For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Perl Establish Device Trust, Create Sync-Failover device-group, and add members

Problem this snippet solves:

This Perl reference application will establish a traditional HA pair on V11 software. It establishes device trust, creates a sync-failover device-group, and then populates the members of the pair in that group.

Be advised: This application has certain hard-coded options that you will need to either create a command line argument for or modify before attempting to use it. That is why I refer to it as a reference application. It is written to be run on the second member of a pair.

Code :

# The contents of this file are subject to the "END USER LICENSE AGREEMENT FOR F5
# Software Development Kit for iControl"; you may not use this file except in
# compliance with the License. The License is included in the iControl
# Software Development Kit.
#
# Software distributed under the License is distributed on an "AS IS"
# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
# the License for the specific language governing rights and limitations
# under the License.
#
# The Original Code is iControl Code and related documentation
# distributed by F5.
#
# The Initial Developer of the Original Code is F5 Networks,
# Inc. Seattle, WA, USA. Portions created by F5 are Copyright (C) 1996-2004 F5 Networks,
# Inc. All Rights Reserved.  iControl (TM) is a registered trademark of F5 Networks, Inc.
#
# Alternatively, the contents of this file may be used under the terms
# of the GNU General Public License (the "GPL"), in which case the
# provisions of GPL are applicable instead of those above.  If you wish
# to allow use of your version of this file only under the terms of the
# GPL and not to allow others to use your version of this file under the
# License, indicate your decision by deleting the provisions above and
# replace them with the notice and other provisions required by the GPL.
# If you do not delete the provisions above, a recipient may use your
# version of this file under either the License or the GPL.
#----------------------------------------------------------------------------
#use SOAP::Lite + trace => qw(method debug);
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}=0;

use SOAP::Lite;
use MIME::Base64;

use iControlTypeCast;

my $sHost = $ARGV[0];
my $sUID = admin;
my $sPWD = $ARGV[1];
my $b1n = $ARGV[2];
my $b2n = $ARGV[3];
my $cadaddr = 10.255.255.1;

$dtrmgmt = SOAP::Lite
-> uri('urn:iControl:Management/Trust')
-> readable(1)
-> proxy("https://$sHost/iControl/iControlPortal.cgi");
eval {
  $dtrmgmt->transport->http_request->header( 'Authorization' => 'Basic '
      . MIME::Base64::encode("$sUID:$sPWD", ''));
  };

$dgmgmt = SOAP::Lite
-> uri('urn:iControl:Management/DeviceGroup')
-> readable(1)
-> proxy("https://$sHost/iControl/iControlPortal.cgi");
eval {
  $dgmgmt->transport->http_request->header( 'Authorization' => 'Basic '
      . MIME::Base64::encode("$sUID:$sPWD", ''));
  };

#----------------------------------------------------------------------------
# checkResponse makes sure the error isn't a SOAP error
#----------------------------------------------------------------------------
sub checkResponse() {
     my ($soapResponse) = (@_);
     if ( $soapResponse->fault )
     {
     print $soapResponse->faultcode, " ", $soapResponse->faultstring, "\n";
     exit();
     }
}

sub buildtrust {
$soapResponse =
    $dtrmgmt->add_authority_device
    (
        SOAP::Data->name (address => "$cadaddr"),
        SOAP::Data->name ( username => "$sUID" ),
        SOAP::Data->name ( password => "$sPWD" ),
        SOAP::Data->name ( device_object_name => "$b1n" ),
        SOAP::Data->name ( browser_cert_serial_number => "" ),
        SOAP::Data->name ( browser_cert_signature => "" ),
        SOAP::Data->name ( browser_cert_sha1_fingerprint => "" ),
        SOAP::Data->name ( browser_cert_md5_fingerprint => "" ),
    );
    &checkResponse($soapResponse);
}
sub builddg {
$soapResponse =
    $dgmgmt->create
    (
        SOAP::Data->name (device_groups => ["ex-dv-grp"] ),
        SOAP::Data->name ( types =>  [DGT_FAILOVER] ),
    );
    &checkResponse($soapResponse);
}
sub adddevices {
$soapResponse =
    $dgmgmt->add_device
    (
        SOAP::Data->name (device_groups => ["ex-dv-grp"] ),
        SOAP::Data->name ( devices => [["$b1n","$b2n"]] )
    );
    &checkResponse($soapResponse);
}


#Main Program Logic

&buildtrust;
&builddg;
&adddevices;
Published Mar 08, 2015
Version 1.0
devops
iControl
perl
No CommentsBe the first to comment