cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
Andy_McGrath
Cumulonimbus
Cumulonimbus

Problem this snippet solves:

This is an example of a simple Ansible playbook can be run against a pair of F5 devices and will only run select tasks on is the F5 is in an active state.

This is done using the block and when statements within the playbook ('block' requires Ansible 2.5 or above)

In this example it sets the hostname of the F5 and if failover state is active then creates three test nodes, a test pool and adds the nodes as pool members all under the test partition.

NOTE: This playbook prompts for the F5 username and password to connect to the F5 device, this would normally be set with another file or pulled from something like HashiCorp Vault

How to use this snippet:

Ansible hosts Inventory example inventory/hosts:


[F5DeviceGroup]
f5vm01.lab.domain.local
f5vm02.lab.domain.local


Assuming the hosts file in located locally within a directory named inventory and the Ansible Playbook is named f5TestPool.yml you can run the example using the following command:


ansible-playbook -i inventory f5TestPool.yml


Example output:


F5 Username: 
F5 Password: 

PLAY [Run tasks on Active LTM] *******************************************************************************************************************************************************************************************************

TASK [Set hostname] ******************************************************************************************************************************************************************************************************************
ok: [f5vm01.lab.domain.local -> localhost]
ok: [f5vm02.lab.domain.local -> localhost]

TASK [Get BIG-IP failover status] ****************************************************************************************************************************************************************************************************
ok: [f5vm01.lab.domain.local -> localhost]
ok: [f5vm02.lab.domain.local -> localhost]

TASK [The active LTMs management IP is....] ******************************************************************************************************************************************************************************************
ok: [f5vm01.lab.domain.local] => {
   "inventory_hostname": "f5vm01.lab.domain.local"
}
skipping: [f5vm02.lab.domain.local]

TASK [Add pool test_pool] ************************************************************************************************************************************************************************************************************
ok: [f5vm01.lab.domain.local -> localhost]
skipping: [f5vm02.lab.domain.local]

TASK [Add node [{u'name': u'test01', u'address': u'8.8.8.8'}, {u'name': u'test02', u'address': u'8.8.4.4'}, {u'name': u'test03', u'address': u'8.8.1.1'}]] ***************************************************************************
ok: [f5vm01.lab.domain.local -> localhost] => (item={u'name': u'test01', u'address': u'8.8.8.8'})
ok: [f5vm01.lab.domain.local -> localhost] => (item={u'name': u'test02', u'address': u'8.8.4.4'})
ok: [f5vm01.lab.domain.local -> localhost] => (item={u'name': u'test03', u'address': u'8.8.1.1'})
skipping: [f5vm02.lab.domain.local] => (item={u'name': u'test01', u'address': u'8.8.8.8'}) 
skipping: [f5vm02.lab.domain.local] => (item={u'name': u'test02', u'address': u'8.8.4.4'}) 
skipping: [f5vm02.lab.domain.local] => (item={u'name': u'test03', u'address': u'8.8.1.1'}) 

TASK [Add pool member [{u'name': u'test01', u'address': u'8.8.8.8'}, {u'name': u'test02', u'address': u'8.8.4.4'}, {u'name': u'test03', u'address': u'8.8.1.1'}] to Pool test_pool] **************************************************
ok: [f5vm01.lab.domain.local -> localhost] => (item={u'name': u'test01', u'address': u'8.8.8.8'})
ok: [f5vm01.lab.domain.local -> localhost] => (item={u'name': u'test02', u'address': u'8.8.4.4'})
ok: [f5vm01.lab.domain.local -> localhost] => (item={u'name': u'test03', u'address': u'8.8.1.1'})
skipping: [f5vm02.lab.domain.local] => (item={u'name': u'test01', u'address': u'8.8.8.8'}) 
skipping: [f5vm02.lab.domain.local] => (item={u'name': u'test02', u'address': u'8.8.4.4'}) 
skipping: [f5vm02.lab.domain.local] => (item={u'name': u'test03', u'address': u'8.8.1.1'})

PLAY RECAP ***************************************************************************************************************************************************************************************************************************
f5vm01.lab.domain.local : ok=6   changed=0   unreachable=0   failed=0
f5vm02.lab.domain.local : ok=2   changed=0   unreachable=0   failed=0


Code :

---
# Playbook 'f5TestPool.yml'
- name: Run tasks on Active LTM
  hosts: F5DeviceGroup
  connection: local
  gather_facts: False

  vars_prompt:
    - name: f5User
      prompt: F5 Username
    - name: f5Pwd
      prompt: F5 Password
  vars:
    f5Provider:
      server: "{{ inventory_hostname }}"
      server_port: 443
      user: "{{ f5User }}"
      password: "{{ f5Pwd }}"
      validate_certs: no
      transport: rest
    nodelist:
      - {name: 'test01', address: "8.8.8.8"}
      - {name: 'test02', address: "8.8.4.4"}
      - {name: 'test03', address: "8.8.1.1"}

  tasks:
    - name: Set hostname
      bigip_hostname:
        provider: "{{ f5Provider }}"
        hostname: "{{ inventory_hostname }}"
      delegate_to: localhost

    - name : Get BIG-IP failover status
      bigip_command:
        provider: "{{ f5Provider }}"
        commands:
          - "tmsh show sys failover"
      delegate_to: localhost
      register: failoverStatus

    - name: Executing on ACTIVE F5 LTM
      block:
        - name: The active LTMs management IP is....
          debug: 
            var: inventory_hostname

        - name: Add pool test_pool
          bigip_pool:
            provider: "{{ f5Provider }}"
            description: "Test pool set by Ansible run by {{ f5User }}"
            lb_method: least-connections-member
            name: test_pool
            partition: test
            monitor_type: single
            monitors:
              - /Common/gateway_icmp
            priority_group_activation: 0
          delegate_to: localhost

        - name: "Add node {{ nodelist }}"
          bigip_node:
            provider: "{{ f5Provider }}"
            partition: test
            address: "{{ item.address }}"
            name: "{{ item.name }}"
          loop: "{{ nodelist }}"
          delegate_to: localhost

        - name: "Add pool member {{ nodelist }} to Pool test_pool"
          bigip_pool_member:
            provider: "{{ f5Provider }}"
            partition: test
            pool: test_pool
            address: "{{ item.address }}"
            name: "{{ item.name }}"
            port: 53
          loop: "{{ nodelist }}"
          delegate_to: localhost
      when: "'active' in failoverStatus['stdout'][0]"

Tested this on version:

12.1
Comments
cwkim
Nimbostratus
Nimbostratus

Could I see the inventory file. Because I want to see the path and method about it(server: "{{ inventory_hostname }}").

Version history
Last update:
‎08-Aug-2018 08:01
Updated by:
Contributors