Python Bigsuds - iRule deployment for HTTP Virtual Server

Problem this snippet solves:

this script helps for massive iRule deployment which use HTTP event on Virtual Server with HTTP Profile. Static value has to be changed in the script to adapt to your needs. As example it's as been used for ShellShock iRule deployment on 300 HTTP Virtual Servers for quick protection.

Code :

# This python script is used to deploy an iRule for ALL HTTP VS
#
import bigsuds
import sys
 
# set your hostname, login and ip here
try:
b = bigsuds.BIGIP(
hostname = 'ip',
username = 'admin',
password = 'admin',
)
except Exception, e:
print e
 
#Change system partition
b.System.Session.set_active_folder("/mypartition")
 
# Retrieve list of VS, of rules and of profiles
virtualservers = b.LocalLB.VirtualServer.get_list()
rules = b.LocalLB.VirtualServer.get_rule(virtualservers)
profiles = b.LocalLB.VirtualServer.get_profile(virtualservers)
irules_list = b.LocalLB.Rule.get_list()

#set your iRule name already created in your BigIp
new_rule = '/mypartition/myiRulename'

vs_to_update = []
rule_to_add = []
found_rule = False
 
# check if iRule is present
for irule in irules_list:
if irule == new_rule:
found_rule = True
break
               
if found_rule:
print "Found iRule with name: %s" % new_rule
else:
print "iRule not Found"
sys.exit()
               
 
#Print virtual Server and rule assigned
count = 0
for vs in virtualservers:
print "\n\nVS: %s" % vs
for rule in rules[count]:
print "\tRules %i: %s" % (count, rule)
count += 1
 
# Create a list of VS (vs_to_update) for vs which have an HTTP profile and where the irule is not yet present.
count = 0
for vs in virtualservers:
asHttp_Profile = False
as_already_rule = False
check_priority = []
for profile in profiles[count]:
if profile["profile_type"] == "PROFILE_TYPE_HTTP":
asHttp_Profile = True
break
for rule in rules[count]:
check_priority.append(rule["priority"])
if rule["rule_name"] == new_rule:
as_already_rule = True
if asHttp_Profile and not as_already_rule:
vs_to_update.append(vs)
if check_priority:
rule_to_add.append({'rule_name': new_rule, 'priority': (max(check_priority) + 1)})
else:
rule_to_add.append({'rule_name': new_rule, 'priority': 0})
count += 1
               
# Add iRule to elected VS (vs_to_update)
count = 0
for vs in vs_to_update:
print "\n\nVS to change: %s" % vs
print "\tRule to add: %s" % rule_to_add[count]
try:
b.LocalLB.VirtualServer.add_rule([vs], [[rule_to_add[count]]])
except Exception, e:
print e
count +=1
Published Mar 09, 2015
Version 1.0
devops
iControl
python
  • Diga_171140's avatar
    Diga_171140
    Icon for Nimbostratus rankNimbostratus
    Mar 18, 2016
    How to add irule using payload into virtual server while VIP creating ? like ip protocol payload['ipProtocol'] = 'tcp' tried below statement but not working payload['rules'] = 'my_Rule'