PowerShell module for the F5 LTM REST API

Problem this snippet solves:

To report an issue with the F5-LTM or F5-BIGIP modules, please use the Issues sections of the GitHub repos (here and here) instead of commenting here. Thanks!

This PowerShell module uses the iControlREST API to manipulate and query pools, pool members, virtual servers, and iRules. It aims to support version 11.5.1 and higher, and to conform to the schedule for technical support of versions, though this may eventually prove to become difficult.

The module currently includes some functionality that, strictly speaking, is outside the scope of the LTM module. Hence, there is an active effort to wrap this LTM module into a larger BIG-IP module, and relocate that functionality elsewhere within that parent module, as well as expand the scope of functionality to include BIG-IP DNS (formerly GTM) and possibly other areas. Both the LTM module and the parent BIG-IP module are projects on github. Please use these projects to report any issues you discover. Thanks!

The module contains the following functions.

  • Add-iRuleToVirtualServer
  • Add-iRuleToVirtualServer
  • Add-PoolMember
  • Add-PoolMonitor
  • Disable-PoolMember
  • Disable-VirtualServer
  • Enable-PoolMember
  • Enable-VirtualServer
  • Get-CurrentConnectionCount (deprecated; use Get-PoolMemberStats | Select-Object -ExpandProperty 'serverside.curConns')
  • Get-F5Session (will be deprecated in future versions. use New-F5Session)
  • Get-F5Status
  • Get-HealthMonitor
  • Get-HealthMonitorType
  • Get-iRule
  • Get-iRuleCollection (deprecated; use Get-iRule)
  • Get-Node
  • Get-BIGIPPartition
  • Get-Pool
  • Get-PoolList (deprecated; use Get-Pool)
  • Get-PoolMember
  • Get-PoolMemberCollection (deprecated; use Get-PoolMember)
  • Get-PoolMemberCollectionStatus
  • Get-PoolMemberDescription (deprecated; use Get-PoolMember)
  • Get-PoolMemberIP (deprecated; use Get-PoolMember)
  • Get-PoolMembers (deprecated; use Get-PoolMember)
  • Get-PoolMemberStats
  • Get-PoolMemberStatus (deprecated; use Get-PoolMember)
  • Get-PoolMonitor
  • Get-PoolsForMember
  • Get-StatusShape
  • Get-VirtualServer
  • Get-VirtualServeriRuleCollection (deprecated; use Get-VirtualServer | Where rules | Select -ExpandProperty rules)
  • Get-VirtualServerList (deprecated; use Get-VirtualServer)
  • Invoke-RestMethodOverride
  • New-F5Session
  • New-HealthMonitor
  • New-Node
  • New-Pool
  • New-VirtualServer
  • Remove-HealthMonitor
  • Remove-iRule
  • Remove-iRuleFromVirtualServer
  • Remove-Pool
  • Remove-PoolMember
  • Remove-PoolMonitor
  • Remove-ProfileRamCache
  • Remove-Node
  • Remove-VirtualServer
  • Set-iRule
  • Set-PoolLoadBalancingMode (deprecated; use Set-Pool)
  • Set-PoolMemberDescription
  • Set-Pool
  • Set-VirtualServer
  • Sync-DeviceToGroup
  • Test-F5Session
  • Test-Functionality
  • Test-HealthMonitor
  • Test-Node
  • Test-Pool
  • Test-VirtualServer

How to use this snippet:

To use the module, click 'Download Zip', extract the files, and place them in a folder named F5-LTM beneath your PowerShell modules folder. By default, this is %USERPROFILE%\Documents\WindowsPowerShell\Modules. The WindowsPowerShell and Modules folders may need to be created.

You will most likely need to unblock the files after extracting them. Use the Unblock-File PS cmdlet to accomplish this.

The Validation.cs class file (based on code posted by Brian Scholer) allows for using the REST API with LTM devices with self-signed SSL certificates.

Nearly all of the functions require an F5 session object as a parameter, which contains the base URL for the F5 LTM and a credential object for a user with privileges to manipulate the F5 LTM via the REST API. Use the New-F5session function to create this object. This function expects the following parameters:

  • The name or IP address of the F5 LTM device
  • A credential object for a user with rights to use the REST API
  • An optional TokenLifespan value for extending the life of the authentication token past the default 20 minutes

You can create a credential object using Get-Credential and entering the username and password at the prompts, or programmatically like this:

$secpasswd = ConvertTo-SecureString "PlainTextPassword" -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential "username", $secpasswd

Thanks to Kotesh Bandhamravuri and his blog entry for this snippet.

There is a function called Test-Functionality that takes an F5Session object, a new pool name, a new virtual server, an IP address for the virtual server, and a computer name as a pool member, and validates nearly all the functions in the module.

I've also contributed this code sample for how to gather some basic info about your LTM with this PS module.

The module has been tested on:

  • 11.5.1 Build 8.0.175 Hotfix 8 and later
  • 11.6.0 Build 5.0.429 Hotfix 4 and later
  • 12.0 / 12.1
  • 13.0

Code :

https://github.com/joel74/POSH-LTM-Rest

Tested this on version:

11.5
Updated Jun 06, 2023
Version 2.0
devops
iControlREST
LTM
microsoft powershell with icontrol
powershell
  • Grayson_149410's avatar
    Grayson_149410
    Icon for Nimbostratus rankNimbostratus
    Dec 10, 2015
    So I just copied and pasted all three files to both of the following locations: %USERPROFILE%\Documents\WindowsPowerShell\Modules && C:\Windows\System32\WindowsPowerShell\v1.0\Modules\F5-LTM. I then type: Import-Module F5-LTM Then I get the following error: could not be processed because it is not a valid Windows PowerShell restricted language file. Remove the elements that are not permitted by the restricted language. I set my policy execution to unrestricted. I am running Powershell 4. I feel like some instructions are missing somewhere.
  • Joel_Newton's avatar
    Joel_Newton
    Icon for Cirrus rankCirrus
    Dec 10, 2015
    Hi, Grayson. Thanks for the feedback. I found that I have to unblock all four files ones they have been downloaded and extracted. To do this, right-click on the files, select 'Properties' and then 'Unblock.' The files only need to be placed in one of the two locations - %USERPROFILE% is the preferred one, as C:\Windows\... is typically reserved for Microsoft modules. Can you verify that the structure looks like: C:\Users\(Your user name)\Documents\WindowsPowerShell\Modules\F5-LTM\(downloaded files). If this still doesn't work, please let me know. Thanks.
  • Grayson_149410's avatar
    Grayson_149410
    Icon for Nimbostratus rankNimbostratus
    Dec 10, 2015
    he '<' operator is reserved for future use. At C:\Users\jbob\Documents\f5\F5-LTM.psm1:5761 char:203 + ... g:0;display:inline">© 2015 © 2015
  • Joel_Newton's avatar
    Joel_Newton
    Icon for Cirrus rankCirrus
    Dec 10, 2015
    Hi, Grayson. Did you put the files in C:\Users\jbob\Documents\f5? They should be in C:\Users\jbob\Documents\WindowsPowerShell\Modules\F5-LTM. Please try that and see if it fixes the issue. You may need to create the 'WindowsPowerShell' and 'Modules' folders if they don't exist. Also, I'm not sure what the references to the ampersands are from. Is that in your error message?
  • Grayson_149410's avatar
    Grayson_149410
    Icon for Nimbostratus rankNimbostratus
    Dec 10, 2015
    I did not have that folder originally, but I did create it. C:\Users\jbob\Documents\WindowsPowershell\Modules\F5-LTM. I have all four files downloaded there and unblocked them. I change my computer environmental variables to point to the path above. I refresh PowerShell and run "Import-Module F5-LTM" and then gives a bunch of errors. Formatting here isn't great or I'd code paste it. I've tried this one different systems and get the same issues.
  • Joel_Newton's avatar
    Joel_Newton
    Icon for Cirrus rankCirrus
    Dec 10, 2015
    (This was resolved. There was an issue with how Grayson was downloading the files from GitHub.)
  • Julio_Navarro's avatar
    Julio_Navarro
    Icon for Cirrostratus rankCirrostratus
    Mar 07, 2016
    Hi! I am getting an error: PS C:\Users\user-1> Get-Pool | Select-Object -ExpandProperty fullPath ConvertFrom-Json : Cannot bind argument to parameter 'InputObject' because it is null. At C:\Users\user-1\Documents\WindowsPowerShell\Modules\F5-LTM\Public\Invoke-RestMethodOverride.ps1:29 char:50 + $message = $_.ErrorDetails.Message | ConvertFrom-json | Select-Objec ... + ~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidData: (:) [ConvertFrom-Json], ParameterBindingValidationException + FullyQualifiedErrorId : ParameterArgumentValidati NullNotAllowed,Microsoft.PowerShell.Commands.ConvertFrom JsonCommand Invoke-RestMethodOverride : "401 F5 Authorization Required: Failed to get the /*/*' pool(s). At C:\Users\user-1\Documents\WindowsPowerShell\Modules\F5-LTM\Public\Get-Pool.ps1:28 char:21 + $JSON = Invoke-RestMethodOverride -Method Get -Uri $Uri -Credential ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Invoke-RestMethodOverride PS C:\Users\user-1> Please advise
  • Joel_Newton's avatar
    Joel_Newton
    Icon for Cirrus rankCirrus
    Mar 09, 2016
    Hi, J. It looks like you may not have authorized yet to the F5. You'll need to create the F5 session first (i.e. New-F5Session -LTMName (myLTM) -LTMCredentials $mycredsobject -Default ) and then you should be able to call Get-Pool | Select-Object -ExpandProperty fullPath ConvertFrom-Json without issue. Let me know. Thanks.
  • prole92_221949's avatar
    prole92_221949
    Icon for Cirrus rankCirrus
    Mar 20, 2016
    Can't believe I saw this just now. I started scripting my own module a couple of days ago. This one is a bit more extensive however, it will be really useful. Do you have any plans to cover other modules as well? I was planning on making one for ASM.
  • Joel_Newton's avatar
    Joel_Newton
    Icon for Cirrus rankCirrus
    Mar 21, 2016
    No plans to cover modules other than LTM right now, as that's all I have access to. If I can assist by reviewing code or offering snippets to help with other modules, please let me know.