iCR Python Module for iControl REST

Problem this snippet solves:

This is a python module to simplify using iControl REST.

Install using pip:

pip install iCR

or retrieve from https://pypi.python.org/pypi?:action=display&name=iCR&version=2.1

As simple as:

#!/usr/bin/env python
from iCR import iCR
bigip = iCR("","admin","admin")
virtuals = bigip.get("ltm/virtual")
for vs in virtuals['items']:
  print vs['name']

This prints out a list of Virtual Servers.

Supported methods:

  • init(hostname,username,password,[timeout,port,icontrol_version,folder,token,debug])
  • get(url,[select,top,skip,filter])
    -> returns data or False
  • getlarge(url,size,[select])
    -> Used to retrieve large datasets in chunks. Returns data or False
  • create(url,data)
    -> returns data or False
  • modify(url,data,[patch=True])
    -> returns data or False
  • delete(url)
    -> returns True or False
  • upload(file)
    -> file is a local file eg /var/tmp/test.txt, returns True or False
  • download(file)
    -> files are located in /shared/images, returns True or False
  • create_cert(files)
    -> files is an array containing paths to cert and key. Returns name of cert or False
  • get_asm_id(name)
    -> name is the name of a policy. Returns an array of IDs or False
  • create_hash(name)
    -> name is the name of the partition and policy. eg /Common/test_policy. This reduces the need to retrieve an array of hashes from the BIG-IP. Returns a string.
  • get_token()
    -> this retrieves a BIG-IP token based on the username and password and sets it as the token in use. Returns the token ID or False
  • delete_token()
    -> This deletes the object token from the BIG-IP and from the object
  • create_transaction() -> creates a transaction and returns the transaction number ID as a string, or False. Subsequent requests will be added to the  transaction until commit_transaction is called. Transaction ID is stored in object.transaction
  • commit_transaction() -> Commits the transaction stored in object.transaction. Returns True or False
  • command(args,[cmd]) -> Runs a command using the arguments string args. Returns the returned output or True on success or False on failure. 
  •  Note: Be sure to double-escape single quotes eg \\' and single escape double quotes eg \"  
  • cmd options are ping/save/load/restart/reboot

Module Variables:

  • icr_session - the link to the requests session
  • raw - the raw returned JSON
  • code - the returned HTTP Status Code eg 200
  • error - in the case of error, the exception error string
  • headers - the response headers
  • icontrol_version - set this to specify a specific version of iControl
  • debug - boolean True or False to set debugging on or off
  • port - set the port ( 443 by default )
  • folder - set this to create in a specific partition
  • token - use this to set a specific token. If this is set, it will be used instead of basic auth
  • select - use this with get to select the returned data
  • top - use this with get to return a set number of records
  • skip - use this to skip to a specific record number
  • transaction - stores the Transaction ID

How to use this snippet:


Setup a REST connection to a device

#!/usr/bin/env python
from iCR import iCR
bigip = iCR("","admin","admin",timeout=10)

Create a Virtual Server

vs_config = {'name':'test_vs'}    
createvs = bigip.create("ltm/virtual",vs_config,timeout=5) 

Retrieve the VS we just created

virt = bigip.get("ltm/virtual/test_vs",select="name")
print "Virtual Server created: " + virt['name']

Set the timeout

bigip.timeout = 20

Now delete the VS we just created

delvs = bigip.delete("ltm/virtual/test_vs")

Retrieve ASM policy to ID mapping

policies = bigip.get("asm/policies",select="name,id")

Print a table of ASM policies with learning mode

print "Policy Name                  Learning Mode"
print "------------------------------------------"
for item in policies['items']:
    enabled = bigip.get("asm/policies/" + item['id'] + "/policy-builder",select="learningMode")
    print '{:32}'.format(item['name']) + enabled['learningMode']

File upload

fp = "/home/pwhite/input.csv"
if bigip.upload(fp):
    print "File " + fp + " uploaded"

File download

download = bigip.download(file)
if not download:
    print "File " + file + " download error"

SSL Certificate creation

In different folder

bigip.folder = "TestFolder"
files = ("TestCert.crt","TestCert.key")
cert = bigip.create_cert(files)
if cert:
    print "Certificate " + cert + " created" 

Turn on debugging

bigip.debug = True

Retrieve ASM policy IDs

asm = bigip.get_asm_id("dummy_policy")
print len(asm) + " IDs returned"
print "ID: " + str(asm[0])

Convert an ASM policy name to hash

hash = bigip.create_hash("/Common/test-policy")
enabled = bigip.get("asm/policies/" + hash + "/policy-builder",select="learningMode")
print '{:32}'.format(item['name']) + enabled['learningMode']

Retrieve and use a token


Delete the token


Developed on Python 2.7 but works with v3. Works on TMOS 11.6 onwards though some features may not be implemented, such as tokens. If you use this and have found bugs, would like to discuss it or suggest features then please PM me on DevCentral.

Tested this on version:

Updated Jun 06, 2023
Version 2.0

Was this article helpful?