BIG-IP deployments using Ansible in private and public cloud
F5 has been actively developing Ansible modules that help in deploying an application on the BIG-IP. For a list of candidate modules for Ansible 2.4 release refer to the Github link. These modules can be used to configure any BIG-IP (physical/virtual) in any environment (Public/Private or Hybrid cloud)
Before we can use the BIG-IP to deploy an application, we need to spin up a virtual edition of the BIG. Let’s look at some ways to spin up a BIG-IP in the Public and Private cloud
Private cloud
Create a BIG-IP guest VM through VMware vSphere
For more details on the ansible module refer to Ansible documentation
Pre-condition: On the VMware a template of the BIG-IP image has been created
Example Playbook:
- name: Create VMware guest |
|
hosts: localhost |
|
connection: local |
|
become: true |
|
tasks: |
|
- name: Deploy BIG-IP VE |
|
vsphere_guest: |
|
vcenter_hostname: 10.192.73.100 |
//vCenter hostname or IP address |
esxi: |
|
datacenter: F5 BD Lab |
//Datacenter name |
hostname: 10.192.73.22 |
//esxi hostname or IP address |
username: root |
//vCenter username |
password: ***** |
//vCenter password |
guest: “BIGIP-VM” |
//Name of the BIG-IP to be created |
from_template: yes |
|
template_src: "BIG-IP VE 12.1.2.0.0.249-Template" |
//Name of the template |
Spin up a BIG-IP VM in VMWARE using govc
For more details on the govc refer to govc github and vmware github
Pre-condition: govc has been installed on the ansible host
Example Playbook:
- name: Create VMware guest |
|
hosts: localhost |
|
connection: local |
|
tasks: |
|
- name: Import OVA and deploy BIG-IP VM |
|
command: "/usr/local/bin/govc import.ova -name=newVM BIGIP005 /tmp/BIGIP-12.1.2.0.0.249.LTM-scsi.ova" |
//Command to import the BIG-IP ova file |
environment: |
|
GOVC_HOST: "10.192.73.100" |
//vCenter hostname or IP address |
GOVC_URL: "https://10.192.73.100/sdk" |
|
GOVC_USERNAME: "root" |
//vCenter username |
GOVC_PASSWORD: "*******" |
//vCenter password |
GOVC_INSECURE: "1" |
|
GOVC_DATACENTER: "F5 BD Lab" |
//Datacenter name |
GOVC_DATASTORE: "datastore1 (5)" |
//Datastore on where to store the ova file |
GOVC_RESOURCE_POOL: "Testing" |
//Resource pool to use |
|
|
- name: Power on the VM |
|
command: "/usr/local/bin/govc vm.power -on newVM-BIGIP005" |
|
environment: |
|
GOVC_HOST: "10.192.73.100" |
|
GOVC_URL: "https://10.192.73.100/sdk" |
|
GOVC_USERNAME: "root" |
|
GOVC_PASSWORD: "vmware" |
|
GOVC_INSECURE: "1" |
|
GOVC_DATACENTER: "F5 BD Lab" |
|
GOVC_DATASTORE: "datastore1 (5)" |
|
GOVC_RESOURCE_POOL: "Testing" |
|
Public Cloud
Spin up a BIG-IP using cloud formation templates in AWS
For more details on the BIG-IP cloud formation templates, refer to the following Github Page
Pre-condition: Cloud formation JSON template has been downloaded to the Ansible host
Example Playbook:
- name: Launch BIG-IP CFT in AWS |
|
hosts: localhost |
|
gather_facts: false |
|
|
|
tasks: |
|
- name: Launch BIG-IP CFT |
|
cloudformation: |
|
aws_access_key: "******************" |
//AWS access key |
aws_secret_key: "******************" |
//AWS secret key |
stack_name: "StandaloneBIGIP-1nic-experimental-Ansible" |
|
state: "present" |
|
region: "us-west-2" |
|
disable_rollback: true |
|
template: "standalone-hourly-1nic-experimental.json" |
//JSON blob for the CFT |
template_parameters: |
//template parameters |
availabilityZone1: "us-west-2a" |
|
sshKey: "bigip-test" |
|
validate_certs : false |
|
register: stack |
|
- name: Get facts(IP-address) from a cloud formation stack |
|
cloudformation_facts: |
|
aws_access_key: "*****************" |
|
aws_secret_key: "*****************" |
|
region: "us-west-2" |
|
stack_name: "StandaloneBIGIP-1nic-experimental-Ansible" |
|
register: bigip_ip_address |
|
|
|
- set_fact: |
//Extract the BIG-IP MGMT IP address |
ip_address: "{{ bigip_ip_address['ansible_facts']['cloudformation']['StandaloneBIGIP-1nic-experimental-Ansible']['stack_outputs']['Bigip1subnet1Az1SelfEipAddress']}}" |
|
|
|
- copy: |
//Copy the BIG-IP MGMT IP address to a file |
content: "bigip_ip_address: {{ ip_address}}" |
|
dest: "aws_var_file.yaml" |
//Copied IP address can be be referenced from file |
mode: 0644 |
|
Above mentioned are few ways to spin up a BIG-IP Virtual edition in your private/public cloud environment. Once the BIG-IP is installed then use the F5 ansible modules to deploy the application on the BIG-IP.
Refer to DevCentral article to learn more about ansible roles and how we can use roles to onboard and network a BIG-IP.
Included is a simple playbook that you can download and run against the BIG-IP.
- name: Onboarding BIG-IP |
|
hosts: bigip |
//bigip variable should be present in the ansible inventory file |
gather_facts: false |
|
|
|
tasks: |
|
|
|
- name: Configure NTP server on BIG-IP |
|
bigip_device_ntp: |
|
server: "<bigip_ip_address>" |
|
user: "admin" |
|
password: "admin" |
|
ntp_servers: "172.2.1.1" |
|
validate_certs: False |
|
delegate_to: localhost |
|
|
|
- name: Configure BIG-IP hostname |
|
bigip_hostname: |
|
server: "<bigip_ip_address>" |
|
user: "admin" |
|
password: "admin" |
|
validate_certs: False |
|
hostname: "bigip1.local.com" |
|
delegate_to: localhost |
|
|
|
- name: Manage SSHD setting on BIG-IP |
|
bigip_device_sshd: |
|
server: "<bigip_ip_address>" |
|
user: "admin" |
|
password: "admin" |
|
banner: "enabled" |
|
banner_text: "Welcome- CLI username/password to login " |
|
validate_certs: False |
|
delegate_to: localhost |
|
|
|
- name: Manage BIG-IP DNS settings |
|
bigip_device_dns: |
|
server: "<bigip_ip_address>" |
|
user: "admin" |
|
password: "admin" |
|
name_servers: "172.2.1.1" |
|
search: "localhost" |
|
ip_version: "4" |
|
validate_certs: False |
|
delegate_to: localhost |
|
For more information on BIG-IP ansible playbooks visit the following github link
- KernelPanicNimbostratus
What are the various software compatibility dependencies for getting ansible f5 to work?
- ManiGaddeEmployee
@kernelPanic bigsuds & f5sdk
pip install bigsuds
pip install f5-sdk
for more details - including solution overview & technical White-paper: