Go library to manage BIG-IP iControl REST API

Problem this snippet solves:

This library provides necessary structs and functions to manage the whole REST API. Some REST Calls may require BIG-IP v12.1.x to work properly.

How to use this snippet:

f5-rest-client implements a REST client to query the F5 BIG-IP iControl REST API.

Installation

go get -u github.com/e-XpertSolutions/f5-rest-client/f5

Available authentication methods

Basic authentication

f5Client, err := f5.NewBasicClient(base_url, username, password)

Token based authentication

f5Client, err := f5.NewTokenClient(base_url, username, password, login_provider_name, skip_ssl_verification)

Usage

  // Copyright 2017 e-Xpert Solutions SA. All rights reserved.
  // Use of this source code is governed by a BSD-style
  // license that can be found in the LICENSE file.

  package main

  import (
      "encoding/json"
      "log"

      "github.com/e-XpertSolutions/f5-rest-client/f5"
      "github.com/e-XpertSolutions/f5-rest-client/f5/net"
  )

  func sexyPrint(label string, a interface{}) {
      j, err := json.MarshalIndent(a, "", "   ")
      if err != nil {
          log.Fatal(err)
      }
      log.Print("DEBUG ", label, ":\n", string(j))
  }

  func main() {
      // 1) Basic Authentication
      f5Client, err := f5.NewBasicClient("https://127.0.0.1", "admin", "admin")

      // 2) Token Based Authentication
      // f5Client, err := f5.NewTokenClient("https://127.0.0.1", "admin", "admin", "tmos", true)

      if err != nil {
          log.Fatal(err)
      }
      f5Client.DisableCertCheck()
      netClient := net.New(f5Client)
      self, err := netClient.Self().ListAll()
      if err != nil {
          log.Fatal(err)
      }
      sexyPrint("SelfIP List:", self)
  }

FEATURES

  • Basic authentication
  • Token based authentication
  • Manage Virtual Server, pool, node, irules, monitors
  • Manage Cluster Management
  • Manage interfaces, vlan, trunk, self ip, route, route domains
  • Manage virtualization features (/vcmp)
  • Manage system related stuffs
  • Add Helper functions to enable, disable or force a node offline
  • Add Helper functions to enable or disable a Virtual Server
  • List expiring certificates
  • List expired certificates
  • Transaction support
  • [new] Manage DNS and global load balancing servers (/gtm)
  • [new] Add support for Stats retrieval on node, pool, virtual and profiles

ROADMAP

  • Add support for authentication through external providers
  • Manage access policies (/apm)
  • Manage security (/security)
  • Manage analytics configuration (/analytics)
  • Add support for results pagination
  • Add support for API versioning
  • Add support for new API endpoints coming in v13

Examples

Transactions - Create a simple HTTP service
f5Client, err := f5.NewBasicClient("https://127.0.0.1", "admin", "admin")
if err != nil {
    log.Fatal(err)
}
f5Client.DisableCertCheck()

// Start new transaction.
tx, err := f5Client.Begin()
if err != nil {
    log.Fatal(err)
}

ltmClient := ltm.New(tx)

// Create a HTTP monitor
log.Print("Create a HTTP monitor")

monitorConfig := ltm.MonitorHTTPConfig{
    Name: "http_monitor_" + tx.TransactionID(),
    Send: "GET / HTTP/1.0\r\n\r\n",
    Recv: "Hello",
}

if err := ltmClient.MonitorHTTP().Create(monitorConfig); err != nil {
    log.Fatal(err)
}

// Create a Pool
log.Print("Create a pool")

poolConfig := ltm.PoolConfig{
    Name:    "pool_" + tx.TransactionID(),
    Monitor: "/Common/http_monitor_" + tx.TransactionID(),
    Members: []string{"10.1.10.10:80", "10.1.10.11:80"},
}

if err := ltmClient.Pool().Create(poolConfig); err != nil {
    log.Fatal(err)
}

// Create a Virtual Server
log.Print("Create a Virtual Server")

vsConfig := ltm.VirtualServerConfig{
    Name:        "vs_http_" + tx.TransactionID(),
    Destination: "10.1.20.130:80",
    IPProtocol:  "tcp",
    Pool:        "pool_" + tx.TransactionID(),
    SourceAddressTranslation: ltm.SourceAddressTranslation{
        Type: "automap",
    },
    Profiles: []string{
        "tcp-mobile-optimized",
        "http",
    },
}

if err := ltmClient.Virtual().Create(vsConfig); err != nil {
    log.Fatal(err)
}

// Commit to make the changes persistent.
if err := tx.Commit(); err != nil {
    log.Fatal(err)
}
List SSL Certificates
    sysClient := sys.New(f5Client)
    certs, err := sysClient.FileSSLCert().ListAll()
    if err != nil {
        log.Fatal(err)
    }
    sexyPrint("Certificates", certs)
List expired SSL Certificates
  sysClient := sys.New(f5Client)

  certs, err := sysClient.FileSSLCert().ListExpired()
  if err != nil {
    log.Fatal(err)
  }
  sexyPrint("Expired Certificates", certs)
List expiring SSL Certificates
  sysClient := sys.New(f5Client)

  // ListExpiring(number_of_seconds)
  certs, err := sysClient.FileSSLCert().ListExpiring(60 * 60 * 24 * 15)
  if err != nil {
    log.Fatal(err)
  }
  sexyPrint("Expiring Certificates", certs)

Contributing

We appreciate any form of contribution (feature request, bug report, pull request, ...). We have no special requirements for Pull Request, just follow the standard GitHub way.

License

The sources are release under a BSD 3-Clause License. The full terms of that license can be found in LICENSE file of this repository.

Code :

https://github.com/e-XpertSolutions/f5-rest-client

Tested this on version:

11.5
Updated Jun 06, 2023
Version 2.0
  • Vincent_Li_9688's avatar
    Vincent_Li_9688
    Historic F5 Account

    when build the sample script, got error below:

    cannot use []ltm.Profile literal (type []ltm.Profile) as type []string in field value

                Profiles: []ltm.Profile{
                        {
                                Name:    "tcp-mobile-optimized",
                                Context: "all",
                        },
                        {
                                Name: "http",
                        },
                },
    
  • Vincent_Li_9688's avatar
    Vincent_Li_9688
    Historic F5 Account

    https://github.com/e-XpertSolutions/f5-rest-client/issues/8 should address the problem

    diff --git a/f5/ltm/virtual.go b/f5/ltm/virtual.go
    index 623088b..4c19f97 100644
    --- a/f5/ltm/virtual.go
    +++ b/f5/ltm/virtual.go
    @@ -52,8 +52,8 @@ type VirtualServer struct {
                    IsSubcollection bool   `json:"isSubcollection,omitempty"`
                    Link            string `json:"link,omitempty"`
            } `json:"policiesReference,omitempty"`
    -       Pool              string   `json:"pool,omitempty"`
    -       Profiles          []string `json:"profiles,omitempty"` // only used to link existing profiles a creation or update
    +       Pool              string    `json:"pool,omitempty"`
    +       Profiles          []Profile `json:"profiles,omitempty"` // only used to link existing profiles a creation or update
    
  • Hi Vincent,

     

    Thank you for your comment. We modified our examples accordingly. We noticed that the API requires profiles as strings. Profile objects are not supported by the iControl API.

     

    Best Regards

     

    Yann