1g&t=433s
AS3 Foundations: Beyond Imperatives - What the Heck is AS3? | DevCentral
https://www.youtube.com/watch?v=OHSBpOtQg_0&list=PLrn3yqXftAPUPdSP_kbCX6BDicVprsnfI
Per-App AS3 is enabled by default for the AS3 3.50.x and above but if needed enable it.
POST Endpoint: /mgmt/shared/appsvcs/settings
{
"perAppDeploymentAllowed": true
}
POST Endpoint for Creating the Tenant and the Shared irule that is base64 endpoint: /mgmt/shared/appsvcs/declare
{
"schemaVersion": "3.45.0",
"Shared": {
"class": "Application",
"template": "shared",
"test": {
"class": "iRule",
"remark": "yes",
"iRule": {
"base64": "d2hlbiBIVFRQX1JFUVVFU1Qgew0KICAgSFRUUDo6cmVzcG9uZCAyMDAgY29udGVudCB7DQogICAgICA8aHRtbD4NCiAgICAgICAgIDxoZWFkPg0KICAgICAgICAgICAgPHRpdGxlPkFwb2xvZ3kgUGFnZTwvdGl0bGU+DQogICAgICAgICA8L2hlYWQ+DQogICAgICAgICA8Ym9keT4NCiAgICAgICAgICAgIFdlIGFyZSBzb3JyeSwgYnV0IHRoZSBzaXRlIHlvdSBhcmUgbG9va2luZyBmb3IgaXMgdGVtcG9yYXJpbHkgb3V0IG9mIHNlcnZpY2U8YnI+DQogICAgICAgICAgICBJZiB5b3UgZmVlbCB5b3UgaGF2ZSByZWFjaGVkIHRoaXMgcGFnZSBpbiBlcnJvciwgcGxlYXNlIHRyeSBhZ2Fpbi4NCiAgICAgICAgIDwvYm9keT4NCiAgICAgIDwvaHRtbD4NCiAgIH0NCn0="
}
}
}
}
POST Endpoint for sending Per-App AP that references the Tenant shared iRule I: /mgmt/shared/appsvcs/declare/Example/applications
{
"schemaVersion": "3.45.0",
"A1": {
"class": "Application",
"service": {
"class": "Service_HTTP",
"virtualAddresses": [
"10.0.1.10"
],
"pool": "web_pool",
"iRules": [
{
"use": "/Test/Shared/test"
},
"insert_xff"
]
},
"web_pool": {
"class": "Pool",
"monitors": [
"http"
],
"members": [
{
"servicePort": 80,
"serverAddresses": [
"192.0.1.10",
"192.0.1.12"
]
}
]
},
"insert_xff": {
"class": "iRule",
"iRule": "when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::client_addr] }"
}
}
}
Github link:
Note!
To see the Tenant config use GET Endpoint /mgmt/shared/appsvcs/declare/Example or for the app /mgmt/shared/appsvcs/declare/Example/A1
For only the Tenant shared config use GET /mgmt/shared/appsvcs/declare/Example/applications/Shared
By placing the pools in the /Shared under the Tenant all Per-AS3 declarations for Tenant can use the pool like for the iRule example I showed and also the pools can share the node IP addresses like the "shareNodes" option but only for the tenant.
https://my.f5.com/manage/s/article/K88250015
Help guide the future of your DevCentral Community!
What tools do you use to collaborate? (1min - anonymous)