F5 Per-App AS3 Part 1 How Share Tenant specific object

Code version:

The code was tested on 17.1.5.3

AS3: 3.55

 

The same way the /Shared objects can be configured under /Common can be done under a specific tenant and this is really useful if Per-App AS3 is enabled as each AS3 app will use separate declaration and all of them can use a customer iRule defined under /<Tenant>/Shared.

References for AS3 Declarative API:

https://www.youtube.com/watch?v=rrjrcnwAe1g&t=433s

AS3 Foundations: Beyond Imperatives - What the Heck is AS3? | DevCentral

https://www.youtube.com/watch?v=OHSBpOtQg_0&list=PLrn3yqXftAPUPdSP_kbCX6BDicVprsnfI

Per-App AS3 is enabled by default for the AS3 3.50.x and above but if needed enable it.

POST Endpoint: /mgmt/shared/appsvcs/settings

{
"perAppDeploymentAllowed": true
}

POST Endpoint for Creating the Tenant and the Shared irule that is base64 endpoint: /mgmt/shared/appsvcs/declare

{
    "schemaVersion": "3.45.0",
    "Shared": {
        "class": "Application",
        "template": "shared",
        "test": {
            "class": "iRule",
            "remark": "yes",
            "iRule": {
                "base64": "d2hlbiBIVFRQX1JFUVVFU1Qgew0KICAgSFRUUDo6cmVzcG9uZCAyMDAgY29udGVudCB7DQogICAgICA8aHRtbD4NCiAgICAgICAgIDxoZWFkPg0KICAgICAgICAgICAgPHRpdGxlPkFwb2xvZ3kgUGFnZTwvdGl0bGU+DQogICAgICAgICA8L2hlYWQ+DQogICAgICAgICA8Ym9keT4NCiAgICAgICAgICAgIFdlIGFyZSBzb3JyeSwgYnV0IHRoZSBzaXRlIHlvdSBhcmUgbG9va2luZyBmb3IgaXMgdGVtcG9yYXJpbHkgb3V0IG9mIHNlcnZpY2U8YnI+DQogICAgICAgICAgICBJZiB5b3UgZmVlbCB5b3UgaGF2ZSByZWFjaGVkIHRoaXMgcGFnZSBpbiBlcnJvciwgcGxlYXNlIHRyeSBhZ2Fpbi4NCiAgICAgICAgIDwvYm9keT4NCiAgICAgIDwvaHRtbD4NCiAgIH0NCn0="
            }
        }
    }
}

POST Endpoint for sending Per-App AP that references the Tenant shared iRule I: /mgmt/shared/appsvcs/declare/Example/applications

{
    "schemaVersion": "3.45.0",
    "A1": {
        "class": "Application",
        "service": {
            "class": "Service_HTTP",
            "virtualAddresses": [
                "10.0.1.10"
            ],
            "pool": "web_pool",
            "iRules": [
                {
                    "use": "/Test/Shared/test"
                },
                "insert_xff"
            ]
        },
        "web_pool": {
            "class": "Pool",
            "monitors": [
                "http"
            ],
            "members": [
                {
                    "servicePort": 80,
                    "serverAddresses": [
                        "192.0.1.10",
                        "192.0.1.12"
                    ]
                }
            ]
        },
        "insert_xff": {
            "class": "iRule",
            "iRule": "when HTTP_REQUEST { HTTP::header insert X-Forwarded-For [IP::client_addr] }"
        }
    }
}

Github link:

Editing AS3-Per-App-Shared-Tenant-Objects/README.md at main · Nikoolayy1/AS3-Per-App-Shared-Tenant-Objects

Note!

To see the Tenant config use GET Endpoint /mgmt/shared/appsvcs/declare/Example or for the app /mgmt/shared/appsvcs/declare/Example/A1

For only the Tenant shared config use GET /mgmt/shared/appsvcs/declare/Example/applications/Shared 

By placing the pools in the /Shared under the Tenant all Per-AS3 declarations for Tenant can use the pool like for the iRule example I showed and also the pools can share the node IP addresses like the "shareNodes" option but only for the tenant.

https://my.f5.com/manage/s/article/K88250015