Ansible - Running bash commands with bigip_command module - How it's done
Hello fellow F5ers,
the description of the F5 Ansible-Module "bigip_command" states it would "[...]Run TMSH and BASH commands on F5 devices[...]"
Scrolling through the documentation, you will only see tmsh commands. When you try to run a direct bash command, the execution will fail. Sadly the correct way of getting bash commands to run is only documentet in an issue "unable to run bash commands using bigip_command module #1846" filed in the F5's Github Repo.
Here is the solution:
- name: Task that needs to run a bash command
  bigip_command:
    commands: run /util bash -c "whatever bash command you need"
    provider: "{{ provider }}"
  delegate_to: localhost
My specific usecase was to change the crypto-master-key of a LTM-Cluster, which is an interactive command and there is no ansible module that covers this. Because of the user interaction that is forced by the command, the only way of automate the hole this is to use the "expect" command (at least I did not find any other solution).
Changing the crypto-master-key involves:
1. Running in tmsh: modify /sys crypto master-key prompt-for-password
2. enter the new passwort twice
I finally managed to run this with ansible like this:
- name: set crypto key
  bigip_command:
    commands: >
      run /util bash -c "
      expect -c 'spawn tmsh modify /sys crypto master-key prompt-for-password;
      sleep 1;
      send -- {{ crypto_key }}\r;
      sleep 1;
      send -- {{ crypto_key }}\r;
      sleep 1'"
    provider: "{{ bigip_provider }}"
  delegate_to: localhost
There you go.
Hava a good one!
1 Comment
- I also remembered that you can trigger a script with run /util bash -c "expect -c secret.exp secret" and secret will be the argument but in your case your way is much better as maybe transfering a script to F5 with SCP and then triggering is for some large scripts that will be executed very often.